1 /*
2 ** Zabbix
3 ** Copyright (C) 2001-2021 Zabbix SIA
4 **
5 ** This program is free software; you can redistribute it and/or modify
6 ** it under the terms of the GNU General Public License as published by
7 ** the Free Software Foundation; either version 2 of the License, or
8 ** (at your option) any later version.
9 **
10 ** This program is distributed in the hope that it will be useful,
11 ** but WITHOUT ANY WARRANTY; without even the implied warranty of
12 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 ** GNU General Public License for more details.
14 **
15 ** You should have received a copy of the GNU General Public License
16 ** along with this program; if not, write to the Free Software
17 ** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
18 **/
19 
20 #ifndef ZABBIX_ACTIVE_H
21 #define ZABBIX_ACTIVE_H
22 
23 #include "threads.h"
24 
25 extern char	*CONFIG_SOURCE_IP;
26 extern char	*CONFIG_HOSTNAME;
27 extern char	*CONFIG_HOST_METADATA;
28 extern char	*CONFIG_HOST_METADATA_ITEM;
29 extern int	CONFIG_REFRESH_ACTIVE_CHECKS;
30 extern int	CONFIG_BUFFER_SEND;
31 extern int	CONFIG_BUFFER_SIZE;
32 extern int	CONFIG_MAX_LINES_PER_SECOND;
33 extern char	*CONFIG_LISTEN_IP;
34 extern int	CONFIG_LISTEN_PORT;
35 
36 /* define minimal and maximal values of lines to send by agent */
37 /* per second for checks `log' and `eventlog', used to parse key parameters */
38 #define	MIN_VALUE_LINES			1
39 #define	MAX_VALUE_LINES			1000
40 #define	MAX_VALUE_LINES_MULTIPLIER	10
41 
42 #define HOST_METADATA_LEN	255	/* UTF-8 characters, not bytes */
43 
44 /* Windows event types for `eventlog' check */
45 #ifdef _WINDOWS
46 #	ifndef INFORMATION_TYPE
47 #		define INFORMATION_TYPE	"Information"
48 #	endif
49 #	ifndef WARNING_TYPE
50 #		define WARNING_TYPE	"Warning"
51 #	endif
52 #	ifndef ERROR_TYPE
53 #		define ERROR_TYPE	"Error"
54 #	endif
55 #	ifndef AUDIT_FAILURE
56 #		define AUDIT_FAILURE	"Failure Audit"
57 #	endif
58 #	ifndef AUDIT_SUCCESS
59 #		define AUDIT_SUCCESS	"Success Audit"
60 #	endif
61 #	ifndef CRITICAL_TYPE
62 #		define CRITICAL_TYPE	"Critical"
63 #	endif
64 #	ifndef VERBOSE_TYPE
65 #		define VERBOSE_TYPE	"Verbose"
66 #	endif
67 #endif	/* _WINDOWS */
68 
69 /* NB! Next list must fit in unsigned char (see ZBX_ACTIVE_METRIC "flags" field below). */
70 #define ZBX_METRIC_FLAG_PERSISTENT	0x01	/* do not overwrite old values when adding to the buffer */
71 #define ZBX_METRIC_FLAG_NEW		0x02	/* new metric, just added */
72 #define ZBX_METRIC_FLAG_LOG_LOG		0x04	/* log[ or log.count[, depending on ZBX_METRIC_FLAG_LOG_COUNT */
73 #define ZBX_METRIC_FLAG_LOG_LOGRT	0x08	/* logrt[ or logrt.count[, depending on ZBX_METRIC_FLAG_LOG_COUNT */
74 #define ZBX_METRIC_FLAG_LOG_EVENTLOG	0x10	/* eventlog[ */
75 #define ZBX_METRIC_FLAG_LOG_COUNT	0x20	/* log.count[ or logrt.count[ */
76 #define ZBX_METRIC_FLAG_LOG			/* item for log file monitoring, one of the above */	\
77 		(ZBX_METRIC_FLAG_LOG_LOG | ZBX_METRIC_FLAG_LOG_LOGRT | ZBX_METRIC_FLAG_LOG_EVENTLOG)
78 
79 typedef struct
80 {
81 	char			*key;
82 	char			*key_orig;
83 	zbx_uint64_t		lastlogsize;
84 	int			refresh;
85 	int			nextcheck;
86 	int			mtime;
87 	unsigned char		skip_old_data;	/* for processing [event]log metrics */
88 	unsigned char		flags;
89 	unsigned char		state;
90 	unsigned char		refresh_unsupported;	/* re-check notsupported item */
91 	int			big_rec;	/* for logfile reading: 0 - normal record, 1 - long unfinished record */
92 	int			use_ino;	/* 0 - do not use inodes (on FAT, FAT32) */
93 						/* 1 - use inodes (up to 64-bit) (various UNIX file systems, NTFS) */
94 						/* 2 - use 128-bit FileID (currently only on ReFS) to identify files */
95 						/* on a file system */
96 	int			error_count;	/* number of file reading errors in consecutive checks */
97 	int			logfiles_num;
98 	struct st_logfile	*logfiles;	/* for handling of logfile rotation for logrt[], logrt.count[] items */
99 	double			start_time;	/* Start time of check for log[], log.count[], logrt[], logrt.count[] */
100 						/* items. Used for measuring duration of checks. */
101 	zbx_uint64_t		processed_bytes;	/* number of processed bytes for log[], log.count[], logrt[], */
102 							/* logrt.count[] items */
103 }
104 ZBX_ACTIVE_METRIC;
105 
106 typedef struct
107 {
108 	char		*host;
109 	unsigned short	port;
110 }
111 ZBX_THREAD_ACTIVECHK_ARGS;
112 
113 typedef struct
114 {
115 	char		*host;
116 	char		*key;
117 	char		*value;
118 	unsigned char	state;
119 	zbx_uint64_t	lastlogsize;
120 	int		timestamp;
121 	char		*source;
122 	int		severity;
123 	zbx_timespec_t	ts;
124 	int		logeventid;
125 	int		mtime;
126 	unsigned char	flags;
127 	zbx_uint64_t	id;
128 }
129 ZBX_ACTIVE_BUFFER_ELEMENT;
130 
131 typedef struct
132 {
133 	ZBX_ACTIVE_BUFFER_ELEMENT	*data;
134 	int				count;
135 	int				pcount;
136 	int				lastsent;
137 	int				first_error;
138 }
139 ZBX_ACTIVE_BUFFER;
140 
141 ZBX_THREAD_ENTRY(active_checks_thread, args);
142 
143 #endif	/* ZABBIX_ACTIVE_H */
144