root/source3/utils/eventlogadm.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. usage
  2. display_eventlog_names
  3. DoAddSourceCommand
  4. DoWriteCommand
  5. DoDumpCommand
  6. main

   1 
   2 /*
   3  * Samba Unix/Linux SMB client utility 
   4  * Write Eventlog records to a tdb, perform other eventlog related functions
   5  *
   6  *
   7  * Copyright (C) Brian Moran                2005.
   8  * Copyright (C) Guenther Deschner          2009.
   9  *
  10  * This program is free software; you can redistribute it and/or modify
  11  * it under the terms of the GNU General Public License as published by
  12  * the Free Software Foundation; either version 3 of the License, or
  13  * (at your option) any later version.
  14  *
  15  * This program is distributed in the hope that it will be useful,
  16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18  * GNU General Public License for more details.
  19  *
  20  * You should have received a copy of the GNU General Public License
  21  * along with this program; if not, see <http://www.gnu.org/licenses/>.
  22  */
  23 
  24 
  25 #include "includes.h"
  26 
  27 #undef  DBGC_CLASS
  28 #define DBGC_CLASS DBGC_UTIL_EVENTLOG
  29 
  30 
  31 extern int optind;
  32 extern char *optarg;
  33 
  34 int opt_debug = 0;
  35 
  36 static void usage( char *s )
     /* [<][>][^][v][top][bottom][index][help] */
  37 {
  38         printf( "\nUsage: %s [OPTION]\n\n", s );
  39         printf( " -o write <Eventlog Name> \t\t\t\t\tWrites records to eventlog from STDIN\n" );
  40         printf( " -o addsource <EventlogName> <sourcename> <msgfileDLLname> \tAdds the specified source & DLL eventlog registry entry\n" );
  41         printf( " -o dump <Eventlog Name> <starting_record>\t\t\t\t\tDump stored eventlog entries on STDOUT\n" );
  42         printf( "\nMiscellaneous options:\n" );
  43         printf( " -d\t\t\t\t\t\t\t\tturn debug on\n" );
  44         printf( " -h\t\t\t\t\t\t\t\tdisplay help\n\n" );
  45 }
  46 
  47 static void display_eventlog_names( void )
     /* [<][>][^][v][top][bottom][index][help] */
  48 {
  49         const char **elogs;
  50         int i;
  51 
  52         elogs = lp_eventlog_list(  );
  53         printf( "Active eventlog names (from smb.conf):\n" );
  54         printf( "--------------------------------------\n" );
  55         if ( elogs ) {
  56                 for ( i = 0; elogs[i]; i++ ) {
  57                         printf( "\t%s\n", elogs[i] );
  58                 }
  59         } 
  60         else
  61                 printf( "\t<None specified>\n");
  62 }
  63 
  64 static int DoAddSourceCommand( int argc, char **argv, bool debugflag, char *exename )
     /* [<][>][^][v][top][bottom][index][help] */
  65 {
  66 
  67         if ( argc < 3 ) {
  68                 printf( "need more arguments:\n" );
  69                 printf( "-o addsource EventlogName SourceName /path/to/EventMessageFile.dll\n" );
  70                 return -1;
  71         }
  72         /* must open the registry before we access it */
  73         if (!W_ERROR_IS_OK(regdb_init())) {
  74                 printf( "Can't open the registry.\n" );
  75                 return -1;
  76         }
  77 
  78         if ( !eventlog_add_source( argv[0], argv[1], argv[2] ) )
  79                 return -2;
  80         return 0;
  81 }
  82 
  83 static int DoWriteCommand( int argc, char **argv, bool debugflag, char *exename )
     /* [<][>][^][v][top][bottom][index][help] */
  84 {
  85         FILE *f1;
  86         char *argfname;
  87         ELOG_TDB *etdb;
  88         NTSTATUS status;
  89 
  90         /* fixed constants are bad bad bad  */
  91         char linein[1024];
  92         bool is_eor;
  93         struct eventlog_Record_tdb ee;
  94         uint32_t record_number;
  95         TALLOC_CTX *mem_ctx = talloc_tos();
  96 
  97         f1 = stdin;
  98         if ( !f1 ) {
  99                 printf( "Can't open STDIN\n" );
 100                 return -1;
 101         }
 102 
 103         if ( debugflag ) {
 104                 printf( "Starting write for eventlog [%s]\n", argv[0] );
 105                 display_eventlog_names(  );
 106         }
 107 
 108         argfname = argv[0];
 109 
 110         if ( !( etdb = elog_open_tdb( argfname, False, False ) ) ) {
 111                 printf( "can't open the eventlog TDB (%s)\n", argfname );
 112                 return -1;
 113         }
 114 
 115         ZERO_STRUCT( ee );      /* MUST initialize between records */
 116 
 117         while ( !feof( f1 ) ) {
 118                 if (fgets( linein, sizeof( linein ) - 1, f1 ) == NULL) {
 119                         break;
 120                 }
 121                 linein[strlen( linein ) - 1] = 0;       /* whack the line delimiter */
 122 
 123                 if ( debugflag )
 124                         printf( "Read line [%s]\n", linein );
 125 
 126                 is_eor = False;
 127 
 128 
 129                 parse_logentry( mem_ctx, ( char * ) &linein, &ee, &is_eor );
 130                 /* should we do something with the return code? */
 131 
 132                 if ( is_eor ) {
 133                         fixup_eventlog_record_tdb( &ee );
 134 
 135                         if ( opt_debug )
 136                                 printf( "record number [%d], tg [%d] , tw [%d]\n",
 137                                         ee.record_number, (int)ee.time_generated, (int)ee.time_written );
 138 
 139                         if ( ee.time_generated != 0 ) {
