Skip to content
Snippets Groups Projects
Commit 083ca4e5 authored by ale's avatar ale
Browse files

Fix a few gometalinter warnings

parent d4334643
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 14 additions and 12 deletions
main.go
+ 14
12
View file @ 083ca4e5
...@@ -9,6 +9,7 @@ import ( ...@@ -9,6 +9,7 @@ import (
"log" "log"
"log/syslog" "log/syslog"
"os" "os"
"strings"
"time" "time"
"github.com/elastic/go-libaudit" "github.com/elastic/go-libaudit"
...@@ -19,7 +20,6 @@ import ( ...@@ -19,7 +20,6 @@ import (
var ( var (
reasmBufferSize = flag.Int("reassembler-buffer", 8192, "reassembler buffer size") reasmBufferSize = flag.Int("reassembler-buffer", 8192, "reassembler buffer size")
reasmHorizon = flag.Duration("reassembler-timeout", 10*time.Second, "reassembled EOE event timeout") reasmHorizon = flag.Duration("reassembler-timeout", 10*time.Second, "reassembled EOE event timeout")
idLookup = flag.Bool("id", true, "lookup uid and gid values in messages (requires -i)")
) )
func main() { func main() {
...@@ -36,26 +36,23 @@ func processLogs() error { ...@@ -36,26 +36,23 @@ func processLogs() error {
if err != nil { if err != nil {
return err return err
} }
defer output.Close() defer output.Close() // nolint
reassembler, err := libaudit.NewReassembler(*reasmBufferSize, *reasmHorizon, &streamHandler{output}) reassembler, err := libaudit.NewReassembler(*reasmBufferSize, *reasmHorizon, &streamHandler{output})
if err != nil { if err != nil {
return fmt.Errorf("failed to create reassembler: %v", err) return fmt.Errorf("failed to create reassembler: %v", err)
} }
defer reassembler.Close() defer reassembler.Close() // nolint
// Start goroutine to periodically purge timed-out events. // Start goroutine to periodically purge timed-out events.
go func() { go func() {
t := time.NewTicker(500 * time.Millisecond) t := time.NewTicker(500 * time.Millisecond)
defer t.Stop() defer t.Stop()
for { for range t.C {
select {
case <-t.C:
if reassembler.Maintain() != nil { if reassembler.Maintain() != nil {
return return
} }
} }
}
}() }()
// Process lines from standard input. // Process lines from standard input.
...@@ -63,6 +60,14 @@ func processLogs() error { ...@@ -63,6 +60,14 @@ func processLogs() error {
for s.Scan() { for s.Scan() {
line := s.Text() line := s.Text()
// Remove anything before the log type.
p := strings.Index(line, "type=")
if p < 0 {
continue
} else if p > 0 {
line = line[p:]
}
auditMsg, err := auparse.ParseLogLine(line) auditMsg, err := auparse.ParseLogLine(line)
if err != nil { if err != nil {
log.Printf("failed to parse message header: %v", err) log.Printf("failed to parse message header: %v", err)
...@@ -97,9 +102,6 @@ func (s *streamHandler) EventsLost(count int) { ...@@ -97,9 +102,6 @@ func (s *streamHandler) EventsLost(count int) {
log.Printf("detected the loss of %v sequences", count) log.Printf("detected the loss of %v sequences", count)
} }
func outputMultipleMessages(msgs []*auparse.AuditMessage) {
}
func printJSON(w io.Writer, v interface{}) error { func printJSON(w io.Writer, v interface{}) error {
lbuf := []byte("@cee:") lbuf := []byte("@cee:")
jsonBytes, err := json.Marshal(v) jsonBytes, err := json.Marshal(v)
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment