From f35fbb2b5fc554a717d0a69326c0994a027e8283 Mon Sep 17 00:00:00 2001 From: Andreas Steffen Date: Wed, 19 Jul 2017 13:22:10 +0200 Subject: sw-collector: sw-collector.first_file setting retrieves creation date from file stats --- conf/options/sw-collector.opt | 3 +++ src/sw-collector/sw_collector_db.c | 51 ++++++++++++++++++++++++++++++++++++-- 2 files changed, 52 insertions(+), 2 deletions(-) diff --git a/conf/options/sw-collector.opt b/conf/options/sw-collector.opt index cf4ce362a..dff571630 100644 --- a/conf/options/sw-collector.opt +++ b/conf/options/sw-collector.opt @@ -10,6 +10,9 @@ sw-collector.database = sw-collector.history = Path pointing to apt history.log file. +sw-collector.first_file = /var/log/bootstrap.log + Path pointing to file created when the Linux OS was installed. + sw-collector.first_time = 0000-00-00T00:00:00Z Time in UTC when the Linux OS was installed. diff --git a/src/sw-collector/sw_collector_db.c b/src/sw-collector/sw_collector_db.c index 6f14818e6..44505da94 100644 --- a/src/sw-collector/sw_collector_db.c +++ b/src/sw-collector/sw_collector_db.c @@ -13,6 +13,12 @@ * for more details. */ +#define _GNU_SOURCE +#include +#include +#include +#include + #include "sw_collector_db.h" #include "swima/swima_event.h" @@ -305,6 +311,33 @@ METHOD(sw_collector_db_t, destroy, void, free(this); } +/** + * Determine file creation data and convert it into RFC 3339 format + */ +bool get_file_creation_date(char *pathname, char *timestamp) +{ + struct stat st; + struct tm ct; + + if (stat(pathname, &st)) + { + DBG1(DBG_IMC, "unable to obtain statistics on '%s'", pathname); + return FALSE; + } + + /* Convert from local time to UTC */ + gmtime_r(&st.st_mtime, &ct); + ct.tm_year += 1900; + ct.tm_mon += 1; + + /* Form timestamp according to RFC 3339 (20 characters) */ + snprintf(timestamp, 21, "%4d-%02d-%02dT%02d:%02d:%02dZ", + ct.tm_year, ct.tm_mon, ct.tm_mday, + ct.tm_hour, ct.tm_min, ct.tm_sec); + + return TRUE; +} + /** * Described in header. */ @@ -312,7 +345,7 @@ sw_collector_db_t *sw_collector_db_create(char *uri) { private_sw_collector_db_t *this; uint32_t first_eid, last_eid; - char *first_time; + char first_time_buf[21], *first_time, *first_file; INIT(this, .public = { @@ -363,9 +396,23 @@ sw_collector_db_t *sw_collector_db_create(char *uri) this->epoch &= 0x7fffffff; /* Create first event when the OS was installed */ + first_file = lib->settings->get_str(lib->settings, + "sw-collector.first_file", "/var/log/bootstrap.log"); first_time = lib->settings->get_str(lib->settings, - "sw-collector.first_time", "0000-00-00T00:00:00Z"); + "sw-collector.first_time", NULL); + if (!first_time) + { + if (get_file_creation_date(first_file, first_time_buf)) + { + first_time = first_time_buf; + } + else + { + first_time = "0000-00-00T00:00:00Z"; + } + } first_eid = add_event(this, first_time); + if (!first_eid) { destroy(this); -- cgit v1.2.3