network.detectors
Class FileChangedEventDetector
java.lang.Object
|
+--network.detectors.EventDetector
|
+--network.detectors.FileChangedEventDetector
- All Implemented Interfaces:
- java.lang.Runnable, java.io.Serializable
- public class FileChangedEventDetector
- extends EventDetector
- implements java.io.Serializable
- See Also:
- Serialized Form
|
Field Summary |
private java.sql.Connection |
dbEvent
|
(package private) java.io.BufferedReader |
dbFileReader
|
(package private) java.lang.String |
dbpasswd1
|
(package private) java.lang.String |
dbpasswd2
|
private java.sql.Connection |
dbSignature
|
(package private) java.lang.String |
dburl1
|
(package private) java.lang.String |
dburl2
|
(package private) java.lang.String |
dbuser1
|
(package private) java.lang.String |
dbuser2
|
private java.lang.String[] |
defaultLocalTriggeringEvents
|
(package private) int |
eq_pos
|
(package private) java.lang.String |
line
|
private java.util.Hashtable |
list
|
(package private) java.lang.String |
param
|
(package private) java.lang.String |
val
|
| Fields inherited from class network.detectors.EventDetector |
agentURN, attempts, cred, dbModule, eventIDGenerator, eventTable, host, localTriggeringEvents, printRunningThreadsFlag, remoteTriggeringEvents, reportTable |
|
Method Summary |
java.util.Vector |
check(java.util.Vector Signatures)
This method is for comparing the files after the monitor Agent sends the FileSign vector |
network.events.FileChangedEvent |
compare(network.detectors.util.FileName fn,
network.detectors.util.FileSign fs,
network.detectors.util.FileSign fsign,
java.lang.String hname)
Compare the received file signature with the one in the database. |
private void |
constructquery()
This function sets dbEvent and dbSignature to be the proper databases, dbEvent and dbSignature
are both queriable after this function returns. |
java.util.Vector |
generateEvent(network.events.Event triggeredEvent)
|
java.lang.String |
getGeneratingEventClassName()
|
| Methods inherited from class network.detectors.EventDetector |
getAlarmLevel, getAlertLevel, getLocalTriggeringEventClassNames, getRemoteTriggeringEventClassNames, getSynchronizer, InitializeFields, modifyDetector, populatePatterns, printRunningThreads, run, setAgentURN, setAlarmLevel, setAlertLevel, setDB, setEventIDGenerator, setEventTable, setLocalTriggeringEvents, setRemoteTriggeringEvents, setReportTable, stopDetector, switchOffPrintRunningThreads |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
list
private java.util.Hashtable list
dbEvent
private java.sql.Connection dbEvent
dbSignature
private java.sql.Connection dbSignature
dburl1
java.lang.String dburl1
dburl2
java.lang.String dburl2
dbuser1
java.lang.String dbuser1
dbuser2
java.lang.String dbuser2
dbpasswd1
java.lang.String dbpasswd1
dbpasswd2
java.lang.String dbpasswd2
line
java.lang.String line
param
java.lang.String param
val
java.lang.String val
eq_pos
int eq_pos
dbFileReader
transient java.io.BufferedReader dbFileReader
defaultLocalTriggeringEvents
private java.lang.String[] defaultLocalTriggeringEvents
FileChangedEventDetector
public FileChangedEventDetector(ConfigObject configObj)
FileChangedEventDetector
public FileChangedEventDetector(java.lang.String input,
ConfigObject configObj)
- Parameters:
input - a string that contains the dburl, dbuser, and dbpassword of the sign and event databasesconfigObj -
FileChangedEventDetector
public FileChangedEventDetector(java.util.Vector localtriggeringEventClassNames,
java.util.Vector remotetriggeringEventClassNames,
ConfigObject configObj)
constructquery
private void constructquery()
- This function sets dbEvent and dbSignature to be the proper databases, dbEvent and dbSignature
are both queriable after this function returns.
- Returns:
- void sets dbEvent and dbSignature
getGeneratingEventClassName
public java.lang.String getGeneratingEventClassName()
- Specified by:
getGeneratingEventClassName in class EventDetector
- Returns:
generateEvent
public java.util.Vector generateEvent(network.events.Event triggeredEvent)
- Specified by:
generateEvent in class EventDetector
- Parameters:
triggeredEvent -
- Returns:
check
public java.util.Vector check(java.util.Vector Signatures)
throws java.rmi.RemoteException
- This method is for comparing the files after the monitor Agent sends the FileSign vector
- Parameters:
Signatures - a vector of file signatures.
- Returns:
- a vector possibly containing a FileChangedEvent
java.rmi.RemoteException
compare
public network.events.FileChangedEvent compare(network.detectors.util.FileName fn,
network.detectors.util.FileSign fs,
network.detectors.util.FileSign fsign,
java.lang.String hname)
- Compare the received file signature with the one in the database.
FileChangedEvents are generated based on whether or not fs's signature differs from fsign's. If the event
is generated it must go through more checks to see if it should be readded to the events database. The event
is readded if any of its signature (except the timestamp) differs from the result of a query on the events database.
- Parameters:
fn - a FileName object for the current filename (stores information about what in the file's
signature we should checkfs - a FileSign object that we wish to checkfsign - a FileSign object that we check against (a FileSign version of this file's entry in the sign database)hname - a string that is the hostname
- Returns:
- null if we did not generate a FileChangedEvent or a FileChangedEvent if we generated one