/usr/bin/event2vrule is in flowscan 1.006-13.2.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | #! /usr/bin/perl
use POSIX; # for mktime
use Getopt::Std;
getopts('h:') || die;
if ($opt_h) { # hours
$then = time - 60*60*$opt_h
} else {
$then = 0
}
my $file = shift @ARGV;
open(FILE, "<$file") || die "open: \"$file\": $!\n";
my @VRULE = ('COMMENT:\n');
while (<FILE>) {
@F = split;
my $date = shift(@F);
my $time = shift(@F);
if ("$date $time" !~ m|^(\d\d\d\d)/(\d\d)/(\d\d) (\d\d):?(\d\d)$|) {
warn "bad date/time: \"$date $time\"! (skipping)\n";
next
}
my $whence = mktime($6,$5,$4,$3,$2-1,$1-1900,0,0,-1);
next unless $whence > $then;
push(@VRULE, sprintf("VRULE:%s#ff0000:$date $time @F", $whence),
'COMMENT:\n');
}
close(FILE);
if (@ARGV) {
exec @ARGV, @VRULE;
die "exec $ARGV[0]: $!\n"
} else { # for debugging
print join("\n", @VRULE), "\n"
}
|