function syslog_graph_buttons($graph_elements = array()) { global $config, $timespan, $graph_timeshifts; include dirname(__FILE__) . '/config.php'; if (get_nfilter_request_var('action') == 'view') { return; } if (isset_request_var('graph_end') && strlen(get_filter_request_var('graph_end'))) { $date1 = date('Y-m-d H:i:s', get_filter_request_var('graph_start')); $date2 = date('Y-m-d H:i:s', get_filter_request_var('graph_end')); } else { $date1 = $timespan['current_value_date1']; $date2 = $timespan['current_value_date2']; } if (isset($graph_elements[1]['local_graph_id'])) { $graph_local = db_fetch_row("SELECT host_id FROM graph_local WHERE id='" . $graph_elements[1]['local_graph_id'] . "'"); $sql_where = ''; if (isset($graph_local['host_id'])) { $host = db_fetch_row("SELECT description, hostname FROM host WHERE id='" . $graph_local['host_id'] . "'"); if (sizeof($host)) { if (!is_ipv4_address($host['description']) && strpos($host['description'], '.') !== false) { $parts = explode('.', $host['description']); $sql_where = "WHERE host LIKE '" . $parts[0] . ".%'"; } else { $sql_where = "WHERE host='" . $host['description'] . "'"; } if (!is_ipv4_address($host['hostname']) && strpos($host['hostname'], '.') !== false) { $parts = explode('.', $host['hostname']); $sql_where .= ($sql_where != '' ? ' OR ' : 'WHERE ') . "host LIKE '" . $parts[0] . ".%'"; } else { $sql_where .= ($sql_where != '' ? ' OR ' : 'WHERE ') . "host='" . $host['hostname'] . "'"; } if ($sql_where != '') { $host = syslog_db_fetch_cell("SELECT host_id FROM `" . $syslogdb_default . "`.`syslog_hosts` {$sql_where}"); if (!empty($host)) { print "<a href='" . htmlspecialchars($config['url_path'] . 'plugins/syslog/syslog.php?tab=syslog&reset=1&host=' . $host['host_id'] . '&date1=' . $date1 . '&date2=' . $date2) . "'><img src='" . $config['url_path'] . "plugins/syslog/images/view_syslog.png' border='0' alt='' title='" . __('Display Syslog in Range') . "'></a><br>"; } } } } } }
function syslog_alerts() { global $colors, $syslog_actions, $config, $message_types, $severities; include dirname(__FILE__) . "/config.php"; /* ================= input validation ================= */ input_validate_input_number(get_request_var_request("id")); input_validate_input_number(get_request_var_request("page")); input_validate_input_number(get_request_var_request("enabled")); input_validate_input_number(get_request_var_request("rows")); /* ==================================================== */ /* clean up filter */ if (isset($_REQUEST["filter"])) { $_REQUEST["filter"] = sanitize_search_string(get_request_var("filter")); } /* clean up sort_column */ if (isset($_REQUEST["sort_column"])) { $_REQUEST["sort_column"] = sanitize_search_string(get_request_var("sort_column")); } /* clean up sort direction */ if (isset($_REQUEST["sort_direction"])) { $_REQUEST["sort_direction"] = sanitize_search_string(get_request_var("sort_direction")); } /* if the user pushed the 'clear' button */ if (isset($_REQUEST["clear"])) { kill_session_var("sess_syslog_alerts_page"); kill_session_var("sess_syslog_alerts_rows"); kill_session_var("sess_syslog_alerts_filter"); kill_session_var("sess_syslog_alerts_enabled"); kill_session_var("sess_syslog_alerts_sort_column"); kill_session_var("sess_syslog_alerts_sort_direction"); $_REQUEST["page"] = 1; unset($_REQUEST["filter"]); unset($_REQUEST["enabled"]); unset($_REQUEST["rows"]); unset($_REQUEST["sort_column"]); unset($_REQUEST["sort_direction"]); } else { /* if any of the settings changed, reset the page number */ $changed = 0; $changed += syslog_check_changed("filter", "sess_syslog_alerts_filter"); $changed += syslog_check_changed("enabled", "sess_syslog_alerts_enabled"); $changed += syslog_check_changed("rows", "sess_syslog_alerts_rows"); $changed += syslog_check_changed("sort_column", "sess_syslog_alerts_sort_column"); $changed += syslog_check_changed("sort_direction", "sess_syslog_alerts_sort_direction"); if ($changed) { $_REQUEST["page"] = "1"; } } /* remember these search fields in session vars so we don't have to keep passing them around */ load_current_session_value("page", "sess_syslog_alerts_paage", "1"); load_current_session_value("rows", "sess_syslog_alerts_rows", "-1"); load_current_session_value("enabled", "sess_syslog_alerts_enabled", "-1"); load_current_session_value("filter", "sess_syslog_alerts_filter", ""); load_current_session_value("sort_column", "sess_syslog_alerts_sort_column", "name"); load_current_session_value("sort_direction", "sess_syslog_alerts_sort_direction", "ASC"); html_start_box("<strong>Syslog Alert Filters</strong>", "100%", $colors["header"], "3", "center", "syslog_alerts.php?action=edit"); syslog_filter(); html_end_box(); html_start_box("", "100%", $colors["header"], "3", "center", ""); $sql_where = ""; if ($_REQUEST["rows"] == "-1") { $row_limit = read_config_option("num_rows_syslog"); } elseif ($_REQUEST["rows"] == -2) { $row_limit = 999999; } else { $row_limit = $_REQUEST["rows"]; } $alerts = syslog_get_alert_records($sql_where, $row_limit); $rows_query_string = "SELECT COUNT(*)\n\t\tFROM `" . $syslogdb_default . "`.`syslog_alert`\n\t\t{$sql_where}"; $total_rows = syslog_db_fetch_cell($rows_query_string); ?> <script type="text/javascript"> <!-- function applyChange(objForm) { strURL = '?enabled=' + objForm.enabled.value; strURL = strURL + '&filter=' + objForm.filter.value; strURL = strURL + '&rows=' + objForm.rows.value; document.location = strURL; } --> </script> <?php /* generate page list */ $url_page_select = get_page_list($_REQUEST["page"], MAX_DISPLAY_PAGES, $row_limit, $total_rows, "syslog_alerts.php?filter=" . $_REQUEST["filter"]); if ($total_rows > 0) { $nav = "<tr bgcolor='#" . $colors["header"] . "'>\n\t\t\t\t\t<td colspan='13'>\n\t\t\t\t\t\t<table width='100%' cellspacing='0' cellpadding='0' border='0'>\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td align='left' class='textHeaderDark'>\n\t\t\t\t\t\t\t\t\t<strong><< "; if ($_REQUEST["page"] > 1) { $nav .= "<a class='linkOverDark' href='syslog_alerts.php?report=arp&page=" . ($_REQUEST["page"] - 1) . "'>"; } $nav .= "Previous"; if ($_REQUEST["page"] > 1) { $nav .= "</a>"; } $nav .= "</strong>\n\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t\t<td align='center' class='textHeaderDark'>\n\t\t\t\t\t\t\t\t\tShowing Rows " . ($total_rows == 0 ? "None" : $row_limit * ($_REQUEST["page"] - 1) + 1 . " to " . ($total_rows < $row_limit || $total_rows < $row_limit * $_REQUEST["page"] ? $total_rows : $row_limit * $_REQUEST["page"]) . " of {$total_rows} [{$url_page_select}]") . "\n\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t\t<td align='right' class='textHeaderDark'>\n\t\t\t\t\t\t\t\t\t<strong>"; if ($_REQUEST["page"] * $row_limit < $total_rows) { $nav .= "<a class='linkOverDark' href='syslog_alerts.php?report=arp&page=" . ($_REQUEST["page"] + 1) . "'>"; } $nav .