Compare commits

..

2 Commits

2 changed files with 98 additions and 32 deletions

View File

@ -156,7 +156,7 @@ type Record interface {
GetType() uint8
// Length()
LoadFromBinary(rdr *bufio.Reader) error
Print(*os.File, string, int)
Print(*bufio.Writer, string, int)
}
type Header32 struct {
@ -605,7 +605,7 @@ func (h *Header32) LoadFromBinary(rdr *bufio.Reader) error {
static void
print_header32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
*/
func (h *Header32) Print(file *os.File, delimiter string, flags int) {
func (h *Header32) Print(file *bufio.Writer, delimiter string, flags int) {
var timeval string
if PRT_TIMESYSLOG23 == flags&PRT_TIMESYSLOG23 {
timeval = time.Unix((int64)(h.S), 0).Add(time.Millisecond * (time.Duration)(h.Msec)).Format("2006-01-02T15:04:05.000Z07:00")
@ -704,7 +704,7 @@ func (e *ExecArg) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (e *ExecArg) Print(file *os.File, delimiter string, flags int) {
func (e *ExecArg) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
// We don't need no count, bc we reconstiture command line
printable := struct {
@ -770,7 +770,7 @@ func (p *Path) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (p *Path) Print(file *os.File, delimiter string, flags int) {
func (p *Path) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
// We don't need no length
printable := struct {
@ -847,7 +847,7 @@ func (a *Attribute32) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (a *Attribute32) Print(file *os.File, delimiter string, flags int) {
func (a *Attribute32) Print(file *bufio.Writer, delimiter string, flags int) {
var user string
var group string
@ -952,7 +952,7 @@ func (a *Attribute64) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (a *Attribute64) Print(file *os.File, delimiter string, flags int) {
func (a *Attribute64) Print(file *bufio.Writer, delimiter string, flags int) {
var user string
var group string
// TODO : resolve Uid and Gid (also support domain accounts)
@ -1082,7 +1082,7 @@ func (s *Subject32) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (s *Subject32) Print(file *os.File, delimiter string, flags int) {
func (s *Subject32) Print(file *bufio.Writer, delimiter string, flags int) {
var auser string
var euser string
var egroup string
@ -1225,7 +1225,7 @@ func (p *Process32) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (p *Process32) Print(file *os.File, delimiter string, flags int) {
func (p *Process32) Print(file *bufio.Writer, delimiter string, flags int) {
var auser string
var euser string
var egroup string
@ -1386,7 +1386,7 @@ func (s *Subject32Ex) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (s *Subject32Ex) Print(file *os.File, delimiter string, flags int) {
func (s *Subject32Ex) Print(file *bufio.Writer, delimiter string, flags int) {
var auser string
var euser string
var egroup string
@ -1558,7 +1558,7 @@ func (p *Process32Ex) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (p *Process32Ex) Print(file *os.File, delimiter string, flags int) {
func (p *Process32Ex) Print(file *bufio.Writer, delimiter string, flags int) {
var auser string
var euser string
var egroup string
@ -1714,7 +1714,7 @@ func (s *Subject64) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (s *Subject64) Print(file *os.File, delimiter string, flags int) {
func (s *Subject64) Print(file *bufio.Writer, delimiter string, flags int) {
var auser string
var euser string
var egroup string
@ -1857,7 +1857,7 @@ func (p *Process64) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (p *Process64) Print(file *os.File, delimiter string, flags int) {
func (p *Process64) Print(file *bufio.Writer, delimiter string, flags int) {
var auser string
var euser string
var egroup string
@ -2017,7 +2017,7 @@ func (s *Subject64Ex) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (s *Subject64Ex) Print(file *os.File, delimiter string, flags int) {
func (s *Subject64Ex) Print(file *bufio.Writer, delimiter string, flags int) {
var auser string
var euser string
var egroup string
@ -2189,7 +2189,7 @@ func (p *Process64Ex) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (p *Process64Ex) Print(file *os.File, delimiter string, flags int) {
func (p *Process64Ex) Print(file *bufio.Writer, delimiter string, flags int) {
var auser string
var euser string
var egroup string
@ -2308,7 +2308,7 @@ func (r *Return32) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (r *Return32) Print(file *os.File, delimiter string, flags int) {
func (r *Return32) Print(file *bufio.Writer, delimiter string, flags int) {
var errMsg string
errNo, err := lookupErrno(r.Status)
if err == nil {
@ -2369,7 +2369,7 @@ func (r *Return64) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (r *Return64) Print(file *os.File, delimiter string, flags int) {
func (r *Return64) Print(file *bufio.Writer, delimiter string, flags int) {
var errMsg string
errNo, err := lookupErrno(r.Status)
if err == nil {
@ -2430,7 +2430,7 @@ func (t *Trailer) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (t *Trailer) Print(file *os.File, delimiter string, flags int) {
func (t *Trailer) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
printable := struct {
Count uint32 `json:"length"` // Effective user ID
@ -2493,7 +2493,7 @@ func (a *Arg32) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (a *Arg32) Print(file *os.File, delimiter string, flags int) {
func (a *Arg32) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
printable := struct {
Count uint32 `json:"count"` // Effective user ID
@ -2563,7 +2563,7 @@ func (a *Arg64) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (a *Arg64) Print(file *os.File, delimiter string, flags int) {
func (a *Arg64) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
printable := struct {
Count uint32 `json:"count"` // Effective user ID
@ -2667,7 +2667,7 @@ func (s *SocketEx) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (s *SocketEx) Print(file *os.File, delimiter string, flags int) {
func (s *SocketEx) Print(file *bufio.Writer, delimiter string, flags int) {
var lip string
var rip string
if s.AddrType == ISIPV4 {
@ -2732,7 +2732,7 @@ func (s *SockInet32) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (s *SockInet32) Print(file *os.File, delimiter string, flags int) {
func (s *SockInet32) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
printable := struct {
Family uint16 `json:"family"`
@ -2794,7 +2794,7 @@ func (s *SockInet128) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (s *SockInet128) Print(file *os.File, delimiter string, flags int) {
func (s *SockInet128) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
printable := struct {
Family uint16 `json:"family"`
@ -2852,7 +2852,7 @@ func (s *SockUnix) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (s *SockUnix) Print(file *os.File, delimiter string, flags int) {
func (s *SockUnix) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
printable := struct {
Family uint16 `json:"family"`
@ -2905,7 +2905,7 @@ func (e *Exit) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (e *Exit) Print(file *os.File, delimiter string, flags int) {
func (e *Exit) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
j, err := json.Marshal(e)
if err != nil {
@ -2953,7 +2953,7 @@ func (t *Text) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (t *Text) Print(file *os.File, delimiter string, flags int) {
func (t *Text) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
j, err := json.Marshal(t)
if err != nil {
@ -3001,7 +3001,7 @@ func (z *ZoneName) LoadFromBinary(rdr *bufio.Reader) error {
return nil
}
func (z *ZoneName) Print(file *os.File, delimiter string, flags int) {
func (z *ZoneName) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
printable := struct {
Name string `json:"name"`
@ -3103,7 +3103,7 @@ func (c *Capabilities) MarshalJSON() ([]byte, error) {
return json.Marshal(cJSON)
}
func (r *Rights) Print(file *os.File, delimiter string, flags int) {
func (r *Rights) Print(file *bufio.Writer, delimiter string, flags int) {
if flags&PRT_JSON == PRT_JSON {
// Do not print Rights.Length, only capabilities array
j, err := json.Marshal(r.Rights)

