github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-09-29 19:24:26 +03:00
Code Issues Packages Projects Releases Wiki Activity

sync code

Browse Source
This commit is contained in:
Ned Wright
2024-12-29 12:13:27 +00:00
parent 96ce290e5f
commit 64ebf013eb
43 changed files with 1058 additions and 406 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/logging/CMakeLists.txt
View File

@@ -1,3 +1,3 @@
add_library(logging logging.cc log_generator.cc debug_stream.cc file_stream.cc fog_stream.cc syslog_stream.cc cef_stream.cc k8s_svc_stream.cc)
add_library(logging logging.cc log_generator.cc debug_stream.cc file_stream.cc fog_stream.cc syslog_stream.cc cef_stream.cc k8s_svc_stream.cc log_connector.cc)
add_subdirectory(logging_ut)

107
core/logging/cef_stream.cc
View File

@@ -24,22 +24,21 @@ USE_DEBUG_FLAG(D_REPORT);
static string lookup_cmd = "nslookup ";
static string line_selection_cmd = "| grep Address | sed -n 2p";
static string parsing_cmd = "| cut -f2 -d' ' | tr -d '\n'";
static string CEF_NAME = "CEF";
CefStream::CefStream(const string &_address, int _port, I_Socket::SocketType _protocol)
:
i_socket(Singleton::Consume<I_Socket>::by<LoggingComp>()),
address(_address),
port(_port),
protocol(_protocol)
LogStreamConnector(_address, _port, _protocol, CEF_NAME)
{
connect();
if (!socket.ok()) {
dbgWarning(D_REPORT) << "Failed to connect to the CEF server";
}
init();
socket = genError("Not set yet");
}
CefStream::~CefStream()
{
sendAllLogs();
if (mainloop != nullptr && mainloop->doesRoutineExist(connecting_routine)) mainloop->stop(connecting_routine);
if (socket.ok()) {
i_socket->closeSocket(const_cast<int &>(*socket));
socket = genError("Closed socket");
@@ -49,50 +48,60 @@ CefStream::~CefStream()
void
CefStream::sendLog(const Report &log)
{
if (!socket.ok()) {
connect();
if (!socket.ok()) {
dbgWarning(D_REPORT) << "Failed to connect to the CEF server, log will not be sent.";
return;
}
}
dbgTrace(D_REPORT) << "Connected to socket.";
string cef_report = log.getCef();
if (protocol == I_Socket::SocketType::TCP) {
cef_report = to_string(cef_report.length()) + " " + cef_report;
}
vector<char> data(cef_report.begin(), cef_report.end());
for (size_t tries = 0; tries < 3; tries++) {
if (i_socket->writeData(socket.unpack(), data)) {
dbgTrace(D_REPORT) << "log was sent to CEF server";
return;
} else {
dbgWarning(D_REPORT) << "Failed to send log to CEF server";
}
}
sendLogWithQueue(data);
}
void
CefStream::init() {
updateSettings();
maintainConnection();
auto ceflog_retry_interval = getProfileAgentSettingWithDefault<uint>(
RETRY_CONNECT_INTERVAL,
"agent.config.log.cefServer.connect_retry_interval");
dbgTrace(D_REPORT) << "retry interval: " << ceflog_retry_interval;