= "Next"; if ($_REQUEST["page"] * $row_limit < $total_rows) { $nav .= "</a>"; } $nav .= " >></strong>\n\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t</table>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n"; } else { $nav = "<tr bgcolor='#" . $colors["header"] . "' class='noprint'>\n\t\t\t\t\t<td colspan='22'>\n\t\t\t\t\t\t<table width='100%' cellspacing='0' cellpadding='0' border='0'>\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td align='center' class='textHeaderDark'>\n\t\t\t\t\t\t\t\t\tNo Rows Found\n\t\t\t\t\t\t\t\t</td>\n\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t</table>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n"; } print $nav; $display_text = array("name" => array("Alert<br>Name", "ASC"), "severity" => array("<br>Severity", "ASC"), "method" => array("<br>Method", "ASC"), "num" => array("Threshold<br>Count", "ASC"), "enabled" => array("<br>Enabled", "ASC"), "type" => array("Match<br>Type", "ASC"), "message" => array("Search<br>String", "ASC"), "email" => array("E-Mail<br>Addresses", "DESC"), "date" => array("Last<br>Modified", "ASC"), "user" => array("By<br>User", "DESC")); html_header_sort_checkbox($display_text, $_REQUEST["sort_column"], $_REQUEST["sort_direction"]); $i = 0; if (sizeof($alerts) > 0) { foreach ($alerts as $alert) { form_alternate_row_color($colors["alternate"], $colors["light"], $i, 'line' . $alert["id"]); $i++; form_selectable_cell("<a class='linkEditMain' href='" . $config['url_path'] . "plugins/syslog/syslog_alerts.php?action=edit&id=" . $alert["id"] . "'>" . ($_REQUEST["filter"] != "" ? eregi_replace("(" . preg_quote($_REQUEST["filter"]) . ")", "<span style='background-color: #F8D93D;'>\\1</span>", $alert["name"]) : $alert["name"]) . "</a>", $alert["id"]); form_selectable_cell($severities[$alert["severity"]], $alert["id"]); form_selectable_cell($alert["method"] == 1 ? "Threshold" : "Individual", $alert["id"]); form_selectable_cell($alert["method"] == 1 ? $alert["num"] : "N/A", $alert["id"]); form_selectable_cell($alert["enabled"] == "on" ? "Yes" : "No", $alert["id"]); form_selectable_cell($message_types[$alert["type"]], $alert["id"]); form_selectable_cell(title_trim($alert["message"], 60), $alert["id"]); form_selectable_cell(substr_count($alert["email"], ",") ? "Multiple" : $alert["email"], $alert["id"]); form_selectable_cell(date("Y-m-d H:i:s", $alert["date"]), $alert["id"]); form_selectable_cell($alert["user"], $alert["id"]); form_checkbox_cell($alert["name"], $alert["id"]); form_end_row(); } } else { print "<tr><td colspan='4'><em>No Syslog Alerts Defined</em></td></tr>"; } html_end_box(false); /* draw the dropdown containing a list of available actions for this form */ draw_actions_dropdown($syslog_actions); }
} $htmlm .= '</table></body></html>'; $alertm .= "-----------------------------------------------\n\n"; if ($alert['method'] == 1) { $sequence = syslog_log_alert($alert['id'], $alert['name'], $alert['severity'], $at[0], sizeof($at), $htmlm, $hostlist); $smsalert = 'Sev:' . $severities[$alert['severity']] . ', Count:' . sizeof($at) . ', URL:' . read_config_option('alert_base_url') . 'plugins/syslog/syslog.php?tab=current&id=' . $sequence; } syslog_debug("Alert Rule '" . $alert['name'] . "' has been activated"); } } } if ($alertm != '' && $alert['method'] == 1) { $resend = true; if ($alert['repeat_alert'] > 0) { $found = syslog_db_fetch_cell('SELECT count(*) FROM syslog_logs WHERE alert_id=' . $alert['id'] . "\n\t\t\t\t\tAND logtime>'{$date}'"); if ($found) { $resend = false; } } if ($resend) { syslog_sendemail(trim($alert['email']), '', 'Event Alert - ' . $alert['name'], $html ? $htmlm : $alertm, $smsalert); if ($alert['open_ticket'] == 'on' && strlen(read_config_option('syslog_ticket_command'))) { if (is_executable(read_config_option('syslog_ticket_command'))) { exec(read_config_option('syslog_ticket_command') . " --alert-name='" . clean_up_name($alert['name']) . "'" . " --severity='" . $alert['severity'] . "'" . " --hostlist='" . implode(',', $hostlist) . "'" . " --message='" . $alert['message'] . "'"); } } } } }
function syslog_filter($sql_where, $tab) { global $colors, $config, $graph_timespans, $graph_timeshifts, $reset_multi, $page_refresh_interval; include dirname(__FILE__) . "/config.php"; if (isset($_SESSION["sess_current_date1"])) { $filter_text = "</strong> [ Start: '" . $_SESSION["sess_current_date1"] . "' to End: '" . $_SESSION["sess_current_date2"] . "' ]"; } else { $filter_text = "</strong>"; } ?> <script type="text/javascript"> <!-- // Initialize the calendar calendar=null; // This function displays the calendar associated to the input field 'id' function showCalendar(id) { var el = document.getElementById(id); if (calendar != null) { // we already have some calendar created calendar.hide(); // so we hide it first. } else { // first-time call, create the calendar. var cal = new Calendar(true, null, selected, closeHandler); cal.weekNumbers = false; // Do not display the week number cal.showsTime = true; // Display the time cal.time24 = true; // Hours have a 24 hours format cal.showsOtherMonths = false; // Just the current month is displayed calendar = cal; // remember it in the global var cal.setRange(1900, 2070); // min/max year allowed. cal.create(); } calendar.setDateFormat('%Y-%m-%d %H:%M'); // set the specified date format calendar.parseDate(el.value); // try to parse the text in field calendar.sel = el; // inform it what input field we use // Display the calendar below the input field calendar.showAtElement(el, "Br"); // show the calendar return false; } // This function update the date in the input field when selected function selected(cal, date) { cal.sel.value = date; // just update the date in the input field. } // This function gets called when the end-user clicks on the 'Close' button. // It just hides the calendar without destroying it. function closeHandler(cal) { cal.hide(); // hide the calendar calendar = null; } function applyTimespanFilterChange(objForm) { strURL = '?predefined_timespan=' + objForm.predefined_timespan.value; strURL = strURL + '&predefined_timeshift=' + objForm.predefined_timeshift.value; document.location = strURL; } --> </script> <form style='margin:0px;padding:0px;' id="syslog_form" name="syslog_form" method="post" action="syslog.php"> <table width="100%" cellspacing="0" cellpadding="0" border="0"> <tr> <td colspan="2" style="background-color:#EFEFEF;"> <table width='100%' cellpadding="0" cellspacing="0" border="0"> <tr> <td width='100%'> <?php html_start_box("<strong>Syslog Message Filter{$filter_text}", "100%", $colors["header"], "1", "center", ""); ?> <tr bgcolor="<?php print $colors["panel"]; ?