PHP os_cleanstored Beispiele

Beispiel #1

Datei: os_lib_alerts.php Projekt: jrossi/ossec-wui

function os_getalerts($ossec_handle, $init_time, $final_time, $max_count)
{
    $file = NULL;
    $alert_list = new Ossec_AlertList();
    $curr_time = time(0);
    /* Checking if agent_dir is set */
    if (!isset($ossec_handle['dir']) || $ossec_handle['dir'] == NULL) {
        $ossec_handle['error'] = "Unable to open ossec dir: " . $ossec_handle['dir'];
        return NULL;
    }
    /* Getting log dir */
    $log_file = $ossec_handle['dir'] . '/logs/alerts/alerts.log';
    /* Opening alert file */
    $fp = fopen($log_file, 'r');
    if ($fp === false) {
        $ossec_handle['error'] = "Unable to open log file: " . $log_file;
        return NULL;
    }
    /* If times are set to zero, we monitor the last *count files. */
    if ($init_time == 0 && $final_time == 0) {
        clearstatcache();
        os_cleanstored();
        /* Getting file size */
        $f_size = filesize($log_file);
        /* Average size of every event: 300-350 */
        $f_point = $max_count * 325;
        /* If file size is large than the counter fseek to the
         * average place in the file.
         */
        if ($f_size > $f_point) {
            $seek_place = $f_size - $f_point;
            fseek($fp, $seek_place, "SEEK_SET");
        }
    }
    /* Getting alerts */
    while (1) {
        $alert = __os_parsealert($fp, $curr_time, $init_time, $final_time, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
        if ($alert == NULL) {
            break;
        }
        $alert_list->addAlert($alert);
    }
    fclose($fp);
    return $alert_list;
}

Beispiel #2

Datei: search.php Projekt: jrossi/ossec-wui

$rt_sk = "";
$sv_sk = 'checked="checked"';
if (isset($_POST['monitoring']) && $_POST['monitoring'] == 1) {
    $rt_sk = 'checked="checked"';
    $sv_sk = "";
    /* Cleaning up time */
    $USER_final = $u_final_time;
    $USER_init = $u_init_time;
    $USER_monitoring = 1;
    /* Cleaning up fields */
    $_POST['search'] = "Search";
    unset($_POST['initdate']);
    unset($_POST['finaldate']);
    /* Deleting search */
    if ($USER_searchid != 0) {
        os_cleanstored($USER_searchid);
    }
    /* Refreshing every 90 seconds by default */
    $m_ossec_refresh_time = $ossec_refresh_time * 1000;
    echo '
        <script language="javascript">
            setTimeout("document.dosearch.submit()",' . $m_ossec_refresh_time . ');
        </script>
        ';
}
/* Reading user input -- being very careful parsing it */
$datepattern = "/^([0-9]{4})-([0-9]{2})-([0-9]{2}) ([0-9]{2}):([0-9]{2})\$/";
if (isset($_POST['initdate'])) {
    if (preg_match($datepattern, $_POST['initdate'], $regs)) {
        $USER_init = mktime($regs[4], $regs[5], 0, $regs[2], $regs[3], $regs[1]);
        $u_init_time = $USER_init;