chrono::seconds connect_retry_interval = chrono::seconds(ceflog_retry_interval);
connecting_routine = mainloop->addRecurringRoutine(
I_MainLoop::RoutineType::Offline,
connect_retry_interval,
[this] ()
{
dbgTrace(D_REPORT) << CEF_CONNECT_NAME;
maintainConnection();
},
CEF_CONNECT_NAME
);
}
void
CefStream::connect()
{
auto cef_address = getProfileAgentSettingWithDefault<string>(address, "agent.config.log.cefServer.IP");
auto cef_port = getProfileAgentSettingWithDefault<uint>(port, "agent.config.log.cefServer.port");
if (cef_address.empty()) {
dbgDebug(D_REPORT)
<< "Connecting to CEF server"
<< " Address: "
<< address
<< " Port: "
<< port;
if (address.empty()) {
dbgWarning(D_REPORT) << "Cannot connect to CEF server, IP/Domain is not configured.";
return;
}
struct in_addr addr;
if (inet_pton(AF_INET, cef_address.data(), &addr) != 1) {
if (inet_pton(AF_INET, address.data(), &addr) != 1) {
I_ShellCmd *shell_cmd = Singleton::Consume<I_ShellCmd>::by<LoggingComp>();
string host_cmd = lookup_cmd + cef_address + line_selection_cmd + parsing_cmd;
string host_cmd = lookup_cmd + address + line_selection_cmd + parsing_cmd;
Maybe<string> res = shell_cmd->getExecOutput(host_cmd, 500);
if (!res.ok()) {
dbgWarning(D_REPORT)
<< "Failed to execute domain lookup command. "
<< "CEF Domain: "
<< cef_address
<< address
<< "Error: "
<< res.getErr();
return;
@@ -102,7 +111,7 @@ CefStream::connect()
dbgWarning(D_REPORT)
<< "Got en empty ip address from lookup command. "
<< "CEF Domain: "
<< cef_address
<< address
<< "Got bad ip address: "
<< res.unpack();
return;
@@ -113,19 +122,47 @@ CefStream::connect()
dbgWarning(D_REPORT)
<< "Got a faulty ip address from lookup command. "
<< "CEF Domain: "
<< cef_address
<< address
<< "Got bad ip address: "
<< res.unpack();
return;
}
cef_address = res.unpack();
address = res.unpack();
}
socket = i_socket->genSocket(
protocol,
false,
false,
cef_address + ":" + to_string(cef_port)
address + ":" + to_string(port)
);
}
void
CefStream::updateSettings()
{
max_logs_per_send = getProfileAgentSettingWithDefault<int>(
NUMBER_OF_LOGS_PER_SEND,
"agent.config.log.cefServer.MaxLogsPerSend"
);
if (max_logs_per_send < 0) {
max_logs_per_send = NUMBER_OF_LOGS_PER_SEND;
}
address = getProfileAgentSettingWithDefault<string>(address, "agent.config.log.cefServer.IP");
port = getProfileAgentSettingWithDefault<uint>(port, "agent.config.log.cefServer.port");
max_data_in_queue = getProfileAgentSettingWithDefault<uint>(
MAX_LOG_QUEUE,
"agent.config.log.cefServer.MaxDataInQueue"
);
dbgTrace(D_REPORT)
<< "CEF server settings updated. "
<< "Address: "
<< address
<< " Port: "
<< port
<< " Max logs per send: "
<< max_logs_per_send
<< " Max data in queue: "
<< max_data_in_queue;
}

81
core/logging/log_streams.h
View File

@@ -23,6 +23,13 @@
#include "logging_metric.h"
#include "i_logging.h"
#include "i_socket_is.h"
#include "logging_comp.h"
static const int RETRY_CONNECT_INTERVAL = 120;
static const std::string SYSLOG_CONNECT_NAME = "connecting to Syslog server";
static const std::string CEF_CONNECT_NAME = "connecting to CEF server";
static const int NUMBER_OF_LOGS_PER_SEND = 15;
static size_t MAX_LOG_QUEUE = 1000;
USE_DEBUG_FLAG(D_REPORT);
@@ -93,43 +100,77 @@ private:
I_Messaging *i_msg = nullptr;
};
class SyslogStream : public Stream
class LogStreamConnector : public Stream
{
public:
LogStreamConnector(
const std::string &_address,
int _port,
I_Socket::SocketType _protocol,
const std::string &_log_name) :
mainloop(Singleton::Consume<I_MainLoop>::by<LoggingComp>()),
i_socket(Singleton::Consume<I_Socket>::by<LoggingComp>()),
address(_address),
port(_port),
protocol(_protocol),
logs_in_queue(),
log_name(_log_name) {}
virtual ~LogStreamConnector() {}
protected:
virtual void connect() = 0;
virtual void updateSettings() = 0;
void maintainConnection();
void addLogToQueue(const std::vector<char> &data);
void writeFail();
bool basicWriteLog(const std::vector<char> &data);
void sendLogWithQueue(const std::vector<char> &data);
void sendAllLogs();
I_MainLoop *mainloop = nullptr;
I_Socket *i_socket = nullptr;
std::string address;
int port;
I_Socket::SocketType protocol = I_Socket::SocketType::UDP;
Maybe<I_Socket::socketFd> socket = genError("Not set yet");
bool did_write_fail_in_this_window = false;
std::vector<std::vector<char>> logs_in_queue;
I_MainLoop::RoutineID connecting_routine = -1;
int max_logs_per_send = NUMBER_OF_LOGS_PER_SEND;
std::string log_name;
uint max_data_in_queue = MAX_LOG_QUEUE;
};
class SyslogStream : public LogStreamConnector
{
public:
SyslogStream(const std::string &_address, int _port, I_Socket::SocketType protocol);
~SyslogStream();
void sendLog(const Report &log) override;
private:
void sendLog(const std::vector<char> &data);
void connect();
protected:
void connect() override;
void updateSettings() override;
I_Socket *i_socket = nullptr;
I_MainLoop *mainloop = nullptr;
std::string address;
int port;
I_Socket::SocketType protocol = I_Socket::SocketType::UDP;
private:
void init();
void sendLog(const std::vector<char> &data);
I_MainLoop::RoutineID log_send_routine = -1;
Maybe<I_Socket::socketFd> socket = genError("Not set yet");
};
class CefStream : public Stream
class CefStream : public LogStreamConnector
{
public:
CefStream(const std::string &_address, int _port, I_Socket::SocketType _protocol);
~CefStream();
void sendLog(const Report &log) override;
protected:
void connect() override;
void updateSettings() override;
private:
void connect();
I_Socket *i_socket = nullptr;
std::string address;
int port;
I_Socket::SocketType protocol = I_Socket::SocketType::UDP;
Maybe<I_Socket::socketFd> socket = genError("Not set yet");
void init();
};
#endif // __LOG_STREAMS_H__

1
core/logging/logging.cc
View File

@@ -171,6 +171,7 @@ public:
} else {
LogEventLogsSent(true).notify();
for (auto &iter : streams) {
dbgTrace(D_REPORT) << "Sending log to stream: " << TagAndEnumManagement::convertToString(iter.first);
if (log.isStreamActive(iter.first)) iter.second->sendLog(log);
}
}

