/* [<][>][^][v][top][bottom][index][help] */
DEFINITIONS
This source file includes following definitions.
- usage
- display_eventlog_names
- DoAddSourceCommand
- DoWriteCommand
- DoDumpCommand
- main
1
2 /*
3 * Samba Unix/Linux SMB client utility
4 * Write Eventlog records to a tdb, perform other eventlog related functions
5 *
6 *
7 * Copyright (C) Brian Moran 2005.
8 * Copyright (C) Guenther Deschner 2009.
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 3 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 */
23
24
25 #include "includes.h"
26
27 #undef DBGC_CLASS
28 #define DBGC_CLASS DBGC_UTIL_EVENTLOG
29
30
31 extern int optind;
32 extern char *optarg;
33
34 int opt_debug = 0;
35
36 static void usage( char *s )
/* [<][>][^][v][top][bottom][index][help] */
37 {
38 printf( "\nUsage: %s [OPTION]\n\n", s );
39 printf( " -o write <Eventlog Name> \t\t\t\t\tWrites records to eventlog from STDIN\n" );
40 printf( " -o addsource <EventlogName> <sourcename> <msgfileDLLname> \tAdds the specified source & DLL eventlog registry entry\n" );
41 printf( " -o dump <Eventlog Name> <starting_record>\t\t\t\t\tDump stored eventlog entries on STDOUT\n" );
42 printf( "\nMiscellaneous options:\n" );
43 printf( " -d\t\t\t\t\t\t\t\tturn debug on\n" );
44 printf( " -h\t\t\t\t\t\t\t\tdisplay help\n\n" );
45 }
46
47 static void display_eventlog_names( void )
/* [<][>][^][v][top][bottom][index][help] */
48 {
49 const char **elogs;
50 int i;
51
52 elogs = lp_eventlog_list( );
53 printf( "Active eventlog names (from smb.conf):\n" );
54 printf( "--------------------------------------\n" );
55 if ( elogs ) {
56 for ( i = 0; elogs[i]; i++ ) {
57 printf( "\t%s\n", elogs[i] );
58 }
59 }
60 else
61 printf( "\t<None specified>\n");
62 }
63
64 static int DoAddSourceCommand( int argc, char **argv, bool debugflag, char *exename )
/* [<][>][^][v][top][bottom][index][help] */
65 {
66
67 if ( argc < 3 ) {
68 printf( "need more arguments:\n" );
69 printf( "-o addsource EventlogName SourceName /path/to/EventMessageFile.dll\n" );
70 return -1;
71 }
72 /* must open the registry before we access it */
73 if (!W_ERROR_IS_OK(regdb_init())) {
74 printf( "Can't open the registry.\n" );
75 return -1;
76 }
77
78 if ( !eventlog_add_source( argv[0], argv[1], argv[2] ) )
79 return -2;
80 return 0;
81 }
82
83 static int DoWriteCommand( int argc, char **argv, bool debugflag, char *exename )
/* [<][>][^][v][top][bottom][index][help] */
84 {
85 FILE *f1;
86 char *argfname;
87 ELOG_TDB *etdb;
88 NTSTATUS status;
89
90 /* fixed constants are bad bad bad */
91 char linein[1024];
92 bool is_eor;
93 struct eventlog_Record_tdb ee;
94 uint32_t record_number;
95 TALLOC_CTX *mem_ctx = talloc_tos();
96
97 f1 = stdin;
98 if ( !f1 ) {
99 printf( "Can't open STDIN\n" );
100 return -1;
101 }
102
103 if ( debugflag ) {
104 printf( "Starting write for eventlog [%s]\n", argv[0] );
105 display_eventlog_names( );
106 }
107
108 argfname = argv[0];
109
110 if ( !( etdb = elog_open_tdb( argfname, False, False ) ) ) {
111 printf( "can't open the eventlog TDB (%s)\n", argfname );
112 return -1;
113 }
114
115 ZERO_STRUCT( ee ); /* MUST initialize between records */
116
117 while ( !feof( f1 ) ) {
118 if (fgets( linein, sizeof( linein ) - 1, f1 ) == NULL) {
119 break;
120 }
121 linein[strlen( linein ) - 1] = 0; /* whack the line delimiter */
122
123 if ( debugflag )
124 printf( "Read line [%s]\n", linein );
125
126 is_eor = False;
127
128
129 parse_logentry( mem_ctx, ( char * ) &linein, &ee, &is_eor );
130 /* should we do something with the return code? */
131