76
main.go
View File

@ -27,13 +27,16 @@ import (
"io"
"os"
"fmt"
"sync"
"bufio"
"strings"
"syscall"
"os/signal"
"github.com/spf13/pflag"
)
const (
version = "0.6.1"
version = "0.6.2"
)
var (
@ -42,19 +45,43 @@ var (
// Default delimiter
delimiter = ","
Writer *bufio.Writer
)
func NewWriter(file string) (*bufio.Writer, *os.File, error) {
if len(file) > 0 {
var f *os.File
var err error
f, err = os.OpenFile(file, os.O_CREATE|os.O_WRONLY, 0640)
if err != nil {
return nil, nil, err
}
Writer = bufio.NewWriter(f)
return Writer, f, nil
} else {
Writer = bufio.NewWriter(os.Stdout)
return Writer, nil, nil
}
}
func main() {
var flags int
var oneLine bool
var noUserResolve bool
var syslog23 bool
var json bool
var outputFile string
// Output file mutex
var outfMtx sync.Mutex
var outFile *os.File
pflag.BoolVarP(&oneLine, "oneline", "l", false, "Prints the entire record on the same line")
pflag.BoolVarP(&noUserResolve, "numeric", "n", false, "Do not convert user and group IDs to their names but leave in their numeric forms")
pflag.BoolVarP(&json, "json", "j", false, "Print compact json")
pflag.BoolVarP(&syslog23, "syslog23", "s", false, "Print time as \"2006-01-02T15:04:05.000Z07:00\", RFC339 with ms, also used on RSYSLOG_SyslogProtocol23Format. \"msec\" field will not be print in json output")
pflag.StringVarP(&outputFile, "out", "o", "", "Output to file, overwrite existing. File will be re-opened receiving SIGUSR1.")
pflag.BoolVarP(&showVersion, "version", "V", false, "Show version and exit")
var Usage = func() {
@ -90,9 +117,35 @@ func main() {
}
filename := args[len(args)-1]
// Get a writer, file or stdout
_, outFile, err := NewWriter(outputFile)
if err != nil {
fmt.Fprintf(os.Stderr, "%v\n", err)
os.Exit(1)
}
if len(outputFile) > 0 {
// Manage output file rotation when receiving SIGUSR1
sig := make(chan os.Signal)
signal.Notify(sig, syscall.SIGUSR1)
go func() {
for {
<-sig
outfMtx.Lock()
fmt.Println("SIGUSR1 received, recreating output file")
outFile.Close()
_, outFile, err = NewWriter(outputFile)
if err != nil {
outfMtx.Unlock()
fmt.Fprintf(os.Stderr, "%v\n", err)
os.Exit(1)
}
outfMtx.Unlock()
}
}()
}
var f *os.File
var r *bufio.Reader
var err error
if len(filename) > 0 {
// If arg is "-", open stdin to read content
if true == strings.EqualFold(filename, "-") {
@ -100,13 +153,12 @@ func main() {
} else {
f, err = os.Open(filename)
if err != nil {
fmt.Printf("Impossible d'ouvrir le fichier %s\n", filename)
fmt.Fprintf(os.Stderr, "Impossible d'ouvrir le fichier %s\n", filename)
os.Exit(-1)
}
r = bufio.NewReader(f)
}
//for i := 0 ; i < 20 ; i++ {
for {
rec, err := readRecordToStruct(r)
if err != nil {
@ -116,7 +168,21 @@ func main() {
return
}
}
rec.Print(os.Stdout, ",", flags)
if len(outputFile) > 0 {
outfMtx.Lock()
rec.Print(Writer, ",", flags)
Writer.Flush() // Performance ?
outfMtx.Unlock()
} else {
// No need for mutex with stdout
rec.Print(Writer, ",", flags)
}
}
}
if len(outputFile) > 0 && outFile != nil {
outfMtx.Lock()
outFile.Close()
outfMtx.Unlock()
}
}