\hypertarget{alert__parser_8c}{ \section{alert\_\-parser.c File Reference} \label{alert__parser_8c}\index{alert\_\-parser.c@{alert\_\-parser.c}} } {\ttfamily \#include \char`\"{}spp\_\-ai.h\char`\"{}}\par {\ttfamily \#include $<$stdio.h$>$}\par {\ttfamily \#include $<$unistd.h$>$}\par {\ttfamily \#include $<$time.h$>$}\par {\ttfamily \#include $<$sys/inotify.h$>$}\par {\ttfamily \#include $<$sys/stat.h$>$}\par \subsection*{Functions} \begin{DoxyCompactItemize} \item void $\ast$ \hyperlink{alert__parser_8c_ad68c45b5846743a54ad3fa92c8e48f8a}{AI\_\-alertparser\_\-thread} (void $\ast$arg) \begin{DoxyCompactList}\small\item\em Thread for parsing Snort's alert file. \item\end{DoxyCompactList}\item PRIVATE \hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$ \hyperlink{alert__parser_8c_a6c5014cae9155379fdc4db649b2c862d}{\_\-AI\_\-copy\_\-alerts} (\hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$node) \begin{DoxyCompactList}\small\item\em Create a copy of the alert log struct (this is done for leaving the alert log structure in this file as read-\/only). \item\end{DoxyCompactList}\item \hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$ \hyperlink{alert__parser_8c_a99474495643197b3075ac22ec6f6c70f}{AI\_\-get\_\-alerts} () \begin{DoxyCompactList}\small\item\em Return the alerts parsed so far as a linked list. \item\end{DoxyCompactList}\item void \hyperlink{alert__parser_8c_a270e86669a0aa64a8da37bc16cda645b}{AI\_\-free\_\-alerts} (\hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$node) \begin{DoxyCompactList}\small\item\em Deallocate the memory of a log alert linked list. \item\end{DoxyCompactList}\end{DoxyCompactItemize} \subsection*{Variables} \begin{DoxyCompactItemize} \item PRIVATE \hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$ \hyperlink{alert__parser_8c_ae837fc04e61c0eb052f997c54b4fd9fe}{alerts} = NULL \item PRIVATE FILE $\ast$ \hyperlink{alert__parser_8c_abee2a33368912d9288c76b51160a9ed6}{alert\_\-fp} = NULL \end{DoxyCompactItemize} \subsection{Function Documentation} \hypertarget{alert__parser_8c_a6c5014cae9155379fdc4db649b2c862d}{ \index{alert\_\-parser.c@{alert\_\-parser.c}!\_\-AI\_\-copy\_\-alerts@{\_\-AI\_\-copy\_\-alerts}} \index{\_\-AI\_\-copy\_\-alerts@{\_\-AI\_\-copy\_\-alerts}!alert_parser.c@{alert\_\-parser.c}} \subsubsection[{\_\-AI\_\-copy\_\-alerts}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE {\bf AI\_\-snort\_\-alert}$\ast$ \_\-AI\_\-copy\_\-alerts ( \begin{DoxyParamCaption} \item[{{\bf AI\_\-snort\_\-alert} $\ast$}]{ node} \end{DoxyParamCaption} )}} \label{alert__parser_8c_a6c5014cae9155379fdc4db649b2c862d} Create a copy of the alert log struct (this is done for leaving the alert log structure in this file as read-\/only). FUNCTION: \_\-AI\_\-copy\_\-alerts \begin{DoxyParams}{Parameters} \item[{\em node}]Starting node (used for the recursion) \end{DoxyParams} \begin{DoxyReturn}{Returns} A copy of the alert