diff --git a/libbsm.go b/libbsm.go index 5e1376f..be146f5 100644 --- a/libbsm.go +++ b/libbsm.go @@ -412,14 +412,17 @@ func getGroupNameByGid(gid uint32) (group, error) { func getEventName(event uint16) (string,error) { if len(gEventDB) == 0 { - loadEventDB() + err := loadEventDB() + if err != nil { + fmt.Printf("%v\n", err) + } } for _, ev := range gEventDB { if ev.Type == int(event) { return ev.Desc, nil } } - return "", fmt.Errorf("Event ID not found: %x\n", event) + return "", fmt.Errorf("Event ID not found: %d\n", event) } // We load the entire file in memory @@ -438,30 +441,43 @@ func loadEventDB() error { continue } eventStr := strings.Split(line, ":") - if len(eventStr) != 4 { + // Wait for https://github.com/openbsm/openbsm/pull/75 + //if len(eventStr) != 4 { + if (len(eventStr) != 4 && eventStr[0] != "43082") || (len(eventStr) == 5 && eventStr[0] != "43082") { continue } - t, _ := strconv.Atoi(eventStr[0]) - gEventDB = append(gEventDB, event{Type: t, - Name: eventStr[1], - Desc: eventStr[2], - Class: eventStr[3],}) + t, err := strconv.Atoi(eventStr[0]) + if err != nil { + return fmt.Errorf("Unable to convert to int: %v\n", eventStr[0]) + } + // Wait for https://github.com/openbsm/openbsm/pull/75 + if t == 43082 && (len(eventStr) == 5) { + gEventDB = append(gEventDB, event{Type: t, + Name: eventStr[1], + Desc: eventStr[3], + Class: eventStr[4],}) + } else { + gEventDB = append(gEventDB, event{Type: t, + Name: eventStr[1], + Desc: eventStr[2], + Class: eventStr[3],}) + } } return nil } func PrintIpv4FromInt(ipv4int uint32) string { return fmt.Sprintf("%d.%d.%d.%d", ipv4int & 0xFF000000 >> 24, ipv4int & 0x00FF0000 >> 16, - ipv4int & 0x0000FF00 >> 8, ipv4int & 0x000000FF) + ipv4int & 0x0000FF00 >> 8, ipv4int & 0x000000FF) } func PrintIpv6FromInt(ipv6int [4]uint32) string { //return fmt.Sprintf("%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x", return fmt.Sprintf("%x:%x:%x:%x:%x:%x:%x:%x", - ipv6int[0] & 0xFFFF0000 >> 16, ipv6int[0] & 0x0000FFFF, - ipv6int[1] & 0xFFFF0000 >> 16, ipv6int[1] & 0x0000FFFF, - ipv6int[2] & 0xFFFF0000 >> 16, ipv6int[2] & 0x0000FFFF, - ipv6int[3] & 0xFFFF0000 >> 16, ipv6int[3] & 0x0000FFFF) + ipv6int[0] & 0xFFFF0000 >> 16, ipv6int[0] & 0x0000FFFF, + ipv6int[1] & 0xFFFF0000 >> 16, ipv6int[1] & 0x0000FFFF, + ipv6int[2] & 0xFFFF0000 >> 16, ipv6int[2] & 0x0000FFFF, + ipv6int[3] & 0xFFFF0000 >> 16, ipv6int[3] & 0x0000FFFF) } /* Records structs implementation */ @@ -521,11 +537,14 @@ func (h *Header32) Print(file *os.File, delimiter string, flags int) { t := time.Unix((int64)(h.S), 0) timeval = t.Format(time.UnixDate) } - // We dont care for error - evdesc, _ := getEventName(h.E_type) + evdesc, err := getEventName(h.E_type) + if err != nil { + fmt.Printf("%v\n", err) + return + } fmt.Fprintf(file, "header%s%d%s%d%s%s%s%v%s%s%s%d", delimiter, h.Size, delimiter, h.Version, delimiter, - //h.E_type, delimiter, h.E_mod, delimiter, t.Format(time.UnixDate), delimiter, h.Msec) - evdesc, delimiter, h.E_mod, delimiter, timeval, delimiter, h.Msec) + //h.E_type, delimiter, h.E_mod, delimiter, t.Format(time.UnixDate), delimiter, h.Msec) + evdesc, delimiter, h.E_mod, delimiter, timeval, delimiter, h.Msec) if 0 == (flags & PRT_ONELINE) { fmt.Fprintf(file, "\n") } else {