> " class="noprint"> <td class="noprint"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td nowrap style='white-space: nowrap;' width='60'> <strong>Presets:</strong> </td> <td nowrap style='white-space: nowrap;' width='130'> <select name='predefined_timespan' onChange="applyTimespanFilterChange(document.syslog_form)"> <?php if ($_SESSION["custom"]) { $graph_timespans[GT_CUSTOM] = "Custom"; $_REQUEST["predefined_timespan"] = GT_CUSTOM; $start_val = 0; $end_val = sizeof($graph_timespans); } else { if (isset($graph_timespans[GT_CUSTOM])) { asort($graph_timespans); array_shift($graph_timespans); } $start_val = 1; $end_val = sizeof($graph_timespans) + 1; } if (sizeof($graph_timespans) > 0) { for ($value = $start_val; $value < $end_val; $value++) { print "<option value='{$value}'"; if ($_REQUEST["predefined_timespan"] == $value) { print " selected"; } print ">" . title_trim($graph_timespans[$value], 40) . "</option>\n"; } } ?> </select> </td> <td nowrap style='white-space: nowrap;' width='30'> <strong>From:</strong> </td> <td width='150' nowrap style='white-space: nowrap;'> <input type='text' name='date1' id='date1' title='Graph Begin Timestamp' size='14' value='<?php print isset($_SESSION["sess_current_date1"]) ? $_SESSION["sess_current_date1"] : ""; ?> '> <input style='padding-bottom: 4px;' type='image' src='<?php print $config["url_path"]; ?> images/calendar.gif' alt='Start date selector' title='Start date selector' border='0' align='absmiddle' onclick="return showCalendar('date1');"> </td> <td nowrap style='white-space: nowrap;' width='20'> <strong>To:</strong> </td> <td width='150' nowrap style='white-space: nowrap;'> <input type='text' name='date2' id='date2' title='Graph End Timestamp' size='14' value='<?php print isset($_SESSION["sess_current_date2"]) ? $_SESSION["sess_current_date2"] : ""; ?> '> <input style='padding-bottom: 4px;' type='image' src='<?php print $config["url_path"]; ?> images/calendar.gif' alt='End date selector' title='End date selector' border='0' align='absmiddle' onclick="return showCalendar('date2');"> </td> <td width='125' nowrap style='white-space: nowrap;'> <input style='padding-bottom: 4px;' type='image' name='move_left' src='<?php print $config["url_path"]; ?> images/move_left.gif' alt='Left' border='0' align='absmiddle' title='Shift Left'> <select name='predefined_timeshift' title='Define Shifting Interval' onChange="applyTimespanFilterChange(document.syslog_form)"> <?php $start_val = 1; $end_val = sizeof($graph_timeshifts) + 1; if (sizeof($graph_timeshifts) > 0) { for ($shift_value = $start_val; $shift_value < $end_val; $shift_value++) { print "<option value='{$shift_value}'"; if ($_REQUEST["predefined_timeshift"] == $shift_value) { print " selected"; } print ">" . title_trim($graph_timeshifts[$shift_value], 40) . "</option>\n"; } } ?> </select> <input style='padding-bottom: 4px;' type='image' name='move_right' src='<?php print $config["url_path"]; ?> images/move_right.gif' alt='Right' border='0' align='absmiddle' title='Shift Right'> </td> <td> <input type="submit" value='Go' name='go' title="Go"> </td> <td> <input type='submit' value='Clear' name='button_clear_x' title='Return to the default time span'> </td> <td> <input type='submit' value='Export' name='export' title='Export Records to CSV'> </td> <td> <input type='hidden' name='action' value='actions'> <input type='hidden' name='syslog_pdt_change' value='false'> </td> </tr> </table> </td><?php if (api_plugin_user_realm_auth('syslog_alerts.php')) { ?> <td align='right' style='white-space:nowrap;'> <input type='button' value='Alerts' title='View Syslog Alert Rules' onClick='javascript:document.location="<?php print $config['url_path'] . "plugins/syslog/syslog_alerts.php"; ?> "'> <input type='button' value='Removals' title='View Syslog Removal Rules' onClick='javascript:document.location="<?php print $config['url_path'] . "plugins/syslog/syslog_removal.php"; ?> "'> <input type='button' value='Reports' title='View Syslog Reports' onClick='javascript:document.location="<?php print $config['url_path'] . "plugins/syslog/syslog_reports.php"; ?> "'> </td><?php } ?> </tr> </table> <table width="100%" cellpadding="0" cellspacing="0" border="0"> <tr bgcolor="<?php print $colors["panel"]; ?> " class="noprint"> <td> <table cellpadding="0" cellspacing="0"> <tr> <td nowrap style='white-space: nowrap;' width='60'> <strong>Search:</strong> </td> <td style='padding-right:2px;'> <input type="text" name="filter" size="30" value="<?php print $_REQUEST["filter"]; ?> "> </td> <?php api_plugin_hook('syslog_extend_filter'); ?> <td style='padding-right:2px;'> <select name="efacility" onChange="javascript:document.getElementById('syslog_form').submit();" title="Facilities"> <option value="0"<?php if ($_REQUEST["efacility"] == "0") { ?> selected<?php } ?> >All Facilities</option> <?php if (!isset($hostfilter)) { $hostfilter = ""; } $efacilities = syslog_db_fetch_assoc("SELECT DISTINCT f.facility_id, f.facility\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_host_facilities` AS fh\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS f\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tON f.facility_id=fh.facility_id " . (strlen($hostfilter) ? "WHERE " : "") . $hostfilter . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY facility"); if (sizeof($efacilities)) { foreach ($efacilities as $efacility) { print "<option value=" . $efacility["facility_id"]; if ($_REQUEST["efacility"] == $efacility["facility_id"]) { print " selected"; } print ">" . ucfirst($efacility["facility"]) . "</option>\n"; } } ?> </select> </td> <td style='padding-right:2px;'> <select name="elevel" onChange="javascript:document.getElementById('syslog_form').submit();" title="Priority Levels"> <option value="0"<?php if ($_REQUEST["elevel"] == "0") { ?> selected<?php } ?> >All Priorities</option> <option value="1"<?php if ($_REQUEST["elevel"] == "1") { ?> selected<?php } ?> >Emergency</option> <option value="2"<?php if ($_REQUEST["elevel"] == "2") { ?> selected<?php } ?> >Critical++</option> <option value="2o"<?php if ($_REQUEST["elevel"] == "2o") { ?> selected<?php } ?> >Critical</option> <option value="3"<?php if ($_REQUEST["elevel"] == "3") { ?> selected<?php } ?> >Alert++</option> <option value="3o"<?php if ($_REQUEST["elevel"] == "3o") { ?> selected<?php } ?> >Alert</option> <option value="4"<?php if ($_REQUEST["elevel"] == "4") { ?> selected<?php } ?> >Error++</option> <option value="4o"<?php if ($_REQUEST["elevel"] == "4o") { ?> selected<?php } ?> >Error</option> <option value="5"<?php if ($_REQUEST["elevel"] == "5") { ?> selected<?php } ?> >Warning++</option> <option value="5o"<?php if ($_REQUEST["elevel"] == "5o") { ?> selected<?php } ?> >Warning</option> <option value="6"<?php if ($_REQUEST["elevel"] == "6") { ?> selected<?php } ?> >Notice++</option> <option value="6o"<?php if ($_REQUEST["elevel"] == "6o") { ?> selected<?php } ?> >Notice</option> <option value="7"<?php if ($_REQUEST["elevel"] == "7") { ?