function syslog_graph_buttons($graph_elements = array())
{
global $config, $timespan, $graph_timeshifts;
include dirname(__FILE__) . '/config.php';
if (get_nfilter_request_var('action') == 'view') {
return;
}
if (isset_request_var('graph_end') && strlen(get_filter_request_var('graph_end'))) {
$date1 = date('Y-m-d H:i:s', get_filter_request_var('graph_start'));
$date2 = date('Y-m-d H:i:s', get_filter_request_var('graph_end'));
} else {
$date1 = $timespan['current_value_date1'];
$date2 = $timespan['current_value_date2'];
}
if (isset($graph_elements[1]['local_graph_id'])) {
$graph_local = db_fetch_row("SELECT host_id FROM graph_local WHERE id='" . $graph_elements[1]['local_graph_id'] . "'");
$sql_where = '';
if (isset($graph_local['host_id'])) {
$host = db_fetch_row("SELECT description, hostname FROM host WHERE id='" . $graph_local['host_id'] . "'");
if (sizeof($host)) {
if (!is_ipv4_address($host['description']) && strpos($host['description'], '.') !== false) {
$parts = explode('.', $host['description']);
$sql_where = "WHERE host LIKE '" . $parts[0] . ".%'";
} else {
$sql_where = "WHERE host='" . $host['description'] . "'";
}
if (!is_ipv4_address($host['hostname']) && strpos($host['hostname'], '.') !== false) {
$parts = explode('.', $host['hostname']);
$sql_where .= ($sql_where != '' ? ' OR ' : 'WHERE ') . "host LIKE '" . $parts[0] . ".%'";
} else {
$sql_where .= ($sql_where != '' ? ' OR ' : 'WHERE ') . "host='" . $host['hostname'] . "'";
}
if ($sql_where != '') {
$host = syslog_db_fetch_cell("SELECT host_id FROM `" . $syslogdb_default . "`.`syslog_hosts` {$sql_where}");
if (!empty($host)) {
print "<a href='" . htmlspecialchars($config['url_path'] . 'plugins/syslog/syslog.php?tab=syslog&reset=1&host=' . $host['host_id'] . '&date1=' . $date1 . '&date2=' . $date2) . "'><img src='" . $config['url_path'] . "plugins/syslog/images/view_syslog.png' border='0' alt='' title='" . __('Display Syslog in Range') . "'></a><br>";
}
}
}
}
}
}
function syslog_alerts()
{
global $colors, $syslog_actions, $config, $message_types, $severities;
include dirname(__FILE__) . "/config.php";
/* ================= input validation ================= */
input_validate_input_number(get_request_var_request("id"));
input_validate_input_number(get_request_var_request("page"));
input_validate_input_number(get_request_var_request("enabled"));
input_validate_input_number(get_request_var_request("rows"));
/* ==================================================== */
/* clean up filter */
if (isset($_REQUEST["filter"])) {
$_REQUEST["filter"] = sanitize_search_string(get_request_var("filter"));
}
/* clean up sort_column */
if (isset($_REQUEST["sort_column"])) {
$_REQUEST["sort_column"] = sanitize_search_string(get_request_var("sort_column"));
}
/* clean up sort direction */
if (isset($_REQUEST["sort_direction"])) {
$_REQUEST["sort_direction"] = sanitize_search_string(get_request_var("sort_direction"));
}
/* if the user pushed the 'clear' button */
if (isset($_REQUEST["clear"])) {
kill_session_var("sess_syslog_alerts_page");
kill_session_var("sess_syslog_alerts_rows");
kill_session_var("sess_syslog_alerts_filter");
kill_session_var("sess_syslog_alerts_enabled");
kill_session_var("sess_syslog_alerts_sort_column");
kill_session_var("sess_syslog_alerts_sort_direction");
$_REQUEST["page"] = 1;
unset($_REQUEST["filter"]);
unset($_REQUEST["enabled"]);
unset($_REQUEST["rows"]);
unset($_REQUEST["sort_column"]);
unset($_REQUEST["sort_direction"]);
} else {
/* if any of the settings changed, reset the page number */
$changed = 0;
$changed += syslog_check_changed("filter", "sess_syslog_alerts_filter");
$changed += syslog_check_changed("enabled", "sess_syslog_alerts_enabled");
$changed += syslog_check_changed("rows", "sess_syslog_alerts_rows");
$changed += syslog_check_changed("sort_column", "sess_syslog_alerts_sort_column");
$changed += syslog_check_changed("sort_direction", "sess_syslog_alerts_sort_direction");
if ($changed) {
$_REQUEST["page"] = "1";
}
}
/* remember these search fields in session vars so we don't have to keep passing them around */
load_current_session_value("page", "sess_syslog_alerts_paage", "1");
load_current_session_value("rows", "sess_syslog_alerts_rows", "-1");
load_current_session_value("enabled", "sess_syslog_alerts_enabled", "-1");
load_current_session_value("filter", "sess_syslog_alerts_filter", "");
load_current_session_value("sort_column", "sess_syslog_alerts_sort_column", "name");
load_current_session_value("sort_direction", "sess_syslog_alerts_sort_direction", "ASC");
html_start_box("<strong>Syslog Alert Filters</strong>", "100%", $colors["header"], "3", "center", "syslog_alerts.php?action=edit");
syslog_filter();
html_end_box();
html_start_box("", "100%", $colors["header"], "3", "center", "");
$sql_where = "";
if ($_REQUEST["rows"] == "-1") {
$row_limit = read_config_option("num_rows_syslog");
} elseif ($_REQUEST["rows"] == -2) {
$row_limit = 999999;
} else {
$row_limit = $_REQUEST["rows"];
}
$alerts = syslog_get_alert_records($sql_where, $row_limit);
$rows_query_string = "SELECT COUNT(*)\n\t\tFROM `" . $syslogdb_default . "`.`syslog_alert`\n\t\t{$sql_where}";
$total_rows = syslog_db_fetch_cell($rows_query_string);
?>
<script type="text/javascript">
<!--
function applyChange(objForm) {
strURL = '?enabled=' + objForm.enabled.value;
strURL = strURL + '&filter=' + objForm.filter.value;
strURL = strURL + '&rows=' + objForm.rows.value;
document.location = strURL;
}
-->
</script>
<?php
/* generate page list */
$url_page_select = get_page_list($_REQUEST["page"], MAX_DISPLAY_PAGES, $row_limit, $total_rows, "syslog_alerts.php?filter=" . $_REQUEST["filter"]);
if ($total_rows > 0) {
$nav = "<tr bgcolor='#" . $colors["header"] . "'>\n\t\t\t\t\t<td colspan='13'>\n\t\t\t\t\t\t<table width='100%' cellspacing='0' cellpadding='0' border='0'>\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td align='left' class='textHeaderDark'>\n\t\t\t\t\t\t\t\t\t<strong><< ";
if ($_REQUEST["page"] > 1) {
$nav .= "<a class='linkOverDark' href='syslog_alerts.php?report=arp&page=" . ($_REQUEST["page"] - 1) . "'>";
}
$nav .= "Previous";
if ($_REQUEST["page"] > 1) {
$nav .= "</a>";
}
$nav .= "</strong>\n\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t\t<td align='center' class='textHeaderDark'>\n\t\t\t\t\t\t\t\t\tShowing Rows " . ($total_rows == 0 ? "None" : $row_limit * ($_REQUEST["page"] - 1) + 1 . " to " . ($total_rows < $row_limit || $total_rows < $row_limit * $_REQUEST["page"] ? $total_rows : $row_limit * $_REQUEST["page"]) . " of {$total_rows} [{$url_page_select}]") . "\n\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t\t<td align='right' class='textHeaderDark'>\n\t\t\t\t\t\t\t\t\t<strong>";
if ($_REQUEST["page"] * $row_limit < $total_rows) {
$nav .= "<a class='linkOverDark' href='syslog_alerts.php?report=arp&page=" . ($_REQUEST["page"] + 1) . "'>";
}
$nav .= "Next";
if ($_REQUEST["page"] * $row_limit < $total_rows) {
$nav .= "</a>";
}
$nav .= " >></strong>\n\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t</table>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
} else {
$nav = "<tr bgcolor='#" . $colors["header"] . "' class='noprint'>\n\t\t\t\t\t<td colspan='22'>\n\t\t\t\t\t\t<table width='100%' cellspacing='0' cellpadding='0' border='0'>\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td align='center' class='textHeaderDark'>\n\t\t\t\t\t\t\t\t\tNo Rows Found\n\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t</table>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
}
print $nav;
$display_text = array("name" => array("Alert<br>Name", "ASC"), "severity" => array("<br>Severity", "ASC"), "method" => array("<br>Method", "ASC"), "num" => array("Threshold<br>Count", "ASC"), "enabled" => array("<br>Enabled", "ASC"), "type" => array("Match<br>Type", "ASC"), "message" => array("Search<br>String", "ASC"), "email" => array("E-Mail<br>Addresses", "DESC"), "date" => array("Last<br>Modified", "ASC"), "user" => array("By<br>User", "DESC"));
