23. Logs, Warnings and the Log Module

23.1. What and How

All paths in this section are relative to <sids_root>.

Each module uses an instance of a log-object from the Perl module /src/Log.pm to output results: in most cases, results are logged to both the corresponding local log file in /var/log/<module_name>.log and to the system logs via Sys::Syslog, to the local7 facility.

23.2. Miscellaneous Points of Note

23.3. Configuration and Rotation

All logs written through this log are rotated — rotation period is set in Modules_Config.pm.

23.4. Warnings

Warnings in Cheesewire refer to possible or probable issues with the monitoring itself, not intrusion-related information. Messages appear in

    <sids_root>/var/log/WARNINGS

23.5. Subroutines

The following routines are available:

    append
    flush
    append_flush
        # ...append string to buffered log, flush buffer, append with flush;

    append_echo
    warn
    append_echo_warn
        # ...append string to buffered log with copy to stdout;  output
        #    string to warnings log;  append string and copy to stdout
        #    and warnings log;    

    indent
    un_indent
    output_title
        # ...very simple formatting routines...

    output_hash
    output_array
        # ...slightly higher-level routines which output the contents of 
        #    a hash or array, with a title, appropriate indentation, etc...


...previouscont's...



About this document:

Produced from the SGML: /home/isd/public_html/_cheesewire/_reml_grp/index.reml
On: 4/9/2006 at 17:35:44
Options: reml2 -i noindex -l long -o html -p multiple