loggers: simplify structed data conversions

 - unify conversion for rfc3164 and rfc5424 formats.

Author: gustavo-iniguez-goya

daemon/log/formats/formats.go

@@ -4,6 +4,10 @@ import (
 	"log/syslog"
 	"os"
 	"strconv"
+	"strings"
+
+	"github.com/evilsocket/opensnitch/daemon/core"
+	"github.com/evilsocket/opensnitch/daemon/ui/protocol"
 )
 
 // LoggerFormat is the common interface that every format must meet.
@@ -23,3 +27,36 @@ func init() {
 	ourPid = strconv.FormatUint(uint64(os.Getpid()), 10)
 	syslogLevel = strconv.FormatUint(uint64(syslog.LOG_NOTICE|syslog.LOG_DAEMON), 10)
 }
+
+// transform protocol.Connection to Structured Data format.
+func connToSD(out string, val interface{}) string {
+	checksums := ""
+	tree := ""
+	con := val.(*protocol.Connection)
+
+	for k, v := range con.ProcessChecksums {
+		checksums = core.ConcatStrings(checksums, k, ":", v)
+	}
+	for _, y := range con.ProcessTree {
+		tree = core.ConcatStrings(tree, y.Key, ",")
+	}
+
+	// TODO: allow to configure this via configuration file.
+	return core.ConcatStrings(out,
+		" SRC=\"", con.SrcIp, "\"",
+		" SPT=\"", strconv.FormatUint(uint64(con.SrcPort), 10), "\"",
+		" DST=\"", con.DstIp, "\"",
+		" DSTHOST=\"", con.DstHost, "\"",
+		" DPT=\"", strconv.FormatUint(uint64(con.DstPort), 10), "\"",
+		" PROTO=\"", con.Protocol, "\"",
+		" PID=\"", strconv.FormatUint(uint64(con.ProcessId), 10), "\"",
+		" UID=\"", strconv.FormatUint(uint64(con.UserId), 10), "\"",
+		//" COMM=", con.ProcessComm, "\"",
+		" PATH=\"", con.ProcessPath, "\"",
+		" CMDLINE=\"", strings.Join(con.ProcessArgs, " "), "\"",
+		" CWD=\"", con.ProcessCwd, "\"",
+		" CHECKSUMS=\"", checksums, "\"",
+		" PROCTREE=\"", tree, "\"",
+		// TODO: envs
+	)
+}

daemon/log/formats/rfc3164.go

@@ -2,11 +2,8 @@ package formats
 
 import (
 	"fmt"
-	"strconv"
-	"strings"
 	"time"
 
-	"github.com/evilsocket/opensnitch/daemon/core"
 	"github.com/evilsocket/opensnitch/daemon/ui/protocol"
 )
 
@@ -38,32 +35,7 @@ func (r *Rfc3164) Transform(args ...interface{}) (out string) {
 	for n, val := range values {
 		switch val.(type) {
 		case *protocol.Connection:
-			checksums := ""
-			tree := ""
-			con := val.(*protocol.Connection)
-
-			for k, v := range con.ProcessChecksums {
-				checksums = core.ConcatStrings(checksums, k, ":", v)
-			}
-			for _, y := range con.ProcessTree {
-				tree = core.ConcatStrings(tree, y.Key, ",")
-			}
-			out = core.ConcatStrings(out,
-				" SRC=\"", con.SrcIp, "\"",
-				" SPT=\"", strconv.FormatUint(uint64(con.SrcPort), 10), "\"",
-				" DST=\"", con.DstIp, "\"",
-				" DSTHOST=\"", con.DstHost, "\"",
-				" DPT=\"", strconv.FormatUint(uint64(con.DstPort), 10), "\"",
-				" PROTO=\"", con.Protocol, "\"",
-				" PID=\"", strconv.FormatUint(uint64(con.ProcessId), 10), "\"",
-				" UID=\"", strconv.FormatUint(uint64(con.UserId), 10), "\"",
-				//" COMM=", con.ProcessComm, "\"",
-				" PATH=\"", con.ProcessPath, "\"",
-				" CMDLINE=\"", strings.Join(con.ProcessArgs, " "), "\"",
-				" CWD=\"", con.ProcessCwd, "\"",
-				" CHECKSUMS=\"", checksums, "\"",
-				" PROCTREE=\"", tree, "\"",
-			)
+			out = connToSD(out, val)
 		default:
 			out = fmt.Sprint(out, " ARG", n, "=\"", val, "\"")
 		}

daemon/log/formats/rfc5424.go

@@ -2,11 +2,8 @@ package formats
 
 import (
 	"fmt"
-	"strconv"
-	"strings"
 	"time"
 
-	"github.com/evilsocket/opensnitch/daemon/core"
 	"github.com/evilsocket/opensnitch/daemon/ui/protocol"
 )
 
@@ -40,35 +37,8 @@ func (r *Rfc5424) Transform(args ...interface{}) (out string) {
 	for n, val := range values {
 		switch val.(type) {
 		case *protocol.Connection:
-			tree := ""
-			checksums := ""
-			con := val.(*protocol.Connection)
 			event = "CONNECTION"
-
-			for k, v := range con.ProcessChecksums {
-				checksums = core.ConcatStrings(checksums, k, ":", v)
-			}
-			for _, y := range con.ProcessTree {
-				tree = core.ConcatStrings(tree, y.Key, ",")
-			}
-
-			// TODO: allow to configure this via configuration file.
-			out = core.ConcatStrings(out,
-				" SRC=\"", con.SrcIp, "\"",
-				" SPT=\"", strconv.FormatUint(uint64(con.SrcPort), 10), "\"",
-				" DST=\"", con.DstIp, "\"",
-				" DSTHOST=\"", con.DstHost, "\"",
-				" DPT=\"", strconv.FormatUint(uint64(con.DstPort), 10), "\"",
-				" PROTO=\"", con.Protocol, "\"",
-				" PID=\"", strconv.FormatUint(uint64(con.ProcessId), 10), "\"",
-				" UID=\"", strconv.FormatUint(uint64(con.UserId), 10), "\"",
-				//" COMM=", con.ProcessComm, "\"",
-				" PATH=\"", con.ProcessPath, "\"",
-				" CMDLINE=\"", strings.Join(con.ProcessArgs, " "), "\"",
-				" CWD=\"", con.ProcessCwd, "\"",
-				" CHECKSUMS=\"", checksums, "\"",
-				" PROCTREE=\"", tree, "\"",
-			)
+			out = connToSD(out, val)
 		default:
 			out = fmt.Sprint(out, " ARG", n, "=\"", val, "\"")
 		}