idmef-criteria

idmef-criteria

Synopsis

enum                idmef_criterion_operator_t;
typedef             idmef_criteria_t;
typedef             idmef_criterion_t;
const char *        idmef_criterion_operator_to_string  (idmef_criterion_operator_t op);
int                 idmef_criterion_new                 (idmef_criterion_t **criterion,
                                                         idmef_path_t *path,
                                                         idmef_criterion_value_t *value,
                                                         idmef_criterion_operator_t op);
void                idmef_criterion_destroy             (idmef_criterion_t *criterion);
int                 idmef_criterion_clone               (const idmef_criterion_t *criterion,
                                                         idmef_criterion_t **dst);
int                 idmef_criterion_print               (const idmef_criterion_t *criterion,
                                                         prelude_io_t *fd);
int                 idmef_criterion_to_string           (const idmef_criterion_t *criterion,
                                                         prelude_string_t *out);
idmef_path_t *      idmef_criterion_get_path            (const idmef_criterion_t *criterion);
idmef_criterion_value_t * idmef_criterion_get_value     (const idmef_criterion_t *criterion);
idmef_criterion_operator_t  idmef_criterion_get_operator
                                                        (const idmef_criterion_t *criterion);
int                 idmef_criterion_match               (const idmef_criterion_t *criterion,
                                                         idmef_message_t *message);
int                 idmef_criteria_new                  (idmef_criteria_t **criteria);
idmef_criteria_t *  idmef_criteria_ref                  (idmef_criteria_t *criteria);
void                idmef_criteria_destroy              (idmef_criteria_t *criteria);
int                 idmef_criteria_clone                (idmef_criteria_t *src,
                                                         idmef_criteria_t **dst);
int                 idmef_criteria_print                (const idmef_criteria_t *criteria,
                                                         prelude_io_t *fd);
int                 idmef_criteria_to_string            (const idmef_criteria_t *criteria,
                                                         prelude_string_t *out);
prelude_bool_t      idmef_criteria_is_criterion         (const idmef_criteria_t *criteria);
idmef_criterion_t * idmef_criteria_get_criterion        (const idmef_criteria_t *criteria);
void                idmef_criteria_set_criterion        (idmef_criteria_t *criteria,
                                                         idmef_criterion_t *criterion);
void                idmef_criteria_or_criteria          (idmef_criteria_t *criteria,
                                                         idmef_criteria_t *criteria2);
int                 idmef_criteria_and_criteria         (idmef_criteria_t *criteria,
                                                         idmef_criteria_t *criteria2);
int                 idmef_criteria_match                (const idmef_criteria_t *criteria,
                                                         idmef_message_t *message);
idmef_criteria_t *  idmef_criteria_get_or               (const idmef_criteria_t *criteria);
idmef_criteria_t *  idmef_criteria_get_and              (const idmef_criteria_t *criteria);
int                 idmef_criteria_new_from_string      (idmef_criteria_t **criteria,
                                                         const char *str);
prelude_bool_t      idmef_criteria_get_negation         (const idmef_criteria_t *criteria);
void                idmef_criteria_set_negation         (idmef_criteria_t *criteria,
                                                         prelude_bool_t negate);

Description

Details

enum idmef_criterion_operator_t

typedef enum {
        IDMEF_CRITERION_OPERATOR_NOT               = 0x8000,
        IDMEF_CRITERION_OPERATOR_NOCASE            = 0x4000,

        IDMEF_CRITERION_OPERATOR_EQUAL             = 0x0001,
        IDMEF_CRITERION_OPERATOR_EQUAL_NOCASE      = IDMEF_CRITERION_OPERATOR_EQUAL|IDMEF_CRITERION_OPERATOR_NOCASE,
        IDMEF_CRITERION_OPERATOR_NOT_EQUAL         = IDMEF_CRITERION_OPERATOR_NOT|IDMEF_CRITERION_OPERATOR_EQUAL,
        IDMEF_CRITERION_OPERATOR_NOT_EQUAL_NOCASE  = IDMEF_CRITERION_OPERATOR_NOT_EQUAL|IDMEF_CRITERION_OPERATOR_EQUAL_NOCASE,

        IDMEF_CRITERION_OPERATOR_LESSER            = 0x0002,
        IDMEF_CRITERION_OPERATOR_LESSER_OR_EQUAL   = IDMEF_CRITERION_OPERATOR_LESSER|IDMEF_CRITERION_OPERATOR_EQUAL,

        IDMEF_CRITERION_OPERATOR_GREATER           = 0x0004,
        IDMEF_CRITERION_OPERATOR_GREATER_OR_EQUAL  = IDMEF_CRITERION_OPERATOR_GREATER|IDMEF_CRITERION_OPERATOR_EQUAL,