> selected<?php } ?> >Info++</option> <option value="7o"<?php if ($_REQUEST["elevel"] == "7o") { ?> selected<?php } ?> >Info</option> <option value="8"<?php if ($_REQUEST["elevel"] == "8") { ?> selected<?php } ?> >Debug</option> </select> </td> <?php if ($_REQUEST["tab"] == "syslog") { ?> <td style='padding-right:2px;'> <select name="removal" onChange="javascript:document.getElementById('syslog_form').submit();" title="Removal Handling"> <option value="1"<?php if ($_REQUEST["removal"] == "1") { ?> selected<?php } ?> >All Records</option> <option value="-1"<?php if ($_REQUEST["removal"] == "-1") { ?> selected<?php } ?> >Main Records</option> <option value="2"<?php if ($_REQUEST["removal"] == "2") { ?> selected<?php } ?> >Removed Records</option> </select> </td> <?php } ?> <td style='padding-right:2px;'> <select name="rows" onChange="javascript:document.getElementById('syslog_form').submit();" title="Display Rows"> <option value="10"<?php if ($_REQUEST["rows"] == "10") { ?> selected<?php } ?> >10</option> <option value="15"<?php if ($_REQUEST["rows"] == "15") { ?> selected<?php } ?> >15</option> <option value="20"<?php if ($_REQUEST["rows"] == "20") { ?> selected<?php } ?> >20</option> <option value="25"<?php if ($_REQUEST["rows"] == "25") { ?> selected<?php } ?> >25</option> <option value="30"<?php if ($_REQUEST["rows"] == "30") { ?> selected<?php } ?> >30</option> <option value="35"<?php if ($_REQUEST["rows"] == "35") { ?> selected<?php } ?> >35</option> <option value="40"<?php if ($_REQUEST["rows"] == "40") { ?> selected<?php } ?> >40</option> <option value="45"<?php if ($_REQUEST["rows"] == "45") { ?> selected<?php } ?> >45</option> <option value="50"<?php if ($_REQUEST["rows"] == "50") { ?> selected<?php } ?> >50</option> <option value="100"<?php if ($_REQUEST["rows"] == "100") { ?> selected<?php } ?> >100</option> <option value="200"<?php if ($_REQUEST["rows"] == "200") { ?> selected<?php } ?> >200</option> <option value="500"<?php if ($_REQUEST["rows"] == "500") { ?> selected<?php } ?> >500</option> </select> </td> <td style='padding-right:2px;'> <select name="trimval" onChange="javascript:document.getElementById('syslog_form').submit();" title="Message Trim"> <option value="1024"<?php if ($_REQUEST["trimval"] == "1024") { ?> selected<?php } ?> >All Text</option> <option value="30"<?php if ($_REQUEST["trimval"] == "30") { ?> selected<?php } ?> >30 Chars</option> <option value="50"<?php if ($_REQUEST["trimval"] == "50") { ?> selected<?php } ?> >50 Chars</option> <option value="75"<?php if ($_REQUEST["trimval"] == "75") { ?> selected<?php } ?> >75 Chars</option> <option value="100"<?php if ($_REQUEST["trimval"] == "100") { ?> selected<?php } ?> >100 Chars</option> <option value="150"<?php if ($_REQUEST["trimval"] == "150") { ?> selected<?php } ?> >150 Chars</option> <option value="300"<?php if ($_REQUEST["trimval"] == "300") { ?> selected<?php } ?> >300 Chars</option> </select> </td> <td width="1"> <select name="refresh" onChange="javascript:document.getElementById('syslog_form').submit();"> <?php foreach ($page_refresh_interval as $seconds => $display_text) { print "<option value='" . $seconds . "'"; if ($_REQUEST["refresh"] == $seconds) { print " selected"; } print ">" . $display_text . "</option>\n"; } ?> </select> </td> </tr> </table> </td> </tr> <?php html_end_box(false); ?> </tr> </table> </td> </tr> <tr> <td valign="top" style="border-right: #aaaaaa 1px solid;" bgcolor='#efefef'> <table align="center" cellpadding="1" cellspacing="0" border="0"> <tr> <td> <?php html_start_box("", "", $colors["header"], "3", "center", ""); ?> <tr> <td class="textHeader" nowrap> Select Host(s): </td> </tr> <tr> <td> <select title="Host Filters" id="host_select" name="host[]" multiple size="20" style="width: 150px; overflow: scroll; height: auto;" onChange="javascript:document.getElementById('syslog_form').submit();"> <?php if ($tab == "syslog") { ?> <option id="host_all" value="0"<?php if (is_array($_REQUEST["host"]) && $_REQUEST["host"][0] == "0" || $reset_multi) { ?> selected<?php } ?> >Show All Hosts</option><?php } else { ?> <option id="host_all" value="0"<?php if (is_array($_REQUEST["host"]) && $_REQUEST["host"][0] == "0" || $reset_multi) { ?> selected<?php } ?> >Show All Logs</option> <option id="host_none" value="-1"<?php if (is_array($_REQUEST["host"]) && $_REQUEST["host"][0] == "-1") { ?> selected<?php } ?> >Threshold Logs</option><?php } ?> <?php $hosts_where = ""; $hosts_where = api_plugin_hook_function('syslog_hosts_where', $hosts_where); $hosts = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_hosts` {$hosts_where} ORDER BY host"); if (sizeof($hosts)) { foreach ($hosts as $host) { print "<option value=" . $host["host_id"]; if (sizeof($_REQUEST["host"])) { foreach ($_REQUEST["host"] as $rh) { if ($rh == $host["host_id"] && !$reset_multi) { print " selected"; break; } } } else { if ($host["host_id"] == $_REQUEST["host"] && !$reset_multi) { print " selected"; } } print ">"; print $host["host"] . "</option>\n"; } } ?> </select> </td> </tr> <?php html_end_box(false); ?> </td> </tr> </table> </td> <td width="100%" valign="top" style="padding: 0px;"> <table width="100%" cellspacing="0" cellpadding="1"> <tr> <td width="100%" valign="top"><?php display_output_messages(); ?> <?php if ($tab == "syslog") { if ($_REQUEST["removal"] == 1) { $total_rows = syslog_db_fetch_cell("SELECT SUM(totals)\n\t\t\t\t\t\t\t\t\t\t\tFROM (\n\t\t\t\t\t\t\t\t\t\t\tSELECT count(*) AS totals\n\t\t\t\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog` " . $sql_where . "\n\t\t\t\t\t\t\t\t\t\t\tUNION\n\t\t\t\t\t\t\t\t\t\t\tSELECT count(*) AS totals\n\t\t\t\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_removed` " . $sql_where . ") AS rowcount"); } elseif ($_REQUEST["removal"] == -1) { $total_rows = syslog_db_fetch_cell("SELECT count(*) FROM `" . $syslogdb_default . "`.`syslog` " . $sql_where); } else { $total_rows = syslog_db_fetch_cell("SELECT count(*) FROM `" . $syslogdb_default . "`.`syslog_removed` " . $sql_where); } } else { $total_rows = syslog_db_fetch_cell("SELECT count(*)\n\t\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_logs` AS sl\n\t\t\t\t\t\t\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\t\t\tON sl.facility=sf.facility\n\t\t\t\t\t\t\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\t\t\tON sl.priority=sp.priority\n\t\t\t\t\t\t\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\t\t\tON sl.host=sh.host\n\t\t\t\t\t\t\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_alert` AS sa\n\t\t\t\t\t\t\t\t\tON sl.alert_id=sa.id " . $sql_where); } html_start_box("", "100%", $colors["header"], "3", "center", ""); $hostarray = ""; if (is_array($_REQUEST["host"])) { foreach ($_REQUEST["host"] as $h) { $hostarray .= "host[]={$h}&"; } } else { $hostarray .= "host[]=" . $_REQUEST["host"] . "&"; } return $total_rows; }
