include/razorback/api.h File Reference

Razorback API. More...

#include <razorback/visibility.h>
#include <razorback/types.h>
#include <razorback/queue.h>
#include <razorback/message_formats.h>
#include <razorback/lock.h>
#include <razorback/thread.h>
Include dependency graph for api.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  RazorbackInspectionHooks
 Inspection Nugget Hooks. More...
struct  RazorbackOutputHooks
 Output nugget hooks. More...
struct  RazorbackCommandAndControlHooks
 Command and control hooks. More...
struct  RazorbackContext
 API Context. More...
struct  RazorbackContext::Inspector
 Inspector specific data. More...
struct  RazorbackContext::Output
 Output specific data. More...
struct  RazorbackContext::Dispatcher
 Dispatcher specific data. More...

Defines

#define DECL_INSPECTION_FUNC(a)   uint8_t a (struct Block *block, struct EventId *eventId, struct List *eventMetadata, void *threadData)
#define DECL_NUGGET_INIT   bool initNug(void)
#define DECL_NUGGET_THREAD_INIT(a)   bool a (void ** threadData)
#define DECL_NUGGET_THREAD_CLEANUP(a)   void a (void * threadData)
#define DECL_NUGGET_SHUTDOWN   void shutdownNug(void)
#define DECL_ALERT_PRIMARY_FUNC(a)   bool a (struct MessageAlertPrimary *message)
#define DECL_ALERT_CHILD_FUNC(a)   bool a (struct MessageAlertChild *message)
#define DECL_OUTPUT_EVENT_FUNC(a)   bool a (struct MessageOutputEvent *message)
#define DECL_OUTPUT_LOG_FUNC(a)   bool a (struct MessageOutputLog *message)
#define CONTEXT_FLAG_STAND_ALONE   0x00000001
#define RZB_Register_Collector   Razorback_Init_Collection_Context
#define RZB_DataBlock_Create   BlockPool_CreateItem
#define RZB_DataBlock_Add_Data   BlockPool_AddData
#define RZB_DataBlock_Set_Type   BlockPool_SetItemDataType
#define RZB_DataBlock_Finalize   BlockPool_FinalizeItem
#define RZB_DataBlock_Metadata_Filename(block, filename)   Metadata_Add_Filename(block->pEvent->pMetaDataList, filename)
#define RZB_DataBlock_Metadata_Hostname(block, hostname)   Metadata_Add_Hostname(block->pEvent->pMetaDataList, hostname)
#define RZB_DataBlock_Metadata_URI(block, uri)   Metadata_Add_URI(block->pEvent->pMetaDataList, uri)
#define RZB_DataBlock_Metadata_HttpRequest(block, request)   Metadata_Add_HttpRequest(block->pEvent->pMetaDataList, request)
#define RZB_DataBlock_Metadata_HttpResponse(block, response)   Metadata_Add_HttpResponse(block->pEvent->pMetaDataList, response)
#define RZB_DataBlock_Metadata_HttpResponse(block, response)   Metadata_Add_HttpResponse(block->pEvent->pMetaDataList, response)
#define RZB_DataBlock_Metadata_IPv4_Source(block, address)   Metadata_Add_IPv4_Source(block->pEvent->pMetaDataList, address)
#define RZB_DataBlock_Metadata_IPv4_Destination(block, address)   Metadata_Add_IPv4_Destination(block->pEvent->pMetaDataList, address)
#define RZB_DataBlock_Metadata_IPv6_Source(block, address)   Metadata_Add_IPv6_Source(block->pEvent->pMetaDataList, address)
#define RZB_DataBlock_Metadata_IPv6_Destination(block, address)   Metadata_Add_IPv6_Destination(block->pEvent->pMetaDataList, address)
#define RZB_DataBlock_Metadata_Port_Source(block, port)   Metadata_Add_Port_Source(block->pEvent->pMetaDataList, port)
#define RZB_DataBlock_Metadata_Port_Destination(block, port)   Metadata_Add_Port_Destination(block->pEvent->pMetaDataList, port)
#define RZB_DataBlock_Submit   Submission_Submit
#define RZB_Log   rzb_log

