[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.0beta2-239-g497575d
noreply at openinfosecfoundation.org
noreply at openinfosecfoundation.org
Thu Feb 6 15:29:03 UTC 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 497575d38ea1394b9c170da9b9c254594b1d284d (commit)
via 2200dd61a1c358486ac96427ca50096abcc978e5 (commit)
via 235cd0211a7f170af0a1efaaed21590a02d9e331 (commit)
from 1ac805f1b3018dad46e87eeb77fb8ee4116048fa (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 497575d38ea1394b9c170da9b9c254594b1d284d
Author: Ken Steele <ken at tilera.com>
Date: Tue Jan 7 12:56:07 2014 -0500
Add option on Tile-Gx for logging for fast.log alerts over PCIe
When running on a TILEncore-Gx PCIe card, setting the filetype of fast.log
to pcie, will open a connection over PCIe to a host application caleld
tile-pcie-logd, that receives the alert strings and writes them to a file
on the host. The file name to open is also passed over the PCIe link.
This allows running Suricata on the TILEncore-Gx PCIe card, but have the
alerts logged to the host system's file system efficiently. The PCIe API that
is used is the Tilera Packet Queue (PQ) API which can access PCIe from User
Space, thus avoiding system calls.
Created util-logopenfile-tile.c and util-logopen-tile.h for the TILE
specific PCIe logging functionality.
Using Write() and Close() function pointers in LogFileCtx, which
default to standard write and close for files and sockets, but are
changed to PCIe write and close functions when a PCIe channel is
openned for logging.
Moved Logging contex out of tm-modules.h into util-logopenfile.h,
where it makes more sense. This required including util-logopenfile.h
into a couple of alert-*.c files, which previously were getting the
definitions from tm-modules.h.
The source and Makefile for tile-pcie-logd are added in contrib/tile-pcie-logd.
By default, the file name for fast.log specified in suricata.yaml is used as
the filename on the host. An optional argument to tile-pcie-logd, --prefix=,
can be added to prepend the supplied file path. For example, is the file
in suricata.yaml is specified as "/var/log/fast.log" and --prefix="/tmp",
then the file will be written to "/tmp/var/log/fast.log".
Check for TILERA_ROOT environment variable before building tile_pcie_logd
Building tile_pcie_logd on x86 requires the Tilera MDE for its PCIe libraries
and API header files. Configure now checs for TILERA_ROOT before enabling
builing tile_pcie_logd in contrib/tile_pcie_logd
commit 2200dd61a1c358486ac96427ca50096abcc978e5
Author: Ken Steele <ken at tilera.com>
Date: Tue Jan 7 10:31:40 2014 -0500
Reduce time the file lock is held to write an alert to Fast.log
Generate the alert string into a temporary buffer before aquiring the
file lock. Only hold the file lock while writing the alert string to the
file.
In the case of multiple alerts, it would be better to generate all the
alerts, then aquire the lock once and write them all and then flush.
Changed PrintRawLineHexFp, which printed to a file, to PrintBufferRawLineHex,
that puts the same output into a string buffer. It was only used by fast.log.
commit 235cd0211a7f170af0a1efaaed21590a02d9e331
Author: Ken Steele <ken at tilera.com>
Date: Mon Jan 6 12:00:57 2014 -0500
Alert file formatting clean up.
Put { on new line for function declarations. Remove space after function
name.
Add static to unit tests delcaration.
-----------------------------------------------------------------------
Summary of changes:
configure.ac | 6 +-
contrib/Makefile.am | 2 +-
LICENSE => contrib/tile_pcie_logd/LICENSE | 0
contrib/tile_pcie_logd/Makefile.am | 14 +
contrib/tile_pcie_logd/README | 38 +++
contrib/tile_pcie_logd/tile_pcie_logd.c | 370 +++++++++++++++++++++
src/Makefile.am | 1 +
src/alert-debuglog.c | 2 +-
src/alert-debuglog.h | 2 +-
src/alert-fastlog.c | 79 +++--
src/alert-fastlog.h | 8 +-
src/alert-pcapinfo.c | 3 +-
src/alert-pcapinfo.h | 2 +-
src/alert-prelude.c | 77 +++---
src/alert-prelude.h | 2 +-
src/alert-syslog.c | 3 +-
src/alert-syslog.h | 4 +-
src/alert-unified2-alert.c | 42 ++-
src/alert-unified2-alert.h | 4 +-
src/output-json.h | 1 +
src/tm-modules.c | 50 +---
src/tm-modules.h | 34 +--
src/tm-threads-common.h | 2 -
src/util-error.c | 1 +
src/util-error.h | 3 +-
src/util-logopenfile-tile.c | 370 +++++++++++++++++++++
src/{alert-debuglog.h => util-logopenfile-tile.h} | 14 +-
src/util-logopenfile.c | 111 ++++++-
src/util-logopenfile.h | 45 +++-
src/util-print.c | 12 +-
src/util-print.h | 2 +-
31 files changed, 1096 insertions(+), 208 deletions(-)
copy LICENSE => contrib/tile_pcie_logd/LICENSE (100%)
create mode 100644 contrib/tile_pcie_logd/Makefile.am
create mode 100644 contrib/tile_pcie_logd/README
create mode 100644 contrib/tile_pcie_logd/tile_pcie_logd.c
create mode 100644 src/util-logopenfile-tile.c
copy src/{alert-debuglog.h => util-logopenfile-tile.h} (62%)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list