        IDMEF_CRITERION_OPERATOR_SUBSTR            = 0x0008,
        IDMEF_CRITERION_OPERATOR_SUBSTR_NOCASE     = IDMEF_CRITERION_OPERATOR_SUBSTR|IDMEF_CRITERION_OPERATOR_NOCASE,
        IDMEF_CRITERION_OPERATOR_NOT_SUBSTR        = IDMEF_CRITERION_OPERATOR_NOT|IDMEF_CRITERION_OPERATOR_SUBSTR,
        IDMEF_CRITERION_OPERATOR_NOT_SUBSTR_NOCASE = IDMEF_CRITERION_OPERATOR_NOT|IDMEF_CRITERION_OPERATOR_SUBSTR_NOCASE,

        IDMEF_CRITERION_OPERATOR_REGEX             = 0x0010,
        IDMEF_CRITERION_OPERATOR_REGEX_NOCASE      = IDMEF_CRITERION_OPERATOR_REGEX|IDMEF_CRITERION_OPERATOR_NOCASE,
        IDMEF_CRITERION_OPERATOR_NOT_REGEX         = IDMEF_CRITERION_OPERATOR_NOT|IDMEF_CRITERION_OPERATOR_REGEX,
        IDMEF_CRITERION_OPERATOR_NOT_REGEX_NOCASE  = IDMEF_CRITERION_OPERATOR_NOT|IDMEF_CRITERION_OPERATOR_REGEX_NOCASE,

        IDMEF_CRITERION_OPERATOR_NULL              = 0x0020,
        IDMEF_CRITERION_OPERATOR_NOT_NULL          = IDMEF_CRITERION_OPERATOR_NULL|IDMEF_CRITERION_OPERATOR_NOT
} idmef_criterion_operator_t;


idmef_criteria_t

typedef struct idmef_criteria idmef_criteria_t;


idmef_criterion_t

typedef struct idmef_criterion idmef_criterion_t;


idmef_criterion_operator_to_string ()

const char *        idmef_criterion_operator_to_string  (idmef_criterion_operator_t op);

Transforms op to string.

op :

idmef_criterion_operator_t type.

Returns :

A pointer to an operator string or NULL.

idmef_criterion_new ()

int                 idmef_criterion_new                 (idmef_criterion_t **criterion,
                                                         idmef_path_t *path,
                                                         idmef_criterion_value_t *value,
                                                         idmef_criterion_operator_t op);

Creates a new idmef_criterion_t object and store it in criterion. Matching this criterion will result in comparing the object value pointed by path against the provided value, using op.

criterion :

Address where to store the created idmef_criterion_t object.

path :

Pointer to an idmef_path_t object.

value :

Pointer to an idmef_criterion_value_t object.

op :

idmef_criterion_operator_t to use for matching this criterion.

Returns :

0 on success, a negative value if an error occured.

idmef_criterion_destroy ()

void                idmef_criterion_destroy             (idmef_criterion_t *criterion);

Destroys criterion and its content.

criterion :

Pointer to a idmef_criterion_t object.

idmef_criterion_clone ()

int                 idmef_criterion_clone               (const idmef_criterion_t *criterion,
                                                         idmef_criterion_t **dst);

Clones criterion and stores the cloned criterion within dst.

criterion :

Pointer to a idmef_criterion_t object to clone.

dst :

Address where to store the cloned idmef_criterion_t object.

Returns :

0 on success, a negative value if an error occured.

idmef_criterion_print ()

int                 idmef_criterion_print               (const idmef_criterion_t *criterion,
                                                         prelude_io_t *fd);

Dump criterion to fd in the form of: [path] [operator] [value]

Or if there is no value associated with the criterion: [operator] [path]

criterion :

Pointer to a idmef_criterion_t object.

fd :

Pointer to a prelude_io_t object.

Returns :

0 on success, a negative value if an error occured.

idmef_criterion_to_string ()

int                 idmef_criterion_to_string           (const idmef_criterion_t *criterion,
                                                         prelude_string_t *out);

Dump criterion as a string to the out buffer in the form of: [path] [operator] [value]

Or if there is no value associated with the criterion: [operator] [path]

criterion :

Pointer to a idmef_criterion_t object.

out :

Pointer to a prelude_string_t object.

Returns :

0 on success, a negative value if an error occured.

idmef_criterion_get_path ()

idmef_path_t *      idmef_criterion_get_path            (const idmef_criterion_t *criterion);

Used to access the idmef_path_t object associated with criterion.

criterion :

Pointer to a idmef_criterion_t object.

Returns :

the idmef_path_t object associated with criterion.

idmef_criterion_get_value ()

idmef_criterion_value_t * idmef_criterion_get_value     (const idmef_criterion_t *criterion);

Used to access the idmef_criterion_value_t associated with criterion. There might be no value specifically if the provided idmef_criterion_operator_t was IDMEF_CRITERION_OPERATOR_NULL or IDMEF_CRITERION_OPERATOR_NOT_NULL.

criterion :

Pointer to a idmef_criterion_t object.

