OSSEC/lib/OSSEC/Log.pm

package OSSEC::Log;

# ABSTRACT: Module/class for simplifying logging of OSSEC log messages
use strict;
use warnings;
use Moose;
use DateTime;
use File::Basename;


=head1 DESCRIPTION

This Module/Class is part of the OSSEC distribution.
It simplifies logging to files, e.g. for active response. You are able
to use different logging types (info,error,fatal,debug) and select the file to log
to. See the methods below.

=cut

=attr ossecPath

base path to the ossec installation B<default> /var/ossec

Type: String

=cut
has 'ossecPath' => (is => 'rw', isa => 'Str' , default => "/var/ossec" );

=attr file

In which file to log the messages. The file should be given as the path relative to the
OSSEC configuration file.

Type: String

=cut
has 'file'      => (is => 'rw', isa => 'Str');


=method error

log error message

=over

=item B<Param1>=I<program name which is logging>

=item B<Param2>=I<the message to log>

=back

log->error("OSSEC-Jabber","alert not found");

=cut
sub error
{
  my $self      = shift;
  my $programm  = shift;
  my $message   = shift;

  $self->log("ERROR",$programm, $message);
}

=method fatal

log fatal message and die

=over

=item B<Param1>=I<program name which is logging>

=item B<Param2>=I<the message to log>

=back

log->fatal("OSSEC-Jabber","could not connect to mysql server");

=cut
sub fatal
{
  my $self      = shift;
  my $programm  = shift;
  my $message   = shift;

  $self->log("FATAL",$programm, $message);
  die;
}

=method info

log info message

=over

=item B<Param1>=I<program name which is logging>

=item B<Param2>=I<the message to log>

=back

log->info("OSSEC-Jabber","alert send");

=cut
sub info
{
  my $self      = shift;
  my $programm  = shift;
  my $message   = shift;

  $self->log("INFO",$programm, $message);
}

=method debug

log debug message

=over

=item B<Param1>=I<program name which is logging>

=item B<Param2>=I<the message to log>

=back

log->error("OSSEC-Jabber","found alert in database");

=cut
sub debug
{
  my $self      = shift;
  my $programm  = shift;
  my $message   = shift;

  $self->log("DEBUG",$programm, $message);
}


=method log

log messages to the logfile

=over

=item B<Param1>=I<Type of log message>

=item B<Param2>=I<program name which is logging>

=item B<Param3>=I<the message to log>

=back

=cut
sub log
{
  my $self      = shift;
  my $type      = shift;
  my $programm  = shift;
  my $message   = shift;

  # a logfile is required
  die("no logfile selected") unless $self->file();

  # create the full path to the file
  my $file      = $self->ossecPath() . "/" . $self->file();
  my $dir       = dirname($file);

  readpipe("mkdir -p $dir");

  my $dt = DateTime->now;

  # create the full log message
  my $msg = sprintf("%10s %8s - %5s - %20s - %s\n",$dt->ymd(), $dt->hms(), $type, $programm, $message);


  # open the logfile
  open(my $fh, ">>", $file);

  print $fh $msg;

  close $fh;

}

1;