mirror of
https://github.com/valitydev/osquery-1.git
synced 2024-11-07 09:58:54 +00:00
c2019aa648
Summary: Pull Request resolved: https://github.com/facebook/osquery/pull/5485 Initial steps to separate plugins from the rest of osquery. On the long run separating plugins will provide more build flexibility such that we can have configurable builds that include only the bits and pieces we actually ne er deployment. Reducing the attack surface, possibility of supply chain attacks, binary size, etc. Move numeric monitoring Reviewed By: guliashvili Differential Revision: D14259758 fbshipit-source-id: 1016fc28a0052417d658b6ce1cb3368e56597a7b
46 lines
1.1 KiB
C++
46 lines
1.1 KiB
C++
/**
|
|
* Copyright (c) 2014-present, Facebook, Inc.
|
|
* All rights reserved.
|
|
*
|
|
* This source code is licensed in accordance with the terms specified in
|
|
* the LICENSE file found in the root directory of this source tree.
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include <fstream>
|
|
#include <functional>
|
|
#include <string>
|
|
#include <vector>
|
|
|
|
#include <boost/filesystem.hpp>
|
|
|
|
#include <osquery/numeric_monitoring/plugin_interface.h>
|
|
|
|
namespace osquery {
|
|
|
|
class NumericMonitoringFilesystemPlugin : public NumericMonitoringPlugin {
|
|
public:
|
|
explicit NumericMonitoringFilesystemPlugin();
|
|
explicit NumericMonitoringFilesystemPlugin(
|
|
boost::filesystem::path log_file_path);
|
|
|
|
Status call(const PluginRequest& request, PluginResponse& response) override;
|
|
|
|
Status setUp() override;
|
|
|
|
bool isSetUp() const;
|
|
|
|
private:
|
|
Status formTheLine(std::string& line, const PluginRequest& request) const;
|
|
|
|
private:
|
|
const std::vector<std::string> line_format_;
|
|
const std::string::value_type separator_;
|
|
const boost::filesystem::path log_file_path_;
|
|
std::ofstream output_file_stream_;
|
|
std::mutex output_file_mutex_;
|
|
};
|
|
|
|
} // namespace osquery
|