Returns :

the idmef_criterion_value_t object associated with criterion.

idmef_criterion_get_operator ()

idmef_criterion_operator_t  idmef_criterion_get_operator
                                                        (const idmef_criterion_t *criterion);

Used to access the idmef_criterion_operator_t enumeration associated with criterion.

criterion :

Pointer to a idmef_criterion_t object.

Returns :

the idmef_criterion_operator_t associated with criterion.

idmef_criterion_match ()

int                 idmef_criterion_match               (const idmef_criterion_t *criterion,
                                                         idmef_message_t *message);

Matches message against the provided criterion. This implies retrieving the value associated with criterion path, and matching it with the idmef_criterion_value_t object within criterion.

criterion :

Pointer to a idmef_criterion_t object.

message :

Pointer to a idmef_message_t object to match against criterion.

Returns :

1 for a match, 0 for no match, or a negative value if an error occured.

idmef_criteria_new ()

int                 idmef_criteria_new                  (idmef_criteria_t **criteria);

Creates a new idmef_criteria_t object and store it into criteria.

criteria :

Address where to store the created idmef_criteria_t object.

Returns :

0 on success, a negative value if an error occured.

idmef_criteria_ref ()

idmef_criteria_t *  idmef_criteria_ref                  (idmef_criteria_t *criteria);

Increases criteria reference count.

idmef_criteria_destroy() will decrease the refcount until it reaches 0, at which point criteria will be destroyed.

criteria :

Pointer to a idmef_criteria_t object to reference.

Returns :

criteria.

idmef_criteria_destroy ()

void                idmef_criteria_destroy              (idmef_criteria_t *criteria);

Destroys criteria and its content.

criteria :

Pointer to a idmef_criteria_t object.

idmef_criteria_clone ()

int                 idmef_criteria_clone                (idmef_criteria_t *src,
                                                         idmef_criteria_t **dst);

Clones src and stores the cloned criteria within dst.

src :

Pointer to a idmef_criteria_t object to clone.

dst :

Address where to store the cloned idmef_criteria_t object.

Returns :

0 on success, a negative value if an error occured.

idmef_criteria_print ()

int                 idmef_criteria_print                (const idmef_criteria_t *criteria,
                                                         prelude_io_t *fd);

criteria :

fd :

Returns :


idmef_criteria_to_string ()

int                 idmef_criteria_to_string            (const idmef_criteria_t *criteria,
                                                         prelude_string_t *out);

criteria :

out :

Returns :


idmef_criteria_is_criterion ()

prelude_bool_t      idmef_criteria_is_criterion         (const idmef_criteria_t *criteria);

criteria :

Returns :


idmef_criteria_get_criterion ()

idmef_criterion_t * idmef_criteria_get_criterion        (const idmef_criteria_t *criteria);

criteria :

Returns :


idmef_criteria_set_criterion ()

void                idmef_criteria_set_criterion        (idmef_criteria_t *criteria,
                                                         idmef_criterion_t *criterion);

criteria :

criterion :


idmef_criteria_or_criteria ()

void                idmef_criteria_or_criteria          (idmef_criteria_t *criteria,
                                                         idmef_criteria_t *criteria2);

criteria :

criteria2 :


idmef_criteria_and_criteria ()

int                 idmef_criteria_and_criteria         (idmef_criteria_t *criteria,
                                                         idmef_criteria_t *criteria2);

criteria :

criteria2 :

Returns :


idmef_criteria_match ()

int                 idmef_criteria_match                (const idmef_criteria_t *criteria,
                                                         idmef_message_t *message);

Matches message against the provided criteria.

criteria :

Pointer to a idmef_criteria_t object.

message :

Pointer to a idmef_message_t message.

Returns :

1 if criteria match, 0 if it did not, a negative value if an error occured.

idmef_criteria_get_or ()

idmef_criteria_t *  idmef_criteria_get_or               (const idmef_criteria_t *criteria);

criteria :

Returns :


idmef_criteria_get_and ()

idmef_criteria_t *  idmef_criteria_get_and              (const idmef_criteria_t *criteria);

criteria :

Returns :


idmef_criteria_new_from_string ()

int                 idmef_criteria_new_from_string      (idmef_criteria_t **criteria,
                                                         const char *str);

criteria :

str :

Returns :


idmef_criteria_get_negation ()

prelude_bool_t      idmef_criteria_get_negation         (const idmef_criteria_t *criteria);

criteria :

Returns :


idmef_criteria_set_negation ()

void                idmef_criteria_set_negation         (idmef_criteria_t *criteria,
                                                         prelude_bool_t negate);

criteria :

negate :