diff --git a/digwatch.yaml b/digwatch.yaml index cab5e194..402358d5 100644 --- a/digwatch.yaml +++ b/digwatch.yaml @@ -1,5 +1,8 @@ rules_file: /etc/digwatch_rules.conf -json_output: true +json_output: false + +log_stderr: true +log_syslog: true syslog_output: enabled: false diff --git a/userspace/digwatch/configuration.cpp b/userspace/digwatch/configuration.cpp index 3fc8a602..d7a25a95 100644 --- a/userspace/digwatch/configuration.cpp +++ b/userspace/digwatch/configuration.cpp @@ -1,6 +1,7 @@ #include "configuration.h" #include "config_digwatch.h" #include "sinsp.h" +#include "syslog.h" using namespace std; @@ -53,4 +54,7 @@ void digwatch_configuration::init(string conf_filename) { throw sinsp_exception("Error reading config file (" + m_config_file + "): No outputs configured. Please configure at least one output file output enabled but no filename in configuration block"); } + + digwatch_syslog::log_stderr = m_config->get_scalar("log_stderr", false); + digwatch_syslog::log_syslog = m_config->get_scalar("log_syslog", true); } diff --git a/userspace/digwatch/digwatch.cpp b/userspace/digwatch/digwatch.cpp index a2a5e3b7..aa97299d 100644 --- a/userspace/digwatch/digwatch.cpp +++ b/userspace/digwatch/digwatch.cpp @@ -254,7 +254,7 @@ int digwatch_init(int argc, char **argv) conf_stream = new ifstream(conf_filename); if (!conf_stream->good()) { - fprintf(stderr, "Could not find configuration file at %s \n", conf_filename.c_str()); + digwatch_syslog::log(LOG_ERR, "Could not find configuration file at " + conf_filename + ". Exiting \n"); result = EXIT_FAILURE; goto exit; } @@ -283,20 +283,20 @@ int digwatch_init(int argc, char **argv) digwatch_configuration config; if (conf_filename.size()) { - cout << "Using configuration file " + conf_filename + "\n"; config.init(conf_filename); + // log after config init because config determines where logs go + digwatch_syslog::log(LOG_INFO, "Digwatch initialized with configuration file " + conf_filename + "\n"); } else { - cout << "No configuration file found, proceeding with defaults\n"; config.init(); + digwatch_syslog::log(LOG_INFO, "Digwatch initialized. No configuration file found, proceeding with defaults\n"); } if (rules_filename.size()) { config.m_rules_filename = rules_filename; } - cout << "Using rules file " + config.m_rules_filename + "\n"; lua_main_filename = lua_dir + DIGWATCH_LUA_MAIN; if (!std::ifstream(lua_main_filename)) @@ -305,9 +305,9 @@ int digwatch_init(int argc, char **argv) lua_main_filename = lua_dir + DIGWATCH_LUA_MAIN; if (!std::ifstream(lua_main_filename)) { - fprintf(stderr, "Could not find Digwatch Lua libraries (tried %s, %s). \n", - DIGWATCH_LUA_DIR DIGWATCH_LUA_MAIN, - lua_main_filename.c_str()); + digwatch_syslog::log(LOG_ERR, "Could not find Digwatch Lua libraries (tried " + + string(DIGWATCH_LUA_DIR DIGWATCH_LUA_MAIN) + ", " + + lua_main_filename + "). Exiting \n"); result = EXIT_FAILURE; goto exit; } @@ -328,6 +328,7 @@ int digwatch_init(int argc, char **argv) rules->load_rules(config.m_rules_filename); inspector->set_filter(rules->get_filter()); + digwatch_syslog::log(LOG_INFO, "Parsed rules from file " + config.m_rules_filename + "\n"); inspector->set_hostname_and_port_resolution_mode(false); @@ -360,7 +361,7 @@ int digwatch_init(int argc, char **argv) { if(system("modprobe " PROBE_NAME " > /dev/null 2> /dev/null")) { - fprintf(stderr, "Unable to load the driver\n"); + digwatch_syslog::log(LOG_ERR, "Unable to load the driver. Exiting\n"); } inspector->open(); } @@ -373,12 +374,14 @@ int digwatch_init(int argc, char **argv) } catch(sinsp_exception& e) { - cerr << e.what() << endl; + digwatch_syslog::log(LOG_ERR, "Runtime error: " + string(e.what()) + ". Exiting\n"); + result = EXIT_FAILURE; } catch(...) { - printf("Error, exiting.\n"); + digwatch_syslog::log(LOG_ERR, "Unexpected error, Exiting\n"); + result = EXIT_FAILURE; } diff --git a/userspace/digwatch/formats.cpp b/userspace/digwatch/formats.cpp index bf9113e0..ba2e5f63 100644 --- a/userspace/digwatch/formats.cpp +++ b/userspace/digwatch/formats.cpp @@ -1,4 +1,5 @@ #include "formats.h" +#include "syslog.h" sinsp* digwatch_formats::s_inspector = NULL; @@ -27,8 +28,8 @@ int digwatch_formats::formatter(lua_State *ls) } catch(sinsp_exception& e) { - string err = "invalid output format " + format; - fprintf(stderr, "%s\n", err.c_str()); + digwatch_syslog::log(LOG_ERR, "Invalid output format '" + format + "'.\n"); + throw sinsp_exception("set_formatter error"); } @@ -42,8 +43,7 @@ int digwatch_formats::format_event (lua_State *ls) string line; if (!lua_islightuserdata(ls, -1) || !lua_islightuserdata(ls, -2)) { - string err = "invalid arguments passed to format_event() "; - fprintf(stderr, "%s\n", err.c_str()); + digwatch_syslog::log(LOG_ERR, "Invalid arguments passed to format_event()\n"); throw sinsp_exception("format_event error"); } sinsp_evt* evt = (sinsp_evt*)lua_topointer(ls, 1); diff --git a/userspace/digwatch/syslog.cpp b/userspace/digwatch/syslog.cpp index 8d811651..3cd881a2 100644 --- a/userspace/digwatch/syslog.cpp +++ b/userspace/digwatch/syslog.cpp @@ -1,8 +1,8 @@ +#include #include "syslog.h" #include "chisel_api.h" #include "filterchecks.h" -#include const static struct luaL_reg ll_digwatch [] = @@ -30,3 +30,20 @@ int digwatch_syslog::syslog(lua_State *ls) { return 0; } +bool digwatch_syslog::log_stderr; +bool digwatch_syslog::log_syslog; + +void digwatch_syslog::log(int priority, const string msg) { + if (digwatch_syslog::log_syslog) { + ::syslog(priority, "%s", msg.c_str()); + } + + if (digwatch_syslog::log_stderr) { + std::time_t result = std::time(nullptr); + string tstr = std::asctime(std::localtime(&result)); + tstr = tstr.substr(0, 24);// remove trailling newline + fprintf(stderr, "%s: %s", tstr.c_str(), msg.c_str()); + } +} + + diff --git a/userspace/digwatch/syslog.h b/userspace/digwatch/syslog.h index 54dccc17..bf96dbed 100644 --- a/userspace/digwatch/syslog.h +++ b/userspace/digwatch/syslog.h @@ -1,6 +1,7 @@ #pragma once #include "sinsp.h" +#include extern "C" { #include "lua.h" @@ -15,4 +16,9 @@ class digwatch_syslog // value = digwatch.syslog(level, message) static int syslog(lua_State *ls); + + static void log(int priority, const string msg); + + static bool log_stderr; + static bool log_syslog; };