232
core/logging/logging_ut/logging_ut.cc
View File

@@ -24,6 +24,7 @@
#include "metric/all_metric_event.h"
#include "mock/mock_shell_cmd.h"
#include "version.h"
#include "../log_streams.h"
using namespace testing;
using namespace std;
@@ -104,6 +105,7 @@ public:
class LogTest : public testing::Test
{
public:
const ::Report CreateReport(ReportIS::Tags &tag1, ReportIS::Tags &tag2);
LogTest()
:
agent_details(),
@@ -132,6 +134,16 @@ public:
DoAll(SaveArg<1>(&sysog_routine), Return(0))
);
EXPECT_CALL(
mock_mainloop,
addRecurringRoutine(_, _, _, "connecting to Syslog server", _)
).WillRepeatedly(DoAll(SaveArg<2>(&connect_syslog_routine), Return(2)));
EXPECT_CALL(
mock_mainloop,
addRecurringRoutine(_, _, _, "connecting to CEF server", _)
).WillRepeatedly(DoAll(SaveArg<2>(&connect_cef_routine), Return(3)));
EXPECT_CALL(mock_socket_is, writeData(1, _)).WillRepeatedly(
WithArg<1>(
Invoke(
@@ -291,6 +303,8 @@ public:
ConfigComponent config;
vector<string> capture_syslog_cef_data;
I_MainLoop::Routine sysog_routine = nullptr;
I_MainLoop::Routine connect_syslog_routine = nullptr;
I_MainLoop::Routine connect_cef_routine = nullptr;
StrictMock<MockShellCmd> mock_shell_cmd;
bool is_domain;
@@ -1469,98 +1483,148 @@ TEST_F(LogTest, BulkModification)
EXPECT_EQ(local_body, str1);
}
TEST_F(LogTest, ObfuscationTest)
const ::Report
LogTest::CreateReport(Tags &tag1, Tags &tag2) {
LogField origin("String", "Another string");
const ::Report report(
"String=\"Another string\"",
chrono::microseconds(90000),
Type::EVENT,
Level::LOG,
LogLevel::INFO,
Audience::INTERNAL,
AudienceTeam::AGENT_CORE,
Severity::INFO,
Priority::LOW,
chrono::seconds(3600),
origin,
tag1,
tag2,
Notification::POLICY_UPDATE,
IssuingEngine::AGENT_CORE
);
return report;
}
TEST_F(LogTest, ObfuscationCefSysLogTest)
{
loadFakeConfiguration(false);
Tags tag1 = Tags::POLICY_INSTALLATION;
Tags tag2 = Tags::ACCESS_CONTROL;
std::string address = "172.28.1.6";
int port = 514;
I_Socket::SocketType protocol = I_Socket::SocketType::TCP;
// for cef
CefStream cef_stream(address, port, protocol);
ASSERT_NE(connect_cef_routine, nullptr);
connect_cef_routine();
cef_stream.sendLog(CreateReport(tag1, tag2));
EXPECT_EQ(capture_syslog_cef_data.size(), 1u);
// for syslog activate send log
SyslogStream syslog_stream(address, port, protocol);
static const string expected_obfuscated_log(
"{\n"
" \"log\": {\n"
" \"eventTime\": \"0:0:0\",\n"
" \"eventName\": \"Install policy\",\n"
" \"eventSeverity\": \"Info\",\n"
" \"eventPriority\": \"Low\",\n"
" \"eventType\": \"Event Driven\",\n"
" \"eventLevel\": \"Log\",\n"
" \"eventLogLevel\": \"info\",\n"
" \"eventAudience\": \"Internal\",\n"
" \"eventAudienceTeam\": \"\",\n"
" \"eventFrequency\": 0,\n"
" \"eventTags\": [\n"
" \"Access Control\",\n"
" \"Policy Installation\"\n"
" ],\n"
" \"eventSource\": {\n"
" \"agentId\": \"Unknown\",\n"
" \"eventTraceId\": \"\",\n"
" \"eventSpanId\": \"\",\n"
" \"issuingEngineVersion\": \"\",\n"
" \"serviceName\": \"Unnamed Nano Service\"\n"
" },\n"
" \"eventData\": {\n"
" \"logIndex\": 1,\n"
" \"String\": \"{XORANDB64}:mocked field\"\n"
" }\n"
" }\n"
"}"
);
StrictMock<MockEncryptor> mock_encrypt;
EXPECT_CALL(mock_encrypt, base64Encode(_)).WillOnce(Return("mocked field"));
static const string expected_clear_log(
"{\n"
" \"eventTime\": \"0:0:0\",\n"
" \"eventName\": \"Install policy\",\n"
" \"eventSeverity\": \"Info\",\n"
" \"eventPriority\": \"Low\",\n"
" \"eventType\": \"Event Driven\",\n"
" \"eventLevel\": \"Log\",\n"
" \"eventLogLevel\": \"info\",\n"
" \"eventAudience\": \"Internal\",\n"
" \"eventAudienceTeam\": \"\",\n"
" \"eventFrequency\": 0,\n"
" \"eventTags\": [\n"
