Calling external programs

samhain may invoke external programs or scripts in order to implement logging capabilities that are not supported by samhain itself (e.g. pager support). This section provides an overview of this capability.

External programs/scripts invoked for logging will receive the formatted log message on stdin. The program should expect that stdout and stderr are closed, and that the working directory is the root directory.

Each external program must be defined in the configuration file, in a section starting with the header [External]. In addition, ExternalSeverity must be set to an appropriate threshold in the section [Log].

Each program definition starts with the line

OpenCommand=/full/path

Options for the program may follow. The definition of an external program is ended when the section ends, or when another OpenCommand=/full/path line for the next command is encountered.

Example setup for paging

The distribution contains two example perl scripts for paging and SMS messages (example_pager.pl, example_sms.pl). The paging script will page via a web CGI script at www.pagemart.com (obviously will work only for their pagers), the SMS script is for any German 'free SMS' web site that outsources free SMS to pitcom (with a suitable query on Google you can find such sites; you can then inspect the HTML form to set proper values for the required form variables.)

If you know some Perl, both scripts can be adapted fairly easily to other providers. Below is an example setup for calling example_pager.pl as an external logging facility.

  [External]
  # start definition of first external program
  OpenCommand=/usr/local/bin/example_pager.pl 
  SetType=log 
  # arguments
  SetCommandline=example_pager.pl pager_id 
  # environment 
  SetEnviron=HOME=/home/moses 
  SetEnviron=PATH=/bin:/usr/bin:/usr/local/bin 
  # checksum 
  SetChecksum=FCBD3377B65F92F1701AFEEF3B5E8A80ED4936FD0D172C84 
  # credentials 
  SetCredentials=moses 
  # filter 
  SetFilterOr=POLICY 
  # deadtime 
  SetDeadtime=3600