tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-29 08:45:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add module_application to module_logchannel.

Browse Source 
Ref. pandora_enterprise#3659
This commit is contained in:
Ramon Novoa 2019-09-03 12:56:51 +02:00
parent 14bf71e6c6
commit b8a3d46f38
3 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pandora_agents/win32/modules/pandora_module_factory.cc
View File

@ -1214,7 +1214,8 @@ Pandora_Module_Factory::getModuleFromDefinition (string definition) {
module_source, module_source,
module_eventtype, module_eventtype,
module_eventcode, module_eventcode,
module_pattern); module_pattern,
module_application);
} else if (module_wmiquery != "") { } else if (module_wmiquery != "") {
module = new Pandora_Module_WMIQuery (module_name, module = new Pandora_Module_WMIQuery (module_name,
module_wmiquery, module_wmicolumn); module_wmiquery, module_wmicolumn);

11
pandora_agents/win32/modules/pandora_module_logchannel.cc
View File

@ -53,7 +53,7 @@ static EvtUpdateBookmarkT EvtUpdateBookmarkF = NULL;
* @param name Module name. * @param name Module name.
* @param service_name Service internal name to check. * @param service_name Service internal name to check.
*/ */
Pandora_Module_Logchannel::Pandora_Module_Logchannel (string name, string source, string type, string id, string pattern) Pandora_Module_Logchannel::Pandora_Module_Logchannel (string name, string source, string type, string id, string pattern, string application)
: Pandora_Module (name) { : Pandora_Module (name) {
int i; int i;
vector<wstring> query; vector<wstring> query;
@ -93,6 +93,13 @@ Pandora_Module_Logchannel::Pandora_Module_Logchannel (string name, string source
query.push_back(ss.str()); query.push_back(ss.str());
} }
// Set the application
if (application != "") {
wstringstream ss;
ss << L"*[System/Provider[@Name='" << application.c_str() << L"']]";
query.push_back(ss.str());
}
// Fill the filter // Fill the filter
if (query.size() == 0) { if (query.size() == 0) {
this->filter = L"*"; this->filter = L"*";
@ -579,4 +586,4 @@ Pandora_Module_Logchannel::GetMessageString(EVT_HANDLE hMetadata, EVT_HANDLE hEv
} }
return pBuffer; return pBuffer;
} }

2
pandora_agents/win32/modules/pandora_module_logchannel.h
View File

@ -75,7 +75,7 @@ namespace Pandora_Modules {
LPWSTR GetMessageString(EVT_HANDLE hMetadata, EVT_HANDLE hEvent, EVT_FORMAT_MESSAGE_FLAGS FormatId); LPWSTR GetMessageString(EVT_HANDLE hMetadata, EVT_HANDLE hEvent, EVT_FORMAT_MESSAGE_FLAGS FormatId);
public: public:
Pandora_Module_Logchannel (string name, string source, string type, string id, string pattern); Pandora_Module_Logchannel (string name, string source, string type, string id, string pattern, string application);
void run (); void run ();
}; };
} }