|
|
|
libprelude Reference Manual | |
|---|---|---|---|---|
| Top | Description | ||||
int idmef_additional_data_read (idmef_additional_data_t *additional_data,
prelude_msg_t *msg);
int idmef_reference_read (idmef_reference_t *reference,
prelude_msg_t *msg);
int idmef_classification_read (idmef_classification_t *classification,
prelude_msg_t *msg);
int idmef_user_id_read (idmef_user_id_t *user_id,
prelude_msg_t *msg);
int idmef_user_read (idmef_user_t *user,
prelude_msg_t *msg);
int idmef_address_read (idmef_address_t *address,
prelude_msg_t *msg);
int idmef_process_read (idmef_process_t *process,
prelude_msg_t *msg);
int idmef_web_service_read (idmef_web_service_t *web_service,
prelude_msg_t *msg);
int idmef_snmp_service_read (idmef_snmp_service_t *snmp_service,
prelude_msg_t *msg);
int idmef_service_read (idmef_service_t *service,
prelude_msg_t *msg);
int idmef_node_read (idmef_node_t *node,
prelude_msg_t *msg);
int idmef_source_read (idmef_source_t *source,
prelude_msg_t *msg);
int idmef_file_access_read (idmef_file_access_t *file_access,
prelude_msg_t *msg);
int idmef_inode_read (idmef_inode_t *inode,
prelude_msg_t *msg);
int idmef_checksum_read (idmef_checksum_t *checksum,
prelude_msg_t *msg);
int idmef_file_read (idmef_file_t *file,
prelude_msg_t *msg);
int idmef_linkage_read (idmef_linkage_t *linkage,
prelude_msg_t *msg);
int idmef_target_read (idmef_target_t *target,
prelude_msg_t *msg);
int idmef_analyzer_read (idmef_analyzer_t *analyzer,
prelude_msg_t *msg);
int idmef_alertident_read (idmef_alertident_t *alertident,
prelude_msg_t *msg);
int idmef_impact_read (idmef_impact_t *impact,
prelude_msg_t *msg);
int idmef_action_read (idmef_action_t *action,
prelude_msg_t *msg);
int idmef_confidence_read (idmef_confidence_t *confidence,
prelude_msg_t *msg);
int idmef_assessment_read (idmef_assessment_t *assessment,
prelude_msg_t *msg);
int idmef_tool_alert_read (idmef_tool_alert_t *tool_alert,
prelude_msg_t *msg);
int idmef_correlation_alert_read (idmef_correlation_alert_t *correlation_alert,
prelude_msg_t *msg);
int idmef_overflow_alert_read (idmef_overflow_alert_t *overflow_alert,
prelude_msg_t *msg);
int idmef_alert_read (idmef_alert_t *alert,
prelude_msg_t *msg);
int idmef_heartbeat_read (idmef_heartbeat_t *heartbeat,
prelude_msg_t *msg);
int idmef_message_read (idmef_message_t *message,
prelude_msg_t *msg);
Once you read a prelude_msg_t object, you need to decode this message. In case this is an IDMEF style message, the following API allow to read the relevant IDMEF fields from the prelude_msg_t object, and create the IDMEF object from it's content.
The function you're most probably looking to use is idmef_message_read(), and here
is an example on how to use it:
int ret;
prelude_msg_t *pmsg;
idmef_message_t *message;
pmsg = whatever_method_to_get_a_prelude_msg();
ret = idmef_message_new(&message);
if ( ret < 0 )
return ret;
ret = idmef_message_read(message, pmsg);
This will decode the full IDMEF message stored within pmsg into the idmef_message_t IDMEF object and it's childrens.
int idmef_additional_data_read (idmef_additional_data_t *additional_data,
prelude_msg_t *msg);
Read an idmef_additional_data from the msg message, and
store it into additional_data.
|
Pointer to a idmef_additional_data_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_reference_read (idmef_reference_t *reference,
prelude_msg_t *msg);
Read an idmef_reference from the msg message, and
store it into reference.
|
Pointer to a idmef_reference_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_classification_read (idmef_classification_t *classification,
prelude_msg_t *msg);
Read an idmef_classification from the msg message, and
store it into classification.
|
Pointer to a idmef_classification_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_user_id_read (idmef_user_id_t *user_id,
prelude_msg_t *msg);
Read an idmef_user_id from the msg message, and
store it into user_id.
|
Pointer to a idmef_user_id_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_user_read (idmef_user_t *user,
prelude_msg_t *msg);
Read an idmef_user from the msg message, and
store it into user.
|
Pointer to a idmef_user_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_address_read (idmef_address_t *address,
prelude_msg_t *msg);
Read an idmef_address from the msg message, and
store it into address.
