public static function discardUnused($dbh)
 {
     if (!Options::pretend()) {
         $dbh->clearCache(get_class());
         $delete = $dbh->prepare("DELETE FROM hostip WHERE id NOT IN (SELECT hostipid FROM event)");
         $delete->execute();
     }
 }
 private function update()
 {
     $this->tLast = $this->tUpdatedLast;
     if (!Options::pretend()) {
         if ($this->tTouched) {
             $this->tMtime = Files::safeFilemtime($this->tFile);
             if (is_null($this->tId)) {
                 $insert = $this->tDbh->prepare("INSERT INTO sourcestate (name, file, mtime, last) VALUES(?, ?, ?, ?)");
                 $insert->bindValue(1, $this->tName, PDO::PARAM_STR);
                 $insert->bindValue(2, $this->tFile, PDO::PARAM_STR);
                 $insert->bindValue(3, $this->tMtime, PDO::PARAM_INT);
                 $insert->bindValue(4, $this->tLast, PDO::PARAM_INT);
                 $insert->execute();
                 $this->tId = $this->tDbh->lastInsertId();
             } else {
                 $update = $this->tDbh->prepare("UPDATE sourcestate a SET a.mtime = ?, a.last = ? WHERE a.id = ? ");
                 $update->bindValue(1, $this->tMtime, PDO::PARAM_INT);
                 $update->bindValue(2, $this->tLast, PDO::PARAM_INT);
                 $update->bindValue(3, $this->tId, PDO::PARAM_STR);
                 $update->execute();
             }
         } elseif (!is_null($this->tId)) {
             $delete = $this->tDbh->prepare("DELETE FROM sourcestate WHERE id = ?");
             $delete->bindValue(1, $this->tId, PDO::PARAM_STR);
             $delete->execute();
         }
     }
 }
 private function update()
 {
     $loghostId = QueryLoghost::getLoghostId($this->tDbh, $this->tMatchedLoghost);
     $serviceId = QueryService::getServiceId($this->tDbh, $this->tMatchedService);
     $networkId = QueryHostipNetwork::getNetworkId($this->tDbh, $this->tNetworkmap, $this->tMatchedHostip);
     $hostipId = QueryHostip::getHostipId($this->tDbh, $this->tMatchedHostip);
     $hostmacId = QueryHostmac::getHostmacId($this->tDbh, $this->tMatchedHostmac);
     $userId = QueryUser::getUserId($this->tDbh, $this->tUserdb, $this->tMatchedUser);
     if (!Options::pretend()) {
         $select = $this->tDbh->prepare("SELECT a.id, a.count, a.first, a.last FROM event a WHERE a.loghostid = ? AND a.serviceid = ? AND a.typeid = ? AND a.networkid = ? AND a.hostipid = ? AND a.hostmacid = ? AND a.userid = ?");
         $select->bindValue(1, $loghostId, PDO::PARAM_STR);
         $select->bindValue(2, $serviceId, PDO::PARAM_STR);
         $select->bindValue(3, $this->tEvent->getTypeid(), PDO::PARAM_STR);
         $select->bindValue(4, $networkId, PDO::PARAM_STR);
         $select->bindValue(5, $hostipId, PDO::PARAM_STR);
         $select->bindValue(6, $hostmacId, PDO::PARAM_STR);
         $select->bindValue(7, $userId, PDO::PARAM_STR);
         $select->execute();
         $select->bindColumn(1, $id, PDO::PARAM_STR);
         $select->bindColumn(2, $count, PDO::PARAM_INT);
         $select->bindColumn(3, $first, PDO::PARAM_INT);
         $select->bindColumn(4, $last, PDO::PARAM_INT);
         if ($select->fetch(PDO::FETCH_BOUND) !== false) {
             $count++;
             $first = min($first, $this->tMatchedTimestamp);
             $last = max($last, $this->tMatchedTimestamp);
             $update = $this->tDbh->prepare("UPDATE event SET count = ?, first = ?, last = ? WHERE id = ?");
             $update->bindValue(1, $count, PDO::PARAM_INT);
             $update->bindValue(2, $first, PDO::PARAM_INT);
             $update->bindValue(3, $last, PDO::PARAM_INT);
             $update->bindValue(4, $id, PDO::PARAM_STR);
             $update->execute();
         } else {
             $insert = $this->tDbh->prepare("INSERT INTO event (loghostid, serviceid, typeid, networkid, hostipid, hostmacid, userid, count, first, last) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
             $insert->bindValue(1, $loghostId, PDO::PARAM_STR);
             $insert->bindValue(2, $serviceId, PDO::PARAM_STR);
             $insert->bindValue(3, $this->tEvent->getTypeid(), PDO::PARAM_STR);
             $insert->bindValue(4, $networkId, PDO::PARAM_STR);
             $insert->bindValue(5, $hostipId, PDO::PARAM_STR);
             $insert->bindValue(6, $hostmacId, PDO::PARAM_STR);
             $insert->bindValue(7, $userId, PDO::PARAM_STR);
             $insert->bindValue(8, 1, PDO::PARAM_INT);
             $insert->bindValue(9, $this->tMatchedTimestamp, PDO::PARAM_INT);
             $insert->bindValue(10, $this->tMatchedTimestamp, PDO::PARAM_INT);
             $insert->execute();
             $id = $this->tDbh->lastInsertId();
         }
         $insert = $this->tDbh->prepare("INSERT INTO log (eventid, time, line) VALUES(?, ?, ?)");
         foreach ($this->tMatchedLines as $line) {
             $insert->bindValue(1, $id, PDO::PARAM_STR);
             $insert->bindValue(2, $this->tMatchedTimestamp, PDO::PARAM_STR);
             $insert->bindValue(3, $line, PDO::PARAM_STR);
             $insert->execute();
         }
     }
 }
Ejemplo n.º 4
0
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
require_once "lib/autoload.php";
$status = -1;
$elapsed = microtime(true);
try {
    $config = dirname(__FILE__) . "/logmon.conf.php";
    $requiredConfigs = array($config);
    CheckConfig::configs($requiredConfigs);
    require_once $config;
    $requiredExtensions = array("mbstring", "pcre", "PDO");
    CheckConfig::extensions($requiredExtensions);
    mb_internal_encoding("UTF-8");
    Options::setDebug(DEBUG || array_search("--debug", $argv));
    Options::setPretend(array_search("--pretend", $argv));
    Options::setVerbose(Options::debug() || Options::pretend() || array_search("--verbose", $argv));
    Log::open(__FILE__, true, Options::verbose(), Options::debug());
    Log::notice(sprintf("Running '%s'...", implode(" ", $argv)));
    $monitor = Monitor::create(dirname(__FILE__) . "/monitor");
    if ($monitor !== false) {
        $sources = $monitor->getEnabledSources();
        $dbh = new DBH(DBDSN, DBUSER, DBPASS);
        $processor = new Processor($dbh);
        foreach ($sources as $source) {
            $processor->process($monitor, $source);
        }
        $processor->discard(EVENT_DISCARD_THRESHOLD);
        $status = 0;
    } else {
        $status = 1;
    }