html_header_sort_checkbox($display_text, $_REQUEST["sort_column"], $_REQUEST["sort_direction"]);
$i = 0;
if (sizeof($alerts) > 0) {
foreach ($alerts as $alert) {
form_alternate_row_color($colors["alternate"], $colors["light"], $i, 'line' . $alert["id"]);
$i++;
form_selectable_cell("<a class='linkEditMain' href='" . $config['url_path'] . "plugins/syslog/syslog_alerts.php?action=edit&id=" . $alert["id"] . "'>" . ($_REQUEST["filter"] != "" ? eregi_replace("(" . preg_quote($_REQUEST["filter"]) . ")", "<span style='background-color: #F8D93D;'>\\1</span>", $alert["name"]) : $alert["name"]) . "</a>", $alert["id"]);
form_selectable_cell($severities[$alert["severity"]], $alert["id"]);
form_selectable_cell($alert["method"] == 1 ? "Threshold" : "Individual", $alert["id"]);
form_selectable_cell($alert["method"] == 1 ? $alert["num"] : "N/A", $alert["id"]);
form_selectable_cell($alert["enabled"] == "on" ? "Yes" : "No", $alert["id"]);
form_selectable_cell($message_types[$alert["type"]], $alert["id"]);
form_selectable_cell(title_trim($alert["message"], 60), $alert["id"]);
form_selectable_cell(substr_count($alert["email"], ",") ? "Multiple" : $alert["email"], $alert["id"]);
form_selectable_cell(date("Y-m-d H:i:s", $alert["date"]), $alert["id"]);
form_selectable_cell($alert["user"], $alert["id"]);
form_checkbox_cell($alert["name"], $alert["id"]);
form_end_row();
}
} else {
print "<tr><td colspan='4'><em>No Syslog Alerts Defined</em></td></tr>";
}
html_end_box(false);
/* draw the dropdown containing a list of available actions for this form */
draw_actions_dropdown($syslog_actions);
}
}
$htmlm .= '</table></body></html>';
$alertm .= "-----------------------------------------------\n\n";
if ($alert['method'] == 1) {
$sequence = syslog_log_alert($alert['id'], $alert['name'], $alert['severity'], $at[0], sizeof($at), $htmlm, $hostlist);
$smsalert = 'Sev:' . $severities[$alert['severity']] . ', Count:' . sizeof($at) . ', URL:' . read_config_option('alert_base_url') . 'plugins/syslog/syslog.php?tab=current&id=' . $sequence;
}
syslog_debug("Alert Rule '" . $alert['name'] . "' has been activated");
}
}
}
if ($alertm != '' && $alert['method'] == 1) {
$resend = true;
if ($alert['repeat_alert'] > 0) {
$found = syslog_db_fetch_cell('SELECT count(*)
FROM syslog_logs
WHERE alert_id=' . $alert['id'] . "\n\t\t\t\t\tAND logtime>'{$date}'");
if ($found) {
$resend = false;
}
}
if ($resend) {
syslog_sendemail(trim($alert['email']), '', 'Event Alert - ' . $alert['name'], $html ? $htmlm : $alertm, $smsalert);
if ($alert['open_ticket'] == 'on' && strlen(read_config_option('syslog_ticket_command'))) {
if (is_executable(read_config_option('syslog_ticket_command'))) {
exec(read_config_option('syslog_ticket_command') . " --alert-name='" . clean_up_name($alert['name']) . "'" . " --severity='" . $alert['severity'] . "'" . " --hostlist='" . implode(',', $hostlist) . "'" . " --message='" . $alert['message'] . "'");
}
}
}
}
}
function syslog_filter($sql_where, $tab)
{
global $colors, $config, $graph_timespans, $graph_timeshifts, $reset_multi, $page_refresh_interval;
include dirname(__FILE__) . "/config.php";
if (isset($_SESSION["sess_current_date1"])) {
$filter_text = "</strong> [ Start: '" . $_SESSION["sess_current_date1"] . "' to End: '" . $_SESSION["sess_current_date2"] . "' ]";
} else {
$filter_text = "</strong>";
}
?>
<script type="text/javascript">
<!--
// Initialize the calendar
calendar=null;
// This function displays the calendar associated to the input field 'id'
function showCalendar(id) {
var el = document.getElementById(id);
if (calendar != null) {
// we already have some calendar created
calendar.hide(); // so we hide it first.
} else {
// first-time call, create the calendar.
var cal = new Calendar(true, null, selected, closeHandler);
cal.weekNumbers = false; // Do not display the week number
cal.showsTime = true; // Display the time
cal.time24 = true; // Hours have a 24 hours format
cal.showsOtherMonths = false; // Just the current month is displayed
calendar = cal; // remember it in the global var
cal.setRange(1900, 2070); // min/max year allowed.
cal.create();
}
calendar.setDateFormat('%Y-%m-%d %H:%M'); // set the specified date format
calendar.parseDate(el.value); // try to parse the text in field
calendar.sel = el; // inform it what input field we use
// Display the calendar below the input field
calendar.showAtElement(el, "Br"); // show the calendar
return false;
}
// This function update the date in the input field when selected
function selected(cal, date) {
cal.sel.value = date; // just update the date in the input field.
}
// This function gets called when the end-user clicks on the 'Close' button.
// It just hides the calendar without destroying it.
function closeHandler(cal) {
cal.hide(); // hide the calendar
calendar = null;
}
function applyTimespanFilterChange(objForm) {
strURL = '?predefined_timespan=' + objForm.predefined_timespan.value;
strURL = strURL + '&predefined_timeshift=' + objForm.predefined_timeshift.value;
document.location = strURL;
}
-->
</script>
<form style='margin:0px;padding:0px;' id="syslog_form" name="syslog_form" method="post" action="syslog.php">
<table width="100%" cellspacing="0" cellpadding="0" border="0">
<tr>
<td colspan="2" style="background-color:#EFEFEF;">
<table width='100%' cellpadding="0" cellspacing="0" border="0">
<tr>
<td width='100%'>
<?php
html_start_box("<strong>Syslog Message Filter{$filter_text}", "100%", $colors["header"], "1", "center", "");
?>
<tr bgcolor="<?php
print $colors["panel"];
?>
" class="noprint">
<td class="noprint">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td nowrap style='white-space: nowrap;' width='60'>
<strong>Presets:</strong>
</td>
<td nowrap style='white-space: nowrap;' width='130'>
<select name='predefined_timespan' onChange="applyTimespanFilterChange(document.syslog_form)">
<?php
if ($_SESSION["custom"]) {
$graph_timespans[GT_CUSTOM] = "Custom";
$_REQUEST["predefined_timespan"] = GT_CUSTOM;
$start_val = 0;
$end_val = sizeof($graph_timespans);
} else {
if (isset($graph_timespans[GT_CUSTOM])) {
asort($graph_timespans);
array_shift($graph_timespans);
}
$start_val = 1;
$end_val = sizeof($graph_timespans) + 1;
}
if (sizeof($graph_timespans) > 0) {
for ($value = $start_val; $value < $end_val; $value++) {
print "<option value='{$value}'";
if ($_REQUEST["predefined_timespan"] == $value) {
print " selected";
}
print ">" . title_trim($graph_timespans[$value], 40) . "</option>\n";
}
}
?>
</select>
</td>
<td nowrap style='white-space: nowrap;' width='30'>
<strong>From:</strong>
</td>
<td width='150' nowrap style='white-space: nowrap;'>
<input type='text' name='date1' id='date1' title='Graph Begin Timestamp' size='14' value='<?php
print isset($_SESSION["sess_current_date1"]) ? $_SESSION["sess_current_date1"] : "";
?>
'>
<input style='padding-bottom: 4px;' type='image' src='<?php
print $config["url_path"];
?>
images/calendar.gif' alt='Start date selector' title='Start date selector' border='0' align='absmiddle' onclick="return showCalendar('date1');">
</td>
<td nowrap style='white-space: nowrap;' width='20'>
<strong>To:</strong>
</td>
<td width='150' nowrap style='white-space: nowrap;'>
<input type='text' name='date2' id='date2' title='Graph End Timestamp' size='14' value='<?php
print isset($_SESSION["sess_current_date2"]) ? $_SESSION["sess_current_date2"] : "";
?>
'>
<input style='padding-bottom: 4px;' type='image' src='<?php
print $config["url_path"];
?>
images/calendar.gif' alt='End date selector' title='End date selector' border='0' align='absmiddle' onclick="return showCalendar('date2');">
</td>
<td width='125' nowrap style='white-space: nowrap;'>
<input style='padding-bottom: 4px;' type='image' name='move_left' src='<?php
print $config["url_path"];
?>
images/move_left.gif' alt='Left' border='0' align='absmiddle' title='Shift Left'>
<select name='predefined_timeshift' title='Define Shifting Interval' onChange="applyTimespanFilterChange(document.syslog_form)">