 140 
 141                                 /* printf("Writing to the event log\n"); */
 142 
 143                                 status = evlog_push_record_tdb( mem_ctx, ELOG_TDB_CTX(etdb),
 144                                                                 &ee, &record_number );
 145                                 if ( !NT_STATUS_IS_OK(status) ) {
 146                                         printf( "Can't write to the event log: %s\n",
 147                                                 nt_errstr(status) );
 148                                 } else {
 149                                         if ( opt_debug )
 150                                                 printf( "Wrote record %d\n",
 151                                                         record_number );
 152                                 }
 153                         } else {
 154                                 if ( opt_debug )
 155                                         printf( "<null record>\n" );
 156                         }
 157                         ZERO_STRUCT( ee );      /* MUST initialize between records */
 158                 }
 159         }
 160 
 161         elog_close_tdb( etdb , False );
 162 
 163         return 0;
 164 }
 165 
 166 static int DoDumpCommand(int argc, char **argv, bool debugflag, char *exename)
     /* [<][>][^][v][top][bottom][index][help] */
 167 {
 168         ELOG_TDB *etdb;
 169         TALLOC_CTX *mem_ctx = talloc_tos();
 170         const char *tdb_filename;
 171         uint32_t count = 1;
 172 
 173         if (argc > 2) {
 174                 return -1;
 175         }
 176 
 177         tdb_filename = argv[0];
 178 
 179         if (argc > 1) {
 180                 count = atoi(argv[1]);
 181         }
 182 
 183         etdb = elog_open_tdb(argv[0], false, true);
 184         if (!etdb) {
 185                 printf("can't open the eventlog TDB (%s)\n", argv[0]);
 186                 return -1;
 187         }
 188 
 189         while (1) {
 190 
 191                 struct eventlog_Record_tdb *r;
 192                 char *s;
 193 
 194                 r = evlog_pull_record_tdb(mem_ctx, etdb->tdb, count);
 195                 if (!r) {
 196                         break;
 197                 }
 198 
 199                 printf("displaying record: %d\n", count);
 200 
 201                 s = NDR_PRINT_STRUCT_STRING(mem_ctx, eventlog_Record_tdb, r);
 202                 if (s) {
 203                         printf("%s\n", s);
 204                         talloc_free(s);
 205                 }
 206                 count++;
 207         }
 208 
 209         elog_close_tdb(etdb, false);
 210 
 211         return 0;
 212 }
 213 
 214 /* would be nice to use the popT stuff here, however doing so forces us to drag in a lot of other infrastructure */
 215 
 216 int main( int argc, char *argv[] )
     /* [<][>][^][v][top][bottom][index][help] */
 217 {
 218         int opt, rc;
 219         char *exename;
 220         TALLOC_CTX *frame = talloc_stackframe();
 221 
 222 
 223         fstring opname;
 224 
 225         load_case_tables();
 226 
 227         opt_debug = 0;          /* todo set this from getopts */
 228 
 229         lp_load(get_dyn_CONFIGFILE(), True, False, False, True);
 230 
 231         exename = argv[0];
 232 
 233         /* default */
 234 
 235         fstrcpy( opname, "write" );     /* the default */
 236 
 237 #if 0                           /* TESTING CODE */
 238         eventlog_add_source( "System", "TestSourceX", "SomeTestPathX" );
 239 #endif
 240         while ( ( opt = getopt( argc, argv, "dho:" ) ) != EOF ) {
 241                 switch ( opt ) {
 242 
 243                 case 'o':
 244                         fstrcpy( opname, optarg );
 245                         break;
 246 
 247                 case 'h':
 248                         usage( exename );
 249                         display_eventlog_names(  );
 250                         exit( 0 );
 251                         break;
 252 
 253                 case 'd':
 254                         opt_debug = 1;
 255                         break;
 256                 }
 257         }
 258 
 259         argc -= optind;
 260         argv += optind;
 261 
 262         if ( argc < 1 ) {
 263                 printf( "\nNot enough arguments!\n" );
 264                 usage( exename );
 265                 exit( 1 );
 266         }
 267 
 268         /*  note that the separate command types should call usage if they need to... */
 269         while ( 1 ) {
 270                 if ( !StrCaseCmp( opname, "addsource" ) ) {
 271                         rc = DoAddSourceCommand( argc, argv, opt_debug,
 272                                                  exename );
 273                         break;
 274                 }
 275                 if ( !StrCaseCmp( opname, "write" ) ) {
 276                         rc = DoWriteCommand( argc, argv, opt_debug, exename );
 277                         break;
 278                 }
 279                 if ( !StrCaseCmp( opname, "dump" ) ) {
 280                         rc = DoDumpCommand( argc, argv, opt_debug, exename );
 281                         break;
 282                 }
 283                 printf( "unknown command [%s]\n", opname );
 284                 usage( exename );
 285                 exit( 1 );
 286                 break;
 287         }
 288         TALLOC_FREE(frame);
 289         return rc;
 290 }

/* [<][>][^][v][top][bottom][index][help] */