ADD: basic logging infrastructure

This commit is contained in:
Dominik Meyer 2019-12-19 13:44:31 +01:00
parent 78e9535705
commit d57f1e182e
No known key found for this signature in database
GPG Key ID: B4C312B600606B64
4 changed files with 265 additions and 0 deletions

27
dist.ini Normal file
View File

@ -0,0 +1,27 @@
name = OSSEC
author = Domink Meyer <dmeyer@federationhq.de>
license = GPL_3
copyright_holder = Dominik Meyer
copyright_year = 2019
main_module = lib/OSSEC.pm
[@Basic]
[MetaResources]
repository.url = https://gitcloud.federationhq.de/OSSEC.git
repository.type = git
bugtracker.mailto = dmeyer@federationhq.de
[@Git]
[Git::NextVersion]
first_version = 0.1 ; this is the default
version_by_branch = 1 ; this is the default
[PkgVersion]
use_package = 1
[AutoPrereqs]
[PodWeaver]
[ChangelogFromGit]
[@TestingMania]
disable = Test::CPAN::Changes

23
lib/OSSEC.pm Normal file
View File

@ -0,0 +1,23 @@
package OSSEC;
# ABSTRACT: OSSEC -
use strict;
use warnings;
use Moose;
use OSSEC::Log;
has 'ossecPath' => (is => 'rw', isa => 'Str' , default => "/var/ossec" );
=method arLog
returns object to a ossec log object for loggin active response activity
=cut
sub arLog
{
my $self = shift;
return OSSEC::Log->new(ossecPath => $self->ossecPath(), file => "logs/active-responses.log");
}
1;

172
lib/OSSEC/Log.pm Normal file
View File

@ -0,0 +1,172 @@
package OSSEC::Log;
# ABSTRACT: OSSEC::Log - Module for logging OSSEC log messages
use strict;
use warnings;
use Moose;
use DateTime;
=attr ossecPath
base path to the ossec installation B<default> /var/ossec
=cut
has 'ossecPath' => (is => 'rw', isa => 'Str' , default => "/var/ossec" );
=attr file
in which file to log the messages
=cut
has 'file' => (is => 'rw', isa => 'Str');
=method error
log error message
=over
=item B<Param1>=I<program name which is logging>
=item B<Param2>=I<the message to log>
=back
log->error("OSSEC-Jabber","alert not found");
=cut
sub error
{
my $self = shift;
my $programm = shift;
my $message = shift;
$self->log("ERROR",$programm, $message);
}
=method fatal
log fatal message and die
=over
=item B<Param1>=I<program name which is logging>
=item B<Param2>=I<the message to log>
=back
log->fatal("OSSEC-Jabber","could not connect to mysql server");
=cut
sub fatal
{
my $self = shift;
my $programm = shift;
my $message = shift;
$self->log("FATAL",$programm, $message);
die;
}
=method info
log info message
=over
=item B<Param1>=I<program name which is logging>
=item B<Param2>=I<the message to log>
=back
log->info("OSSEC-Jabber","alert send");
=cut
sub info
{
my $self = shift;
my $programm = shift;
my $message = shift;
$self->log("INFO",$programm, $message);
}
=method debug
log debug message
=over
=item B<Param1>=I<program name which is logging>
=item B<Param2>=I<the message to log>
=back
log->error("OSSEC-Jabber","found alert in database");
=cut
sub debug
{
my $self = shift;
my $programm = shift;
my $message = shift;
$self->log("DEBUG",$programm, $message);
}
=method log
log messages to the logfile
=over
=item B<Param1>=I<Type of log message>
=item B<Param2>=I<program name which is logging>
=item B<Param3>=I<the message to log>
=back
=cut
sub log
{
my $self = shift;
my $type = shift;
my $programm = shift;
my $message = shift;
# a logfile is required
die("no logfile selected") unless $self->file();
# create the full path to the file
my $file = $self->ossecPath() . "/" . $self->file();
# open the logfile
open(my $fh1, ">>", "/tmp/log");
print $fh1 $file . "\n";
close $fh1;
my $dt = DateTime->now;
# create the full log message
my $msg = sprintf("%10s %8s - %5s - %20s - %s\n",$dt->ymd(), $dt->hms(), $type, $programm, $message);
# open the logfile
open(my $fh, ">>", $file);
print $fh $msg;
close $fh;
}
1;

43
t/90-logging.t Normal file
View File

@ -0,0 +1,43 @@
use 5.006;
use strict;
use warnings;
use Test::More;
use Test::Exception;
use OSSEC;
use File::Temp qw/ tempfile tempdir /;
#first create a tempdirectory where we put the logs
my $tempDir = tempdir( CLEANUP => 0);
#create basic directory hierarchy
readpipe("mkdir $tempDir" . "/logs");
my $ossec;
lives_ok( sub {
$ossec = OSSEC->new(ossecPath=>$tempDir);
});
my $log;
lives_ok( sub {
$log = $ossec->arLog();
});
lives_ok( sub {
$log->error("test app" , "this is a test");
});
dies_ok( sub {
$log->fatal("test app" , "this is a test");
});
lives_ok( sub {
$log->info("test app" , "this is a test");
});
lives_ok( sub {
$log->debug("test app" , "this is a test");
});
done_testing();