// LoadConfig inits the config file and reads the default config information
// into Beat.Config. It exists the processes in case of errors.
func (b *Beat) LoadConfig() {
err := cfgfile.Read(&b.Config, "")
if err != nil {
// logging not yet initialized, so using fmt.Printf
fmt.Printf("%v\n", err)
os.Exit(1)
}
err = logp.Init(b.Name, &b.Config.Logging)
if err != nil {
fmt.Printf("Error initializing logging: %v\n", err)
os.Exit(1)
}
logp.Debug("beat", "Initializing output plugins")
if err := publisher.Publisher.Init(b.Name, b.Version, b.Config.Output, b.Config.Shipper); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
b.Events = publisher.Publisher.Client()
logp.Debug("beat", "Init %s", b.Name)
}
// LoadConfig inits the config file and reads the default config information
// into Beat.Config. It exists the processes in case of errors.
func (b *Beat) LoadConfig() {
err := cfgfile.Read(&b.Config, "")
if err != nil {
// logging not yet initialized, so using fmt.Printf
fmt.Printf("Loading config file error: %v\n", err)
os.Exit(1)
}
err = logp.Init(b.Name, &b.Config.Logging)
if err != nil {
fmt.Printf("Error initializing logging: %v\n", err)
os.Exit(1)
}
// Disable stderr logging if requested by cmdline flag
logp.SetStderr()
logp.Debug("beat", "Initializing output plugins")
if err := publisher.Publisher.Init(b.Name, b.Config.Output, b.Config.Shipper); err != nil {
fmt.Printf("Error Initialising publisher: %v\n", err)
logp.Critical(err.Error())
os.Exit(1)
}
b.Events = publisher.Publisher.Client()
logp.Debug("beat", "Init %s", b.Name)
}
func (beat *Beat) ConfigSetup(beater Beater, inputConfig interface{}) {
config := &ConfigSettings{
//Input: inputConfig,
}
err := cfgfile.Read(config)
beat.Config = *config
if err != nil {
logp.Debug("Log read error", "Error %v\n", err)
}
logp.Init(beat.Name, &beat.Config.Logging)
logp.Debug("main", "Initializing output plugins")
if err := publisher.Publisher.Init(beat.Config.Output, beat.Config.Shipper); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
beat.events = publisher.Publisher.Queue
logp.Debug(beat.Name, "Init %s", beat.Name)
if err := beater.Init(beat); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
}
// Inits the config file and reads the default config information into Beat.Config
// This is Output, Logging and Shipper config params
func (b *Beat) LoadConfig() {
err := cfgfile.Read(&b.Config)
if err != nil {
logp.Debug("Log read error", "Error %v\n", err)
}
logp.Init(b.Name, &b.Config.Logging)
logp.Debug("main", "Initializing output plugins")
if err := publisher.Publisher.Init(b.Name, b.Config.Output, b.Config.Shipper); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
logp.Debug(b.Name, "Init %s", b.Name)
}
func main() {
over := make(chan bool)
// Use our own FlagSet, because some libraries pollute the global one
var cmdLine = flag.NewFlagSet(os.Args[0], flag.ExitOnError)
cfgfile.CmdLineFlags(cmdLine, Name)
logp.CmdLineFlags(cmdLine)
service.CmdLineFlags(cmdLine)
publishDisabled := cmdLine.Bool("N", false, "Disable actual publishing for testing")
printVersion := cmdLine.Bool("version", false, "Print version and exit")
cmdLine.Parse(os.Args[1:])
if *printVersion {
fmt.Printf("%s version %s (%s)\n", Name, Version, runtime.GOARCH)
return
}
err := cfgfile.Read(&Config)
logp.Init(Name, &Config.Logging)
logp.Debug("main", "Initializing output plugins")
if err = publisher.Publisher.Init(*publishDisabled, Config.Output,
Config.Shipper); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
topbeat := &Topbeat{}
if err = topbeat.Init(Config.Input, publisher.Publisher.Queue); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
// Up to here was the initialization, now about running
if cfgfile.IsTestConfig() {
// all good, exit with 0
os.Exit(0)
}
service.BeforeRun()
// run the Beat code in background
go func() {
err := topbeat.Run()
if err != nil {
logp.Critical("Sniffer main loop failed: %v", err)
os.Exit(1)
}
over <- true
}()
service.HandleSignals(topbeat.Stop)
// Startup successful, disable stderr logging if requested by
// cmdline flag
logp.SetStderr()
logp.Debug("main", "Starting topbeat")
// Wait for the goroutines to finish
for _ = range over {
if !topbeat.IsAlive() {
break
}
}
logp.Debug("main", "Cleanup")
service.Cleanup()
}
func main() {
// Use our own FlagSet, because some libraries pollute the global one
var cmdLine = flag.NewFlagSet(os.Args[0], flag.ExitOnError)
cfgfile.CmdLineFlags(cmdLine, Name)
logp.CmdLineFlags(cmdLine)
service.CmdLineFlags(cmdLine)
publisher.CmdLineFlags(cmdLine)
file := cmdLine.String("I", "", "file")
loop := cmdLine.Int("l", 1, "Loop file. 0 - loop forever")
oneAtAtime := cmdLine.Bool("O", false, "Read packets one at a time (press Enter)")
topSpeed := cmdLine.Bool("t", false, "Read packets as fast as possible, without sleeping")
printVersion := cmdLine.Bool("version", false, "Print version and exit")
dumpfile := cmdLine.String("dump", "", "Write all captured packets to this libpcap file.")
