3.4. Log & Alert

3.4.1. Log

log_level

Logging level constants.

HAKA_LOG_FATAL
HAKA_LOG_ERROR
HAKA_LOG_WARNING
HAKA_LOG_INFO
HAKA_LOG_DEBUG
const char *level_to_str(log_level level)

Convert a logging level to a human readable string.

Returns:A string representing the logging level. This string is constant and should not be freed.
void message(log_level level, const wchar_t *module, const wchar_t *message)

Log a message without string formating.

void messagef(log_level level, const wchar_t *module, const wchar_t *fmt, ...)

Log a message with string formating.

void setlevel(log_level level, const wchar_t *module)

Set the logging level to display for a given module name. The module parameter can be NULL in which case it will set the default level.

log_level getlevel(const wchar_t *module)

Get the logging level for a given module name.

3.4.2. Alert

alert_level
HAKA_ALERT_LOW
HAKA_ALERT_MEDIUM
HAKA_ALERT_HIGH
HAKA_ALERT_NUMERIC
alert_completion
HAKA_ALERT_FAILED
HAKA_ALERT_SUCCESSFUL
alert_node_type
HAKA_ALERT_NODE_ADDRESS
HAKA_ALERT_NODE_SERVICE
struct alert

Structure used to describe the alert.

time_us start_time
time_us end_time

Alert times.

wchar_t *description

Description of the alert.

alert_level severity

Severity of the alert.

alert_level confidence

Confidence of the detection.

double confidence_num

If confidence is HAKA_ALERT_NUMERIC, set this value as custom confidence value.

alert_completion completion

Completion of the alert.

wchar_t *method_description

Description of the method used.

wchar_t **method_ref

NULL terminated list of references.

struct alert_node **sources

NULL terminated list of alert sources.

struct alert_node **targets

NULL terminated list of alert targets.

size_t alert_ref_count

Number of external alert references.

uint64 *alert_ref

Array of alert ids.

ALERT(name, nsrc, ntgt)

Construct a static alert description.

Parameters:
  • name – Name of the variable to create.
  • nsrc – Number of sources.
  • ntgt – Number of targets.

Example:

ALERT(invalid_packet, 1, 1)
    description: L"invalid tcp packet, size is too small",
    severity: HAKA_ALERT_LOW,
ENDALERT
ALERT_NODE(alert, mode, index, type, ...)

Append an alert node.

Parameters:
  • alert – Alert name.
  • modesources or target.
  • index – Index of the node.
  • type – Type of node (see alert_node_type).
  • ... – List of strings (wchar_t *).

Example:

ALERT_NODE(invalid_packet, sources, 0, HAKA_ALERT_NODE_ADDRESS, "127.0.0.1");
ALERT_REF(alert, count, ...)

Append a list of alert references.

Parameters:
  • alert – Alert name.
  • count – Number of references.
  • ... – List of alert ids.
ALERT_METHOD_REF(alert, ...)

Append a list of method references.

Parameters:
  • alert – Alert name.
  • ... – List of strings (wchar_t *).
uint64 alert(const struct alert *alert)

Raise a new alert.

Returns:A unique alert id.
bool alert_update(uint64 id, const struct alert *alert)

Update an existing alert.