<?php
$start_val = 1;
$end_val = sizeof($graph_timeshifts) + 1;
if (sizeof($graph_timeshifts) > 0) {
for ($shift_value = $start_val; $shift_value < $end_val; $shift_value++) {
print "<option value='{$shift_value}'";
if ($_REQUEST["predefined_timeshift"] == $shift_value) {
print " selected";
}
print ">" . title_trim($graph_timeshifts[$shift_value], 40) . "</option>\n";
}
}
?>
</select>
<input style='padding-bottom: 4px;' type='image' name='move_right' src='<?php
print $config["url_path"];
?>
images/move_right.gif' alt='Right' border='0' align='absmiddle' title='Shift Right'>
</td>
<td>
<input type="submit" value='Go' name='go' title="Go">
</td>
<td>
<input type='submit' value='Clear' name='button_clear_x' title='Return to the default time span'>
</td>
<td>
<input type='submit' value='Export' name='export' title='Export Records to CSV'>
</td>
<td>
<input type='hidden' name='action' value='actions'>
<input type='hidden' name='syslog_pdt_change' value='false'>
</td>
</tr>
</table>
</td><?php
if (api_plugin_user_realm_auth('syslog_alerts.php')) {
?>
<td align='right' style='white-space:nowrap;'>
<input type='button' value='Alerts' title='View Syslog Alert Rules' onClick='javascript:document.location="<?php
print $config['url_path'] . "plugins/syslog/syslog_alerts.php";
?>
"'>
<input type='button' value='Removals' title='View Syslog Removal Rules' onClick='javascript:document.location="<?php
print $config['url_path'] . "plugins/syslog/syslog_removal.php";
?>
"'>
<input type='button' value='Reports' title='View Syslog Reports' onClick='javascript:document.location="<?php
print $config['url_path'] . "plugins/syslog/syslog_reports.php";
?>
"'>
</td><?php
}
?>
</tr>
</table>
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr bgcolor="<?php
print $colors["panel"];
?>
" class="noprint">
<td>
<table cellpadding="0" cellspacing="0">
<tr>
<td nowrap style='white-space: nowrap;' width='60'>
<strong>Search:</strong>
</td>
<td style='padding-right:2px;'>
<input type="text" name="filter" size="30" value="<?php
print $_REQUEST["filter"];
?>
">
</td>
<?php
api_plugin_hook('syslog_extend_filter');
?>
<td style='padding-right:2px;'>
<select name="efacility" onChange="javascript:document.getElementById('syslog_form').submit();" title="Facilities">
<option value="0"<?php
if ($_REQUEST["efacility"] == "0") {
?>
selected<?php
}
?>
>All Facilities</option>
<?php
if (!isset($hostfilter)) {
$hostfilter = "";
}
$efacilities = syslog_db_fetch_assoc("SELECT DISTINCT f.facility_id, f.facility\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_host_facilities` AS fh\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS f\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tON f.facility_id=fh.facility_id " . (strlen($hostfilter) ? "WHERE " : "") . $hostfilter . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY facility");
if (sizeof($efacilities)) {
foreach ($efacilities as $efacility) {
print "<option value=" . $efacility["facility_id"];
if ($_REQUEST["efacility"] == $efacility["facility_id"]) {
print " selected";
}
print ">" . ucfirst($efacility["facility"]) . "</option>\n";
}
}
?>
</select>
</td>
<td style='padding-right:2px;'>
<select name="elevel" onChange="javascript:document.getElementById('syslog_form').submit();" title="Priority Levels">
<option value="0"<?php
if ($_REQUEST["elevel"] == "0") {
?>
selected<?php
}
?>
>All Priorities</option>
<option value="1"<?php
if ($_REQUEST["elevel"] == "1") {
?>
selected<?php
}
?>
>Emergency</option>
<option value="2"<?php
if ($_REQUEST["elevel"] == "2") {
?>
selected<?php
}
?>
>Critical++</option>
<option value="2o"<?php
if ($_REQUEST["elevel"] == "2o") {
?>
selected<?php
}
?>
>Critical</option>
<option value="3"<?php
if ($_REQUEST["elevel"] == "3") {
?>
selected<?php
}
?>
>Alert++</option>
<option value="3o"<?php
if ($_REQUEST["elevel"] == "3o") {
?>
selected<?php
}
?>
>Alert</option>
<option value="4"<?php
if ($_REQUEST["elevel"] == "4") {
?>
selected<?php
}
?>
>Error++</option>
<option value="4o"<?php
if ($_REQUEST["elevel"] == "4o") {
?>
selected<?php
}
?>
>Error</option>
<option value="5"<?php
if ($_REQUEST["elevel"] == "5") {
?>
selected<?php
}
?>
>Warning++</option>
<option value="5o"<?php
if ($_REQUEST["elevel"] == "5o") {
?>
selected<?php
}
?>
>Warning</option>
<option value="6"<?php
if ($_REQUEST["elevel"] == "6") {
?>
selected<?php
}
?>
>Notice++</option>
<option value="6o"<?php
if ($_REQUEST["elevel"] == "6o") {
?>
selected<?php
}
?>
>Notice</option>
<option value="7"<?php
if ($_REQUEST["elevel"] == "7") {
?>
selected<?php
}
?>
>Info++</option>
<option value="7o"<?php
if ($_REQUEST["elevel"] == "7o") {
?>
selected<?php
}
?>
>Info</option>
<option value="8"<?php
if ($_REQUEST["elevel"] == "8") {
?>
selected<?php
}
?>
>Debug</option>
</select>
</td>
<?php
if ($_REQUEST["tab"] == "syslog") {
?>
<td style='padding-right:2px;'>
<select name="removal" onChange="javascript:document.getElementById('syslog_form').submit();" title="Removal Handling">
<option value="1"<?php
if ($_REQUEST["removal"] == "1") {
?>
selected<?php
}
?>
>All Records</option>
<option value="-1"<?php
if ($_REQUEST["removal"] == "-1") {
?>
selected<?php
}
?>
>Main Records</option>
<option value="2"<?php
if ($_REQUEST["removal"] == "2") {
?>
selected<?php
}
?>
>Removed Records</option>
</select>
</td>
<?php
}
?>
<td style='padding-right:2px;'>
<select name="rows" onChange="javascript:document.getElementById('syslog_form').submit();" title="Display Rows">
<option value="10"<?php
if ($_REQUEST["rows"] == "10") {
?>
selected<?php
}
?>
>10</option>
<option value="15"<?php
if ($_REQUEST["rows"] == "15") {
?>
selected<?php
}
?>
>15</option>
<option value="20"<?php
if ($_REQUEST["rows"] == "20") {
?>
selected<?php
}
?>
>20</option>
<option value="25"<?php
if ($_REQUEST["rows"] == "25") {
?>
selected<?php
}
?>
>25</option>
<option value="30"<?php
if ($_REQUEST["rows"] == "30") {
?>
selected<?php
}
?>
>30</option>
<option value="35"<?php
if ($_REQUEST["rows"] == "35") {
?>
selected<?php
}
?>
>35</option>
<option value="40"<?php
if ($_REQUEST["rows"] == "40") {
?>
selected<?php
}
?>
>40</option>
<option value="45"<?php
if ($_REQUEST["rows"] == "45") {
?>
selected<?php
}
?>
>45</option>
<option value="50"<?php
if ($_REQUEST["rows"] == "50") {
?>
selected<?php
}
?>
>50</option>
<option value="100"<?php
if ($_REQUEST["rows"] == "100") {
?>
selected<?php
}
?>
>100</option>
<option value="200"<?php
if ($_REQUEST["rows"] == "200") {
?>
selected<?php
}
?>
>200</option>
<option value="500"<?php
if ($_REQUEST["rows"] == "500") {
?>
selected<?php
}
?>
>500</option>
</select>
</td>
<td style='padding-right:2px;'>
<select name="trimval" onChange="javascript:document.getElementById('syslog_form').submit();" title="Message Trim">
<option value="1024"<?php
if ($_REQUEST["trimval"] == "1024") {
?>
selected<?php
}
?>
>All Text</option>
<option value="30"<?php
if ($_REQUEST["trimval"] == "30") {
?>
selected<?php
}
?>
>30 Chars</option>
<option value="50"<?php
if ($_REQUEST["trimval"] == "50") {
?>
selected<?php
}
?>
>50 Chars</option>
<option value="75"<?php
if ($_REQUEST["trimval"] == "75") {
?>
selected<?php
}
?>
>75 Chars</option>
<option value="100"<?php
if ($_REQUEST["trimval"] == "100") {
?>
selected<?php
}
?>
>100 Chars</option>
<option value="150"<?php
if ($_REQUEST["trimval"] == "150") {
?>
selected<?php
}
?>
>150 Chars</option>
<option value="300"<?php
if ($_REQUEST["trimval"] == "300") {
?>
selected<?php
}
?>
>300 Chars</option>
</select>
</td>
<td width="1">
<select name="refresh" onChange="javascript:document.getElementById('syslog_form').submit();">
<?php
foreach ($page_refresh_interval as $seconds => $display_text) {
print "<option value='" . $seconds . "'";
if ($_REQUEST["refresh"] == $seconds) {
print " selected";
}
print ">" . $display_text . "</option>\n";
}
?>
</select>
</td>
</tr>
</table>
</td>
</tr>
<?php
html_end_box(false);
