1 /*
2 ** Copyright (C) 2011 Tim Shelton
3 ** Copyright (C) 2011 HAWK Network Defense, Inc. hawkdefense.com
4 **
5 ** This program is free software; you can redistribute it and/or modify
6 ** it under the terms of the GNU General Public License Version 2 as
7 ** published by the Free Software Foundation.  You may not use, modify or
8 ** distribute this program under any other version of the GNU General
9 ** Public License.
10 **
11 ** This program is distributed in the hope that it will be useful,
12 ** but WITHOUT ANY WARRANTY; without even the implied warranty of
13 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14 ** GNU General Public License for more details.
15 **
16 ** You should have received a copy of the GNU General Public License
17 ** along with this program; if not, write to the Free Software
18 ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19 */
20 
21 #ifndef __OP_SYSLOG_FULL_H_
22 #define __OP_SYSLOG_FULL_H_
23 
24 
25 #include <arpa/inet.h>
26 #include <errno.h>
27 #include <netdb.h>
28 #include <netinet/in.h>
29 #include <stdlib.h>
30 #include <string.h>
31 #include <syslog.h>
32 #include <sys/socket.h>
33 #include <sys/types.h>
34 #include <time.h>
35 #include <unistd.h>
36 
37 #include "barnyard2.h"
38 #include "map.h"
39 #include "mstring.h"
40 #include "parser.h"
41 #include "plugbase.h"
42 #include "strlcpyu.h"
43 #include "unified2.h"
44 
45 
46 #define OUT_MODE_DEFAULT 0
47 #define OUT_MODE_FULL 1
48 
49 #define LOG_UDP 0
50 #define LOG_TCP 1
51 
52 #define ENCODE_HEX    0x0000
53 #define ENCODE_ASCII  0x0001
54 #define ENCODE_BASE64 0x0002
55 
56 #define SYSLOG_MAX_QUERY_SIZE MAX_QUERY_LENGTH
57 
58 typedef struct _OpSyslog_Data
59 {
60     char *server;
61     char *sensor_name;
62 
63     u_int8_t log_context;
64     u_int8_t payload_encoding;
65     u_int8_t operation_mode;
66     u_int8_t local_logging;
67     u_int32_t syslog_priority;
68 
69     char payload_escape_buffer[MAX_QUERY_LENGTH];
70 
71     char syslog_tx_facility[16];
72     char syslog_tx_priority[16];
73 
74 
75     u_int32_t port;
76     u_int16_t detail;
77     u_int16_t proto;
78 
79     char delim;
80     char field_separators;
81 
82     struct hostent *hostPtr;
83     struct sockaddr_in sockaddr;
84     int socket;
85 
86     char *payload;
87     char *formatBuffer;
88     u_int32_t payload_current_pos;
89     u_int32_t format_current_pos;
90 
91 
92 } OpSyslog_Data;
93 
94 void OpSyslog_Setup(void);
95 void OpSyslog_Init(char *args,u_int8_t context);
96 
97 
98 #endif  /* __OP_SYSLOG_FULL_H_ */
99 
100