|
Pointer to a idmef_address_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_process_read (idmef_process_t *process,
prelude_msg_t *msg);
Read an idmef_process from the msg message, and
store it into process.
|
Pointer to a idmef_process_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_web_service_read (idmef_web_service_t *web_service,
prelude_msg_t *msg);
Read an idmef_web_service from the msg message, and
store it into web_service.
|
Pointer to a idmef_web_service_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_snmp_service_read (idmef_snmp_service_t *snmp_service,
prelude_msg_t *msg);
Read an idmef_snmp_service from the msg message, and
store it into snmp_service.
|
Pointer to a idmef_snmp_service_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_service_read (idmef_service_t *service,
prelude_msg_t *msg);
Read an idmef_service from the msg message, and
store it into service.
|
Pointer to a idmef_service_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_node_read (idmef_node_t *node,
prelude_msg_t *msg);
Read an idmef_node from the msg message, and
store it into node.
|
Pointer to a idmef_node_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_source_read (idmef_source_t *source,
prelude_msg_t *msg);
Read an idmef_source from the msg message, and
store it into source.
|
Pointer to a idmef_source_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_file_access_read (idmef_file_access_t *file_access,
prelude_msg_t *msg);
Read an idmef_file_access from the msg message, and
store it into file_access.
|
Pointer to a idmef_file_access_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_inode_read (idmef_inode_t *inode,
prelude_msg_t *msg);
Read an idmef_inode from the msg message, and
store it into inode.
|
Pointer to a idmef_inode_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_checksum_read (idmef_checksum_t *checksum,
prelude_msg_t *msg);
Read an idmef_checksum from the msg message, and
store it into checksum.
|
Pointer to a idmef_checksum_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_file_read (idmef_file_t *file,
prelude_msg_t *msg);
Read an idmef_file from the msg message, and
store it into file.
|
Pointer to a idmef_file_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_linkage_read (idmef_linkage_t *linkage,
prelude_msg_t *msg);
Read an idmef_linkage from the msg message, and
store it into linkage.
|
Pointer to a idmef_linkage_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_target_read (idmef_target_t *target,
prelude_msg_t *msg);
Read an idmef_target from the msg message, and
store it into target.
|
Pointer to a idmef_target_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_analyzer_read (idmef_analyzer_t *analyzer,
prelude_msg_t *msg);
Read an idmef_analyzer from the msg message, and
store it into analyzer.
|
Pointer to a idmef_analyzer_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_alertident_read (idmef_alertident_t *alertident,
prelude_msg_t *msg);
Read an idmef_alertident from the msg message, and
store it into alertident.
|
Pointer to a idmef_alertident_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_impact_read (idmef_impact_t *impact,
prelude_msg_t *msg);
Read an idmef_impact from the msg message, and
store it into impact.
|
Pointer to a idmef_impact_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_action_read (idmef_action_t *action,
prelude_msg_t *msg);
Read an idmef_action from the msg message, and
store it into action.
|
Pointer to a idmef_action_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_confidence_read (idmef_confidence_t *confidence,
prelude_msg_t *msg);
Read an idmef_confidence from the msg message, and
store it into confidence.
|
Pointer to a idmef_confidence_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_assessment_read (idmef_assessment_t *assessment,
prelude_msg_t *msg);
Read an idmef_assessment from the msg message, and
store it into assessment.
|
Pointer to a idmef_assessment_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_tool_alert_read (idmef_tool_alert_t *tool_alert,
prelude_msg_t *msg);
Read an idmef_tool_alert from the msg message, and
store it into tool_alert.
|
Pointer to a idmef_tool_alert_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_correlation_alert_read (idmef_correlation_alert_t *correlation_alert,
prelude_msg_t *msg);
Read an idmef_correlation_alert from the msg message, and
store it into correlation_alert.
|
Pointer to a idmef_correlation_alert_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_overflow_alert_read (idmef_overflow_alert_t *overflow_alert,
prelude_msg_t *msg);
Read an idmef_overflow_alert from the msg message, and
store it into overflow_alert.
|
Pointer to a idmef_overflow_alert_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_alert_read (idmef_alert_t *alert,
prelude_msg_t *msg);
Read an idmef_alert from the msg message, and
store it into alert.
|
Pointer to a idmef_alert_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_heartbeat_read (idmef_heartbeat_t *heartbeat,
prelude_msg_t *msg);
Read an idmef_heartbeat from the msg message, and
store it into heartbeat.
|
Pointer to a idmef_heartbeat_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |
int idmef_message_read (idmef_message_t *message,
prelude_msg_t *msg);
Read an idmef_message from the msg message, and
store it into message.
|
Pointer to a idmef_message_t object. |
|
Pointer to a prelude_msg_t object, containing a message. |
Returns : |
0 on success, a negative value if an error occured. |