?>
</tr>
</table>
</td>
</tr>
<tr>
<td valign="top" style="border-right: #aaaaaa 1px solid;" bgcolor='#efefef'>
<table align="center" cellpadding="1" cellspacing="0" border="0">
<tr>
<td>
<?php
html_start_box("", "", $colors["header"], "3", "center", "");
?>
<tr>
<td class="textHeader" nowrap>
Select Host(s):
</td>
</tr>
<tr>
<td>
<select title="Host Filters" id="host_select" name="host[]" multiple size="20" style="width: 150px; overflow: scroll; height: auto;" onChange="javascript:document.getElementById('syslog_form').submit();">
<?php
if ($tab == "syslog") {
?>
<option id="host_all" value="0"<?php
if (is_array($_REQUEST["host"]) && $_REQUEST["host"][0] == "0" || $reset_multi) {
?>
selected<?php
}
?>
>Show All Hosts</option><?php
} else {
?>
<option id="host_all" value="0"<?php
if (is_array($_REQUEST["host"]) && $_REQUEST["host"][0] == "0" || $reset_multi) {
?>
selected<?php
}
?>
>Show All Logs</option>
<option id="host_none" value="-1"<?php
if (is_array($_REQUEST["host"]) && $_REQUEST["host"][0] == "-1") {
?>
selected<?php
}
?>
>Threshold Logs</option><?php
}
?>
<?php
$hosts_where = "";
$hosts_where = api_plugin_hook_function('syslog_hosts_where', $hosts_where);
$hosts = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_hosts` {$hosts_where} ORDER BY host");
if (sizeof($hosts)) {
foreach ($hosts as $host) {
print "<option value=" . $host["host_id"];
if (sizeof($_REQUEST["host"])) {
foreach ($_REQUEST["host"] as $rh) {
if ($rh == $host["host_id"] && !$reset_multi) {
print " selected";
break;
}
}
} else {
if ($host["host_id"] == $_REQUEST["host"] && !$reset_multi) {
print " selected";
}
}
print ">";
print $host["host"] . "</option>\n";
}
}
?>
</select>
</td>
</tr>
<?php
html_end_box(false);
?>
</td>
</tr>
</table>
</td>
<td width="100%" valign="top" style="padding: 0px;">
<table width="100%" cellspacing="0" cellpadding="1">
<tr>
<td width="100%" valign="top"><?php
display_output_messages();
?>
<?php
if ($tab == "syslog") {
if ($_REQUEST["removal"] == 1) {
$total_rows = syslog_db_fetch_cell("SELECT SUM(totals)\n\t\t\t\t\t\t\t\t\t\t\tFROM (\n\t\t\t\t\t\t\t\t\t\t\tSELECT count(*) AS totals\n\t\t\t\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog` " . $sql_where . "\n\t\t\t\t\t\t\t\t\t\t\tUNION\n\t\t\t\t\t\t\t\t\t\t\tSELECT count(*) AS totals\n\t\t\t\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_removed` " . $sql_where . ") AS rowcount");
} elseif ($_REQUEST["removal"] == -1) {
$total_rows = syslog_db_fetch_cell("SELECT count(*) FROM `" . $syslogdb_default . "`.`syslog` " . $sql_where);
} else {
$total_rows = syslog_db_fetch_cell("SELECT count(*) FROM `" . $syslogdb_default . "`.`syslog_removed` " . $sql_where);
}
} else {
$total_rows = syslog_db_fetch_cell("SELECT count(*)\n\t\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_logs` AS sl\n\t\t\t\t\t\t\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\t\t\tON sl.facility=sf.facility\n\t\t\t\t\t\t\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\t\t\tON sl.priority=sp.priority\n\t\t\t\t\t\t\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\t\t\tON sl.host=sh.host\n\t\t\t\t\t\t\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_alert` AS sa\n\t\t\t\t\t\t\t\t\tON sl.alert_id=sa.id " . $sql_where);
}
html_start_box("", "100%", $colors["header"], "3", "center", "");
$hostarray = "";
if (is_array($_REQUEST["host"])) {
foreach ($_REQUEST["host"] as $h) {
$hostarray .= "host[]={$h}&";
}
} else {
$hostarray .= "host[]=" . $_REQUEST["host"] . "&";
}
return $total_rows;
}
function syslog_upgrade_pre_oneoh_tables($options = false, $isbackground = false)
{
global $config, $cnn_id, $syslog_levels, $database_default, $syslog_upgrade;
include dirname(__FILE__) . "/config.php";
$syslog_levels = array(1 => 'emerg', 2 => 'crit', 3 => 'alert', 4 => 'err', 5 => 'warn', 6 => 'notice', 7 => 'info', 8 => 'debug', 9 => 'other');
if ($isbackground) {
$table = 'syslog_pre_upgrade';
} else {
$table = 'syslog';
}
/* validate some simple information */
$mysqlVersion = syslog_get_mysql_version("syslog");
$truncate = isset($options["upgrade_type"]) && $options["upgrade_type"] == "truncate" ? true : false;
$upgrade_type = isset($options["upgrade_type"]) ? $options["upgrade_type"] : "inline";
$engine = isset($options["engine"]) && $options["engine"] == "innodb" ? "InnoDB" : "MyISAM";
$partitioned = isset($options["db_type"]) && $options["db_type"] == "part" ? true : false;
$syslogexists = sizeof(syslog_db_fetch_row("SHOW TABLES FROM `" . $syslogdb_default . "` LIKE '{$table}'"));
/* disable collection for a bit */
set_config_option('syslog_enabled', '');
if ($upgrade_type == "truncate") {
return;
}
if ($upgrade_type == "inline" || $isbackground) {
syslog_setup_table_new($options);
api_plugin_register_realm('syslog', 'syslog.php', 'Plugin -> Syslog User', 1);
api_plugin_register_realm('syslog', 'syslog_alerts.php,syslog_removal.php,syslog_reports.php', 'Plugin -> Syslog Administration', 1);
/* get the realm id's and change from old to new */
$user = db_fetch_cell("SELECT id FROM plugin_realms WHERE file='syslog.php'") + 100;
$admin = db_fetch_cell("SELECT id FROM plugin_realms WHERE file='syslog_alerts.php'") + 100;
if ($user > 100) {
$users = db_fetch_assoc("SELECT user_id FROM user_auth_realm WHERE realm_id=37");
if (sizeof($users)) {
foreach ($users as $u) {
db_execute("INSERT INTO user_auth_realm\n\t\t\t\t\t(realm_id, user_id) VALUES ({$user}, " . $u["user_id"] . ")\n\t\t\t\t\tON DUPLICATE KEY UPDATE realm_id=VALUES(realm_id)");
db_execute("DELETE FROM user_auth_realm\n\t\t\t\t\tWHERE user_id=" . $u["user_id"] . "\n\t\t\t\t\tAND realm_id=37");
}
}
}
if ($admin > 100) {
$admins = db_fetch_assoc("SELECT user_id FROM user_auth_realm WHERE realm_id=38");
if (sizeof($admins)) {
foreach ($admins as $user) {
db_execute("INSERT INTO user_auth_realm\n\t\t\t\t\t(realm_id, user_id) VALUES ({$admin}, " . $user["user_id"] . ")\n\t\t\t\t\tON DUPLICATE KEY UPDATE realm_id=VALUES(realm_id)");
db_execute("DELETE FROM user_auth_realm\n\t\t\t\t\tWHERE user_id=" . $user["user_id"] . "\n\t\t\t\t\tAND realm_id=38");
}
}
}
/* get the database table names */
$rows = syslog_db_fetch_assoc("SHOW TABLES FROM `" . $syslogdb_default . "`");
if (sizeof($rows)) {
foreach ($rows as $row) {
$tables[] = $row["Tables_in_" . $syslogdb_default];
}
}
/* create the reports table */
syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_logs` (\n\t\t\talert_id integer unsigned not null default '0',\n\t\t\tlogseq bigint unsigned NOT NULL,\n\t\t\tlogtime TIMESTAMP NOT NULL default '0000-00-00 00:00:00',\n\t\t\tlogmsg " . ($mysqlVersion > 5 ? "varchar(1024)" : "text") . " default NULL,\n\t\t\thost varchar(32) default NULL,\n\t\t\tfacility varchar(10) default NULL,\n\t\t\tpriority varchar(10) default NULL,\n\t\t\tcount integer unsigned NOT NULL default '0',\n\t\t\thtml blob default NULL,\n\t\t\tseq bigint unsigned NOT NULL auto_increment,\n\t\t\tPRIMARY KEY (seq),\n\t\t\tKEY logseq (logseq),\n\t\t\tKEY alert_id (alert_id),\n\t\t\tKEY host (host),\n\t\t\tKEY seq (seq),\n\t\t\tKEY logtime (logtime),\n\t\t\tKEY priority (priority),\n\t\t\tKEY facility (facility)) ENGINE={$engine};");
/* create the soft removal table */
syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_host_facilities` (\n\t\t\t`host_id` int(10) unsigned NOT NULL,\n\t\t\t`facility_id` int(10) unsigned NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`host_id`,`facility_id`)) ENGINE={$engine};");
/* create the host reference table */
syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_hosts` (\n\t\t\t`host_id` int(10) unsigned NOT NULL auto_increment,\n\t\t\t`host` VARCHAR(128) NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`host`),\n\t\t\tKEY host_id (`host_id`),\n\t\t\tKEY last_updated (`last_updated`)) ENGINE={$engine}\n\t\t\tCOMMENT='Contains all hosts currently in the syslog table'");
/* check upgrade of syslog_alert */
$sql = "DESCRIBE `" . $syslogdb_default . "`.`syslog_alert`";
