Changeset 24f7192 in nscp for trunk/modules/CheckEventLog
- Timestamp:
- 07/11/05 21:55:28 (8 years ago)
- Children:
- 237da21
- Parents:
- e93e741
- Location:
- trunk/modules/CheckEventLog
- Files:
-
- 3 edited
-
CheckEventLog.cpp (modified) (8 diffs)
-
CheckEventLog.def (modified) (1 diff)
-
CheckEventLog.h (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/modules/CheckEventLog/CheckEventLog.cpp
rf896cfb r24f7192 28 28 } 29 29 30 std::string CheckEventLog::getModuleName() {31 return "Event log Checker.";32 }33 NSCModuleWrapper::module_version CheckEventLog::getModuleVersion() {34 NSCModuleWrapper::module_version version = {0, 0, 1 };35 return version;36 }37 38 30 bool CheckEventLog::hasCommandHandler() { 39 31 return true; … … 42 34 return false; 43 35 } 36 44 37 45 38 … … 49 42 EventLogRecord(EVENTLOGRECORD *pevlr) : pevlr_(pevlr) { 50 43 } 51 inline DWORD timeGenerated() {44 inline DWORD timeGenerated() const { 52 45 return pevlr_->TimeGenerated; 53 46 } 54 inline DWORD timeWritten() {47 inline DWORD timeWritten() const { 55 48 return pevlr_->TimeWritten; 56 49 } 57 inline std::string eventSource() {50 inline std::string eventSource() const { 58 51 return reinterpret_cast<LPSTR>(reinterpret_cast<LPBYTE>(pevlr_) + sizeof(EVENTLOGRECORD)); 59 52 } 60 53 61 inline DWORD eventType() {54 inline DWORD eventType() const { 62 55 return pevlr_->EventType; 63 56 } 64 65 std::string enumStrings() { 57 /* 58 std::string userSID() const { 59 if (pevlr_->UserSidOffset == 0) 60 return ""; 61 PSID p = reinterpret_cast<PSID>(reinterpret_cast<LPBYTE>(pevlr_) + + pevlr_->UserSidOffset); 62 LPSTR user = new CHAR[1025]; 63 LPSTR domain = new CHAR[1025]; 64 DWORD userLen = 1024; 65 DWORD domainLen = 1024; 66 SID_NAME_USE sidName; 67 LookupAccountSid(NULL, p, user, &userLen, domain, &domainLen, &sidName); 68 user[userLen] = 0; 69 domain[domainLen] = 0; 70 return std::string(domain) + "\\" + std::string(user); 71 } 72 */ 73 74 std::string enumStrings() const { 66 75 std::string ret; 67 76 LPSTR p = reinterpret_cast<LPSTR>(reinterpret_cast<LPBYTE>(pevlr_) + pevlr_->StringOffset); … … 93 102 if (sType == "auditFailure") 94 103 return EVENTLOG_AUDIT_FAILURE; 95 return 0; 104 return strEx::stoi(sType); 105 } 106 static std::string translateType(DWORD dwType) { 107 if (dwType == EVENTLOG_ERROR_TYPE) 108 return "error"; 109 if (dwType == EVENTLOG_WARNING_TYPE) 110 return "warning"; 111 if (dwType == EVENTLOG_INFORMATION_TYPE) 112 return "info"; 113 if (dwType == EVENTLOG_AUDIT_SUCCESS) 114 return "auditSuccess"; 115 if (dwType == EVENTLOG_AUDIT_FAILURE) 116 return "auditFailure"; 117 return strEx::itos(dwType); 96 118 } 97 119 … … 100 122 101 123 struct searchQuery { 102 struct searchQueryBundle {103 124 struct searchQueryItem { 104 DWORD eventType_; 105 std::string eventSource_; 106 boost::regex eventSourceRegExp_; 107 bool notSetValue_; 108 DWORD writtenBeforeDelta_ ; 109 DWORD writtenAfterDelta_ ; 110 DWORD generatedBeforeDelta_; 111 DWORD generatedAfterDelta_; 125 126 typedef enum { 127 eventType, 128 eventSource, 129 timeWritten, 130 timeGenerated, 131 message, 132 none 133 } queryType; 134 135 typedef enum { out, in, undefined } filterType; 136 137 filterType filter_; 138 queryType queryType_; 139 DWORD dwValue_; 112 140 boost::regex regexp_; 113 114 searchQueryItem(bool notSetValue) 115 : eventType_(0), notSetValue_(notSetValue), 116 writtenBeforeDelta_(0), writtenAfterDelta_(0) , 117 generatedBeforeDelta_(0), generatedAfterDelta_(0) 141 142 143 searchQueryItem() 144 : queryType_(none), dwValue_(0), filter_(out) 118 145 {} 146 searchQueryItem(filterType filter, queryType type, std::string str) 147 : queryType_(type), dwValue_(0), filter_(filter) 148 { 149 switch (queryType_ ) { 150 case eventType: 151 dwValue_ = EventLogRecord::translateType(str); 152 break; 153 154 case timeGenerated: 155 dwValue_ = strEx::stoui_as_time(str)/1000; 156 break; 157 158 case eventSource: 159 case message: 160 try { 161 regexp_ = str; 162 } catch (const boost::bad_expression e) { 163 throw (std::string)"Invalid syntax in regular expression:" + str; 164 } 165 break; 166 } 167 } 168 119 169 searchQueryItem& operator=(const searchQueryItem &other) { 120 eventType_ = other.eventType_; 121 eventSource_ = other.eventSource_; 122 notSetValue_ = other.notSetValue_; 123 writtenBeforeDelta_ = other.writtenBeforeDelta_; 124 writtenAfterDelta_ = other.writtenAfterDelta_; 125 generatedBeforeDelta_ = other.generatedBeforeDelta_; 126 generatedAfterDelta_ = other.generatedAfterDelta_; 170 queryType_ = other.queryType_; 171 dwValue_ = other.dwValue_; 172 filter_ = other.filter_; 127 173 try { 128 174 regexp_ = other.regexp_; … … 130 176 throw (std::string)"Invalid syntax in regular expression:" + other.toString(); 131 177 } 132 try {133 eventSourceRegExp_ = other.eventSourceRegExp_;134 } catch (const boost::bad_expression e) {135 throw (std::string)"Invalid syntax in event source regular expression:" + other.toString();136 }137 178 return *this; 138 179 } 139 180 140 inline bool matchDateWritten(DWORD now, DWORD written) const { 141 if ((writtenAfterDelta_ == 0)&&(writtenBeforeDelta_ == 0)) 142 return notSetValue_; 143 bool ret = true; 144 if (writtenAfterDelta_ != 0) { 145 if (writtenAfterDelta_+written <= now) 146 ret = false; 147 } 148 if (writtenBeforeDelta_ != 0) { 149 if (writtenBeforeDelta_+written > now) 150 ret = false; 151 } 152 return ret; 153 } 154 inline bool matchDateGenerated(DWORD now, DWORD written) const { 155 if ((generatedAfterDelta_ == 0)&&(generatedBeforeDelta_ == 0)) 156 return notSetValue_; 157 bool ret = true; 158 if (generatedAfterDelta_ != 0) { 159 if (generatedAfterDelta_+written <= now) 160 ret = false; 161 } 162 if (generatedBeforeDelta_ != 0) { 163 if (generatedBeforeDelta_+written > now) 164 ret = false; 165 } 166 return ret; 167 } 168 inline bool matchType(DWORD eventType) const { 169 if (eventType_ == 0) 170 return notSetValue_; 171 return eventType_ & eventType; 172 } 173 inline bool matchSource(std::string eventSource) const { 174 if ((eventSource_.empty())&&eventSourceRegExp_.empty()) 175 return notSetValue_; 176 else if (eventSource_.empty()) 177 return boost::regex_match(eventSource, eventSourceRegExp_); 178 else if (eventSourceRegExp_.empty()) 179 return eventSource_ == eventSource; 180 return boost::regex_match(eventSource, eventSourceRegExp_) && (eventSource_ == eventSource); 181 } 182 inline bool matchRegexp(std::string msg) const { 183 if (regexp_.empty()) 184 return notSetValue_; 185 return boost::regex_match(msg, regexp_); 186 } 181 bool match(DWORD now, const EventLogRecord &record) const { 182 switch (queryType_) { 183 case eventType: 184 return record.eventType() & dwValue_; 185 186 case eventSource: 187 if (regexp_.empty()) 188 return false; 189 return boost::regex_match(record.eventSource(), regexp_); 190 191 case timeWritten: 192 return record.timeWritten() < (now-dwValue_); 193 194 case timeGenerated: 195 return record.timeGenerated() < (now-dwValue_); 196 197 case message: 198 if (regexp_.empty()) 199 return false; 200 return boost::regex_match(record.enumStrings(), regexp_); 201 202 default: 203 return false; 204 } 205 } 206 std::string queryType2String(queryType query) const { 207 switch (queryType_) { 208 case eventType: 209 return "eventType"; 210 case eventSource: 211 return "eventSource"; 212 case timeWritten: 213 return "timeWritten"; 214 case timeGenerated: 215 return "timeGenerated"; 216 case message: 217 return "message"; 218 default: 219 return "unknown"; 220 } 221 222 } 223 187 224 std::string toString() const { 188 225 std::stringstream ss; 189 ss << " Regexp: " << regexp_ << std::endl; 190 ss << " Event type: " << eventType_ << std::endl; 191 ss << " Event source: " << eventSource_ << std::endl; 192 ss << " Event source Regexp: " << eventSourceRegExp_ << std::endl; 193 ss << " Written delta: " << writtenAfterDelta_ << " > " << writtenBeforeDelta_ << std::endl; 194 ss << " Generated delta: " << generatedAfterDelta_ << " > " << generatedBeforeDelta_ << std::endl; 226 ss << " Type: " << queryType2String(queryType_) << " = " << dwValue_ << ", '" << regexp_ << "'"; 195 227 return ss.str(); 196 228 } 197 229 }; 198 struct searchQueryItem require; 199 struct searchQueryItem exclude; 200 searchQueryBundle() : require(true), exclude(false) {} 201 std::string toString() { 202 return " Required:\n" + require.toString() + "\n Exclude:\n" + exclude.toString(); 230 231 232 233 unsigned int truncate; 234 unsigned warning_count; 235 unsigned critical_count; 236 bool descriptions; 237 std::list<searchQueryItem> queries; 238 239 searchQuery() : truncate(0), descriptions(false), warning_count(0), critical_count(0) {} 240 241 std::string toString() { 242 std::string ret; 243 for (std::list<searchQuery::searchQueryItem>::const_iterator cit = queries.begin(); cit != queries.end(); ++cit ) { 244 ret += (*cit).toString(); 203 245 } 204 }; 205 206 searchQueryBundle warn; 207 searchQueryBundle critical; 208 unsigned int truncate; 209 bool descriptions; 210 searchQuery() : truncate(0), descriptions(false) {} 211 212 std::string toString() { 213 return "Warn:\n" + warn.toString() + "\nCritical:\n" + critical.toString(); 246 return ret; 214 247 } 215 248 216 249 }; 217 250 218 void addToQueryItem(searchQuery::searchQueryBundle::searchQueryItem &item, std::string arg) { 219 std::pair<std::string,std::string> p = strEx::split(arg, "="); 220 if (p.first == "eventType") 221 item.eventType_ = EventLogRecord::appendType(item.eventType_, p.second); 222 else if (p.first == "eventSource") 223 item.eventSource_ = p.second; 224 else if (p.first == "eventSourceRegexp") { 225 try { 226 std::string s = p.second; 227 item.eventSourceRegExp_ = s; 228 } catch (const boost::bad_expression e) { 229 item.eventSourceRegExp_ = ""; 230 throw (std::string)"Invalid syntax in regular expression:" + p.second; 231 } 232 } 233 else if (p.first == "generatedBeforeDelta") 234 item.generatedBeforeDelta_ = strEx::stoi(p.second); 235 else if (p.first == "generatedAfterDelta") 236 item.generatedAfterDelta_ = strEx::stoi(p.second); 237 else if (p.first == "writtenBeforeDelta") 238 item.writtenBeforeDelta_ = strEx::stoi(p.second); 239 else if (p.first == "writtenAfterDelta") 240 item.writtenAfterDelta_ = strEx::stoi(p.second); 241 else if (p.first == "regexp") { 242 try { 243 item.regexp_ = p.second; 244 } catch (const boost::bad_expression e) { 245 item.regexp_ = ""; 246 throw (std::string)"Invalid syntax in regular expression:" + p.second; 247 } 248 } else 249 throw (std::string)"Invalid argument: " + p.first; 250 251 } 252 void addToQueryBundle(searchQuery::searchQueryBundle &bundle, std::string arg) { 253 std::pair<std::string,std::string> p = strEx::split(arg, "."); 254 if (p.first == "require") 255 addToQueryItem(bundle.require, p.second); 256 else if (p.first == "exclude") 257 addToQueryItem(bundle.exclude, p.second); 258 else 259 throw (std::string)"Invalid require/exclude: " + p.first; 260 } 261 void addToQuery(searchQuery &q, std::string arg) { 262 std::pair<std::string,std::string> p = strEx::split(arg, "."); 263 if (p.first == "warn") 264 addToQueryBundle(q.warn, p.second); 265 else if (p.first == "critical") 266 addToQueryBundle(q.critical, p.second); 267 else if (p.first == "all") { 268 addToQueryBundle(q.warn, p.second); 269 addToQueryBundle(q.critical, p.second); 270 } else { 271 std::pair<std::string,std::string> p = strEx::split(arg, "="); 272 if (p.first == "truncate") 273 q.truncate = strEx::stoi(p.second); 274 else if (p.first == "descriptions") 275 q.descriptions = true; 276 else 277 throw (std::string)"Invalid argument: " + arg; 278 } 279 } 280 281 void buildQury(searchQuery &query, std::list<std::string> args) { 282 for (std::list<std::string>::const_iterator it = args.begin(); it!=args.end(); it++) { 283 NSC_DEBUG_MSG_STD("Adding: " + *it); 284 addToQuery(query, *it); 285 } 286 } 251 // checkEventLog file=application truncate=1024 descriptions filter=[out|in] 252 // warning-count=3 critical-count=10 253 // filter type = warning AND generated > 1d 254 // 255 // match (type, "warning") && match(generated, "1d") 256 // filer-eventType=warning 257 // filer-eventSource= 258 // filer-date=4d 259 // 287 260 // CheckEventLog 288 261 // request: CheckEventLog&<logfile>&<Query strings> … … 291 264 // 1 - Unknown 292 265 // 2 - Errors 266 267 // ./nrpe-2.0/src/check_nrpe -H 192.168.167 -p 5666 -c checkEventLog -a file=system file=application filter-eventType=warning filter-generated=1d descriptions filter-eventSource=Cdrom filter-eventSource=NSClient warning-count=3 critical-count=7 filter=in truncate=512 268 // 293 269 // Examples: 294 270 // CheckEventLog&Application&1&<type>&<query>&huffa... 295 271 // CheckEventLog&Application&warn.require.eventType=warning&critical.require.eventType=error&truncate=1024&descriptions&all.exclude.eventSourceRegexp=^(Win|Msi|NSClient\+\+|Userenv|ASP\.NET|LoadPerf|Outlook|Application E|NSClient).* 296 272 #define BUFFER_SIZE 1024*64 297 298 273 NSCAPI::nagiosReturn CheckEventLog::handleCommand(const strEx::blindstr command, const unsigned int argLen, char **char_args, std::string &message, std::string &perf) { 299 274 if (command != "CheckEventLog") … … 301 276 NSCAPI::nagiosReturn rCode = NSCAPI::returnOK; 302 277 std::list<std::string> args = arrayBuffer::arrayBuffer2list(argLen, char_args); 303 if (args.size() < 2) { 304 message = "Missing argument"; 305 return NSCAPI::returnCRIT; 306 } 307 308 std::list<std::string>::iterator it = args.begin(); 309 for (;it != args.end();it++) { 310 NSC_DEBUG_MSG_STD("Arguments: " + (*it)); 311 } 278 312 279 std::string ret; 313 bool critical = false;314 280 searchQuery query; 315 std::string logFile = args.front(); args.pop_front(); 316 try { 317 buildQury(query, args); 318 } catch (std::string s) { 319 message = s; 320 return NSCAPI::returnCRIT; 321 } 322 NSC_DEBUG_MSG_STD("Base query: " + query.toString()); 323 324 HANDLE hLog = OpenEventLog(NULL, logFile.c_str()); 325 if (hLog == NULL) { 326 message = "Could not open the Application event log."; 281 std::list<std::string> files; 282 searchQuery::searchQueryItem::filterType filter = searchQuery::searchQueryItem::out; 283 284 for (std::list<std::string>::const_iterator it = args.begin(); it!