osquery-1/osquery/logger/logger.cpp

/*
 *  Copyright (c) 2014, Facebook, Inc.
 *  All rights reserved.
 *
 *  This source code is licensed under the BSD-style license found in the
 *  LICENSE file in the root directory of this source tree. An additional grant 
 *  of patent rights can be found in the PATENTS file in the same directory.
 *
 */

#include <algorithm>
#include <thread>

#include <glog/logging.h>

#include <osquery/flags.h>
#include <osquery/logger.h>
#include <osquery/logger/plugin.h>

using osquery::Status;

namespace osquery {

/// `log_receiver` defines the default log receiver plugin name.
DEFINE_osquery_flag(string,
                    log_receiver,
                    "filesystem",
                    "The upstream log receiver to log messages to.");

DEFINE_osquery_flag(bool,
                    log_result_events,
                    true,
                    "Log scheduled results as events.");

Status logString(const std::string& s) {
  return logString(s, FLAGS_log_receiver);
}

Status logString(const std::string& s, const std::string& receiver) {
  if (REGISTERED_LOGGER_PLUGINS.find(receiver) ==
      REGISTERED_LOGGER_PLUGINS.end()) {
    LOG(ERROR) << "Logger receiver " << receiver << " not found";
    return Status(1, "Logger receiver not found");
  }
  auto log_status = REGISTERED_LOGGER_PLUGINS.at(receiver)->logString(s);
  if (!log_status.ok()) {
    return log_status;
  }
  return Status(0, "OK");
}

Status logScheduledQueryLogItem(const osquery::ScheduledQueryLogItem& results) {
  return logScheduledQueryLogItem(results, FLAGS_log_receiver);
}

Status logScheduledQueryLogItem(const osquery::ScheduledQueryLogItem& results,
                                const std::string& receiver) {
  std::string json;
  Status status;
  if (FLAGS_log_result_events) {
    status = serializeScheduledQueryLogItemAsEventsJSON(results, json);
  } else {
    status = serializeScheduledQueryLogItemJSON(results, json);
  }
  if (!status.ok()) {
    return status;
  }
  return logString(json, receiver);
}
}
Updating the license comment to be the correct open source header As per t5494224, all of the license headers in osquery needed to be updated to reflect the correct open source header style. 2014-12-18 18:50:47 +00:00			`/*`
			`* Copyright (c) 2014, Facebook, Inc.`
			`* All rights reserved.`
			`*`
			`* This source code is licensed under the BSD-style license found in the`
			`* LICENSE file in the root directory of this source tree. An additional grant`
			`* of patent rights can be found in the PATENTS file in the same directory.`
			`*`
			`*/`
Initial commit 2014-07-31 00:35:19 +00:00
			`#include <algorithm>`
			`#include <thread>`

			`#include <glog/logging.h>`

Codemod to improve include search paths 2014-12-03 23:14:02 +00:00			`#include <osquery/flags.h>`
			`#include <osquery/logger.h>`
			`#include <osquery/logger/plugin.h>`
Log results as events 2014-10-24 22:02:27 +00:00
core/status to status and header cleanup 2014-08-05 23:13:55 +00:00			`using osquery::Status;`
Initial commit 2014-07-31 00:35:19 +00:00
Ran clang-format across the codebase 2014-08-15 07:25:30 +00:00			`namespace osquery {`
Initial commit 2014-07-31 00:35:19 +00:00
Changing flag infra, reducing config testing, adding debug macro 2014-10-27 16:34:13 +00:00			/// `log_receiver` defines the default log receiver plugin name.
			`DEFINE_osquery_flag(string,`
			`log_receiver,`
			`"filesystem",`
			`"The upstream log receiver to log messages to.");`
Initial commit 2014-07-31 00:35:19 +00:00
Changing flag infra, reducing config testing, adding debug macro 2014-10-27 16:34:13 +00:00			`DEFINE_osquery_flag(bool,`
			`log_result_events,`
			`true,`
			`"Log scheduled results as events.");`
Log results as events 2014-10-24 22:02:27 +00:00
Initial commit 2014-07-31 00:35:19 +00:00			`Status logString(const std::string& s) {`
			`return logString(s, FLAGS_log_receiver);`
			`}`

			`Status logString(const std::string& s, const std::string& receiver) {`
			`if (REGISTERED_LOGGER_PLUGINS.find(receiver) ==`
			`REGISTERED_LOGGER_PLUGINS.end()) {`
			`LOG(ERROR) << "Logger receiver " << receiver << " not found";`
			`return Status(1, "Logger receiver not found");`
			`}`
Ran clang-format across the codebase 2014-08-15 07:25:30 +00:00			`auto log_status = REGISTERED_LOGGER_PLUGINS.at(receiver)->logString(s);`
Initial commit 2014-07-31 00:35:19 +00:00			`if (!log_status.ok()) {`
			`return log_status;`
			`}`
			`return Status(0, "OK");`
			`}`

Periodic clang-format 2014-09-21 21:29:28 +00:00			`Status logScheduledQueryLogItem(const osquery::ScheduledQueryLogItem& results) {`
Initial commit 2014-07-31 00:35:19 +00:00			`return logScheduledQueryLogItem(results, FLAGS_log_receiver);`
			`}`

Periodic clang-format 2014-09-21 21:29:28 +00:00			`Status logScheduledQueryLogItem(const osquery::ScheduledQueryLogItem& results,`
			`const std::string& receiver) {`
Initial commit 2014-07-31 00:35:19 +00:00			`std::string json;`
Log results as events 2014-10-24 22:02:27 +00:00			`Status status;`
			`if (FLAGS_log_result_events) {`
			`status = serializeScheduledQueryLogItemAsEventsJSON(results, json);`
			`} else {`
			`status = serializeScheduledQueryLogItemJSON(results, json);`
			`}`
			`if (!status.ok()) {`
			`return status;`
Initial commit 2014-07-31 00:35:19 +00:00			`}`
			`return logString(json, receiver);`
			`}`
Ran clang-format across the codebase 2014-08-15 07:25:30 +00:00			`}`