$columns = array();
$array = syslog_db_fetch_assoc($sql);
if (sizeof($array)) {
foreach ($array as $row) {
$columns[] = $row["Field"];
}
}
if (!in_array("enabled", $columns)) {
syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_alert` MODIFY COLUMN message varchar(128) DEFAULT NULL, ADD COLUMN enabled CHAR(2) DEFAULT 'on' AFTER type;");
}
if (!in_array("method", $columns)) {
syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_alert` ADD COLUMN method int(10) unsigned NOT NULL default '0' AFTER name");
syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_alert` ADD COLUMN num int(10) unsigned NOT NULL default '1' AFTER method");
syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_alert` ADD COLUMN severity INTEGER UNSIGNED NOT NULL default '0' AFTER name");
}
if (!in_array("command", $columns)) {
syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_alert` ADD COLUMN command varchar(255) DEFAULT NULL AFTER email;");
}
/* check upgrade of syslog_alert */
$sql = "DESCRIBE `" . $syslogdb_default . "`.`syslog_remove`";
$columns = array();
$array = syslog_db_fetch_assoc($sql);
if (sizeof($array)) {
foreach ($array as $row) {
$columns[] = $row["Field"];
}
}
if (!in_array("enabled", $columns)) {
syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_remove` MODIFY COLUMN message varchar(128) DEFAULT NULL, ADD COLUMN enabled CHAR(2) DEFAULT 'on' AFTER type;");
}
if (!in_array("method", $columns)) {
syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_remove` ADD COLUMN method CHAR(5) DEFAULT 'del' AFTER enabled;");
}
syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_hosts`");
syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_hosts` (\n\t\t\t`host_id` int(10) unsigned NOT NULL auto_increment,\n\t\t\t`host` VARCHAR(128) NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`host`),\n\t\t\tKEY host_id (`host_id`),\n\t\t\tKEY last_updated (`last_updated`)) TYPE={$engine}\n\t\t\tCOMMENT='Contains all hosts currently in the syslog table'");
syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_facilities`");
syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_facilities` (\n\t\t\t`facility_id` int(10) unsigned NOT NULL auto_increment,\n\t\t\t`facility` varchar(10) NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`facility`),\n\t\t\tKEY facility_id (`facility_id`)) ENGINE={$engine};");
syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_priorities`");
syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_priorities` (\n\t\t\t`priority_id` int(10) unsigned NOT NULL auto_increment,\n\t\t\t`priority` varchar(10) NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`priority`),\n\t\t\tKEY priority_id (`priority_id`)) ENGINE={$engine};");
syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_host_facilities`");
syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_host_facilities` (\n\t\t\t`host_id` int(10) unsigned NOT NULL,\n\t\t\t`facility_id` int(10) unsigned NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`host_id`,`facility_id`)) ENGINE={$engine};");
/* populate the tables */
syslog_db_execute("INSERT INTO `" . $syslogdb_default . "`.`syslog_hosts` (host) SELECT DISTINCT host FROM `" . $syslogdb_default . "`.`{$table}`");
syslog_db_execute("INSERT INTO `" . $syslogdb_default . "`.`syslog_facilities` (facility) SELECT DISTINCT facility FROM `" . $syslogdb_default . "`.`{$table}`");
foreach ($syslog_levels as $id => $priority) {
syslog_db_execute("REPLACE INTO `" . $syslogdb_default . "`.`syslog_priorities` (priority_id, priority) VALUES ({$id}, '{$priority}')");
}
/* a bit more horsepower please */
syslog_db_execute("INSERT INTO `" . $syslogdb_default . "`.`syslog_host_facilities`\n\t\t\t(host_id, facility_id)\n\t\t\tSELECT host_id, facility_id\n\t\t\tFROM ((SELECT DISTINCT host, facility\n\t\t\t\tFROM `" . $syslogdb_default . "`.`{$table}`) AS s\n\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\tON s.host=sh.host\n\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\tON sf.facility=s.facility)");
/* change the structure of the syslog table for performance sake */
$mysqlVersion = syslog_get_mysql_version("syslog");
if ($mysqlVersion >= 5) {
syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tMODIFY COLUMN message varchar(1024) DEFAULT NULL,\n\t\t\t\tADD COLUMN facility_id int(10) UNSIGNED NULL AFTER facility,\n\t\t\t\tADD COLUMN priority_id int(10) UNSIGNED NULL AFTER facility_id,\n\t\t\t\tADD COLUMN host_id int(10) UNSIGNED NULL AFTER priority_id,\n\t\t\t\tADD COLUMN logtime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00' AFTER priority,\n\t\t\t\tADD INDEX facility_id (facility_id),\n\t\t\t\tADD INDEX priority_id (priority_id),\n\t\t\t\tADD INDEX host_id (host_id),\n\t\t\t\tADD INDEX logtime(logtime);");
} else {
syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tADD COLUMN facility_id int(10) UNSIGNED NULL AFTER host,\n\t\t\t\tADD COLUMN priority_id int(10) UNSIGNED NULL AFTER facility_id,\n\t\t\t\tADD COLUMN host_id int(10) UNSIGNED NULL AFTER priority_id,\n\t\t\t\tADD COLUMN logtime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00' AFTER priority,\n\t\t\t\tADD INDEX facility_id (facility_id),\n\t\t\t\tADD INDEX priority_id (priority_id),\n\t\t\t\tADD INDEX host_id (host_id),\n\t\t\t\tADD INDEX logtime(logtime);");
}
/* convert dates and times to timestamp */
syslog_db_execute("UPDATE `" . $syslogdb_default . "`.`{$table}` SET logtime=TIMESTAMP(`date`, `time`)");
/* update the host_ids */
$hosts = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_hosts`");
if (sizeof($hosts)) {
foreach ($hosts as $host) {
syslog_db_execute("UPDATE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tSET host_id=" . $host["host_id"] . "\n\t\t\t\tWHERE host='" . $host["host"] . "'");
}
}
/* update the priority_ids */
$priorities = $syslog_levels;
if (sizeof($priorities)) {
foreach ($priorities as $id => $priority) {
syslog_db_execute("UPDATE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tSET priority_id=" . $id . "\n\t\t\t\tWHERE priority='" . $priority . "'");
}
}
/* update the facility_ids */
$fac = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_facilities`");
if (sizeof($fac)) {
foreach ($fac as $f) {
syslog_db_execute("UPDATE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tSET facility_id=" . $f["facility_id"] . "\n\t\t\t\tWHERE facility='" . $f["facility"] . "'");
}
}
if (!$isbackground) {
syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tDROP COLUMN `date`,\n\t\t\t\tDROP COLUMN `time`,\n\t\t\t\tDROP COLUMN `host`,\n\t\t\t\tDROP COLUMN `facility`,\n\t\t\t\tDROP COLUMN `priority`");
} else {
while (true) {
$fetch_size = '10000';
$sequence = syslog_db_fetch_cell("SELECT max(seq) FROM (SELECT seq FROM `" . $syslogdb_default . "`.`{$table}` ORDER BY seq LIMIT {$fetch_size}) AS preupgrade");
if ($sequence > 0 && $sequence != '') {
syslog_db_execute("INSERT INTO `" . $syslogdb_default . "`.`syslog` (facility_id, priority_id, host_id, logtime, message)\n\t\t\t\t\t\tSELECT facility_id, priority_id, host_id, logtime, message\n\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\t\t\tWHERE seq<{$sequence}");
syslog_db_execute("DELETE FROM `" . $syslogdb_default . "`.`{$table}` WHERE seq<={$sequence}");
} else {
syslog_db_execute("DROP TABLE `" . $syslogdb_default . "`.`{$table}`");
break;
}
}
}
/* create the soft removal table */
syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_removed`");
syslog_db_execute("CREATE TABLE `" . $syslogdb_default . "`.`syslog_removed` LIKE `" . $syslogdb_default . "`.`syslog`");
} else {
include_once $config['base_path'] . "/lib/poller.php";
$p = dirname(__FILE__);
$command_string = read_config_option("path_php_binary");
$extra_args = ' -q ' . $config['base_path'] . '/plugins/syslog/syslog_upgrade.php --type=' . $options["db_type"] . ' --engine=' . $engine . ' --days=' . $options["days"];
cacti_log("SYSLOG NOTE: Launching Background Syslog Database Upgrade Process", false, "SYSTEM");
