;; ! THIS FILE CONTAINS AN INITIALIZATION SCHEME FOR CONFIG READER ;; ! PLEASE DO NOT MODIFY THIS FILE (version 1000) (serializator "logsmon" ;; ---- MONITOR ;; ----- ACTION ;;; ---- VARs (procedure "v/int" (arg "l_int" (int))) (procedure "v/uint" (arg "l_uint" (uint))) (procedure "v/string" (arg "l_str" (string))) (procedure "v/bool" (arg "l_bool" (boolean))) ;; pub enum LdVarType ;; { ;; Uint(u64), ;; Int(i64), ;; String(String), ;; Bool(bool) ;; } (enum "LdVarType" ["v/uint" "v/string" "v/bool" "v/int"] (enum-opt-tuple "v/uint" "Uint" (enum-opt-fields (field anon (f/uint64 ["l_uint"])) ) ) (enum-opt-tuple "v/string" "String" (enum-opt-fields (field anon (f/string ["l_str"])) ) ) (enum-opt-tuple "v/bool" "Bool" (enum-opt-fields (field anon (f/boolean ["l_bool"])) ) ) (enum-opt-tuple "v/int" "Int" (enum-opt-fields (field anon (f/int64 ["l_int"])) ) ) ) (procedure "rulesets" (arg "l_rulesets" (vector (string))) ) (procedure "override/var" (arg "l_override_key" (string)) (proc "l_override_val" ["v/uint" "v/string" "v/bool" "v/int"]) ) (struct "LdMonFilActsOver" "override/var" (field "key" (f/string ["l_override_key"])) (field "val" (f/enum ["l_override_val"])) ) (procedure "action" (arg "l_act_name" (string)) (proc "l_act_rulesets" ["rulesets"] (proc-allow [optional])) (proc "l_act_override" ["override/var"] (proc-allow [optional collection])) ) (struct "LdMonFilActs" "action" (field "action_name" (f/string ["l_act_name"])) (field "rule_sets" (f/optional (f/vector (f/string ["l_act_rulesets" "l_rulesets"])))) (field "override_map" (f/optional (f/vector (f/struct ["l_act_override"])))) ) ;; ----- FILTER (procedure "search/window" (arg "l_searchwindow" (int)) ) (procedure "retry" (arg "l_retry" (uint)) ) (procedure "score" (arg "l_score" (uint)) ) (procedure "bantime" (arg "l_bantime" (int)) ) (procedure "ignore/hosts" (arg "l_ignore_hosts" (vector (string))) ) (procedure "ignore/users" (arg "l_ignore_users" (vector (string))) ) (procedure "use" (arg "l_over_use" (string)) ) ;; --- \ (procedure "set" (arg "l_set_title" (string)) (arg "l_set_list" (vector (string))) ) (procedure "uses" (proc "l_uses" ["set"] (proc-allow [collection optional])) ) (struct "LdFilterSets" "set" (field "title" (f/string ["l_set_title"])) (field "list" (f/hashset (f/string ["l_set_list"]))) ) ;; --- / (procedure "override/action" (arg "l_over_act" (boolean)) ) (procedure "filter" (arg "l_filter_label" (string)) (proc "l_filter_sw" ["search/window"] (proc-allow [optional])) (proc "l_filter_retry" ["retry"] (proc-allow [optional])) (proc "l_filter_score" ["score"] (proc-allow [optional])) (proc "l_filter_bantime" ["bantime"] (proc-allow [optional])) (proc "l_filter_ign_h" ["ignore/hosts"] (proc-allow [optional])) (proc "l_filter_ign_u" ["ignore/users"] (proc-allow [optional])) (proc "l_filter_over_use" ["use"] (proc-allow [optional])) (proc "l_filter_over_sets" ["uses"] (proc-allow [optional])) (proc "l_filter_over_act" ["override/action"] (proc-allow [optional])) (proc "l_filter_acttion" ["action"] (proc-allow [optional collection])) ) (struct "LdMonFilter" "filter" (field "filter_label" (f/string ["l_filter_label"])) (field "search_win" (f/optional (f/int64 ["l_filter_sw" "l_searchwindow"]))) (field "retry_cnt" (f/optional (f/uint64 ["l_filter_retry" "l_retry"]))) (field "max_score" (f/optional (f/uint64 ["l_filter_score" "l_score"]))) (field "ban_time" (f/optional (f/int64 ["l_filter_bantime" "l_bantime"]))) (field "ign_hosts" (f/optional (f/vector (f/string ["l_filter_ign_h" "l_ignore_hosts"])))) (field "ign_users" (f/optional (f/vector (f/string ["l_filter_ign_u" "l_ignore_users"])))) (field "over_use" (f/optional (f/string ["l_filter_over_use" "l_over_use"]))) (field "over_sets" (f/optional (f/hashset (f/struct ["l_filter_over_sets" "l_uses"])))) (field "over_acts" (f/optional (f/boolean ["l_filter_over_act" "l_over_act"]))) (field "actions_map" (f/optional (f/vector (f/struct ["l_filter_acttion"])))) ;(field "actions_map" (f/optional (f/vector (f/struct ["l_filter_acttion"])))) ) ;; --- MONITOR ;; ------ ENUM SYSLOG, PATH (procedure "udp" (arg "l_udp_src" (string)) (arg "l_udp_dst" (string)) ) (procedure "file" (arg "l_file_path" (string)) ) ;; --- / (procedure "filters" (arg "l_filters" (vector (string))) ) (procedure "monitor-file" (arg "l_mon_ov_name" (string)) (arg "l_file_path" (string)) (proc "l_mon_filters" ["filters"] (proc-allow [optional])) ) (procedure "files" (proc "l_files" ["monitor-file"] (proc-allow [collection])) ) ;; --- \ (struct "LdMonSourceFiles" "monitor-file" (field "monitor_name" (f/string ["l_mon_ov_name"])) (field "file_path" (f/string ["l_file_path"])) (field "filters" (f/optional (f/vector (f/string ["l_mon_filters" "l_filters"])))) ) (enum "LogDataSource" ["udp" "file" "files"] (enum-opt-struct "udp" "Udp" (enum-opt-fields (field "src" (f/string ["l_udp_src"])) (field "dst" (f/string ["l_udp_dst"])) ) ) (enum-opt-struct "file" "File" (enum-opt-fields (field "path" (f/string ["l_file_path"])) ) ) (enum-opt-struct "files" "Files" (enum-opt-fields (field "paths" (f/vector (f/struct ["l_files"]))) ) ) ) ;; ----- REST (procedure "logformat" (arg "l_logformat" (string)) ) (procedure "monitor" (arg "l_mon_title" (string)) (proc "l_mon_source" ["udp" "file" "files"]) (proc "l_mon_logformat" ["logformat"]) (proc "l_mon_filter" ["filter"] (proc-allow [collection])) ) (struct "LdMonitor" "monitor" (field "mon_name" (f/string ["l_mon_title"])) (field "log_source" (f/enum ["l_mon_source"])) (field "log_form_name" (f/string ["l_mon_logformat" "l_logformat"])) (field "filter_map" (f/vector (f/struct ["l_mon_filter"]))) ) (rootprocedure (proc "l_root_mons" ["monitor"] (proc-allow [collection])) ) (rootstruct "LdLogMonitors" (field "monitors" (f/vector (f/struct ["l_root_mons"]))) ) )