[Sguil-cvs] sguil/server/lib SguildLoaderd.tcl,1.21,1.22
Status: Beta
Brought to you by:
bamm
From: Bamm V. <ba...@us...> - 2006-06-02 20:41:03
|
Update of /cvsroot/sguil/sguil/server/lib In directory sc8-pr-cvs8.sourceforge.net:/tmp/cvs-serv5144/lib Modified Files: SguildLoaderd.tcl Log Message: Store sancp files on the server until they can be loaded. Index: SguildLoaderd.tcl =================================================================== RCS file: /cvsroot/sguil/sguil/server/lib/SguildLoaderd.tcl,v retrieving revision 1.21 retrieving revision 1.22 diff -C2 -d -r1.21 -r1.22 *** SguildLoaderd.tcl 29 Nov 2005 22:41:39 -0000 1.21 --- SguildLoaderd.tcl 2 Jun 2006 20:40:57 -0000 1.22 *************** *** 53,56 **** --- 53,57 ---- fileevent $loaderdReadPipe readable [list SguildCmdRcvd $loaderdReadPipe] LogMessage "Loaderd Forked" + CheckLoaderDir } else { *************** *** 173,177 **** src_flags TINYINT UNSIGNED NOT NULL, \ dst_flags TINYINT UNSIGNED NOT NULL, \ ! INDEX p_key (sid,sancpid), INDEX src_ip (src_ip), \ INDEX dst_ip (dst_ip), \ --- 174,178 ---- src_flags TINYINT UNSIGNED NOT NULL, \ dst_flags TINYINT UNSIGNED NOT NULL, \ ! INDEX p_key (sid,sancpid), \ INDEX src_ip (src_ip), \ INDEX dst_ip (dst_ip), \ *************** *** 236,239 **** --- 237,244 ---- global LOADERD_DB_ID DBHOST + if { ![file exists $fileName] || ![file readable $fileName] } { + LogMessage "Non-fatal error: File $fileName does not exist or is not readable." + } + if { $DBHOST != "localhost" && $DBHOST != "127.0.0.1" } { set dbCmd "LOAD DATA CONCURRENT LOCAL INFILE '$fileName' INTO TABLE `$table`\ *************** *** 250,254 **** # Delete the tmpfile if [catch {file delete $fileName} tmpError] { ! ErrorMessage "ERROR: loaderd: $tmpError" } --- 255,259 ---- # Delete the tmpfile if [catch {file delete $fileName} tmpError] { ! LogMessage "ERROR: loaderd: $tmpError" } *************** *** 319,326 **** LoadFile $filename $tableName ! if [catch { puts $loaderdWritePipe [list ConfirmSancpFile $sensor [file tail $filename]] } tmpError] { ! LogMessage "ERROR: $tmpError" ! } if [catch {flush $loaderdWritePipe} tmpError] { LogMessage "ERROR: $tmpError" --- 324,332 ---- LoadFile $filename $tableName + file delete $filename ! #if [catch { puts $loaderdWritePipe [list ConfirmSancpFile $sensor [file tail $filename]] } tmpError] { ! # LogMessage "ERROR: $tmpError" ! #} if [catch {flush $loaderdWritePipe} tmpError] { LogMessage "ERROR: $tmpError" *************** *** 328,329 **** --- 334,366 ---- } + + proc CheckLoaderDir {} { + + global TMP_LOAD_DIR + + if { ![file exists $TMP_LOAD_DIR] } { file mkdir $TMP_LOAD_DIR } + + # Load SANCP files + foreach fileName [glob -nocomplain $TMP_LOAD_DIR/parsed.*] { + + set splitFile [split [file tail $fileName] .] + set sensorName [lindex $splitFile 1] + set date [lindex $splitFile 5] + LoadSancpFile $sensorName $fileName $date + + } + + + # Load portscan files + foreach fileName [glob -nocomplain $TMP_LOAD_DIR/*portscan_log*] { + + set splitFile [split [file tail $fileName] .] + set sensorName [lindex $splitFile 0] + LoadPSFile $sensorName $fileName + + } + + + after 5000 CheckLoaderDir + + } |