llower services
monitor the log files and if they come across an item of interest, they create a JSON-representation of the event and
write it to /var/lib/spoor/parsed.
The transmitter service monit changes and sends these to the Spoor API. If a transmission
recives a response of HTTP 202, the JSON file is moved to /var/lib/spoor/transmitted, otherwise it remains in /var/lib/spoor/parsed and
thpackage App::Spoor::OutputFormatter;
use v5.10;
use strict;
use warnings;
use JSON;
use Text::CSV;
use Date::Format;
=head1 NAME
App::Spoor::OutputFormatter
=head1 VERSION
Version 0.08
=cut
ourpackage App::Spoor::EntryTransmitter;
use v5.10;
use strict;
use warnings;
use JSON;
use MIME::Base64 qw(encode_base64);
=head1 NAME
App::Spoor::EntryTransmitter
=head1 VERSION
Version 0.01
=cut{credentials}{api_identifier} . ':' . $config->{credentials}{api_secret}
);
my $content = to_json({
report => {
entries => [
$data
],
metadata => {
reporter ter}
}
},
});
my $result = $ua->post(
$uri,
'Content-Type' => 'application/json',
'Authorization' => $credentials,
'Content' => $content
);
$result->code() eq '202'nts {
my $contents = <<'END_MESSAGE';
package SpoorForwardHook;
use strict;
use warnings;
use JSON;
use Cpanel::Logger;
my $logger = Cpanel::Logger->new();
sub describe {
my $uapi_add = {
}
sub write_forward_added {
my ( $context, $data ) = @_;
my %message = (
message => to_json($data),
service => 'spoor_forward_added',
output => 1,
backtrace => 0,
level => '
sub write_forward_removed {
my ( $context, $data ) = @_;
my %message = (
message => to_json($data),
service => 'spoor_forward_removed',
output => 1,
backtrace => 0,
level =>utf8;
use JSON;
use File::Touch;
=head1 NAME
App::Spoor::ParsedEntryWriter
=head1 VERSION
Version 0.01
=cut
our $VERSION = '0.01';
=head1 SYNOPSIS
Writes a parsed log entry as json to a file rite_parsed_entry
For parsed entries that meet the criteria, this subroutine writes the entry as JSON to a file located in /var/lib/spoor/parsed.
Currently the criteria only allows for parsed entrieilbox context.
=back
The created filenames adhere to the pattern "type.timestamp.random_element.json", where 'type' would be the type of log
that produced the entry ('login', 'access', 'error'), 'tiif the event is 'unrecognised'.
=back
=cut
sub parse {
use DateTime::Format::Strptime;
use JSON;
my $log_entry = shift;
my $date_parser = DateTime::Format::Strptime->new(pattern => '%Y-%m-\s
info\s
\[spoor_forward_added\]\s
(?<data>{.+})
\Z
/x) {
$data_ref = from_json($+{data});
$timestamp = $date_parser->parse_datetime($+{timestamp})->epoch();
if ($data_package App::Spoor::ApiClient;
use v5.10;
use strict;
use warnings;
use JSON;
use PHP::HTTPBuildQuery qw(http_build_query);
use MIME::Base64 qw(encode_base64);
=head1 NAME
App::Spoor::ApiClient
=ht->get(
$uri,
'Authorization' => $credentials,
'HTTP-Accept' => 'application/json'
);
from_json($response->content)->{reports};
}
=head2 most_recent_mailbox_events
Fetches the most t->get(
$uri,
'Authorization' => $credentials,
'HTTP-Accept' => 'application/json'
);
from_json($response->content)->{mailbox_events};
}
=head1 AUTHOR
Rory McKinley, C<< <rorymckinl
use strict;
use warnings;
use File::Spec;
use File::Copy qw(move);
use Path::Tiny qw(path);
use JSON;
=head1 NAME
App::Spoor::ParsedFileManager
=head1 VERSION
Version 0.06
=cut
our $VERSION = ss|login)\.\d+\.\d+\.json)\z/ } readdir $parsed_entries_dir;
foreach my $file_name (@file_names) {
# Untaint
if ($file_name =~ /\A((error|access|login)\.\d+\.\d+\.json)\z/) {
my $san_file_name);
if ($file_security_check->($source_file_path)) {
$file_contents = from_json(path($source_file_path)->slurp_utf8());
if ($transmitter->($file_contents)) {