# HG changeset patch # User Carl Byington # Date 1368817401 25200 # Node ID 37eace15ef87bdbe7318977a3c20cc97558a0bb5 # Parent 2ea606326f5b22d49ce0c1210e66e7d4fbf5ac03 allow hourly/daily/weekly triggers for output generation, append to temp wflogs input files so daemon restart won't drop as much data diff -r 2ea606326f5b -r 37eace15ef87 src/wflogs-config.cpp --- a/src/wflogs-config.cpp Fri May 17 10:37:25 2013 -0700 +++ b/src/wflogs-config.cpp Fri May 17 12:03:21 2013 -0700 @@ -13,9 +13,16 @@ #include #include #include +#include + + +string_set all_strings;// owns all the strings, only modified by the config loader thread +const int maxlen = 1000; // used for snprintf buffers const char *token_context; +const char *token_daily; const char *token_file; +const char *token_hourly; const char *token_include; const char *token_lbrace; const char *token_output; @@ -24,13 +31,11 @@ const char *token_rbrace; const char *token_semi; const char *token_tempin; +const char *token_trigger; const char *token_versions; +const char *token_weekly; const char *token_wflogs; -string_set all_strings;// owns all the strings, only modified by the config loader thread -const int maxlen = 1000; // used for snprintf buffers - - //////////////////////////////////////////////// // @@ -41,6 +46,7 @@ fdo = -1; period = 120; versions = 3; + trigger = NULL; output = NULL; tempin = NULL; wflogs = NULL; @@ -58,6 +64,7 @@ printf("context %s {\n", name); printf(" period %d; \n", period); printf(" versions %d; \n", versions); + if (trigger) printf(" trigger \"%s\";\n", trigger); printf(" output \"%s\";\n", output); printf(" tempin \"%s\";\n", tempin); printf(" wflogs \"%s\";\n", wflogs); @@ -69,7 +76,8 @@ void CONTEXT::openo(bool msg) { open_time = time(NULL); - fdo = ::creat(tempin, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); + localtime_r(&open_time, &open_tm); + fdo = ::open(tempin, O_CREAT | O_WRONLY, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); if (fdo == -1) { if (msg) { char buf[maxlen]; @@ -77,6 +85,9 @@ tokp->token_error(buf); } } + else { + lseek(fdo, 0, SEEK_END); + } } @@ -191,9 +202,19 @@ } +bool CONTEXT::check_wflog_time() { + time_t now_time = time(NULL); + tm now_tm; + localtime_r(&now_time, &now_tm); + return (open_time + period < now_time) || \ + ((trigger == token_hourly) && (now_tm.tm_hour != open_tm.tm_hour)) || \ + ((trigger == token_daily) && (now_tm.tm_wday != open_tm.tm_wday)) || \ + ((trigger == token_weekly) && (now_tm.tm_wday != open_tm.tm_wday) && (now_tm.tm_wday == 0)); +} + + void CONTEXT::check_wflog() { - time_t now = time(NULL); - if ((fdo != -1) && (open_time + period < now)) { + if ((fdo != -1) && check_wflog_time()) { closeo(); // rename previous wflog html output files char buf[maxlen]; @@ -368,7 +389,16 @@ tok.token_error(buf); con->pattern = NULL; } - + if (!tsa(tok, token_semi)) return false; + } + else if (have == token_trigger) { + have = tok.next(); + if ((have == token_hourly) || (have == token_daily) || (have == token_weekly)) { + con->trigger = have; + } + else { + tok.token_error("hourly/daily/weekly", have); + } if (!tsa(tok, token_semi)) return false; } else { @@ -416,7 +446,9 @@ // void token_init() { token_context = register_string("context"); + token_daily = register_string("daily"); token_file = register_string("file"); + token_hourly = register_string("hourly"); token_include = register_string("include"); token_lbrace = register_string("{"); token_output = register_string("output"); @@ -425,6 +457,8 @@ token_rbrace = register_string("}"); token_semi = register_string(";"); token_tempin = register_string("tempin"); + token_trigger = register_string("trigger"); token_versions = register_string("versions"); + token_weekly = register_string("weekly"); token_wflogs = register_string("wflogs"); } diff -r 2ea606326f5b -r 37eace15ef87 src/wflogs-config.h --- a/src/wflogs-config.h Fri May 17 10:37:25 2013 -0700 +++ b/src/wflogs-config.h Fri May 17 12:03:21 2013 -0700 @@ -31,11 +31,13 @@ // output side int fdo; // output tempin wflogs file time_t open_time; // time when fdo opened + tm open_tm; TOKEN *tokp; // our data int period; // in seconds int versions; // number to keep // all strings owned by the string table + const char * trigger; // trigger token or NULL const char * output; // output file name pattern const char * tempin; // temp wflogs input file name const char * wflogs; // wflogs command line @@ -63,7 +65,8 @@ void closeo(); void close(); void process(char *p); - void check_wflog(); // time to call it? + bool check_wflog_time(); + void check_wflog(); void free_all(); }; typedef CONTEXT * CONTEXTP; @@ -98,7 +101,9 @@ extern const char *token_context; +extern const char *token_daily; extern const char *token_file; +extern const char *token_hourly; extern const char *token_include; extern const char *token_lbrace; extern const char *token_output; @@ -107,5 +112,7 @@ extern const char *token_rbrace; extern const char *token_semi; extern const char *token_tempin; +extern const char *token_trigger; extern const char *token_versions; +extern const char *token_weekly; extern const char *token_wflogs; diff -r 2ea606326f5b -r 37eace15ef87 wflogs-daemon.conf --- a/wflogs-daemon.conf Fri May 17 10:37:25 2013 -0700 +++ b/wflogs-daemon.conf Fri May 17 12:03:21 2013 -0700 @@ -2,8 +2,19 @@ period 120; versions 20; output "/var/www/html/firewall.0fast.