X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=modules%2FParser.pm;fp=modules%2FParser.pm;h=9c3fc87130204d8bbb674a4afdb7eecb2c0041d2;hb=cfe5a22044951bb6046b1580bed45b85cc9a4dad;hp=ad55d20085afdee3ec106cc587c6f053e1249ebf;hpb=e9c558fec0c7abed46ea56d712686af37b735b12;p=people%2Fstevee%2Fguardian.git

diff --git a/modules/Parser.pm b/modules/Parser.pm
index ad55d20..9c3fc87 100644
--- a/modules/Parser.pm
+++ b/modules/Parser.pm
@@ -4,12 +4,12 @@ use warnings;
 
 use Exporter qw(import);
 
-our @EXPORT_OK = qw(Parser);
+our @EXPORT_OK = qw(IsSupportedParser Parser);
 
-# This hash contains all supported logfiles and which function
-# has to be called to parse them in the right way.
+# This hash contains all supported parsers and which function
+# has to be called to parse messages in the right way.
 my %logfile_parsers = (
-	"/var/log/snort/alert" => \&message_parser_snort,
+	"snort" => \&message_parser_snort,
 );
 
 #
@@ -20,20 +20,43 @@ my %logfile_parsers = (
 ## any action should be performed.
 #
 sub Parser ($$) {
-        my ($file, @message) = @_;
+        my ($parser, @message) = @_;
 
 	# If no responsible message parser could be found, just return nothing.
-	unless (exists($logfile_parsers{$file})) {
+	unless (exists($logfile_parsers{$parser})) {
 		return;
 	}
 
-	# Call responsible logfile parser.
-	my $action = $logfile_parsers{$file}->(@message);
+	# Call responsible message parser.
+	my $action = $logfile_parsers{$parser}->(@message);
 
 	# Return which action should be performed.
 	return "count $action";
 }
 
+#
+## IsSupportedParser function.
+#
+## This very tiny function checks if a given parser name is available and
+## therefore a supported parser.
+#
+## To perform these check, the function is going to lookup if a key in the
+## hash of supported parsers is available
+#
+sub IsSupportedParser ($) {
+	my $parser = $_[0];
+
+	# Check if a key for the given parser exists in the hash of logfile_parsers.
+	if(exists($logfile_parsers{$parser})) {
+		# Found a valid parser, so return nothing.
+		return 1;
+	}
+
+	# Return "False" if we got here, and therefore no parser
+	# is available.
+	return;
+}
+
 #
 ## The Snort message parser.
 #