function syslog_upgrade_pre_oneoh_tables($options = false, $isbackground = false) { global $config, $cnn_id, $syslog_levels, $database_default, $syslog_upgrade; include dirname(__FILE__) . "/config.php"; $syslog_levels = array(1 => 'emerg', 2 => 'crit', 3 => 'alert', 4 => 'err', 5 => 'warn', 6 => 'notice', 7 => 'info', 8 => 'debug', 9 => 'other'); if ($isbackground) { $table = 'syslog_pre_upgrade'; } else { $table = 'syslog'; } /* validate some simple information */ $mysqlVersion = syslog_get_mysql_version("syslog"); $truncate = isset($options["upgrade_type"]) && $options["upgrade_type"] == "truncate" ? true : false; $upgrade_type = isset($options["upgrade_type"]) ? $options["upgrade_type"] : "inline"; $engine = isset($options["engine"]) && $options["engine"] == "innodb" ? "InnoDB" : "MyISAM"; $partitioned = isset($options["db_type"]) && $options["db_type"] == "part" ? true : false; $syslogexists = sizeof(syslog_db_fetch_row("SHOW TABLES FROM `" . $syslogdb_default . "` LIKE '{$table}'")); /* disable collection for a bit */ set_config_option('syslog_enabled', ''); if ($upgrade_type == "truncate") { return; } if ($upgrade_type == "inline" || $isbackground) { syslog_setup_table_new($options); api_plugin_register_realm('syslog', 'syslog.php', 'Plugin -> Syslog User', 1); api_plugin_register_realm('syslog', 'syslog_alerts.php,syslog_removal.php,syslog_reports.php', 'Plugin -> Syslog Administration', 1); /* get the realm id's and change from old to new */ $user = db_fetch_cell("SELECT id FROM plugin_realms WHERE file='syslog.php'") + 100; $admin = db_fetch_cell("SELECT id FROM plugin_realms WHERE file='syslog_alerts.php'") + 100; if ($user > 100) { $users = db_fetch_assoc("SELECT user_id FROM user_auth_realm WHERE realm_id=37"); if (sizeof($users)) { foreach ($users as $u) { db_execute("INSERT INTO user_auth_realm\n\t\t\t\t\t(realm_id, user_id) VALUES ({$user}, " . $u["user_id"] . ")\n\t\t\t\t\tON DUPLICATE KEY UPDATE realm_id=VALUES(realm_id)"); db_execute("DELETE FROM user_auth_realm\n\t\t\t\t\tWHERE user_id=" . $u["user_id"] . "\n\t\t\t\t\tAND realm_id=37"); } } } if ($admin > 100) { $admins = db_fetch_assoc("SELECT user_id FROM user_auth_realm WHERE realm_id=38"); if (sizeof($admins)) { foreach ($admins as $user) { db_execute("INSERT INTO user_auth_realm\n\t\t\t\t\t(realm_id, user_id) VALUES ({$admin}, " . $user["user_id"] . ")\n\t\t\t\t\tON DUPLICATE KEY UPDATE realm_id=VALUES(realm_id)"); db_execute("DELETE FROM user_auth_realm\n\t\t\t\t\tWHERE user_id=" . $user["user_id"] . "\n\t\t\t\t\tAND realm_id=38"); } } } /* get the database table names */ $rows = syslog_db_fetch_assoc("SHOW TABLES FROM `" . $syslogdb_default . "`"); if (sizeof($rows)) { foreach ($rows as $row) { $tables[] = $row["Tables_in_" . $syslogdb_default]; } } /* create the reports table */ syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_logs` (\n\t\t\talert_id integer unsigned not null default '0',\n\t\t\tlogseq bigint unsigned NOT NULL,\n\t\t\tlogtime TIMESTAMP NOT NULL default '0000-00-00 00:00:00',\n\t\t\tlogmsg " . ($mysqlVersion > 5 ? "varchar(1024)" : "text") . " default NULL,\n\t\t\thost varchar(32) default NULL,\n\t\t\tfacility varchar(10) default NULL,\n\t\t\tpriority varchar(10) default NULL,\n\t\t\tcount integer unsigned NOT NULL default '0',\n\t\t\thtml blob default NULL,\n\t\t\tseq bigint unsigned NOT NULL auto_increment,\n\t\t\tPRIMARY KEY (seq),\n\t\t\tKEY logseq (logseq),\n\t\t\tKEY alert_id (alert_id),\n\t\t\tKEY host (host),\n\t\t\tKEY seq (seq),\n\t\t\tKEY logtime (logtime),\n\t\t\tKEY priority (priority),\n\t\t\tKEY facility (facility)) ENGINE={$engine};"); /* create the soft removal table */ syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_host_facilities` (\n\t\t\t`host_id` int(10) unsigned NOT NULL,\n\t\t\t`facility_id` int(10) unsigned NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`host_id`,`facility_id`)) ENGINE={$engine};"); /* create the host reference table */ syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_hosts` (\n\t\t\t`host_id` int(10) unsigned NOT NULL auto_increment,\n\t\t\t`host` VARCHAR(128) NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`host`),\n\t\t\tKEY host_id (`host_id`),\n\t\t\tKEY last_updated (`last_updated`)) ENGINE={$engine}\n\t\t\tCOMMENT='Contains all hosts currently in the syslog table'"); /* check upgrade of syslog_alert */ $sql = "DESCRIBE `" . $syslogdb_default . "`.`syslog_alert`"; $columns = array(); $array = syslog_db_fetch_assoc($sql); if (sizeof($array)) { foreach ($array as $row) { $columns[] = $row["Field"]; } } if (!in_array("enabled", $columns)) { syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_alert` MODIFY COLUMN message varchar(128) DEFAULT NULL, ADD COLUMN enabled CHAR(2) DEFAULT 'on' AFTER type;"); } if (!in_array("method", $columns)) { syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_alert` ADD COLUMN method int(10) unsigned NOT NULL default '0' AFTER name"); syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_alert` ADD COLUMN num int(10) unsigned NOT NULL default '1' AFTER method"); syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_alert` ADD COLUMN severity INTEGER UNSIGNED NOT NULL default '0' AFTER name"); } if (!in_array("command", $columns)) { syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_alert` ADD COLUMN command varchar(255) DEFAULT NULL AFTER email;"); } /* check upgrade of syslog_alert */ $sql = "DESCRIBE `" . $syslogdb_default . "`.`syslog_remove`"; $columns = array(); $array = syslog_db_fetch_assoc($sql); if (sizeof($array)) { foreach ($array as $row) { $columns[] = $row["Field"]; } } if (!in_array("enabled", $columns)) { syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_remove` MODIFY COLUMN message varchar(128) DEFAULT NULL, ADD COLUMN enabled CHAR(2) DEFAULT 'on' AFTER type;"); } if (!in_array("method", $columns)) { syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`syslog_remove` ADD COLUMN method CHAR(5) DEFAULT 'del' AFTER enabled;"); } syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_hosts`"); syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_hosts` (\n\t\t\t`host_id` int(10) unsigned NOT NULL auto_increment,\n\t\t\t`host` VARCHAR(128) NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`host`),\n\t\t\tKEY host_id (`host_id`),\n\t\t\tKEY last_updated (`last_updated`)) TYPE={$engine}\n\t\t\tCOMMENT='Contains all hosts currently in the syslog table'"); syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_facilities`"); syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_facilities` (\n\t\t\t`facility_id` int(10) unsigned NOT NULL auto_increment,\n\t\t\t`facility` varchar(10) NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`facility`),\n\t\t\tKEY facility_id (`facility_id`)) ENGINE={$engine};"); syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_priorities`"); syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_priorities` (\n\t\t\t`priority_id` int(10) unsigned NOT NULL auto_increment,\n\t\t\t`priority` varchar(10) NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`priority`),\n\t\t\tKEY priority_id (`priority_id`)) ENGINE={$engine};"); syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_host_facilities`"); syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_host_facilities` (\n\t\t\t`host_id` int(10) unsigned NOT NULL,\n\t\t\t`facility_id` int(10) unsigned NOT NULL,\n\t\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\t\tPRIMARY KEY (`host_id`,`facility_id`)) ENGINE={$engine};"); /* populate the tables */ syslog_db_execute("INSERT INTO `" . $syslogdb_default . "`.