cmdLine.Parse(os.Args[1:])
sniff := new(sniffer.SnifferSetup)
if *printVersion {
fmt.Printf("Packetbeat version %s (%s)\n", Version, runtime.GOARCH)
return
}
err := cfgfile.Read(&config.ConfigSingleton)
logp.Init(Name, &config.ConfigSingleton.Logging)
// CLI flags over-riding config
if *topSpeed {
config.ConfigSingleton.Interfaces.TopSpeed = true
}
if len(*file) > 0 {
config.ConfigSingleton.Interfaces.File = *file
}
config.ConfigSingleton.Interfaces.Loop = *loop
config.ConfigSingleton.Interfaces.OneAtATime = *oneAtAtime
if len(*dumpfile) > 0 {
config.ConfigSingleton.Interfaces.Dumpfile = *dumpfile
}
logp.Debug("main", "Initializing output plugins")
if err = publisher.Publisher.Init(config.ConfigSingleton.Output, config.ConfigSingleton.Shipper); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
if err = procs.ProcWatcher.Init(config.ConfigSingleton.Procs); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
logp.Debug("main", "Initializing protocol plugins")
for proto, plugin := range EnabledProtocolPlugins {
err = plugin.Init(false, publisher.Publisher.Queue)
if err != nil {
logp.Critical("Initializing plugin %s failed: %v", proto, err)
os.Exit(1)
}
protos.Protos.Register(proto, plugin)
}
tcpProc, err := tcp.NewTcp(&protos.Protos)
if err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
udpProc, err := udp.NewUdp(&protos.Protos)
if err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
over := make(chan bool)
stopCb := func() {
sniff.Stop()
}
logp.Debug("main", "Initializing filters")
afterInputsQueue, err := filters.FiltersRun(
config.ConfigSingleton.Filter,
EnabledFilterPlugins,
publisher.Publisher.Queue,
stopCb)
if err != nil {
logp.Critical("%v", err)
os.Exit(1)
}
logp.Debug("main", "Initializing sniffer")
err = sniff.Init(false, afterInputsQueue, tcpProc, udpProc)
if err != nil {
logp.Critical("Initializing sniffer failed: %v", err)
os.Exit(1)
}
// This needs to be after the sniffer Init but before the sniffer Run.
if err = droppriv.DropPrivileges(config.ConfigSingleton.RunOptions); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
// Up to here was the initialization, now about running
if cfgfile.IsTestConfig() {
// all good, exit with 0
os.Exit(0)
}
service.BeforeRun()
// run the sniffer in background
go func() {
err := sniff.Run()
if err != nil {
logp.Critical("Sniffer main loop failed: %v", err)
os.Exit(1)
}
over <- true
}()
service.HandleSignals(stopCb)
// Startup successful, disable stderr logging if requested by
// cmdline flag
logp.SetStderr()
logp.Debug("main", "Waiting for the sniffer to finish")
// Wait for the goroutines to finish
for _ = range over {
if !sniff.IsAlive() {
break
}
}
logp.Debug("main", "Cleanup")
if service.WithMemProfile() {
// wait for all TCP streams to expire
time.Sleep(tcp.TCP_STREAM_EXPIRY * 1.2)
tcpProc.PrintTcpMap()
}
service.Cleanup()
}
func main() {
// Use our own FlagSet, because some libraries pollute the global one
var cmdLine = flag.NewFlagSet(os.Args[0], flag.ExitOnError)
configfile := cmdLine.String("c", "/etc/packetbeat/packetbeat.yml", "Configuration file")
file := cmdLine.String("I", "", "file")
loop := cmdLine.Int("l", 1, "Loop file. 0 - loop forever")
oneAtAtime := cmdLine.Bool("O", false, "Read packets one at a time (press Enter)")
topSpeed := cmdLine.Bool("t", false, "Read packets as fast as possible, without sleeping")
publishDisabled := cmdLine.Bool("N", false, "Disable actual publishing for testing")
printVersion := cmdLine.Bool("version", false, "Print version and exit")
memprofile := cmdLine.String("memprofile", "", "Write memory profile to this file")
cpuprofile := cmdLine.String("cpuprofile", "", "Write cpu profile to file")
dumpfile := cmdLine.String("dump", "", "Write all captured packets to this libpcap file.")
testConfig := cmdLine.Bool("test", false, "Test configuration and exit.")
