GPG Key ID:
B4C312B600606B64
4 changed files with 265 additions and 0 deletions
@ -0,0 +1,27 @@
@@ -0,0 +1,27 @@
|
||||
name = OSSEC |
||||
author = Domink Meyer <dmeyer@federationhq.de> |
||||
license = GPL_3 |
||||
copyright_holder = Dominik Meyer |
||||
copyright_year = 2019 |
||||
|
||||
main_module = lib/OSSEC.pm |
||||
|
||||
[@Basic] |
||||
|
||||
[MetaResources] |
||||
repository.url = https://gitcloud.federationhq.de/OSSEC.git |
||||
repository.type = git |
||||
bugtracker.mailto = dmeyer@federationhq.de |
||||
|
||||
[@Git] |
||||
[Git::NextVersion] |
||||
first_version = 0.1 ; this is the default |
||||
version_by_branch = 1 ; this is the default |
||||
[PkgVersion] |
||||
use_package = 1 |
||||
|
||||
[AutoPrereqs] |
||||
[PodWeaver] |
||||
[ChangelogFromGit] |
||||
[@TestingMania] |
||||
disable = Test::CPAN::Changes |
||||
@ -0,0 +1,23 @@
@@ -0,0 +1,23 @@
|
||||
package OSSEC; |
||||
|
||||
# ABSTRACT: OSSEC - |
||||
use strict; |
||||
use warnings; |
||||
use Moose; |
||||
use OSSEC::Log; |
||||
|
||||
has 'ossecPath' => (is => 'rw', isa => 'Str' , default => "/var/ossec" ); |
||||
|
||||
=method arLog |
||||
|
||||
returns object to a ossec log object for loggin active response activity |
||||
|
||||
=cut |
||||
sub arLog |
||||
{ |
||||
my $self = shift; |
||||
|
||||
return OSSEC::Log->new(ossecPath => $self->ossecPath(), file => "logs/active-responses.log"); |
||||
} |
||||
|
||||
1; |
||||
@ -0,0 +1,172 @@
@@ -0,0 +1,172 @@
|
||||
package OSSEC::Log; |
||||
|
||||
# ABSTRACT: OSSEC::Log - Module for logging OSSEC log messages |
||||
use strict; |
||||
use warnings; |
||||
use Moose; |
||||
use DateTime; |
||||
|
||||
=attr ossecPath |
||||
|
||||
base path to the ossec installation B<default> /var/ossec |
||||
|
||||
=cut |
||||
has 'ossecPath' => (is => 'rw', isa => 'Str' , default => "/var/ossec" ); |
||||
|
||||
=attr file |
||||
|
||||
in which file to log the messages |
||||
|
||||
=cut |
||||
has 'file' => (is => 'rw', isa => 'Str'); |
||||
|
||||
|
||||
=method error |
||||
|
||||
log error message |
||||
|
||||
=over |
||||
|
||||
=item B<Param1>=I<program name which is logging> |
||||
|
||||
=item B<Param2>=I<the message to log> |
||||
|
||||
=back |
||||
|
||||
log->error("OSSEC-Jabber","alert not found"); |
||||
|
||||
=cut |
||||
sub error |
||||
{ |
||||
my $self = shift; |
||||
my $programm = shift; |
||||
my $message = shift; |
||||
|
||||
$self->log("ERROR",$programm, $message); |
||||
} |
||||
|
||||
=method fatal |
||||
|
||||
log fatal message and die |
||||
|
||||
=over |
||||
|
||||
=item B<Param1>=I<program name which is logging> |
||||
|
||||
=item B<Param2>=I<the message to log> |
||||
|
||||
=back |
||||
|
||||
log->fatal("OSSEC-Jabber","could not connect to mysql server"); |
||||
|
||||
=cut |
||||
sub fatal |
||||
{ |
||||
my $self = shift; |
||||
my $programm = shift; |
||||
my $message = shift; |
||||
|
||||
$self->log("FATAL",$programm, $message); |
||||
die; |
||||
} |
||||
|
||||
=method info |
||||
|
||||
log info message |
||||
|
||||