exec_background($command_string, $extra_args);
}
/* reenable syslog xferral */
set_config_option('syslog_enabled', 'on');
}
function syslog_removal()
{
global $syslog_actions, $message_types, $config;
include dirname(__FILE__) . '/config.php';
/* ================= input validation and session storage ================= */
$filters = array('rows' => array('filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1'), 'page' => array('filter' => FILTER_VALIDATE_INT, 'default' => '1'), 'id' => array('filter' => FILTER_VALIDATE_INT, 'default' => '1'), 'enabled' => array('filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1'), 'filter' => array('filter' => FILTER_CALLBACK, 'pageset' => true, 'default' => '', 'options' => array('options' => 'sanitize_search_string')), 'sort_column' => array('filter' => FILTER_CALLBACK, 'default' => 'name', 'options' => array('options' => 'sanitize_search_string')), 'sort_direction' => array('filter' => FILTER_CALLBACK, 'default' => 'ASC', 'options' => array('options' => 'sanitize_search_string')));
validate_store_request_vars($filters, 'sess_syslogr');
/* ================= input validation ================= */
html_start_box(__('Syslog Removal Rule Filters'), '100%', '', '3', 'center', 'syslog_removal.php?action=edit&type=1');
syslog_filter();
html_end_box();
$sql_where = '';
if (get_request_var('rows') == -1) {
$row_limit = read_config_option('num_rows_table');
} elseif (get_request_var('rows') == -2) {
$row_limit = 999999;
} else {
$row_limit = get_request_var('rows');
}
$removals = syslog_get_removal_records($sql_where, $row_limit);
$rows_query_string = "SELECT COUNT(*)\n\t\tFROM `" . $syslogdb_default . "`.`syslog_remove`\n\t\t{$sql_where}";
$total_rows = syslog_db_fetch_cell($rows_query_string);
$nav = html_nav_bar('syslog_removal.php?filter=' . get_request_var('filter'), MAX_DISPLAY_PAGES, get_request_var('page'), $row_limit, $total_rows, 13, 'Rules', 'page', 'main');
form_start('syslog_removal.php', 'chk');
print $nav;
html_start_box('', '100%', '', '3', 'center', '');
$display_text = array('name' => array(__('Removal Name'), 'ASC'), 'enabled' => array(__('Enabled'), 'ASC'), 'type' => array(__('Match Type'), 'ASC'), 'message' => array(__('Search String'), 'ASC'), 'method' => array(__('Method'), 'DESC'), 'date' => array(__('Last Modified'), 'ASC'), 'user' => array(__('By User'), 'DESC'));
html_header_sort_checkbox($display_text, get_request_var('sort_column'), get_request_var('sort_direction'));
if (sizeof($removals)) {
foreach ($removals as $removal) {
form_alternate_row('line' . $removal['id'], true);
form_selectable_cell(filter_value(title_trim($removal['name'], read_config_option('max_title_length')), get_request_var('filter'), $config['url_path'] . 'plugins/syslog/syslog_removal.php?action=edit&id=' . $removal['id']), $removal['id']);
form_selectable_cell($removal['enabled'] == 'on' ? __('Yes') : __('No'), $removal['id']);
form_selectable_cell($message_types[$removal['type']], $removal['id']);
form_selectable_cell($removal['message'], $removal['id']);
form_selectable_cell($removal['method'] == 'del' ? __('Deletion') : __('Transfer'), $removal['id']);
form_selectable_cell(date('Y-m-d H:i:s', $removal['date']), $removal['id']);
form_selectable_cell($removal['user'], $removal['id']);
form_checkbox_cell($removal['name'], $removal['id']);
form_end_row();
}
} else {
print "<tr><td colspan='4'><em>" . __('No Syslog Removal Rules Defined') . "</em></td></tr>";
}
html_end_box(false);
if (sizeof($removals)) {
print $nav;
}
draw_actions_dropdown($syslog_actions);
form_end();
}
/** function syslog_messages()
* This is the main page display function in Syslog. Displays all the
* syslog messages that are relevant to Syslog.
*/
function syslog_messages($tab = 'syslog')
{
global $sql_where, $hostfilter, $severities;
global $config, $syslog_incoming_config, $reset_multi, $syslog_levels;
include dirname(__FILE__) . '/config.php';
include './include/global_arrays.php';
/* force the initial timespan to be 30 minutes for performance reasons */
if (!isset($_SESSION['sess_syslog_init'])) {
$_SESSION['sess_current_timespan'] = 1;
$_SESSION['sess_syslog_init'] = 1;
}
$url_curr_page = get_browser_query_string();
$sql_where = '';
if (get_request_var('rows') == -1) {
$row_limit = read_config_option('num_rows_table');
} elseif (get_request_var('rows') == -2) {
$row_limit = 999999;
} else {
$row_limit = get_request_var('rows');
}
$syslog_messages = get_syslog_messages($sql_where, $row_limit, $tab);
syslog_filter($sql_where, $tab);
if ($tab == 'syslog') {
if (get_request_var('removal') == 1) {
$total_rows = syslog_db_fetch_cell("SELECT SUM(totals)\n\t\t\t\tFROM (\n\t\t\t\t\tSELECT count(*) AS totals\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog` AS syslog\n\t\t\t\t\t{$sql_where}\n\t\t\t\t\tUNION\n\t\t\t\t\tSELECT count(*) AS totals\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_removed` AS syslog\n\t\t\t\t\t{$sql_where}\n\t\t\t\t) AS rowcount");
} elseif (get_request_var("removal") == -1) {
$total_rows = syslog_db_fetch_cell("SELECT count(*) \n\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog` AS syslog\n\t\t\t\t{$sql_where}");
} else {
$total_rows = syslog_db_fetch_cell("SELECT count(*) \n\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_removed` AS syslog\n\t\t\t\t{$sql_where}");
}
} else {
$total_rows = syslog_db_fetch_cell("SELECT count(*)\n\t\t\tFROM `" . $syslogdb_default . "`.`syslog_logs` AS syslog\n\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\tON syslog.facility_id=sf.facility_id \n\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\tON syslog.priority_id=sp.priority_id \n\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_alert` AS sa\n\t\t\tON syslog.alert_id=sa.id \n\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_programs` AS spr\n\t\t\tON syslog.program_id=spr.program_id " . $sql_where);
}
if ($tab == 'syslog') {
$nav = html_nav_bar("syslog.php?tab={$tab}", MAX_DISPLAY_PAGES, get_request_var_request('page'), $row_limit, $total_rows, 7, 'Messages', 'page', 'main');
if (api_plugin_user_realm_auth('syslog_alerts.php')) {
$display_text = array('nosortt' => array(__('Actions'), 'ASC'), 'logtime' => array(__('Date'), 'ASC'), 'host_id' => array(__('Host'), 'ASC'), 'program' => array(__('Program'), 'ASC'), 'message' => array(__('Message'), 'ASC'), 'facility_id' => array(__('Facility'), 'ASC'), 'priority_id' => array(__('Priority'), 'ASC'));
} else {
$display_text = array('logtime' => array(__('Date'), 'ASC'), 'host_id' => array(__('Host'), 'ASC'), 'program' => array(__('Program'), 'ASC'), 'message' => array(__('Message'), 'ASC'), 'facility_id' => array(__('Facility'), 'ASC'), 'priority_id' => array(__('Priority'), 'ASC'));
}
print $nav;
html_start_box('', '100%', '', '3', 'center', '');
html_header_sort($display_text, get_request_var('sort_column'), get_request_var('sort_direction'));
$hosts = array_rekey(syslog_db_fetch_assoc('SELECT host_id, host FROM `' . $syslogdb_default . '`.`syslog_hosts`'), 'host_id', 'host');
$facilities = array_rekey(syslog_db_fetch_assoc('SELECT facility_id, facility FROM `' . $syslogdb_default . '`.`syslog_facilities`'), 'facility_id', 'facility');
$priorities = array_rekey(syslog_db_fetch_assoc('SELECT priority_id, priority FROM `' . $syslogdb_default . '`.`syslog_priorities`'), 'priority_id', 'priority');
if (sizeof($syslog_messages)) {
foreach ($syslog_messages as $syslog_message) {
$title = htmlspecialchars($syslog_message['message'], ENT_QUOTES);
syslog_row_color($syslog_message['priority_id'], $title);
if (api_plugin_user_realm_auth('syslog_alerts.php')) {
print "<td class='nowrap left' style='width:1%:padding:1px !important;'>";
if ($syslog_message['mtype'] == 'main') {