`syslog_hosts` (host) SELECT DISTINCT host FROM `" . $syslogdb_default . "`.`{$table}`"); syslog_db_execute("INSERT INTO `" . $syslogdb_default . "`.`syslog_facilities` (facility) SELECT DISTINCT facility FROM `" . $syslogdb_default . "`.`{$table}`"); foreach ($syslog_levels as $id => $priority) { syslog_db_execute("REPLACE INTO `" . $syslogdb_default . "`.`syslog_priorities` (priority_id, priority) VALUES ({$id}, '{$priority}')"); } /* a bit more horsepower please */ syslog_db_execute("INSERT INTO `" . $syslogdb_default . "`.`syslog_host_facilities`\n\t\t\t(host_id, facility_id)\n\t\t\tSELECT host_id, facility_id\n\t\t\tFROM ((SELECT DISTINCT host, facility\n\t\t\t\tFROM `" . $syslogdb_default . "`.`{$table}`) AS s\n\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\tON s.host=sh.host\n\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\tON sf.facility=s.facility)"); /* change the structure of the syslog table for performance sake */ $mysqlVersion = syslog_get_mysql_version("syslog"); if ($mysqlVersion >= 5) { syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tMODIFY COLUMN message varchar(1024) DEFAULT NULL,\n\t\t\t\tADD COLUMN facility_id int(10) UNSIGNED NULL AFTER facility,\n\t\t\t\tADD COLUMN priority_id int(10) UNSIGNED NULL AFTER facility_id,\n\t\t\t\tADD COLUMN host_id int(10) UNSIGNED NULL AFTER priority_id,\n\t\t\t\tADD COLUMN logtime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00' AFTER priority,\n\t\t\t\tADD INDEX facility_id (facility_id),\n\t\t\t\tADD INDEX priority_id (priority_id),\n\t\t\t\tADD INDEX host_id (host_id),\n\t\t\t\tADD INDEX logtime(logtime);"); } else { syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tADD COLUMN facility_id int(10) UNSIGNED NULL AFTER host,\n\t\t\t\tADD COLUMN priority_id int(10) UNSIGNED NULL AFTER facility_id,\n\t\t\t\tADD COLUMN host_id int(10) UNSIGNED NULL AFTER priority_id,\n\t\t\t\tADD COLUMN logtime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00' AFTER priority,\n\t\t\t\tADD INDEX facility_id (facility_id),\n\t\t\t\tADD INDEX priority_id (priority_id),\n\t\t\t\tADD INDEX host_id (host_id),\n\t\t\t\tADD INDEX logtime(logtime);"); } /* convert dates and times to timestamp */ syslog_db_execute("UPDATE `" . $syslogdb_default . "`.`{$table}` SET logtime=TIMESTAMP(`date`, `time`)"); /* update the host_ids */ $hosts = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_hosts`"); if (sizeof($hosts)) { foreach ($hosts as $host) { syslog_db_execute("UPDATE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tSET host_id=" . $host["host_id"] . "\n\t\t\t\tWHERE host='" . $host["host"] . "'"); } } /* update the priority_ids */ $priorities = $syslog_levels; if (sizeof($priorities)) { foreach ($priorities as $id => $priority) { syslog_db_execute("UPDATE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tSET priority_id=" . $id . "\n\t\t\t\tWHERE priority='" . $priority . "'"); } } /* update the facility_ids */ $fac = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_facilities`"); if (sizeof($fac)) { foreach ($fac as $f) { syslog_db_execute("UPDATE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tSET facility_id=" . $f["facility_id"] . "\n\t\t\t\tWHERE facility='" . $f["facility"] . "'"); } } if (!$isbackground) { syslog_db_execute("ALTER TABLE `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\tDROP COLUMN `date`,\n\t\t\t\tDROP COLUMN `time`,\n\t\t\t\tDROP COLUMN `host`,\n\t\t\t\tDROP COLUMN `facility`,\n\t\t\t\tDROP COLUMN `priority`"); } else { while (true) { $fetch_size = '10000'; $sequence = syslog_db_fetch_cell("SELECT max(seq) FROM (SELECT seq FROM `" . $syslogdb_default . "`.`{$table}` ORDER BY seq LIMIT {$fetch_size}) AS preupgrade"); if ($sequence > 0 && $sequence != '') { syslog_db_execute("INSERT INTO `" . $syslogdb_default . "`.`syslog` (facility_id, priority_id, host_id, logtime, message)\n\t\t\t\t\t\tSELECT facility_id, priority_id, host_id, logtime, message\n\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`{$table}`\n\t\t\t\t\t\tWHERE seq<{$sequence}"); syslog_db_execute("DELETE FROM `" . $syslogdb_default . "`.`{$table}` WHERE seq<={$sequence}"); } else { syslog_db_execute("DROP TABLE `" . $syslogdb_default . "`.`{$table}`"); break; } } } /* create the soft removal table */ syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_removed`"); syslog_db_execute("CREATE TABLE `" . $syslogdb_default . "`.`syslog_removed` LIKE `" . $syslogdb_default . "`.`syslog`"); } else { include_once $config['base_path'] . "/lib/poller.php"; $p = dirname(__FILE__); $command_string = read_config_option("path_php_binary"); $extra_args = ' -q ' . $config['base_path'] . '/plugins/syslog/syslog_upgrade.php --type=' . $options["db_type"] . ' --engine=' . $engine . ' --days=' . $options["days"]; cacti_log("SYSLOG NOTE: Launching Background Syslog Database Upgrade Process", false, "SYSTEM"); exec_background($command_string, $extra_args); } /* reenable syslog xferral */ set_config_option('syslog_enabled', 'on'); }
function syslog_removal() { global $syslog_actions, $message_types, $config; include dirname(__FILE__) . '/config.php'; /* ================= input validation and session storage ================= */ $filters = array('rows' => array('filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1'), 'page' => array('filter' => FILTER_VALIDATE_INT, 'default' => '1'), 'id' => array('filter' => FILTER_VALIDATE_INT, 'default' => '1'), 'enabled' => array('filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1'), 'filter' => array('filter' => FILTER_CALLBACK, 'pageset' => true, 'default' => '', 'options' => array('options' => 'sanitize_search_string')), 'sort_column' => array('filter' => FILTER_CALLBACK, 'default' => 'name', 'options' => array('options' => 'sanitize_search_string')), 'sort_direction' => array('filter' => FILTER_CALLBACK, 'default' => 'ASC', 'options' => array('options' => 'sanitize_search_string'))); validate_store_request_vars($filters, 'sess_syslogr'); /* ================= input validation ================= */ html_start_box(__('Syslog Removal Rule Filters'), '100%', '', '3', 'center', 'syslog_removal.php?action=edit&type=1'); syslog_filter(); html_end_box(); $sql_where = ''; if (get_request_var('rows') == -1) { $row_limit = read_config_option('num_rows_table'); } elseif (get_request_var('rows') == -2) { $row_limit = 999999; } else { $row_limit = get_request_var('rows'); } $removals = syslog_get_removal_records($sql_where, $row_limit); $rows_query_string = "SELECT COUNT(*)\n\t\tFROM `" . $syslogdb_default . "`.