Functions

SO_PUBLIC bool Razorback_Init_Context (struct RazorbackContext *context)
 Initialize an API context.
SO_PUBLIC struct RazorbackContextRazorback_Init_Inspection_Context (uuid_t nuggetId, uuid_t applicationType, uint32_t dataTypeCount, uuid_t *dataTypeList, struct RazorbackInspectionHooks *inspectionHooks, uint32_t initialThreads, uint32_t maxThreads)
 Initialize an Inspection API context.
SO_PUBLIC struct RazorbackContextRazorback_Init_Output_Context (uuid_t nuggetId, uuid_t applicationType)
 Initialize an Output Context.
SO_PUBLIC struct RazorbackContextRazorback_Init_Collection_Context (uuid_t nuggetId, uuid_t applicationType)
 Initialize a Collection API context.
SO_PUBLIC struct RazorbackContextRazorback_LookupContext (uuid_t nuggetId)
 Lookup a Context by UUID.
SO_PUBLIC void Razorback_Shutdown_Context (struct RazorbackContext *context)
 Shutdown a context.
SO_PUBLIC bool Razorback_Render_Verdict (struct Judgment *p_pJudgment)
 Render a verdict on a block.
SO_PUBLIC bool Razorback_Output_Launch (struct RazorbackContext *context, struct RazorbackOutputHooks *hooks)
 Launch output threads.
SO_PUBLIC int Razorback_Get_Message_Mode ()
 Get the configured messaging mode.
SO_PUBLIC char * Razorback_Get_Transfer_Password ()
 Get the transfer server protocol.

Detailed Description

Razorback API.

Function Documentation

SO_PUBLIC int Razorback_Get_Message_Mode (  ) 

Get the configured messaging mode.

Returns:
Message mode.
SO_PUBLIC char* Razorback_Get_Transfer_Password (  ) 

Get the transfer server protocol.

Returns:
The password.
SO_PUBLIC struct RazorbackContext* Razorback_Init_Collection_Context ( uuid_t  nuggetId,
uuid_t  applicationType 
) [read]

Initialize a Collection API context.

Parameters:
nuggetId the nugget uuid
applicationType the application type.
Returns:
An initialized output context on success, NULL on failure.
SO_PUBLIC bool Razorback_Init_Context ( struct RazorbackContext context  ) 

Initialize an API context.

Parameters:
context The context to initialize
Returns:
true on success false on failure.
SO_PUBLIC struct RazorbackContext* Razorback_Init_Inspection_Context ( uuid_t  nuggetId,
uuid_t  applicationType,
uint32_t  dataTypeCount,
uuid_t *  dataTypeList,
struct RazorbackInspectionHooks inspectionHooks,
uint32_t  initialThreads,
uint32_t  maxThreads 
) [read]

Initialize an Inspection API context.

Parameters:
nuggetId the nugget uuid
applicationType the application type.
dataTypeCount the number of data types.
dataTypeList the list of data types.
inspectionHooks the inspection call backs.
initialThreads Number of threads launched initially.
maxThreads Maximum number of threads that can be launched.
Returns:
An initialized inspection context on success, NULL on failure.
SO_PUBLIC struct RazorbackContext* Razorback_Init_Output_Context ( uuid_t  nuggetId,
uuid_t  applicationType 
) [read]

Initialize an Output Context.

Parameters:
nuggetId The nugget UUID
applicationType The application type UUID.
Returns:
An initialized output context on success, NULL on failure.
SO_PUBLIC struct RazorbackContext* Razorback_LookupContext ( uuid_t  nuggetId  )  [read]

Lookup a Context by UUID.

Parameters:
nuggetId The nugget ID uuid.
Returns:
the context or NULL if there is no such context.
SO_PUBLIC bool Razorback_Output_Launch ( struct RazorbackContext context,
struct RazorbackOutputHooks hooks 
)

Launch output threads.

Parameters:
context The output context
hooks The output hook structure.
Returns:
true on success, false on error
SO_PUBLIC bool Razorback_Render_Verdict ( struct Judgment p_pJudgment  ) 

Render a verdict on a block.

Parameters:
judgment The judgment information.
Returns:
true on success, false on error.
SO_PUBLIC void Razorback_Shutdown_Context ( struct RazorbackContext context  ) 

Shutdown a context.

Parameters:
context The context to shutdown.
 All Data Structures Files Functions Variables Enumerations Enumerator Defines
Generated on Sun Dec 9 04:00:11 2012 for RazorbackAPI by  doxygen 1.6.3