=args.end(); ++it) { 285 try { 286 if ((*it) == "descriptions") { 287 query.descriptions = true; 288 } else { 289 std::pair<std::string,std::string> p = strEx::split((*it), "="); 290 if (p.first == "truncate") { 291 query.truncate = strEx::stoi(p.second); 292 } else if (p.first == "file") { 293 files.push_back(p.second); 294 } else if (p.first == "filter") { 295 if (p.second == "in") 296 filter = searchQuery::searchQueryItem::in; 297 else 298 filter = searchQuery::searchQueryItem::out; 299 } else if (p.first == "warning-count") { 300 query.warning_count = strEx::stoi(p.second); 301 } else if (p.first == "critical-count") { 302 query.critical_count = strEx::stoi(p.second); 303 304 } else if (p.first == "filter-eventType") { 305 query.queries.push_back(searchQuery::searchQueryItem(filter, searchQuery::searchQueryItem::eventType, p.second)); 306 } else if (p.first == "filter-eventSource") { 307 query.queries.push_back(searchQuery::searchQueryItem(filter, searchQuery::searchQueryItem::eventSource, p.second)); 308 } else if (p.first == "filter-generated") { 309 query.queries.push_back(searchQuery::searchQueryItem(filter, searchQuery::searchQueryItem::timeGenerated, p.second)); 310 } else if (p.first == "filter-written") { 311 query.queries.push_back(searchQuery::searchQueryItem(filter, searchQuery::searchQueryItem::timeWritten, p.second)); 312 } else if (p.first == "filter-message") { 313 query.queries.push_back(searchQuery::searchQueryItem(filter, searchQuery::searchQueryItem::message, p.second)); 314 } 315 } 316 } catch (std::string s) { 317 if (message.empty()) 318 message += "UNKNOWN: "; 319 else 320 message += ", "; 321 message += s; 322 } 323 } 324 if (!message.empty()) { 327 325 return NSCAPI::returnUNKNOWN; 328 326 } 329 327 330 DWORD dwThisRecord, dwRead, dwNeeded; 331 EVENTLOGRECORD *pevlr; 332 BYTE bBuffer[BUFFER_SIZE]; 333 334 pevlr = reinterpret_cast<EVENTLOGRECORD*>(&bBuffer); 335 336 // get time now !!! 337 __time64_t ltime; 338 _time64(<ime); 339 DWORD currentTime = ltime; 340 341 GetOldestEventLogRecord(hLog, &dwThisRecord); 342 343 while (ReadEventLog(hLog, EVENTLOG_FORWARDS_READ|EVENTLOG_SEQUENTIAL_READ, 344 0, pevlr, BUFFER_SIZE, &dwRead, &dwNeeded)) 345 { 346 while (dwRead > 0) 347 { 348 bool match = false; 349 bool c = false; 350 EventLogRecord record(pevlr); 351 352 if ( query.critical.require.matchType(record.eventType()) && 353 query.critical.require.matchSource(record.eventSource()) && 354 query.critical.require.matchDateGenerated(currentTime, record.timeGenerated()) && 355 query.critical.require.matchDateWritten(currentTime, record.timeWritten()) && 356 query.critical.require.matchRegexp(record.enumStrings()) 357 ) { 358 match = true; 359 c = true; 360 } 361 if ( query.critical.exclude.matchType(record.eventType()) || 362 query.critical.exclude.matchSource(record.eventSource()) || 363 query.critical.exclude.matchDateGenerated(currentTime, record.timeGenerated()) || 364 query.critical.exclude.matchDateWritten(currentTime, record.timeWritten()) || 365 query.critical.exclude.matchRegexp(record.enumStrings()) 366 ) { 367 match = false; 368 c = false; 369 } 370 371 if ( query.warn.require.matchType(record.eventType()) && 372 query.warn.require.matchSource(record.eventSource()) && 373 query.warn.require.matchDateGenerated(currentTime, record.timeGenerated()) && 374 query.warn.require.matchDateWritten(currentTime, record.timeWritten()) && 375 query.warn.require.matchRegexp(record.enumStrings()) 376 ) 377 match = true; 378 if ( query.warn.exclude.matchType(record.eventType()) || 379 query.warn.exclude.matchSource(record.eventSource()) || 380 query.warn.exclude.matchDateGenerated(currentTime, record.timeGenerated()) || 381 query.warn.exclude.matchDateWritten(currentTime, record.timeWritten()) || 382 query.warn.exclude.matchRegexp(record.enumStrings()) 383 ) 384 match = false; 385 386 if (match) { 387 if (c) 388 critical = true; 389 if (!ret.empty()) 390 ret += " - "; 391 ret += record.eventSource(); 392 if (query.descriptions) { 393 std::string s = record.enumStrings(); 394 if (!s.empty()) 395 ret += " [" + s + "]" ; 396 } 397 } 398 dwRead -= pevlr->Length; 399 pevlr = (EVENTLOGRECORD *) 400 ((LPBYTE) pevlr + pevlr->Length); 328 unsigned int hit_count = 0; 329 330 for (std::list<std::string>::const_iterator cit2 = files.begin(); cit2 != files.end(); ++cit2) { 331 HANDLE hLog = OpenEventLog(NULL, (*cit2).c_str()); 332 if (hLog == NULL) { 333 message = "Could not open the '" + (*cit2) + "' event log."; 334 return NSCAPI::returnUNKNOWN; 335 } 336 337 DWORD dwThisRecord, dwRead, dwNeeded; 338 EVENTLOGRECORD *pevlr; 339 BYTE bBuffer[BUFFER_SIZE]; 340 341 pevlr = reinterpret_cast<EVENTLOGRECORD*>(&bBuffer); 342 343 __time64_t ltime; 344 _time64(<ime); 345 DWORD currentTime = ltime; 346 347 GetOldestEventLogRecord(hLog, &dwThisRecord); 348 349 while (ReadEventLog(hLog, EVENTLOG_FORWARDS_READ|EVENTLOG_SEQUENTIAL_READ, 350 0, pevlr, BUFFER_SIZE, &dwRead, &dwNeeded)) 351 { 352 while (dwRead > 0) 353 { 354 bool match = false; 355 bool undefined = true; 356 searchQuery::searchQueryItem::filterType tFilter = searchQuery::searchQueryItem::out; 357 EventLogRecord record(pevlr); 358 359 for (std::list<searchQuery::searchQueryItem>::const_iterator cit3 = query.queries.begin(); cit3 != query.queries.end(); ++cit3 ) { 360 if ((*cit3).match(currentTime, record)) { 361 if ((*cit3).filter_ == searchQuery::searchQueryItem::in) 362 match = true; 363 else { 364 match = false; 365 } 366 } 367 } 368 369 if (match) { 370 if (!ret.empty()) 371 ret += ", "; 372 ret += record.eventSource(); 373 if (query.descriptions) { 374 ret += "(" + EventLogRecord::translateType(record.eventType()) + ")"; 375 ret += "[" + record.enumStrings() + "]"; 376 } 377 hit_count++; 378 } 379 380 dwRead -= pevlr->Length; 381 pevlr = (EVENTLOGRECORD *) ((LPBYTE) pevlr + pevlr->Length); 382 } 383 384 pevlr = (EVENTLOGRECORD *) &bBuffer; 401 385 } 402 386 403 pevlr = (EVENTLOGRECORD *) &bBuffer; 404 } 405 406 CloseEventLog(hLog); 407 if (critical) { 408 ret = "CRITICAL: " + ret; 387 CloseEventLog(hLog); 388 } 389 390 if ((query.critical_count > 0) && (hit_count > query.critical_count)) { 391 ret = "CRITICAL: " + strEx::itos(hit_count) + " > critical: " + ret; 409 392 rCode = NSCAPI::returnCRIT; 410 } 411 else if (!ret.empty()) { 412 ret = "WARNING: " + ret; 393 } else if ((query.warning_count > 0) && (hit_count > query.warning_count)) { 394 ret = "WARNING: " + strEx::itos(hit_count) + " > warning: " + ret; 413 395 rCode = NSCAPI::returnWARN; 414 } else 415 ret = "OK: No errors/warnings in event log."; 396 } else { 397 ret = "OK: " + strEx::itos(hit_count) + ": " + ret; 398 } 416 399 if (query.truncate != 0) 400 ret = ret.substr(0, query.truncate); 401 if ((query.truncate > 0) && (ret.length() > query.truncate)) 417 402 ret = ret.substr(0, query.truncate); 418 403 message = ret; -
trunk/modules/CheckEventLog/CheckEventLog.def
rf7f536b r24f7192 11 11 NSHandleCommand 12 12 NSUnloadModule 13 13 NSGetModuleDescription -
trunk/modules/CheckEventLog/CheckEventLog.h
rf896cfb r24f7192 12 12 bool loadModule(); 13 13 bool unloadModule(); 14 std::string getModuleName(); 15 NSCModuleWrapper::module_version getModuleVersion(); 14 15 std::string getModuleName() { 16 return "Event log Checker."; 17 } 18 NSCModuleWrapper::module_version getModuleVersion() { 19 NSCModuleWrapper::module_version version = {0, 0, 1 }; 20 return version; 21 } 22 std::string getModuleDescription() { 23 return "Check for errors and warnings in the event log.\nThis is only supported through NRPE so if you plan to use only NSClient this wont help you at all."; 24 } 25 26 16 27 bool hasCommandHandler(); 17 28 bool hasMessageHandler();
Note: See TracChangeset
for help on using the changeset viewer.