`syslog_remove`\n\t\t{$sql_where}"; $total_rows = syslog_db_fetch_cell($rows_query_string); $nav = html_nav_bar('syslog_removal.php?filter=' . get_request_var('filter'), MAX_DISPLAY_PAGES, get_request_var('page'), $row_limit, $total_rows, 13, 'Rules', 'page', 'main'); form_start('syslog_removal.php', 'chk'); print $nav; html_start_box('', '100%', '', '3', 'center', ''); $display_text = array('name' => array(__('Removal Name'), 'ASC'), 'enabled' => array(__('Enabled'), 'ASC'), 'type' => array(__('Match Type'), 'ASC'), 'message' => array(__('Search String'), 'ASC'), 'method' => array(__('Method'), 'DESC'), 'date' => array(__('Last Modified'), 'ASC'), 'user' => array(__('By User'), 'DESC')); html_header_sort_checkbox($display_text, get_request_var('sort_column'), get_request_var('sort_direction')); if (sizeof($removals)) { foreach ($removals as $removal) { form_alternate_row('line' . $removal['id'], true); form_selectable_cell(filter_value(title_trim($removal['name'], read_config_option('max_title_length')), get_request_var('filter'), $config['url_path'] . 'plugins/syslog/syslog_removal.php?action=edit&id=' . $removal['id']), $removal['id']); form_selectable_cell($removal['enabled'] == 'on' ? __('Yes') : __('No'), $removal['id']); form_selectable_cell($message_types[$removal['type']], $removal['id']); form_selectable_cell($removal['message'], $removal['id']); form_selectable_cell($removal['method'] == 'del' ? __('Deletion') : __('Transfer'), $removal['id']); form_selectable_cell(date('Y-m-d H:i:s', $removal['date']), $removal['id']); form_selectable_cell($removal['user'], $removal['id']); form_checkbox_cell($removal['name'], $removal['id']); form_end_row(); } } else { print "<tr><td colspan='4'><em>" . __('No Syslog Removal Rules Defined') . "</em></td></tr>"; } html_end_box(false); if (sizeof($removals)) { print $nav; } draw_actions_dropdown($syslog_actions); form_end(); }
/** function syslog_messages() * This is the main page display function in Syslog. Displays all the * syslog messages that are relevant to Syslog. */ function syslog_messages($tab = 'syslog') { global $sql_where, $hostfilter, $severities; global $config, $syslog_incoming_config, $reset_multi, $syslog_levels; include dirname(__FILE__) . '/config.php'; include './include/global_arrays.php'; /* force the initial timespan to be 30 minutes for performance reasons */ if (!isset($_SESSION['sess_syslog_init'])) { $_SESSION['sess_current_timespan'] = 1; $_SESSION['sess_syslog_init'] = 1; } $url_curr_page = get_browser_query_string(); $sql_where = ''; if (get_request_var('rows') == -1) { $row_limit = read_config_option('num_rows_table'); } elseif (get_request_var('rows') == -2) { $row_limit = 999999; } else { $row_limit = get_request_var('rows'); } $syslog_messages = get_syslog_messages($sql_where, $row_limit, $tab); syslog_filter($sql_where, $tab); if ($tab == 'syslog') { if (get_request_var('removal') == 1) { $total_rows = syslog_db_fetch_cell("SELECT SUM(totals)\n\t\t\t\tFROM (\n\t\t\t\t\tSELECT count(*) AS totals\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog` AS syslog\n\t\t\t\t\t{$sql_where}\n\t\t\t\t\tUNION\n\t\t\t\t\tSELECT count(*) AS totals\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_removed` AS syslog\n\t\t\t\t\t{$sql_where}\n\t\t\t\t) AS rowcount"); } elseif (get_request_var("removal") == -1) { $total_rows = syslog_db_fetch_cell("SELECT count(*) \n\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog` AS syslog\n\t\t\t\t{$sql_where}"); } else { $total_rows = syslog_db_fetch_cell("SELECT count(*) \n\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_removed` AS syslog\n\t\t\t\t{$sql_where}"); } } else { $total_rows = syslog_db_fetch_cell("SELECT count(*)\n\t\t\tFROM `" . $syslogdb_default . "`.`syslog_logs` AS syslog\n\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\tON syslog.facility_id=sf.facility_id \n\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\tON syslog.priority_id=sp.priority_id \n\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_alert` AS sa\n\t\t\tON syslog.alert_id=sa.id \n\t\t\tLEFT JOIN `" . $syslogdb_default . "`.`syslog_programs` AS spr\n\t\t\tON syslog.program_id=spr.program_id " . $sql_where); } if ($tab == 'syslog') { $nav = html_nav_bar("syslog.php?tab={$tab}", MAX_DISPLAY_PAGES, get_request_var_request('page'), $row_limit, $total_rows, 7, 'Messages', 'page', 'main'); if (api_plugin_user_realm_auth('syslog_alerts.php')) { $display_text = array('nosortt' => array(__('Actions'), 'ASC'), 'logtime' => array(__('Date'), 'ASC'), 'host_id' => array(__('Host'), 'ASC'), 'program' => array(__('Program'), 'ASC'), 'message' => array(__('Message'), 'ASC'), 'facility_id' => array(__('Facility'), 'ASC'), 'priority_id' => array(__('Priority'), 'ASC')); } else { $display_text = array('logtime' => array(__('Date'), 'ASC'), 'host_id' => array(__('Host'), 'ASC'), 'program' => array(__('Program'), 'ASC'), 'message' => array(__('Message'), 'ASC'), 'facility_id' => array(__('Facility'), 'ASC'), 'priority_id' => array(__('Priority'), 'ASC')); } print $nav; html_start_box('', '100%', '', '3', 'center', ''); html_header_sort($display_text, get_request_var('sort_column'), get_request_var('sort_direction')); $hosts = array_rekey(syslog_db_fetch_assoc('SELECT host_id, host FROM `' . $syslogdb_default . '`.`syslog_hosts`'), 'host_id', 'host'); $facilities = array_rekey(syslog_db_fetch_assoc('SELECT facility_id, facility FROM `' . $syslogdb_default . '`.`syslog_facilities`'), 'facility_id', 'facility'); $priorities = array_rekey(syslog_db_fetch_assoc('SELECT priority_id, priority FROM `' . $syslogdb_default . '`.