66 #ifdef WITH_PLUGIN_SIXT
184 CORSARO_INTERVAL_ALIGN_NO = 0,
185 CORSARO_INTERVAL_ALIGN_YES = 1,
186 CORSARO_INTERVAL_ALIGN_DEFAULT = CORSARO_INTERVAL_ALIGN_NO,
358 const char *plugin_args);
Structure representing the start or end of an interval.
corsaro_in_t * corsaro_alloc_input(const char *corsarouri)
Allocate an corsaro object for reading an corsaro file.
The start of a plugin data section.
corsaro_t * corsaro_alloc_output(char *template, corsaro_file_mode_t mode)
Allocate an corsaro object.
Structure representing the start or end of a plugin data block.
int corsaro_enable_plugin(corsaro_t *corsaro, const char *plugin_name, const char *plugin_args)
Attempt to enable a plugin using the given plugin name.
A reusable opaque structure for corsaro to read an input record into.
off_t corsaro_in_read_record(corsaro_in_t *corsaro, corsaro_in_record_type_t *record_type, corsaro_in_record_t *record)
Read the next corsaro record from the given corsaro input file.
int corsaro_per_packet(corsaro_t *corsaro, libtrace_packet_t *packet)
Perform corsaro processing on a given libtrace packet.
void corsaro_disable_logfile(corsaro_t *corsaro)
Accessor function to disable logging to a file.
int corsaro_finalize_output(corsaro_t *corsaro)
Write the final interval and free resources allocated by corsaro.
void corsaro_set_output_rotation(corsaro_t *corsaro, int intervals)
Accessor function to set the rotation frequency of output files.
const char * corsaro_get_monitorname(corsaro_t *corsaro)
Accessor function to get the monitor name string.
static libtrace_packet_t * packet
A pointer to a libtrace packet.
A lightweight wrapper around a libtrace packet.
int corsaro_is_rotate_interval(corsaro_t *corsaro)
Convenience function to determine if the output files should be rotated.
Represents the start record of a flowtuple class.
corsaro_in_record_type
Corsaro input record types.
Structure representing a corsaro file trailer.
int corsaro_set_trace(corsaro_t *corsaro, libtrace_t *trace)
Accessor function to set the trace pointer.
enum corsaro_interval_align corsaro_interval_align_t
Settings for interval alignment.
The corsaro_flowtuple flowtuple record.
Represents the end record of a flowtuple class.
uint64_t corsaro_get_dropped_packets(corsaro_t *corsaro)
Accessor function to get the number of dropped packets in this interval.
void corsaro_disable_globalfile(corsaro_t *corsaro)
Accessor function to disable the global metadata file.
static int interval
The amount of time to wait until we dump the hash.
int corsaro_finalize_input(corsaro_in_t *corsaro)
Close the input file and free resources allocated by corsaro.
static corsaro_in_record_t * record
A pointer to a corsaro record.
The overall corsaro trailer (currently only in global)
void corsaro_set_interval(corsaro_t *corsaro, unsigned int interval)
Accessor function to set the interval length.
corsaro_file_mode
Enum of supported file modes.
Pseudo IO mode which allows trace files to be written.
enum corsaro_file_compress corsaro_file_compress_t
Supported compression types (must be kept in sync with wandio)
The corsaro_flowtuple flowtuple classification type end record.
static libtrace_t * trace
A pointer to a libtrace object.
int corsaro_start_input(corsaro_in_t *corsaro)
Initialize an corsaro input object that has already been allocated.
Represents the eight important fields in the ip header that we will use to 'uniquely' identify a pack...
void corsaro_in_free_record(corsaro_in_record_t *record)
Free an corsaro record object.
The end of a plugin data section.
The corsaro_flowtuple flowtuple classification type start record.
uint64_t corsaro_get_accepted_packets(corsaro_t *corsaro)
Accessor function to get the number of accepted packets in this interval.
The start of an interval.
The overall corsaro header (currently only in global)
The corsaro_dos attack vector record.
The corsaro_dos global header record.
corsaro_in_record_t * corsaro_in_alloc_record(corsaro_in_t *corsaro)
Allocate a reusable corsaro record object.
The corsaro_dos header record.
int corsaro_set_monitorname(corsaro_t *corsaro, char *name)
Accessor function to set the monitor name.
Corsaro state for a packet.
void corsaro_free_plugin_names(char **plugin_names, int plugin_cnt)
Free the array of plugin names returned by corsaro_get_plugin_names.
const char * corsaro_get_traceuri(corsaro_t *corsaro)
Accessor function to get the trace uri string.
int corsaro_start_output(corsaro_t *corsaro)
Initialize an corsaro object that has already been allocated.
The null type used for wildcard matching.
Internal type for directing read requests.
int corsaro_get_plugin_names(char ***plugin_names)
Return an array of the names of plugins which are compiled into corsaro.
corsaro_file_compress
Supported compression types (must be kept in sync with wandio)
corsaro_interval_align
Settings for interval alignment.
enum corsaro_file_mode corsaro_file_mode_t
Enum of supported file modes.
int corsaro_set_traceuri(corsaro_t *corsaro, char *traceuri)
Accessor function to set the trace uri string.
enum corsaro_in_record_type corsaro_in_record_type_t
Corsaro input record types.
void * corsaro_in_get_record_data(corsaro_in_record_t *record)
Get a pointer data in a record.
void corsaro_set_interval_alignment(corsaro_t *corsaro, corsaro_interval_align_t interval_align)
Accessor function to enable/disable the alignment of the initial interval.
void corsaro_set_meta_output_rotation(corsaro_t *corsaro, int intervals)
Accessor function to set the rotation frequency of meta output files.
int corsaro_per_record(corsaro_t *corsaro, corsaro_in_record_type_t type, corsaro_in_record_t *record)
Perform corsaro processing on a given corsaro record.
![[CAIDA - Center for Applied Internet Data Analysis logo]](https://www.caida.org/images/caida_globe_faded.png)
![[CAIDA]](https://www.caida.org/images/caida_whitewords.png "Go to CAIDA home page"){kind=small}