" \"Access Control\",\n"
" \"Policy Installation\"\n"
" ],\n"
" \"eventSource\": {\n"
" \"agentId\": \"Unknown\",\n"
" \"eventTraceId\": \"\",\n"
" \"eventSpanId\": \"\",\n"
" \"issuingEngineVersion\": \"\",\n"
" \"serviceName\": \"Unnamed Nano Service\"\n"
" },\n"
" \"eventData\": {\n"
" \"logIndex\": 1,\n"
" \"String\": \"Another string\"\n"
" }\n"
"}"
);
{
LogGen log(
"Install policy",
Audience::INTERNAL,
Severity::INFO,
Priority::LOW,
tag1,
tag2,
Enreachments::BEAUTIFY_OUTPUT
);
log << LogField("String", "Another string", LogFieldOption::XORANDB64);
EXPECT_EQ(toJson(log), expected_clear_log);
}
EXPECT_THAT(getMessages(), HasSubstr(expected_clear_log));
EXPECT_THAT(readLogFile(), HasSubstr(expected_clear_log));
EXPECT_EQ(getBodyFogMessage(), expected_obfuscated_log);
// connection to socket before send log
ASSERT_NE(connect_syslog_routine, nullptr);
connect_syslog_routine();
syslog_stream.sendLog(CreateReport(tag1, tag2)); // send log in routine sysog_routine
ASSERT_NE(sysog_routine, nullptr);
sysog_routine();
EXPECT_EQ(capture_syslog_cef_data.size(), 2u);
EXPECT_EQ(capture_syslog_cef_data.size(), 2u); // 1 for CEF 1 for Syslog
for (const string &str : capture_syslog_cef_data) {
EXPECT_THAT(str, AnyOf(HasSubstr("String='Another string'"), HasSubstr("String=\"Another string\"")));
EXPECT_THAT(str, AnyOf(
HasSubstr("String='Another string'"),
HasSubstr(R"(String="Another string")"),
HasSubstr("String=\"Another string\"")));
}
}
TEST_F(LogTest, SysLogWriteFailTest)
{
loadFakeConfiguration(false);
capture_syslog_cef_data.clear();
Tags tag1 = Tags::POLICY_INSTALLATION;
Tags tag2 = Tags::ACCESS_CONTROL;
// for syslog activate send log
std::string address = "172.28.1.6";
int port = 514;
I_Socket::SocketType protocol = I_Socket::SocketType::TCP;
SyslogStream syslog_stream(address, port, protocol);
ASSERT_NE(connect_syslog_routine, nullptr);
connect_syslog_routine();
EXPECT_CALL(mock_socket_is, writeData(1, _))
.WillOnce(Return(false))
.WillOnce(Return(false))
.WillOnce(Return(false))
.WillRepeatedly(
WithArg<1>(
Invoke(
[this](const vector<char> &data)
{
capture_syslog_cef_data.emplace_back(data.begin(), data.end());
return true;
}
)
)
);
syslog_stream.sendLog(CreateReport(tag1, tag2));
ASSERT_NE(sysog_routine, nullptr);
EXPECT_EQ(capture_syslog_cef_data.size(), 0u); //before write
sysog_routine();
EXPECT_EQ(capture_syslog_cef_data.size(), 1u);
for (const string &str : capture_syslog_cef_data) {
EXPECT_THAT(str, AnyOf(
HasSubstr("String='Another string'"),
HasSubstr(R"(String="Another string")"),
HasSubstr("String=\"Another string\"")));
}
}
TEST_F(LogTest, CefWriteFailTest)
{
loadFakeConfiguration(false);
capture_syslog_cef_data.clear();
Tags tag1 = Tags::POLICY_INSTALLATION;
Tags tag2 = Tags::ACCESS_CONTROL;
// for syslog activate send log
std::string address = "172.28.1.6";
int port = 514;
I_Socket::SocketType protocol = I_Socket::SocketType::TCP;
CefStream cef_stream(address, port, protocol);
ASSERT_NE(connect_cef_routine, nullptr);
connect_cef_routine();
EXPECT_CALL(mock_socket_is, writeData(1, _))
.WillOnce(Return(false))
.WillOnce(Return(false))
.WillOnce(Return(false))
.WillRepeatedly(
WithArg<1>(
Invoke(
[this](const vector<char> &data)
{
capture_syslog_cef_data.emplace_back(data.begin(), data.end());
return true;
}
)
)
);
EXPECT_EQ(capture_syslog_cef_data.size(), 0u); //before write
cef_stream.sendLog(CreateReport(tag1, tag2));
EXPECT_EQ(capture_syslog_cef_data.size(), 1u);
for (const string &str : capture_syslog_cef_data) {
EXPECT_THAT(str, AnyOf(
HasSubstr("String='Another string'"),
HasSubstr(R"(String="Another string")"),
HasSubstr("String=\"Another string\"")));
}
}

