suricata
output-eve-null.c
Go to the documentation of this file.
1/* Copyright (C) 2023 Open Information Security Foundation
2 *
3 * You can copy, redistribute or modify this Program under the terms of
4 * the GNU General Public License version 2 as published by the Free
5 * Software Foundation.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * version 2 along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15 * 02110-1301, USA.
16 */
17
18/**
19 * \file
20 *
21 * \author Jeff Lucovsky <jlucovsky@oisf.net>
22 *
23 * File-like output for logging: null/discard device
24 */
25
26#include "suricata-common.h" /* errno.h, string.h, etc. */
27
28#include "output.h" /* DEFAULT_LOG_* */
29#include "output-eve-null.h"
30#include "output-eve.h"
31
32#ifdef OS_WIN32
33void NullLogInitialize(void)
34{
35}
36#else /* !OS_WIN32 */
37
38#define OUTPUT_NAME "nullsink"
39
40static int NullLogInit(const SCConfNode *conf, const bool threaded, void **init_data)
41{
42 *init_data = NULL;
43 return 0;
44}
45
46static int NullLogWrite(
47 const char *buffer, const int buffer_len, const void *init_data, void *thread_data)
48{
49 return 0;
50}
51
52static int NullLogThreadInit(const void *init_data, const ThreadId thread_id, void **thread_data)
53{
54 *thread_data = NULL;
55 return 0;
56}
57
58static void NullLogThreadDeInit(const void *init_data, void *thread_data)
59{
60}
61
62static void NullLogDeInit(void *init_data)
63{
64}
65
66void NullLogInitialize(void)
67{
68 SCLogDebug("Registering the %s logger", OUTPUT_NAME);
69
70 SCEveFileType *file_type = SCCalloc(1, sizeof(SCEveFileType));
71
72 if (file_type == NULL) {
73 FatalError("Unable to allocate memory for eve file type %s", OUTPUT_NAME);
74 }
75
76 file_type->name = OUTPUT_NAME;
77 file_type->Init = NullLogInit;
78 file_type->Deinit = NullLogDeInit;
79 file_type->Write = NullLogWrite;
80 file_type->ThreadInit = NullLogThreadInit;
81 file_type->ThreadDeinit = NullLogThreadDeInit;
82 if (!SCRegisterEveFileType(file_type)) {
83 FatalError("Failed to register EVE file type: %s", OUTPUT_NAME);
84 }
85}
86#endif /* !OS_WIN32 */
OUTPUT_NAME
#define OUTPUT_NAME
Definition output-eve-null.c:38
NullLogInitialize
void NullLogInitialize(void)
Definition output-eve-null.c:66
SCRegisterEveFileType
bool SCRegisterEveFileType(SCEveFileType *plugin)
Register an Eve file type.
Definition output-eve.c:100
output-eve.h
EVE logging subsystem.
ThreadId
uint32_t ThreadId
Definition output-eve.h:37
SCConfNode_
Definition conf.h:37
SCEveFileType_
Structure used to define an EVE output file type plugin.
Definition output-eve.h:74
SCEveFileType_::Deinit
void(* Deinit)(void *init_data)
Final call to deinitialize this filetype.
Definition output-eve.h:167
SCEveFileType_::Init
int(* Init)(const SCConfNode *conf, const bool threaded, void **init_data)
Function to initialize this filetype.
Definition output-eve.h:104
SCEveFileType_::Write
int(* Write)(const char *buffer, const int buffer_len, const void *init_data, void *thread_data)
Called for each EVE log record.
Definition output-eve.h:144
SCEveFileType_::ThreadDeinit
void(* ThreadDeinit)(const void *init_data, void *thread_data)
Called to deinitialize each thread.
Definition output-eve.h:157
SCEveFileType_::name
const char * name
The name of the output, used in the configuration.
Definition output-eve.h:89
SCEveFileType_::ThreadInit
int(* ThreadInit)(const void *init_data, const ThreadId thread_id, void **thread_data)
Initialize thread specific data.
Definition output-eve.h:125
FatalError
#define FatalError(...)
Definition util-debug.h:510
SCLogDebug
#define SCLogDebug(...)
Definition util-debug.h:275
SCCalloc
#define SCCalloc(nm, sz)
Definition util-mem.h:53