Merge branch 'task/#22180-refactor-the-syslog-scanner-to-be-a-plugin'…

… into 'integration' Task #22180 - Refactor the syslog scanner to be a plugin See merge request elektrobit/base-os/elos!80
Elektrobit · Jun 18, 2024 · 19b6c24 · 19b6c24
2 parents 09436bb + 3ab1585
commit 19b6c24
Show file tree

Hide file tree

Showing 21 changed files with 353 additions and 524 deletions.
diff --git a/cmake/project.cmake b/cmake/project.cmake
@@ -1,5 +1,5 @@
 # SPDX-License-Identifier: MIT
-set(ELOS_VERSION 0.58.12)
+set(ELOS_VERSION 0.58.13)
 
 # Attention: Aside from the version, as many things as possible in this file
 #   should be put into functions, as this solves potential issues with commands

diff --git a/doc/userManual.rst b/doc/userManual.rst
@@ -665,18 +665,24 @@ look like this:
                },
                "Scanner": {
                    "Path": "/usr/local/lib/elos/scanner",
-                   "KmsgScanner": {
-                       "KmsgFile": "/dev/kmsg"
-                   },
-                   "SyslogScanner": {
-                       "SyslogPath": "/dev/log",
-                       "MappingRules": {
-                           "MessageCodes": {
-                             "4000": ".event.source.appName 'ssh' STRCMP",
-                             "2000": ".event.source.appName 'crinit' STRCMP",
-                             "1000": ".event.source.appName 'login' STRCMP"
+                   "Plugins": {
+                       "SyslogScanner": {
+                           "File": "scanner_syslog.so",
+                           "Run": "always",
+                           "Config": {
+                               "SyslogPath": "/dev/log",
+                               "MappingRules": {
+                                   "MessageCodes": {
+                                       "4000": ".event.source.appName 'ssh' STRCMP",
+                                       "2000": ".event.source.appName 'crinit' STRCMP",
+                                       "1000": ".event.source.appName 'login' STRCMP"
+                                   }
+                               }
                            }
                        }
+                   },
+                   "KmsgScanner": {
+                       "KmsgFile": "/dev/kmsg"
                    }
                }
            }
@@ -721,10 +727,10 @@ use another default value, decided by us.
 -  **Scanner/KmsgScanner/KmsgFile**: Character device or FIFO file node
    to receive logs in kmsg format from (``ELOS_KMSG_FILE`` default
    value: ``"/dev/kmsg"``)
--  **Scanner/SyslogScanner/SyslogPath**: Unix UDP socket to receive logs
+-  **Scanner/Plugins/<SyslogScanner>/Config/SyslogPath**: Unix UDP socket to receive logs
    in syslog format from (``ELOS_SYSLOG_PATH`` default value:
    ``"/dev/log"``)
--  **Scanner/SyslogScanner/MappingRules/MessageCodes**: contain
+-  **Scanner/Plugins/<SyslogScanner>/Config/MappingRules/MessageCodes**: contain
    ``message code, filter`` pairs to set a specific ``message code`` for
    an event if the given filter matches the event.
 
@@ -910,14 +916,17 @@ The syslog scanner expects the following config structure:
 .. code:: bash
 
    SyslogScanner
-   ├── SyslogPath
-   └── MappingRules
-       ├── MessageCode
-       │   ├── 4000
-       │   ├── 4001
-       │   ├── 2001
-       │   └── ... (more MessageCodes)
-       └── ... (other event attributes like Severity, Classification, ...)
+   ├── File
+   ├── Run
+   └── Config
+       ├── SyslogPath
+       └── MappingRules
+           ├── MessageCode
+           │   ├── 4000
+           │   ├── 4001
+           │   ├── 2001
+           │   └── ... (more MessageCodes)
+           └── ... (other event attributes like Severity, Classification, ...)
 
 The MappingRules are provided through the configuration. The
 configuration (samconf) allows to lookup single options by a path like

diff --git a/src/components/pluginmanager/interface/elos/pluginmanager/types.h b/src/components/pluginmanager/interface/elos/pluginmanager/types.h
@@ -4,7 +4,7 @@
 #include "elos/plugincontrol/types.h"
 
 #ifndef PLUGINMANAGER_PLUGINVECTOR_INIT_SIZE
-#define PLUGINMANAGER_PLUGINVECTOR_INIT_SIZE 8
+#define PLUGINMANAGER_PLUGINVECTOR_INIT_SIZE 20
 #endif
 
 typedef enum elosPluginManagerStateE {

diff --git a/src/components/scanner_manager_legacy/private/scanner_manager.c b/src/components/scanner_manager_legacy/private/scanner_manager.c
@@ -93,8 +93,7 @@ static elosScannerManagerLegacyErrorCodeE_t _parsePath(elosScannerManagerLegacyC
                 continue;
             }
 
-            if ((strcmp(dirEnt->d_name, "scanner_kmsg.so") != 0) && (strcmp(dirEnt->d_name, "scanner_shmem.so") != 0) &&
-                (strcmp(dirEnt->d_name, "scanner_syslog.so") != 0)) {
+            if ((strcmp(dirEnt->d_name, "scanner_kmsg.so") != 0) && (strcmp(dirEnt->d_name, "scanner_shmem.so") != 0)) {
                 dirEnt = readdir(dirHandle);
                 continue;
             }

diff --git a/src/plugins/scanners/syslog/CMakeLists.txt b/src/plugins/scanners/syslog/CMakeLists.txt
@@ -22,6 +22,7 @@ target_link_libraries(
     elos_scanner_legacy_interface
     eventfilter_static
   PUBLIC
+    libelosplugin
     rpnfilter_static
     scanner_syslog_interface
     elos_common_interface

diff --git a/src/plugins/scanners/syslog/index.rst b/src/plugins/scanners/syslog/index.rst
@@ -46,17 +46,20 @@ notation. So the syslog scanner expect the following config structure:
 .. code:: bash
 
    SyslogScanner
-   ├── SyslogPath
-   ├── MappingRules
-   │   ├── MessageCode
-   │   │   ├── 4000
-   │   │   ├── 4001
-   │   │   └── 2001
-   │   └── ... (other like Severity, classification)
-   └── FilterRules (Not implemented)
-       ├── empty payload
-       ├── all from appName X
-       └── containing secrets
+   ├── File
+   ├── Run
+   └── Config
+       ├── SyslogPath
+       ├── MappingRules
+       │   ├── MessageCode
+       │   │   ├── 4000
+       │   │   ├── 4001
+       │   │   └── 2001
+       │   └── ... (other like Severity, classification)
+       └── FilterRules (Not implemented)
+           ├── empty payload
+           ├── all from appName X
+           └── containing secrets
 
 The implementation for configuration files is still in progress so the
 format for configuration files is not defined now.

diff --git a/src/plugins/scanners/syslog/private/logline_mapper.c b/src/plugins/scanners/syslog/private/logline_mapper.c
@@ -292,7 +292,7 @@ safuResultE_t elosLoglineMapperInit(elosLoglineMapper_t *mapper, const samconfCo
     }
 
     if (result == SAFU_RESULT_OK) {
-        status = samconfConfigGet(config, "/MappingRules/MessageCodes", &messageCodeConfig);
+        status = samconfConfigGet(config, "Config/MappingRules/MessageCodes", &messageCodeConfig);
         if (status != SAMCONF_CONFIG_OK) {
             safuLogErr("Given configuration does not have applications config nodes");
             result = SAFU_RESULT_FAILED;