%d.html"; - tempin "/tmp/wflogs.fast.input"; - wflogs "nice wflogs -i all -o html /tmp/wflogs.fast.input >%s &"; + tempin "/var/lib/wflogs-daemon/wflogs.fast.input"; + wflogs "nice wflogs -i all -o html /var/lib/wflogs-daemon/wflogs.fast.input >%s &"; + file "/var/log/messages"; + pattern "vyatta kernel"; +}; + +context hourly { + period 3600; + versions 4; + trigger hourly; + output "/var/www/html/firewall.1hourly.%d.html"; + tempin "/var/lib/wflogs-daemon/wflogs.hourly.input"; + wflogs "nice wflogs -i all -o html /var/lib/wflogs-daemon/wflogs.hourly.input >%s &"; file "/var/log/messages"; pattern "vyatta kernel"; }; @@ -11,9 +22,10 @@ context daily { period 86400; versions 7; - output "/var/www/html/firewall.1daily.%d.html"; - tempin "/tmp/wflogs.daily.input"; - wflogs "nice wflogs -i all -o html /tmp/wflogs.daily.input >%s &"; + trigger daily; + output "/var/www/html/firewall.2daily.%d.html"; + tempin "/var/lib/wflogs-daemon/wflogs.daily.input"; + wflogs "nice wflogs -i all -o html /var/lib/wflogs-daemon/wflogs.daily.input >%s &"; file "/var/log/messages"; pattern "vyatta kernel"; }; @@ -21,9 +33,10 @@ context weekly { period 604800; versions 4; - output "/var/www/html/firewall.2weekly.%d.html"; - tempin "/tmp/wflogs.weekly.input"; - wflogs "nice wflogs -i all -o html /tmp/wflogs.weekly.input >%s &"; + trigger weekly; + output "/var/www/html/firewall.3weekly.%d.html"; + tempin "/var/lib/wflogs-daemon/wflogs.weekly.input"; + wflogs "nice wflogs -i all -o html /var/lib/wflogs-daemon/wflogs.weekly.input >%s &"; file "/var/log/messages"; pattern "vyatta kernel"; }; diff -r 2ea606326f5b -r 37eace15ef87 wflogs-daemon.spec.in --- a/wflogs-daemon.spec.in Fri May 17 10:37:25 2013 -0700 +++ b/wflogs-daemon.spec.in Fri May 17 12:03:21 2013 -0700 @@ -33,6 +33,7 @@ rm -rf $RPM_BUILD_ROOT make DESTDIR=$RPM_BUILD_ROOT install mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d +mkdir -p $RPM_BUILD_ROOT/var/lib/%{name} mv -f $RPM_BUILD_ROOT%{_sysconfdir}/%{name} $RPM_BUILD_ROOT/etc/rc.d/init.d @@ -62,6 +63,7 @@ %{_mandir}/man5/* %docdir %{_datadir}/doc/%{name}-%{version} %{_datadir}/doc/%{name}-%{version} +/var/lib/%{name}/ %config(noreplace) %{_sysconfdir}/%{name}.conf /etc/rc.d/init.d/%{name} @@ -69,6 +71,7 @@ %changelog * Fri May 17 2013 Carl Byington - 1.1-1 - allow multiple config contexts +- output optionally triggered by hourly/daily/weekly rollover * Wed May 15 2013 Carl Byington - 1.0-1 - initial revision diff -r 2ea606326f5b -r 37eace15ef87 xml/wflogs-daemon.in --- a/xml/wflogs-daemon.in Fri May 17 10:37:25 2013 -0700 +++ b/xml/wflogs-daemon.in Fri May 17 12:03:21 2013 -0700 @@ -159,9 +159,10 @@ %s &"; + tempin "/var/lib/wflogs-daemon/wflogs.fast.input"; + wflogs "nice wflogs -i all -o html /var/lib/wflogs-daemon/wflogs.fast.input >%s &"; + file "/var/log/messages"; + pattern "vyatta kernel"; +}; + +context hourly { + period 3600; + versions 4; + trigger hourly; + output "/var/www/html/firewall.1hourly.%d.html"; + tempin "/var/lib/wflogs-daemon/wflogs.hourly.input"; + wflogs "nice wflogs -i all -o html /var/lib/wflogs-daemon/wflogs.hourly.input >%s &"; file "/var/log/messages"; pattern "vyatta kernel"; }; @@ -185,9 +197,10 @@ context daily { period 86400; versions 7; - output "/var/www/html/firewall.1daily.%d.html"; - tempin "/tmp/wflogs.daily.input"; - wflogs "nice wflogs -i all -o html /tmp/wflogs.daily.input >%s &"; + trigger daily; + output "/var/www/html/firewall.2daily.%d.html"; + tempin "/var/lib/wflogs-daemon/wflogs.daily.input"; + wflogs "nice wflogs -i all -o html /var/lib/wflogs-daemon/wflogs.daily.input >%s &"; file "/var/log/messages"; pattern "vyatta kernel"; }; @@ -195,9 +208,10 @@ context weekly { period 604800; versions 4; - output "/var/www/html/firewall.2weekly.%d.html"; - tempin "/tmp/wflogs.weekly.input"; - wflogs "nice wflogs -i all -o html /tmp/wflogs.weekly.input >%s &"; + trigger weekly; + output "/var/www/html/firewall.3weekly.%d.html"; + tempin "/var/lib/wflogs-daemon/wflogs.weekly.input"; + wflogs "nice wflogs -i all -o html /var/lib/wflogs-daemon/wflogs.weekly.input >%s &"; file "/var/log/messages"; pattern "vyatta kernel"; };]]>