*/ require_once "lib/autoload.php"; $status = -1; $elapsed = microtime(true); try { $config = dirname(__FILE__) . "/logmon.conf.php"; $requiredConfigs = array($config); CheckConfig::configs($requiredConfigs); require_once $config; $requiredExtensions = array("mbstring", "pcre", "PDO"); CheckConfig::extensions($requiredExtensions); mb_internal_encoding("UTF-8"); Options::setDebug(DEBUG || array_search("--debug", $argv)); Options::setPretend(array_search("--pretend", $argv)); Options::setVerbose(Options::debug() || Options::pretend() || array_search("--verbose", $argv)); Log::open(__FILE__, true, Options::verbose(), Options::debug()); Log::notice(sprintf("Running '%s'...", implode(" ", $argv))); $monitor = Monitor::create(dirname(__FILE__) . "/monitor"); if ($monitor !== false) { $sources = $monitor->getEnabledSources(); $dbh = new DBH(DBDSN, DBUSER, DBPASS); $processor = new Processor($dbh); foreach ($sources as $source) { $processor->process($monitor, $source); } $processor->discard(EVENT_DISCARD_THRESHOLD); $status = 0; } else { $status = 1; } } catch (Exception $e) {
private function matchAndUpdate($lineTimestamp, $line) { $patterns = $this->tEvent->getPatterns(); $match = false; if (preg_match($patterns[$this->tNextPatternIndex], $line, $matches) === 1) { $this->tNextPatternIndex++; $match = true; } elseif ($this->tNextPatternIndex > 0 && preg_match($patterns[0], $line, $matches) === 1) { $this->reset(); $this->tNextPatternIndex = 1; $match = true; } $matchCount = 0; if ($match) { if (count($matches) > 0) { $this->tMatches = array_merge($this->tMatches, array_slice($matches, 1)); } $this->tMatchedLines[] = $line; if ($this->tNextPatternIndex == 1) { $this->tMatchedTimestamp = $lineTimestamp; } if ($this->tNextPatternIndex == count($patterns)) { $this->tMatchedLoghost = $this->applyLoghostEvaluator(); $this->tMatchedService = $this->applyServiceEvaluator(); $this->tMatchedHostip = $this->applyHostipEvaluator(); $this->tMatchedHostmac = $this->applyHostmacEvaluator(); $this->tMatchedUser = $this->applyUserEvaluator(); if (!$this->isEmpty()) { if (!$this->isErroneous()) { if (Options::pretend() || Options::debug()) { Log::info("Found event '{$this}'"); $matchedLineIndex = 0; foreach ($this->tMatchedLines as $matchedLine) { Log::debug("line[{$matchedLineIndex}] '{$matchedLine}'"); $matchedLineIndex++; } } $this->update(); $matchCount = 1; } else { Log::debug("Ignoring line '{$line}' due to erroneous event '{$this}'"); } } else { Log::debug("Ignoring line '{$line}' due to empty event '{$this}'"); } $this->reset(); } } return $matchCount; }
$access = new WebViewUsers($dbh); break; case "viewuser": $access = new WebViewUser($dbh); break; case "viewevents": $access = new WebViewEvents($dbh); break; case "viewabout": $access = new WebViewAbout($dbh); break; case "streamlogs": $access = new WebStreamLogs($dbh); break; default: $access = new WebViewServices($dbh); } } catch (Exception $e) { Log::err($e); Log::close(); if (Options::debug()) { WebAccess::reportExceptionAndExit($e); } else { WebAccess::sendStatusAndExit(WebAccess::STATUS_SERVICE_UNAVAILABLE); } } $access->sendResponse(); if (isset($dbh)) { $dbh->close(); } Log::close();