107
core/logging/syslog_stream.cc
View File

@@ -23,24 +23,22 @@ USE_DEBUG_FLAG(D_REPORT);
static string lookup_cmd = "nslookup ";
static string line_selection_cmd = "| grep Address | sed -n 2p";
static string parsing_cmd = "| cut -f2 -d' ' | tr -d '\n'";
static string SYSLOG_NAME = "Syslog";
SyslogStream::SyslogStream(const string &_address, int _port, I_Socket::SocketType _protocol)
:
i_socket(Singleton::Consume<I_Socket>::by<LoggingComp>()),
mainloop(Singleton::Consume<I_MainLoop>::by<LoggingComp>()),
address(_address),
port(_port),
protocol(_protocol)
LogStreamConnector(_address, _port, _protocol, SYSLOG_NAME)
{
connect();
if (!socket.ok()) {
dbgWarning(D_REPORT) << "Failed to connect to the syslog server";
}
socket = genError("Not set yet");
init();
}
SyslogStream::~SyslogStream()
{
sendAllLogs();
if (mainloop != nullptr && mainloop->doesRoutineExist(log_send_routine)) mainloop->stop(log_send_routine);
if (mainloop != nullptr && mainloop->doesRoutineExist(connecting_routine)) mainloop->stop(connecting_routine);
if (socket.ok()) {
i_socket->closeSocket(const_cast<int &>(*socket));
socket = genError("Closed socket");
@@ -55,7 +53,7 @@ SyslogStream::sendLog(const Report &log)
syslog_report = to_string(syslog_report.length()) + " " + syslog_report;
}
vector<char> data(syslog_report.begin(), syslog_report.end());
mainloop->addOneTimeRoutine(
log_send_routine = mainloop->addOneTimeRoutine(
I_MainLoop::RoutineType::Offline,
[this, data] () { sendLog(data); },
"Logging Syslog stream messaging"
@@ -65,45 +63,57 @@ SyslogStream::sendLog(const Report &log)
void
SyslogStream::sendLog(const vector<char> &data)
{
for (int tries = 0; tries < 3; ++tries) {
if (!socket.ok()) {
connect();
if (!socket.ok()) {
dbgWarning(D_REPORT) << "Failed to connect to the syslog server, Log will not be sent.";
return;
}
dbgTrace(D_REPORT) << "Successfully connect to the syslog server";
}
dbgTrace(D_REPORT) << "Sending Syslog log." << " Max logs per send: " << max_logs_per_send;
sendLogWithQueue(data);
}
if (i_socket->writeData(socket.unpack(), data)) {
dbgTrace(D_REPORT) << "log was sent to syslog server";
return;
}
}
dbgWarning(D_REPORT) << "Failed to send log to syslog server";
void
SyslogStream::init() {
updateSettings();
maintainConnection();
auto syslog_retry_interval = getProfileAgentSettingWithDefault<uint>(
RETRY_CONNECT_INTERVAL,
"agent.config.log.syslogServer.connect_retry_interval");
chrono::seconds connect_retry_interval = chrono::seconds(syslog_retry_interval);
connecting_routine = mainloop->addRecurringRoutine(
I_MainLoop::RoutineType::Offline,
connect_retry_interval,