print "<a style='padding:1px' href='" . htmlspecialchars('syslog_alerts.php?id=' . $syslog_message[$syslog_incoming_config['id']] . '&action=newedit&type=0') . "'><img src='images/add.png' border='0'></a>\n\t\t\t\t\t\t<a style='padding:1px' href='" . htmlspecialchars('syslog_removal.php?id=' . $syslog_message[$syslog_incoming_config['id']] . '&action=newedit&type=new&type=0') . "'><img src='images/delete.png' border='0'></a>\n";
}
print "</td>\n";
}
print '<td class="left nowrap">' . $syslog_message['logtime'] . "</td>\n";
print '<td class="left nowrap">' . $hosts[$syslog_message['host_id']] . "</td>\n";
print '<td class="left nowrap">' . $syslog_message['program'] . "</td>\n";
print '<td class="left syslogMessage">' . filter_value(title_trim($syslog_message[$syslog_incoming_config['textField']], get_request_var_request('trimval')), get_request_var('filter')) . "</td>\n";
print '<td class="left nowrap">' . ucfirst($facilities[$syslog_message['facility_id']]) . "</td>\n";
print '<td class="left nowrap">' . ucfirst($priorities[$syslog_message['priority_id']]) . "</td>\n";
}
} else {
print "<tr><td class='center' colspan='7'><em>" . __('No Syslog Messages') . "</em></td></tr>";
}
html_end_box(false);
if (sizeof($syslog_messages)) {
print $nav;
}
syslog_syslog_legend();
print "<script type='text/javascript'>\$(function() { \$('button').tooltip({ closed: true }).on('focus', function() { \$('#filter').tooltip('close') }).on('click', function() { \$(this).tooltip('close'); }); })</script>\n";
} else {
$nav = html_nav_bar("syslog.php?tab={$tab}", MAX_DISPLAY_PAGES, get_request_var_request('page'), $row_limit, $total_rows, 8, 'Alert Log Rows', 'page', 'main');
print $nav;
$display_text = array('name' => array('display' => __('Alert Name'), 'sort' => 'ASC', 'align' => 'left'), 'severity' => array('display' => __('Severity'), 'sort' => 'ASC', 'align' => 'left'), 'logtime' => array('display' => __('Date'), 'sort' => 'ASC', 'align' => 'left'), 'logmsg' => array('display' => __('Message'), 'sort' => 'ASC', 'align' => 'left'), 'count' => array('display' => __('Count'), 'sort' => 'ASC', 'align' => 'right'), 'host' => array('display' => __('Host'), 'sort' => 'ASC', 'align' => 'right'), 'facility_id' => array('display' => __('Facility'), 'sort' => 'ASC', 'align' => 'right'), 'priority_id' => array('display' => __('Priority'), 'sort' => 'ASC', 'align' => 'right'));
html_start_box('', '100%', '', '3', 'center', '');
html_header_sort($display_text, get_request_var('sort_column'), get_request_var('sort_direction'));
if (sizeof($syslog_messages)) {
foreach ($syslog_messages as $log) {
$title = htmlspecialchars($log['logmsg'], ENT_QUOTES);
syslog_row_color($log['severity'], $title);
print "<td class='left'><a class='linkEditMain' href='" . htmlspecialchars($config['url_path'] . 'plugins/syslog/syslog.php?id=' . $log['seq'] . '&tab=current') . "'>" . (strlen($log['name']) ? $log['name'] : 'Alert Removed') . "</a></td>\n";
print '<td class="left nowrap">' . (isset($severities[$log['severity']]) ? $severities[$log['severity']] : 'Unknown') . "</td>\n";
print '<td class="left nowrap">' . $log['logtime'] . "</td>\n";
print '<td class="left syslogMessage">' . filter_value(title_trim($log['logmsg'], get_request_var_request('trimval')), get_request_var('filter')) . "</td>\n";
print '<td class="right nowrap">' . $log['count'] . "</td>\n";
print '<td class="right nowrap">' . $log['host'] . "</td>\n";
print '<td class="right nowrap">' . ucfirst($log['facility']) . "</td>\n";
print '<td class="right nowrap">' . ucfirst($log['priority']) . "</td>\n";
print "</tr>\n";
}
} else {
print "<tr><td colspan='11'><em>" . __('No Alert Log Messages') . "</em></td></tr>";
}
html_end_box(false);
if (sizeof($syslog_messages)) {
print $nav;
}
syslog_log_legend();
}
}
}
}
$htmlm .= "</table></body></html>";
$alertm .= "-----------------------------------------------\n\n";
if ($alert["method"] == 1) {
$sequence = syslog_log_alert($alert["id"], $alert["name"] . " [" . $alert["message"] . "]", $alert["severity"], $at[0], sizeof($at), $htmlm);
$smsalert = "Sev:" . $severities[$alert["severity"]] . ", Count:" . sizeof($at) . ", URL:" . read_config_option("alert_base_url") . "plugins/syslog/syslog.php?tab=current&id=" . $sequence;
}
syslog_debug("Alert Rule '" . $alert['name'] . "' has been activated");
}
}
}
if ($alertm != '' && $alert['method'] == 1) {
$resend = true;
if ($alert['repeat_alert'] > 0) {
$found = syslog_db_fetch_cell("SELECT count(*)\n\t\t\t\t\tFROM syslog_logs\n\t\t\t\t\tWHERE alert_id=" . $alert['id'] . "\n\t\t\t\t\tAND logtime>'{$date}'");
if ($found) {
$resend = false;
}
}
if ($resend) {
syslog_sendemail(trim($alert['email']), '', 'Event Alert - ' . $alert['name'], $html ? $htmlm : $alertm, $smsalert);
if ($alert['open_ticket'] == 'on' && strlen(read_config_option("syslog_ticket_command"))) {
if (is_executable(read_config_option("syslog_ticket_command"))) {
exec(read_config_option("syslog_ticket_command") . " --alert-name='" . clean_up_name($alert['name']) . "'" . " --severity='" . $alert['severity'] . "'" . " --hostlist='" . implode(",", $hostlist) . "'" . " --message='" . $alert['message'] . "'");
}
}
}
}
}
}
function syslog_alerts()
{
global $syslog_actions, $config, $message_types, $severities;
include dirname(__FILE__) . '/config.php';
/* ================= input validation and session storage ================= */
$filters = array('rows' => array('filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1'), 'page' => array('filter' => FILTER_VALIDATE_INT, 'default' => '1'), 'id' => array('filter' => FILTER_VALIDATE_INT, 'default' => '1'), 'enabled' => array('filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1'), 'filter' => array('filter' => FILTER_CALLBACK, 'pageset' => true, 'default' => '', 'options' => array('options' => 'sanitize_search_string')), 'sort_column' => array('filter' => FILTER_CALLBACK, 'default' => 'name', 'options' => array('options' => 'sanitize_search_string')), 'sort_direction' => array('filter' => FILTER_CALLBACK, 'default' => 'ASC', 'options' => array('options' => 'sanitize_search_string')));
validate_store_request_vars($filters, 'sess_sysloga');
/* ================= input validation ================= */
html_start_box(__('Syslog Alert Filters'), '100%', '', '3', 'center', 'syslog_alerts.php?action=edit');
syslog_filter();
html_end_box();
$sql_where = '';
if (get_request_var('rows') == '-1') {
$row_limit = read_config_option('num_rows_table');
} elseif (get_request_var('rows') == -2) {
$row_limit = 999999;
} else {
$row_limit = get_request_var('rows');
}
$alerts = syslog_get_alert_records($sql_where, $row_limit);
$rows_query_string = "SELECT COUNT(*)\n\t\tFROM `" . $syslogdb_default . "`.`syslog_alert`\n\t\t{$sql_where}";
$total_rows = syslog_db_fetch_cell($rows_query_string);
$nav = html_nav_bar('syslog_alerts.php?filter=' . get_request_var('filter'), MAX_DISPLAY_PAGES, get_request_var('page'), $row_limit, $total_rows, 13, __('Alerts'), 'page', 'main');
form_start('syslog_alerts.php', 'chk');
print $nav;
html_start_box('', '100%', '', '3', 'center', '');
$display_text = array('name' => array(__('Alert Name'), 'ASC'), 'severity' => array(__('Severity'), 'ASC'), 'method' => array(__('Method'), 'ASC'), 'num' => array(__('Threshold Count'), 'ASC'), 'enabled' => array(__('Enabled'), 'ASC'), 'type' => array(__('Match Type'), 'ASC'), 'message' => array(__('Search String'), 'ASC'), 'email' => array(__('E-Mail Addresses'), 'DESC'), 'date' => array(__('Last Modified'), 'ASC'), 'user' => array(__('By User'), 'DESC'));
html_header_sort_checkbox($display_text, get_request_var('sort_column'), get_request_var('sort_direction'));
if (sizeof($alerts)) {
foreach ($alerts as $alert) {
form_alternate_row('line' . $alert['id'], true);
form_selectable_cell("<a class='linkEditMain' href='" . $config['url_path'] . 'plugins/syslog/syslog_alerts.php?action=edit&id=' . $alert['id'] . "'>" . (get_request_var('filter') != '' ? preg_replace('/(' . preg_quote(get_request_var('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", $alert['name']) : $alert['name']) . '</a>', $alert['id']);