132 if ( is_eor ) {
133 fixup_eventlog_record_tdb( &ee );
134
135 if ( opt_debug )
136 printf( "record number [%d], tg [%d] , tw [%d]\n",
137 ee.record_number, (int)ee.time_generated, (int)ee.time_written );
138
139 if ( ee.time_generated != 0 ) {
140
141 /* printf("Writing to the event log\n"); */
142
143 status = evlog_push_record_tdb( mem_ctx, ELOG_TDB_CTX(etdb),
144 &ee, &record_number );
145 if ( !NT_STATUS_IS_OK(status) ) {
146 printf( "Can't write to the event log: %s\n",
147 nt_errstr(status) );
148 } else {
149 if ( opt_debug )
150 printf( "Wrote record %d\n",
151 record_number );
152 }
153 } else {
154 if ( opt_debug )
155 printf( "<null record>\n" );
156 }
157 ZERO_STRUCT( ee ); /* MUST initialize between records */
158 }
159 }
160
161 elog_close_tdb( etdb , False );
162
163 return 0;
164 }
165
166 static int DoDumpCommand(int argc, char **argv, bool debugflag, char *exename)
/* [<][>][^][v][top][bottom][index][help] */
167 {
168 ELOG_TDB *etdb;
169 TALLOC_CTX *mem_ctx = talloc_tos();
170 const char *tdb_filename;
171 uint32_t count = 1;
172
173 if (argc > 2) {
174 return -1;
175 }
176
177 tdb_filename = argv[0];
178
179 if (argc > 1) {
180 count = atoi(argv[1]);
181 }
182
183 etdb = elog_open_tdb(argv[0], false, true);
184 if (!etdb) {
185 printf("can't open the eventlog TDB (%s)\n", argv[0]);
186 return -1;
187 }
188
189 while (1) {
190
191 struct eventlog_Record_tdb *r;
192 char *s;
193
194 r = evlog_pull_record_tdb(mem_ctx, etdb->tdb, count);
195 if (!r) {
196 break;
197 }
198
199 printf("displaying record: %d\n", count);
200
201 s = NDR_PRINT_STRUCT_STRING(mem_ctx, eventlog_Record_tdb, r);
202 if (s) {
203 printf("%s\n", s);
204 talloc_free(s);
205 }
206 count++;
207 }
208
209 elog_close_tdb(etdb, false);
210
211 return 0;
212 }
213
214 /* would be nice to use the popT stuff here, however doing so forces us to drag in a lot of other infrastructure */
215
216 int main( int argc, char *argv[] )
/* [<][>][^][v][top][bottom][index][help] */
217 {
218 int opt, rc;
219 char *exename;
220 TALLOC_CTX *frame = talloc_stackframe();
221
222
223 fstring opname;
224
225 load_case_tables();
226
227 opt_debug = 0; /* todo set this from getopts */
228
229 lp_load(get_dyn_CONFIGFILE(), True, False, False, True);
230
231 exename = argv[0];
232
233 /* default */
234
235 fstrcpy( opname, "write" ); /* the default */
236
237 #if 0 /* TESTING CODE */
238 eventlog_add_source( "System", "TestSourceX", "SomeTestPathX" );
239 #endif
240 while ( ( opt = getopt( argc, argv, "dho:" ) ) != EOF ) {
241 switch ( opt ) {
242
243 case 'o':
244 fstrcpy( opname, optarg );
245 break;
246
247 case 'h':
248 usage( exename );
249 display_eventlog_names( );
250 exit( 0 );
251 break;
252
253 case 'd':
254 opt_debug = 1;
255 break;
256 }
257 }
258
259 argc -= optind;
260 argv += optind;
261
262 if ( argc < 1 ) {
263 printf( "\nNot enough arguments!\n" );
264 usage( exename );
265 exit( 1 );
266 }
267
268 /* note that the separate command types should call usage if they need to... */
269 while ( 1 ) {
270 if ( !StrCaseCmp( opname, "addsource" ) ) {
271 rc = DoAddSourceCommand( argc, argv, opt_debug,
272 exename );
273 break;
274 }
275 if ( !StrCaseCmp( opname, "write" ) ) {
276 rc = DoWriteCommand( argc, argv, opt_debug, exename );
277 break;
278 }
279 if ( !StrCaseCmp( opname, "dump" ) ) {
280 rc = DoDumpCommand( argc, argv, opt_debug, exename );
281 break;
282 }
283 printf( "unknown command [%s]\n", opname );
284 usage( exename );
285 exit( 1 );
286 break;
287 }
288 TALLOC_FREE(frame);
289 return rc;
290 }