[this] ()
{
dbgTrace(D_REPORT) << SYSLOG_CONNECT_NAME;
maintainConnection();
},
SYSLOG_CONNECT_NAME
);
}
void
SyslogStream::connect()
{
auto syslog_address = getProfileAgentSettingWithDefault<string>(address, "agent.config.log.syslogServer.IP");
auto syslog_port = getProfileAgentSettingWithDefault<uint>(port, "agent.config.log.syslogServer.port");
dbgDebug(D_REPORT)
<< "Connecting to Syslog server"
<< " Address: "
<< address
<< " Port: "
<< port;
if (syslog_address.empty()) {
if (address.empty()) {
dbgWarning(D_REPORT) << "Cannot connect to Syslog server, Address IP/Domain not configured.";
return;
}
struct in_addr addr;
if (inet_pton(AF_INET, syslog_address.data(), &addr) != 1) {
if (inet_pton(AF_INET, address.data(), &addr) != 1) {
I_ShellCmd *shell_cmd = Singleton::Consume<I_ShellCmd>::by<LoggingComp>();
string host_cmd = lookup_cmd + syslog_address + line_selection_cmd + parsing_cmd;
string host_cmd = lookup_cmd + address + line_selection_cmd + parsing_cmd;
Maybe<string> res = shell_cmd->getExecOutput(host_cmd, 500);
if (!res.ok()) {
dbgWarning(D_REPORT)
<< "Failed to execute domain lookup command. "
<< "SYSLOG Domain: "
<< syslog_address
<< address
<< "Error: "
<< res.getErr();
return;
@@ -113,7 +123,7 @@ SyslogStream::connect()
dbgWarning(D_REPORT)
<< "Got en empty ip address from lookup command. "
<< "SYSLOG Domain: "
<< syslog_address
<< address
<< "Got bad ip address: "
<< res.unpack();
return;
@@ -124,19 +134,46 @@ SyslogStream::connect()
dbgWarning(D_REPORT)
<< "Got a faulty ip address from lookup command. "
<< "SYSLOG Domain: "
<< syslog_address
<< address
<< "Got bad ip address: "
<< res.unpack();
return;
}
syslog_address = res.unpack();
address = res.unpack();
}
socket = i_socket->genSocket(
protocol,
false,
false,
syslog_address + ":" + to_string(syslog_port)
address + ":" + to_string(port)
);
}
void
SyslogStream::updateSettings()
{
max_logs_per_send = getProfileAgentSettingWithDefault<int>(
NUMBER_OF_LOGS_PER_SEND,
"agent.config.log.syslogServer.MaxLogsPerSend"
);
if (max_logs_per_send < 0) {
max_logs_per_send = NUMBER_OF_LOGS_PER_SEND;
}
address = getProfileAgentSettingWithDefault<string>(address, "agent.config.log.syslogServer.IP");
port = getProfileAgentSettingWithDefault<uint>(port, "agent.config.log.syslogServer.port");
max_data_in_queue =
getProfileAgentSettingWithDefault<uint>(MAX_LOG_QUEUE, "agent.config.log.syslogServer.MaxLogQueue");
dbgTrace(D_REPORT)
<< "Syslog server settings updated. "
<< "Address: "
<< address
<< " Port: "
<< port
<< " Max logs per send: "
<< max_logs_per_send
<< " Max data in queue: "
<< max_data_in_queue;
}