form_selectable_cell($severities[$alert['severity']], $alert['id']);
form_selectable_cell($alert['method'] == 1 ? __('Threshold') : __('Individual'), $alert['id']);
form_selectable_cell($alert['method'] == 1 ? $alert['num'] : __('N/A'), $alert['id']);
form_selectable_cell($alert['enabled'] == 'on' ? __('Yes') : __('No'), $alert['id']);
form_selectable_cell($message_types[$alert['type']], $alert['id']);
form_selectable_cell(title_trim($alert['message'], 60), $alert['id']);
form_selectable_cell(substr_count($alert['email'], ',') ? __('Multiple') : $alert['email'], $alert['id']);
form_selectable_cell(date('Y-m-d H:i:s', $alert['date']), $alert['id']);
form_selectable_cell($alert['user'], $alert['id']);
form_checkbox_cell($alert['name'], $alert['id']);
form_end_row();
}
} else {
print "<tr><td colspan='4'><em>" . __('No Syslog Alerts Defined') . "</em></td></tr>";
}
html_end_box(false);
if (sizeof($alerts)) {
print $nav;
}
draw_actions_dropdown($syslog_actions);
form_end();
}
function syslog_remove_items($table, $uniqueID)
{
global $config, $syslog_cnn, $syslog_incoming_config;
include dirname(__FILE__) . "/config.php";
/* REMOVE ALL THE THINGS WE DONT WANT TO SEE */
$rows = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_remove` WHERE enabled='on'");
syslog_debug("Found " . sizeof($rows) . ", Removal Rule(s)" . " to process");
$removed = 0;
$xferred = 0;
$total = syslog_db_fetch_cell("SELECT count(*) FROM `" . $syslogdb_default . "`.`syslog_incoming` WHERE status={$uniqueID}");
if (sizeof($rows)) {
foreach ($rows as $remove) {
$sql = "";
$sql1 = "";
if ($remove['type'] == 'facility') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE " . $syslog_incoming_config["facilityField"] . "='" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE " . $syslog_incoming_config["facilityField"] . "='" . $remove['message'] . "' AND status='" . $uniqueID . "'";
} else {
if ($remove['type'] == 'host') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE host='" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE host='" . $remove['message'] . "' AND status='" . $uniqueID . "'";
} else {
if ($remove['type'] == 'messageb') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%' AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%' AND status='" . $uniqueID . "'";
} else {
if ($remove['type'] == 'messagec') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%' AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%' AND status='" . $uniqueID . "'";
} else {
if ($remove['type'] == 'messagee') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "' AND status='" . $uniqueID . "'";
} else {
if ($remove['type'] == 'sql') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE (" . $remove['message'] . ") AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE message (" . $remove['message'] . ") AND status='" . $uniqueID . "'";
}
}
}
}
}
}
if ($sql != '' || $sql1 != '') {
$debugm = '';
/* process the removal rule first */
if ($sql1 != '') {
/* move rows first */
syslog_db_execute($sql1);
$messages_moved = $syslog_cnn->Affected_Rows();
$debugm = "Moved " . $messages_moved . ", ";
$xferred += $messages_moved;
}
/* now delete the remainder that match */
syslog_db_execute($sql);
$removed += $syslog_cnn->Affected_Rows();
$debugm = "Deleted " . $removed . ", ";
syslog_debug($debugm . " Message" . ($syslog_cnn->Affected_rows() == 1 ? "" : "s") . " for removal rule '" . $remove['name'] . "'");
}
}
}
if ($removed == 0) {
$xferred = $total;
}
return array("removed" => $removed, "xferred" => $xferred);
}
function syslog_remove_items($table, $uniqueID)
{
global $config, $syslog_cnn, $syslog_incoming_config;
include dirname(__FILE__) . '/config.php';
if ($table == 'syslog') {
$rows = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_remove` WHERE enabled='on' AND id={$uniqueID}");
} else {
$rows = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_remove` WHERE enabled='on'");
}
syslog_debug("Found " . sizeof($rows) . ", Removal Rule(s) to process");
$removed = 0;
$xferred = 0;
if ($table == 'syslog_incoming') {
$total = syslog_db_fetch_cell("SELECT count(*) FROM `" . $syslogdb_default . "`.`syslog_incoming` WHERE status={$uniqueID}");
} else {
$total = 0;
}
if (sizeof($rows)) {
foreach ($rows as $remove) {
$sql = '';
$sql1 = '';
if ($remove['type'] == 'facility') {
if ($table == 'syslog_incoming') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE " . $syslog_incoming_config["facilityField"] . "='" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE " . $syslog_incoming_config['facilityField'] . "='" . $remove['message'] . "' AND status='" . $uniqueID . "'";
} else {
$facility_id = syslog_db_fetch_cell("SELECT facility_id FROM `" . $syslogdb_default . "`.`syslog_facilities` WHERE facility='" . $remove['message'] . "'");
if (!empty($facility_id)) {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE facility_id={$facility_id}";
}
$sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE facility_id={$facility_id}";
}
}
} else {
if ($remove['type'] == 'host') {
if ($table == 'syslog_incoming') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE host='" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE host='" . $remove['message'] . "' AND status='" . $uniqueID . "'";
} else {
$host_id = syslog_db_fetch_cell("SELECT host_id FROM `" . $syslogdb_default . "`.`syslog_hosts` WHERE host='" . $remove['message'] . "'");
if (!empty($host_id)) {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE host_id={$host_id}";
}
$sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE host_id={$host_id}";
}
}
} else {
if ($remove['type'] == 'messageb') {
if ($table == 'syslog_incoming') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%' AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%' AND status='" . $uniqueID . "'";
} else {
if ($remove['message'] != '') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%'";
}
$sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%'";
}
}
} else {
if ($remove['type'] == 'messagec') {
if ($table == 'syslog_incoming') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%' AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%' AND status='" . $uniqueID . "'";
} else {
if ($remove['message'] != '') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%'";
}
$sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%'";
}
}
} else {
if ($remove['type'] == 'messagee') {
if ($table == 'syslog_incoming') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "' AND status='" . $uniqueID . "'";
} else {
if ($remove['message'] != '') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "'";
}
$sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "'";
}
}
} else {
if ($remove['type'] == 'sql') {
if ($table == 'syslog_incoming') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE (" . $remove['message'] . ") AND status=" . $uniqueID . ") AS merge";
}
$sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE (" . $remove['message'] . ") AND status='" . $uniqueID . "'";
} else {
if ($remove['message'] != '') {
if ($remove['method'] != 'del') {
$sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE " . $remove['message'];
}
$sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE " . $remove['message'];
}
}
}
}
}
}
}
}
if ($sql != '' || $sql1 != '') {
$debugm = '';
/* process the removal rule first */
if ($sql1 != '') {
/* now delete the remainder that match */
syslog_db_execute($sql1);
}
/* now delete the remainder that match */
syslog_db_execute($sql);
$removed += db_affected_rows($syslog_cnn);
$debugm = 'Deleted ' . $removed . ', ';
if ($sql1 != '') {
$xferred += db_affected_rows($syslog_cnn);
$debugm = 'Moved ' . $xferred . ', ';
}
syslog_debug($debugm . ' Message' . (db_affected_rows($syslog_cnn) == 1 ? '' : 's') . " for removal rule '" . $remove['name'] . "'");
}
}
}
if ($removed == 0) {
$xferred = $total;
}
return array('removed' => $removed, 'xferred' => $xferred);
}
