linux-audit-parser 0.2.7

Parser for Linxu Audit logs
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

use lazy_static::lazy_static;
use std::collections::HashMap;

#[derive(Debug, PartialEq, Eq, Clone, Copy)]
pub(crate) enum FieldType {
    Encoded,
    Numeric,
    NumericDec,
    NumericHex,
    NumericOct,
}

lazy_static! {
    pub(crate) static ref EVENT_IDS: HashMap<&'static[u8], u32> = {
        let els: &[(&str, u32)] = &[ /* @EVENT_CONST@ */ ];
        let mut hm = HashMap::with_capacity(els.len());
        for (name, value) in els {
            hm.insert(name.as_bytes(), *value);
        }
        hm
    };
    pub(crate)  static ref EVENT_NAMES: HashMap<u32, &'static str> = {
        let els: &[(&str, u32)] = &[ /* @EVENT_CONST@ */ ];
        let mut hm = HashMap::with_capacity(els.len());
        for (name, value) in els {
            hm.insert(*value, *name);
        }
        hm
    };
    pub(crate)  static ref FIELD_TYPES: HashMap<&'static[u8],FieldType> = {
        let els: &[(&str, FieldType)] = &[ /* @FIELD_TYPES@ */ ];
        let mut hm = HashMap::with_capacity(els.len());
        for (name, typ) in els {
            hm.insert(name.as_bytes(), *typ);
        }
        hm
    };
}