// Adds logging specific flags
logp.CmdLineFlags(cmdLine)
cmdLine.Parse(os.Args[1:])
sniff := new(sniffer.SnifferSetup)
if *printVersion {
fmt.Printf("Packetbeat version %s (%s)\n", Version, runtime.GOARCH)
return
}
var err error
// configuration file
filecontent, err := ioutil.ReadFile(*configfile)
if err != nil {
fmt.Printf("Fail to read %s: %s. Exiting.\n", *configfile, err)
os.Exit(1)
}
if err = yaml.Unmarshal(filecontent, &config.ConfigSingleton); err != nil {
fmt.Printf("YAML config parsing failed on %s: %s. Exiting.\n", *configfile, err)
os.Exit(1)
}
logp.Init(Name, &config.ConfigSingleton.Logging)
// CLI flags over-riding config
if *topSpeed {
config.ConfigSingleton.Interfaces.TopSpeed = true
}
if len(*file) > 0 {
config.ConfigSingleton.Interfaces.File = *file
}
config.ConfigSingleton.Interfaces.Loop = *loop
config.ConfigSingleton.Interfaces.OneAtATime = *oneAtAtime
if len(*dumpfile) > 0 {
config.ConfigSingleton.Interfaces.Dumpfile = *dumpfile
}
logp.Debug("main", "Configuration %s", config.ConfigSingleton)
logp.Debug("main", "Initializing output plugins")
if err = publisher.Publisher.Init(*publishDisabled, config.ConfigSingleton.Output,
config.ConfigSingleton.Shipper); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
if err = procs.ProcWatcher.Init(config.ConfigSingleton.Procs); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
logp.Debug("main", "Initializing protocol plugins")
for proto, plugin := range EnabledProtocolPlugins {
err = plugin.Init(false, publisher.Publisher.Queue)
if err != nil {
logp.Critical("Initializing plugin %s failed: %v", proto, err)
os.Exit(1)
}
protos.Protos.Register(proto, plugin)
}
if err = tcp.TcpInit(); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
over := make(chan bool)
logp.Debug("main", "Initializing filters plugins")
for filter, plugin := range EnabledFilterPlugins {
filters.Filters.Register(filter, plugin)
}
filters_plugins, err :=
LoadConfiguredFilters(config.ConfigSingleton.Filter)
if err != nil {
logp.Critical("Error loading filters plugins: %v", err)
os.Exit(1)
}
logp.Debug("main", "Filters plugins order: %v", filters_plugins)
var afterInputsQueue chan common.MapStr
if len(filters_plugins) > 0 {
runner := NewFilterRunner(publisher.Publisher.Queue, filters_plugins)
go func() {
err := runner.Run()
if err != nil {
logp.Critical("Filters runner failed: %v", err)
// shutting down
sniff.Stop()
}
}()
afterInputsQueue = runner.FiltersQueue
} else {
// short-circuit the runner
afterInputsQueue = publisher.Publisher.Queue
}
logp.Debug("main", "Initializing sniffer")
err = sniff.Init(false, afterInputsQueue)
if err != nil {
logp.Critical("Initializing sniffer failed: %v", err)
os.Exit(1)
}
// This needs to be after the sniffer Init but before the sniffer Run.
if err = droppriv.DropPrivileges(config.ConfigSingleton.RunOptions); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
// Up to here was the initialization, now about running
if *testConfig {
// all good, exit with 0
os.Exit(0)
}
if *cpuprofile != "" {
f, err := os.Create(*cpuprofile)
if err != nil {
log.Fatal(err)
}
pprof.StartCPUProfile(f)
defer pprof.StopCPUProfile()
}
// run the sniffer in background
go func() {
err := sniff.Run()
if err != nil {
logp.Critical("Sniffer main loop failed: %v", err)
os.Exit(1)
}
over <- true
}()
// On ^C or SIGTERM, gracefully stop the sniffer
sigc := make(chan os.Signal, 1)
signal.Notify(sigc, syscall.SIGINT, syscall.SIGTERM)
go func() {
<-sigc
logp.Debug("signal", "Received sigterm/sigint, stopping")
sniff.Stop()
}()
// Startup successful, disable stderr logging if requested by
// cmdline flag
logp.SetStderr()
logp.Debug("main", "Waiting for the sniffer to finish")
// Wait for the goroutines to finish
for _ = range over {
if !sniff.IsAlive() {
break
}
}
logp.Debug("main", "Cleanup")
if *memprofile != "" {
// wait for all TCP streams to expire
time.Sleep(tcp.TCP_STREAM_EXPIRY * 1.2)
tcp.PrintTcpMap()
runtime.GC()
writeHeapProfile(*memprofile)
debugMemStats()
}
}