=over |
||||
|
||||
=item B<Param1>=I<program name which is logging> |
||||
|
||||
=item B<Param2>=I<the message to log> |
||||
|
||||
=back |
||||
|
||||
log->info("OSSEC-Jabber","alert send"); |
||||
|
||||
=cut |
||||
sub info |
||||
{ |
||||
my $self = shift; |
||||
my $programm = shift; |
||||
my $message = shift; |
||||
|
||||
$self->log("INFO",$programm, $message); |
||||
} |
||||
|
||||
=method debug |
||||
|
||||
log debug message |
||||
|
||||
=over |
||||
|
||||
=item B<Param1>=I<program name which is logging> |
||||
|
||||
=item B<Param2>=I<the message to log> |
||||
|
||||
=back |
||||
|
||||
log->error("OSSEC-Jabber","found alert in database"); |
||||
|
||||
=cut |
||||
sub debug |
||||
{ |
||||
my $self = shift; |
||||
my $programm = shift; |
||||
my $message = shift; |
||||
|
||||
$self->log("DEBUG",$programm, $message); |
||||
} |
||||
|
||||
|
||||
=method log |
||||
|
||||
log messages to the logfile |
||||
|
||||
=over |
||||
|
||||
=item B<Param1>=I<Type of log message> |
||||
|
||||
=item B<Param2>=I<program name which is logging> |
||||
|
||||
=item B<Param3>=I<the message to log> |
||||
|
||||
=back |
||||
|
||||
=cut |
||||
sub log |
||||
{ |
||||
my $self = shift; |
||||
my $type = shift; |
||||
my $programm = shift; |
||||
my $message = shift; |
||||
|
||||
# a logfile is required |
||||
die("no logfile selected") unless $self->file(); |
||||
|
||||
# create the full path to the file |
||||
my $file = $self->ossecPath() . "/" . $self->file(); |
||||
|
||||
# open the logfile |
||||
open(my $fh1, ">>", "/tmp/log"); |
||||
|
||||
print $fh1 $file . "\n"; |
||||
|
||||
close $fh1; |
||||
|
||||
my $dt = DateTime->now; |
||||
|
||||
# create the full log message |
||||
my $msg = sprintf("%10s %8s - %5s - %20s - %s\n",$dt->ymd(), $dt->hms(), $type, $programm, $message); |
||||
|
||||
|
||||
# open the logfile |
||||
open(my $fh, ">>", $file); |
||||
|
||||
print $fh $msg; |
||||
|
||||
close $fh; |
||||
|
||||
} |
||||
|
||||
1; |
||||
@ -0,0 +1,43 @@
@@ -0,0 +1,43 @@
|
||||
use 5.006; |
||||
use strict; |
||||
use warnings; |
||||
use Test::More; |
||||
use Test::Exception; |
||||
use OSSEC; |
||||
use File::Temp qw/ tempfile tempdir /; |
||||
|
||||
|
||||
#first create a tempdirectory where we put the logs |
||||
my $tempDir = tempdir( CLEANUP => 0); |
||||
|
||||
#create basic directory hierarchy |
||||
readpipe("mkdir $tempDir" . "/logs"); |
||||
|
||||
my $ossec; |
||||
lives_ok( sub { |
||||
$ossec = OSSEC->new(ossecPath=>$tempDir); |
||||
}); |
||||
|
||||
my $log; |
||||
lives_ok( sub { |
||||
$log = $ossec->arLog(); |
||||
}); |
||||
|
||||
lives_ok( sub { |
||||
$log->error("test app" , "this is a test"); |
||||
}); |
||||
|
||||
dies_ok( sub { |
||||
$log->fatal("test app" , "this is a test"); |
||||
}); |
||||
|
||||
lives_ok( sub { |
||||
$log->info("test app" , "this is a test"); |
||||
}); |
||||
|
||||
lives_ok( sub { |
||||
$log->debug("test app" , "this is a test"); |
||||
}); |
||||
|
||||
|
||||
done_testing(); |
||||
Loading…
Reference in new issue