log linked list \end{DoxyReturn} \hypertarget{alert__parser_8c_ad68c45b5846743a54ad3fa92c8e48f8a}{ \index{alert\_\-parser.c@{alert\_\-parser.c}!AI\_\-alertparser\_\-thread@{AI\_\-alertparser\_\-thread}} \index{AI\_\-alertparser\_\-thread@{AI\_\-alertparser\_\-thread}!alert_parser.c@{alert\_\-parser.c}} \subsubsection[{AI\_\-alertparser\_\-thread}]{\setlength{\rightskip}{0pt plus 5cm}void$\ast$ AI\_\-alertparser\_\-thread ( \begin{DoxyParamCaption} \item[{void $\ast$}]{ arg} \end{DoxyParamCaption} )}} \label{alert__parser_8c_ad68c45b5846743a54ad3fa92c8e48f8a} Thread for parsing Snort's alert file. FUNCTION: AI\_\-alertparser\_\-thread \begin{DoxyParams}{Parameters} \item[{\em arg}]void$\ast$ pointer to module's configuration \end{DoxyParams} \hypertarget{alert__parser_8c_a270e86669a0aa64a8da37bc16cda645b}{ \index{alert\_\-parser.c@{alert\_\-parser.c}!AI\_\-free\_\-alerts@{AI\_\-free\_\-alerts}} \index{AI\_\-free\_\-alerts@{AI\_\-free\_\-alerts}!alert_parser.c@{alert\_\-parser.c}} \subsubsection[{AI\_\-free\_\-alerts}]{\setlength{\rightskip}{0pt plus 5cm}void AI\_\-free\_\-alerts ( \begin{DoxyParamCaption} \item[{{\bf AI\_\-snort\_\-alert} $\ast$}]{ node} \end{DoxyParamCaption} )}} \label{alert__parser_8c_a270e86669a0aa64a8da37bc16cda645b} Deallocate the memory of a log alert linked list. FUNCTION: AI\_\-free\_\-alerts \begin{DoxyParams}{Parameters} \item[{\em node}]Linked list to be freed \end{DoxyParams} \hypertarget{alert__parser_8c_a99474495643197b3075ac22ec6f6c70f}{ \index{alert\_\-parser.c@{alert\_\-parser.c}!AI\_\-get\_\-alerts@{AI\_\-get\_\-alerts}} \index{AI\_\-get\_\-alerts@{AI\_\-get\_\-alerts}!alert_parser.c@{alert\_\-parser.c}} \subsubsection[{AI\_\-get\_\-alerts}]{\setlength{\rightskip}{0pt plus 5cm}{\bf AI\_\-snort\_\-alert}$\ast$ AI\_\-get\_\-alerts ( \begin{DoxyParamCaption} \item[{void}]{} \end{DoxyParamCaption} )}} \label{alert__parser_8c_a99474495643197b3075ac22ec6f6c70f} Return the alerts parsed so far as a linked list. FUNCTION: AI\_\-get\_\-alerts \begin{DoxyReturn}{Returns} An AI\_\-snort\_\-alert pointer identifying the list of alerts \end{DoxyReturn} \subsection{Variable Documentation} \hypertarget{alert__parser_8c_abee2a33368912d9288c76b51160a9ed6}{ \index{alert\_\-parser.c@{alert\_\-parser.c}!alert\_\-fp@{alert\_\-fp}} \index{alert\_\-fp@{alert\_\-fp}!alert_parser.c@{alert\_\-parser.c}} \subsubsection[{alert\_\-fp}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE FILE$\ast$ {\bf alert\_\-fp} = NULL}} \label{alert__parser_8c_abee2a33368912d9288c76b51160a9ed6} \hypertarget{alert__parser_8c_ae837fc04e61c0eb052f997c54b4fd9fe}{ \index{alert\_\-parser.c@{alert\_\-parser.c}!alerts@{alerts}} \index{alerts@{alerts}!alert_parser.c@{alert\_\-parser.c}} \subsubsection[{alerts}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE {\bf AI\_\-snort\_\-alert}$\ast$ {\bf alerts} = NULL}} \label{alert__parser_8c_ae837fc04e61c0eb052f997c54b4fd9fe}