Merge branch 'json'

This commit is contained in:
yo 2023-09-10 15:19:33 +02:00
commit 2f1fc7e526
2 changed files with 1107 additions and 283 deletions

1358
libbsm.go

File diff suppressed because it is too large Load Diff

30
main.go
View File

@ -1,5 +1,7 @@
// Copyright 2021, johan@nosd.in // Copyright 2021, johan@nosd.in
//go:build freebsd
// +build freebsd // +build freebsd
// //
// godit is a search tool for BSM audit trails used by FreeBSD auditd // godit is a search tool for BSM audit trails used by FreeBSD auditd
// //
@ -31,27 +33,27 @@ import (
) )
const ( const (
version = "0.5.1" version = "5.9.9a"
) )
var ( var (
randFlag bool randFlag bool
showVersion bool showVersion bool
// Default delimiter // Default delimiter
delimiter = "," delimiter = ","
) )
func main() { func main() {
var flags int var flags int
var oneLine bool var oneLine bool
var noUserResolve bool var noUserResolve bool
var timestamp bool var timestamp bool
var json bool
pflag.BoolVarP(&oneLine, "oneline", "l", false, "Prints the entire record on the same line. If this option is not specified, every token is displayed on a different line.") pflag.BoolVarP(&oneLine, "oneline", "l", false, "Prints the entire record on the same line. If this option is not specified, every token is displayed on a different line.")
pflag.BoolVarP(&noUserResolve, "numeric", "n", false, "Do not convert user and group IDs to their names but leave in their numeric forms.") pflag.BoolVarP(&noUserResolve, "numeric", "n", false, "Do not convert user and group IDs to their names but leave in their numeric forms.")
pflag.BoolVarP(&timestamp, "timestamp", "t", false, "Print unix timestamp instead of formatted date/time.") pflag.BoolVarP(&json, "json", "j", false, "Print compact json")
pflag.BoolVarP(&showVersion, "version", "V", false, "Show version then exit") pflag.BoolVarP(&showVersion, "version", "V", false, "Show version then exit")
pflag.Parse() pflag.Parse()
@ -60,26 +62,22 @@ func main() {
fmt.Printf("Godit v%s\n", version) fmt.Printf("Godit v%s\n", version)
return return
} }
if oneLine { if oneLine {
flags = flags + PRT_ONELINE flags = flags + PRT_ONELINE
} }
if noUserResolve { if noUserResolve {
flags = flags + PRT_NORESOLVE_USER flags = flags + PRT_NORESOLVE_USER
} }
if timestamp { if timestamp {
flags = flags + PRT_TIMESTAMP flags = flags + PRT_TIMESTAMP
} }
if json {
flags |= PRT_JSON
}
args := os.Args args := os.Args
filename := args[len(args)-1] filename := args[len(args)-1]
/* fmt.Printf("Args: %s\n", args)
fmt.Printf("Filename: %s\n", filename)
*/
var f *os.File var f *os.File
var r *bufio.Reader var r *bufio.Reader
var err error var err error
@ -91,7 +89,7 @@ func main() {
f, err = os.Open(filename) f, err = os.Open(filename)
if err != nil { if err != nil {
fmt.Printf("Impossible d'ouvrir le fichier %s\n", filename) fmt.Printf("Impossible d'ouvrir le fichier %s\n", filename)
return os.Exit(-1)
} }
r = bufio.NewReader(f) r = bufio.NewReader(f)
} }
@ -102,7 +100,7 @@ func main() {
if err != nil { if err != nil {
if err != io.EOF { if err != io.EOF {
fmt.Printf("Erreur : %v\n", err) fmt.Printf("Erreur : %v\n", err)
} else { // v.0.4.2 : Continue on error } else { // v.0.4.2 : Continue on error
return return
} }
} }
@ -110,5 +108,3 @@ func main() {
} }
} }
} }