;; ! THIS FILE CONTAINS AN INITIALIZATION SCHEME FOR CONFIG READER ;; ! PLEASE DO NOT MODIFY THIS FILE (version 1000) (serializator "logsmon" ;; ---- MONITOR ;; ----- ACTION ;;; ---- VARs (procedure "v/int" (arg "l_int" int)) (procedure "v/uint" (arg "l_uint" uint)) (procedure "v/string" (arg "l_str" string)) (procedure "v/bool" (arg "l_bool" boolean)) ;; pub enum LdVarType ;; { ;; Uint(u64), ;; Int(i64), ;; String(String), ;; Bool(bool) ;; } (enum "LdVarType" '("v/uint" "v/string" "v/bool" "v/int") (enumopt "v/uint" "Uint" (vec (field anon (f/uint '("l_uint"))) ) ) (enumopt "v/string" "String" (vec (field anon (f/string '("l_str"))) ) ) (enumopt "v/bool" "Bool" (vec (field anon (f/boolean '("l_bool"))) ) ) (enumopt "v/int" "Int" (vec (field anon (f/int '("l_int"))) ) ) ) (procedure "rulesets" (arg "l_rulesets" vector string) ) (procedure "override/var" (arg "l_override_key" string) (proc "l_override_val" '("v/uint" "v/string" "v/bool" "v/int")) ) (struct "LdMonFilActsOver" "override/var" (field "key" (f/string '("l_override_key"))) (field "val" (f/enum '("l_override_val"))) ) (procedure "action" (arg "l_act_name" string) (proc "l_act_rulesets" '("rulesets") (allow '(optional))) (proc "l_act_override" '("override/var") (allow '(optional collection))) ) (struct "LdMonFilActs" "action" (field "action_name" (f/string '("l_act_name"))) (field "rule_sets" (f/optional) (f/vector (f/string '("l_act_rulesets" "l_rulesets")))) (field "override_map" (f/optional) (f/vector (f/struct '("l_act_override")))) ) ;; ----- FILTER (procedure "search/window" (arg "l_searchwindow" int) ) (procedure "retry" (arg "l_retry" uint) ) (procedure "score" (arg "l_score" uint) ) (procedure "bantime" (arg "l_bantime" int) ) (procedure "ignore/hosts" (arg "l_ignore_hosts" vector string) ) (procedure "ignore/users" (arg "l_ignore_users" vector string) ) (procedure "use" (arg "l_over_use" string) ) ;; --- \ (procedure "set" (arg "l_set_title" string) (arg "l_set_list" vector string) ) (procedure "uses" (proc "l_uses" '("set") (allow '(collection optional))) ) (struct "LdFilterSets" "set" (field "title" (f/string '("l_set_title"))) (field "list" (f/vector (vector/type hashset) (f/string '("l_set_list")) ) ) ) ;; --- / (procedure "override/action" (arg "l_over_act" boolean) ) (procedure "filter" (arg "l_filter_label" string) (proc "l_filter_sw" '("search/window") (allow '(optional))) (proc "l_filter_retry" '("retry") (allow '(optional))) (proc "l_filter_score" '("score") (allow '(optional))) (proc "l_filter_bantime" '("bantime") (allow '(optional))) (proc "l_filter_ign_h" '("ignore/hosts") (allow '(optional))) (proc "l_filter_ign_u" '("ignore/users") (allow '(optional))) (proc "l_filter_over_use" '("use") (allow '(optional))) (proc "l_filter_over_sets" '("uses") (allow '(optional))) (proc "l_filter_over_act" '("override/action") (allow '(optional))) (proc "l_filter_acttion" '("action") (allow '(optional collection))) ) (struct "LdMonFilter" "filter" (field "filter_label" (f/string '("l_filter_label"))) (field "search_win" (f/optional) (f/int '("l_filter_sw" "l_searchwindow"))) (field "retry_cnt" (f/optional) (f/uint '("l_filter_retry" "l_retry"))) (field "max_score" (f/optional) (f/uint '("l_filter_score" "l_score"))) (field "ban_time" (f/optional) (f/int '("l_filter_bantime" "l_bantime"))) (field "ign_hosts" (f/optional) (f/vector (f/string '("l_filter_ign_h" "l_ignore_hosts")))) (field "ign_users" (f/optional) (f/vector (f/string '("l_filter_ign_u" "l_ignore_users")))) (field "over_use" (f/optional) (f/string '("l_filter_over_use" "l_over_use"))) (field "over_sets" (f/optional) (f/vector (vector/type hashset) (f/struct '("l_filter_over_sets" "l_uses")) ) ) (field "over_acts" (f/optional) (f/boolean '("l_filter_over_act" "l_over_act"))) (field "actions_map" (f/optional) (f/vector (f/struct '("l_filter_acttion")))) ;(field "actions_map" (f/optional) (f/vector (f/struct '("l_filter_acttion")))) ) ;; --- MONITOR ;; ------ ENUM SYSLOG, PATH (procedure "udp" (arg "l_udp_src" string) (arg "l_udp_dst" string) ) (procedure "file" (arg "l_file_path" string) ) ;; --- / (procedure "filters" (arg "l_filters" vector string) ) (procedure "monitor-file" (arg "l_mon_ov_name" string) (arg "l_file_path" string) (proc "l_mon_filters" '("filters") (allow '(optional))) ) (procedure "files" (proc "l_files" '("monitor-file") (allow '(collection))) ) ;; --- \ (struct "LdMonSourceFiles" "monitor-file" (field "monitor_name" (f/string '("l_mon_ov_name"))) (field "file_path" (f/string '("l_file_path"))) (field "filters" (f/optional) (f/vector (f/string '("l_mon_filters" "l_filters")))) ) (enum "LogDataSource" '("udp" "file" "files") (enumopt "udp" "Udp" (struct none none (field "src" (f/string '("l_udp_src"))) (field "dst" (f/string '("l_udp_dst"))) ) ) (enumopt "file" "File" (struct none none (field "path" (f/string '("l_file_path"))) ) ) (enumopt "files" "Files" (struct none none (field "paths" (f/vector (f/struct '("l_files")))) ) ) ) ;; ----- REST (procedure "logformat" (arg "l_logformat" string) ) (procedure "monitor" (arg "l_mon_title" string) (proc "l_mon_source" '("udp" "file" "files")) (proc "l_mon_logformat" '("logformat")) (proc "l_mon_filter" '("filter") (allow '(collection))) ) (struct "LdMonitor" "monitor" (field "mon_name" (f/string '("l_mon_title"))) (field "log_source" (f/enum '("l_mon_source"))) (field "log_form_name" (f/string '("l_mon_logformat" "l_logformat"))) (field "filter_map" (f/vector (f/struct '("l_mon_filter")))) ) (rootprocedure (proc "l_root_mons" '("monitor") (allow '(collection))) ) (rootstruct "LdLogMonitors" (field "monitors" (f/vector (f/struct '("l_root_mons")))) ) )