threat logger module rename

Cargo.toml

@@ -21,7 +21,7 @@ pulsar-core = { workspace = true }
 # Modules
 desktop-notifier = { workspace = true, optional = true }
 file-system-monitor = { workspace = true, optional = true }
-logger = { workspace = true, optional = true }
+threat-logger = { workspace = true, optional = true }
 network-monitor = { workspace = true, optional = true }
 process-monitor = { workspace = true, optional = true }
 rules-engine = { workspace = true, optional = true }
@@ -42,7 +42,7 @@ tokio = { workspace = true, features = ["full"] }
 [features]
 default = ["full", "tls-openssl"]
 full = ["core", "extra"]
-core = ["logger", "process-monitor", "network-monitor", "file-system-monitor"]
+core = ["threat-logger", "process-monitor", "network-monitor", "file-system-monitor"]
 extra = ["rules-engine", "desktop-notifier", "smtp-notifier"]
 tls-openssl = ["smtp-notifier/tls-openssl"]
 tls-rustls = ["smtp-notifier/tls-rustls"]
@@ -56,7 +56,7 @@ members = [
     "crates/modules/process-monitor",
     "crates/modules/network-monitor",
     "crates/modules/rules-engine",
-    "crates/modules/logger",
+    "crates/modules/threat-logger",
     "crates/modules/desktop-notifier",
     "crates/modules/smtp-notifier",
     "crates/pulsar-core",
@@ -98,7 +98,7 @@ desktop-notifier = { path = "crates/modules/desktop-notifier" }
 file-system-monitor = { path = "crates/modules/file-system-monitor", features = [
     "test-suite",
 ] }
-logger = { path = "crates/modules/logger" }
+threat-logger = { path = "crates/modules/threat-logger" }
 network-monitor = { path = "crates/modules/network-monitor", features = [
     "test-suite",
 ] }

crates/modules/README.md

@@ -5,4 +5,4 @@
 | `process-monitor` | Producer | Watch processes (fork/exec/exit)
 | `file-system-monitor` | Producer | Watch file system events
 | `network-monitor` | Producer | Watch network events
-| `logger` | Consumer | Log events to stdout. Used for development and toubleshooting
+| `threat-logger` | Consumer | Log events to stdout. Used for development and toubleshooting

crates/modules/logger/Cargo.toml → crates/modules/threat-logger/Cargo.toml

@@ -1,5 +1,5 @@
 [package]
-name = "logger"
+name = "threat-logger"
 version.workspace = true
 license.workspace = true
 edition.workspace = true

crates/modules/logger/README.md → crates/modules/threat-logger/README.md

@@ -1,4 +1,4 @@
-# Logger
+# Threat logger
 
 This module will log Pulsar threat events to stdout.
 
@@ -13,7 +13,7 @@ This module will log Pulsar threat events to stdout.
 Default configuration:
 
 ```ini
-[logger]
+[threat-logger]
 enabled=true
 console=true
 syslog=true
@@ -23,5 +23,5 @@ output_format=plaintext
 You disable this module with:
 
 ```sh
-pulsar config --set logger.enabled=false
+pulsar config --set threat-logger.enabled=false
 ```

crates/modules/logger/src/lib.rs → crates/modules/threat-logger/src/lib.rs

@@ -19,11 +19,11 @@ use thiserror::Error;
 const UNIX_SOCK_PATHS: [&str; 3] = ["/dev/log", "/var/run/syslog", "/var/run/log"];
 const PRIORITY: u8 = 25; // facility * 8 + severity. facility: daemon (3); severity: alert (1)
 
-pub struct LoggerModule;
+pub struct ThreatLoggerModule;
 
-impl SimplePulsarModule for LoggerModule {
+impl SimplePulsarModule for ThreatLoggerModule {
     type Config = Config;
-    type State = LoggerState;
+    type State = ThreatLoggerState;
 
     const MODULE_NAME: &'static str = "threat-logger";
     const DEFAULT_ENABLED: bool = true;
@@ -33,7 +33,7 @@ impl SimplePulsarModule for LoggerModule {
         config: &Self::Config,
         ctx: &ModuleContext,
     ) -> Result<Self::State, ModuleError> {
-        let logger = match Logger::from_config(config) {
+        let logger = match ThreatLogger::from_config(config) {
             Ok(logr) => logr,
             Err(logr) => {
                 ctx.raise_warning("Failed to connect to syslog".into())
@@ -42,15 +42,15 @@ impl SimplePulsarModule for LoggerModule {
             }
         };
 
-        Ok(LoggerState { logger })
+        Ok(ThreatLoggerState { logger })
     }
 
     async fn on_config_change(
         new_config: &Self::Config,
         state: &mut Self::State,
         ctx: &ModuleContext,
     ) -> Result<(), ModuleError> {
-        state.logger = match Logger::from_config(new_config) {
+        state.logger = match ThreatLogger::from_config(new_config) {
             Ok(logr) => logr,
             Err(logr) => {
                 ctx.raise_warning("Failed to connect to syslog".into())
@@ -76,8 +76,8 @@ impl SimplePulsarModule for LoggerModule {
     }
 }
 
-pub struct LoggerState {
-    logger: Logger,
+pub struct ThreatLoggerState {
+    logger: ThreatLogger,
 }
 
 #[derive(Clone, Debug)]
@@ -123,21 +123,21 @@ impl TryFrom<&ModuleConfig> for Config {
 }
 
 #[derive(Debug)]
-struct Logger {
+struct ThreatLogger {
     console: bool,
     syslog: Option<UnixDatagram>,
     output_format: OutputFormat,
 }
 
 #[derive(Debug, Error)]
-enum LoggerError {
+enum ThreatLoggerError {
     #[error("error serializing event: {0}")]
     Json(String),
     #[error("io error")]
     IO(#[from] io::Error),
 }
 
-impl Logger {
+impl ThreatLogger {
     fn from_config(config: &Config) -> Result<Self, Self> {
         let Config {
             console,
@@ -181,14 +181,14 @@ impl Logger {
         }
     }
 
-    fn process(&mut self, event: &Event) -> Result<(), LoggerError> {
+    fn process(&mut self, event: &Event) -> Result<(), ThreatLoggerError> {
         if event.header().threat.is_some() {
             let json_event = OnceCell::new();
-            let json_event = || -> Result<&String, LoggerError> {
+            let json_event = || -> Result<&String, ThreatLoggerError> {
                 json_event
                     .get_or_init(|| serde_json::to_string(event))
                     .as_ref()
-                    .map_err(|err| LoggerError::Json(err.to_string()))
+                    .map_err(|err| ThreatLoggerError::Json(err.to_string()))
             };
 
             if self.console {

src/pulsard/mod.rs

@@ -47,8 +47,8 @@ pub async fn pulsar_daemon_run(
     starter.add_module(file_system_monitor::pulsar::FileSystemMonitorModule)?;
     #[cfg(feature = "network-monitor")]
     starter.add_module(network_monitor::pulsar::NetworkMonitorModule)?;
-    #[cfg(feature = "logger")]
-    starter.add_module(logger::LoggerModule)?;
+    #[cfg(feature = "threat-logger")]
+    starter.add_module(threat_logger::ThreatLoggerModule)?;
     #[cfg(feature = "rules-engine")]
     starter.add_module(rules_engine::RuleEngineModule)?;
     #[cfg(feature = "desktop-notifier")]