`syslog_priorities`'), 'priority_id', 'priority'); if (sizeof($syslog_messages)) { foreach ($syslog_messages as $syslog_message) { $title = htmlspecialchars($syslog_message['message'], ENT_QUOTES); syslog_row_color($syslog_message['priority_id'], $title); if (api_plugin_user_realm_auth('syslog_alerts.php')) { print "<td class='nowrap left' style='width:1%:padding:1px !important;'>"; if ($syslog_message['mtype'] == 'main') { print "<a style='padding:1px' href='" . htmlspecialchars('syslog_alerts.php?id=' . $syslog_message[$syslog_incoming_config['id']] . '&action=newedit&type=0') . "'><img src='images/add.png' border='0'></a>\n\t\t\t\t\t\t<a style='padding:1px' href='" . htmlspecialchars('syslog_removal.php?id=' . $syslog_message[$syslog_incoming_config['id']] . '&action=newedit&type=new&type=0') . "'><img src='images/delete.png' border='0'></a>\n"; } print "</td>\n"; } print '<td class="left nowrap">' . $syslog_message['logtime'] . "</td>\n"; print '<td class="left nowrap">' . $hosts[$syslog_message['host_id']] . "</td>\n"; print '<td class="left nowrap">' . $syslog_message['program'] . "</td>\n"; print '<td class="left syslogMessage">' . filter_value(title_trim($syslog_message[$syslog_incoming_config['textField']], get_request_var_request('trimval')), get_request_var('filter')) . "</td>\n"; print '<td class="left nowrap">' . ucfirst($facilities[$syslog_message['facility_id']]) . "</td>\n"; print '<td class="left nowrap">' . ucfirst($priorities[$syslog_message['priority_id']]) . "</td>\n"; } } else { print "<tr><td class='center' colspan='7'><em>" . __('No Syslog Messages') . "</em></td></tr>"; } html_end_box(false); if (sizeof($syslog_messages)) { print $nav; } syslog_syslog_legend(); print "<script type='text/javascript'>\$(function() { \$('button').tooltip({ closed: true }).on('focus', function() { \$('#filter').tooltip('close') }).on('click', function() { \$(this).tooltip('close'); }); })</script>\n"; } else { $nav = html_nav_bar("syslog.php?tab={$tab}", MAX_DISPLAY_PAGES, get_request_var_request('page'), $row_limit, $total_rows, 8, 'Alert Log Rows', 'page', 'main'); print $nav; $display_text = array('name' => array('display' => __('Alert Name'), 'sort' => 'ASC', 'align' => 'left'), 'severity' => array('display' => __('Severity'), 'sort' => 'ASC', 'align' => 'left'), 'logtime' => array('display' => __('Date'), 'sort' => 'ASC', 'align' => 'left'), 'logmsg' => array('display' => __('Message'), 'sort' => 'ASC', 'align' => 'left'), 'count' => array('display' => __('Count'), 'sort' => 'ASC', 'align' => 'right'), 'host' => array('display' => __('Host'), 'sort' => 'ASC', 'align' => 'right'), 'facility_id' => array('display' => __('Facility'), 'sort' => 'ASC', 'align' => 'right'), 'priority_id' => array('display' => __('Priority'), 'sort' => 'ASC', 'align' => 'right')); html_start_box('', '100%', '', '3', 'center', ''); html_header_sort($display_text, get_request_var('sort_column'), get_request_var('sort_direction')); if (sizeof($syslog_messages)) { foreach ($syslog_messages as $log) { $title = htmlspecialchars($log['logmsg'], ENT_QUOTES); syslog_row_color($log['severity'], $title); print "<td class='left'><a class='linkEditMain' href='" . htmlspecialchars($config['url_path'] . 'plugins/syslog/syslog.php?id=' . $log['seq'] . '&tab=current') . "'>" . (strlen($log['name']) ? $log['name'] : 'Alert Removed') . "</a></td>\n"; print '<td class="left nowrap">' . (isset($severities[$log['severity']]) ? $severities[$log['severity']] : 'Unknown') . "</td>\n"; print '<td class="left nowrap">' . $log['logtime'] . "</td>\n"; print '<td class="left syslogMessage">' . filter_value(title_trim($log['logmsg'], get_request_var_request('trimval')), get_request_var('filter')) . "</td>\n"; print '<td class="right nowrap">' . $log['count'] . "</td>\n"; print '<td class="right nowrap">' . $log['host'] . "</td>\n"; print '<td class="right nowrap">' . ucfirst($log['facility']) . "</td>\n"; print '<td class="right nowrap">' . ucfirst($log['priority']) . "</td>\n"; print "</tr>\n"; } } else { print "<tr><td colspan='11'><em>" . __('No Alert Log Messages') . "</em></td></tr>"; } html_end_box(false); if (sizeof($syslog_messages)) { print $nav; } syslog_log_legend(); } }
} } $htmlm .= "</table></body></html>"; $alertm .= "-----------------------------------------------\n\n"; if ($alert["method"] == 1) { $sequence = syslog_log_alert($alert["id"], $alert["name"] . " [" . $alert["message"] . "]", $alert["severity"], $at[0], sizeof($at), $htmlm); $smsalert = "Sev:" . $severities[$alert["severity"]] . ", Count:" . sizeof($at) . ", URL:" . read_config_option("alert_base_url") . "plugins/syslog/syslog.php?tab=current&id=" . $sequence; } syslog_debug("Alert Rule '" . $alert['name'] . "' has been activated"); } } } if ($alertm != '' && $alert['method'] == 1) { $resend = true; if ($alert['repeat_alert'] > 0) { $found = syslog_db_fetch_cell("SELECT count(*)\n\t\t\t\t\tFROM syslog_logs\n\t\t\t\t\tWHERE alert_id=" . $alert['id'] . "\n\t\t\t\t\tAND logtime>'{$date}'"); if ($found) { $resend = false; } } if ($resend) { syslog_sendemail(trim($alert['email']), '', 'Event Alert - ' . $alert['name'], $html ? $htmlm : $alertm, $smsalert); if ($alert['open_ticket'] == 'on' && strlen(read_config_option("syslog_ticket_command"))) { if (is_executable(read_config_option("syslog_ticket_command"))) { exec(read_config_option("syslog_ticket_command") . " --alert-name='" . clean_up_name($alert['name']) . "'" . " --severity='" . $alert['severity'] . "'" . " --hostlist='" . implode(",", $hostlist) . "'" . " --message='" . $alert['message'] . "'"); } } } } } }
function syslog_alerts() { global $syslog_actions, $config, $message_types, $severities; include dirname(__FILE__) . '/config.php'; /* ================= input validation and session storage ================= */ $filters = array('rows' => array('filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1'), 'page' => array('filter' => FILTER_VALIDATE_INT, 'default' => '1'), 'id' => array('filter' => FILTER_VALIDATE_INT, 'default' => '1'), 'enabled' => array('filter' => FILTER_VALIDATE_INT, 'pageset' => true, 'default' => '-1'), 'filter' => array('filter' => FILTER_CALLBACK, 'pageset' => true, 'default' => '', 'options' => array('options' => 'sanitize_search_string')), 'sort_column' => array('filter' => FILTER_CALLBACK, 'default' => 'name', 'options' => array('options' => 'sanitize_search_string')), 'sort_direction' => array('filter' => FILTER_CALLBACK, 'default' => 'ASC', 'options' => array('options' => 'sanitize_search_string'))); validate_store_request_vars($filters, 'sess_sysloga'); /* ================= input validation ================= */ html_start_box(__('Syslog Alert Filters'), '100%', '', '3', 'center', 'syslog_alerts.php?action=edit'); syslog_filter(); html_end_box(); $sql_where = ''; if (get_request_var('rows') == '-1') { $row_limit = read_config_option('num_rows_table'); } elseif (get_request_var('rows') == -2) { $row_limit = 999999; } else { $row_limit = get_request_var('rows'); } $alerts = syslog_get_alert_records($sql_where, $row_limit); $rows_query_string = "SELECT COUNT(*)\n\t\tFROM `" . $syslogdb_default . "`.`syslog_alert`\n\t\t{$sql_where}"; $total_rows = syslog_db_fetch_cell($rows_query_string); $nav = html_nav_bar('syslog_alerts.php?filter=' . get_request_var('filter'), MAX_DISPLAY_PAGES, get_request_var('page'), $row_limit, $total_rows, 13, __('Alerts'), 'page', 'main'); form_start('syslog_alerts.php', 'chk'); print $nav; html_start_box('', '100%', '', '3', 'center', ''); $display_text = array('name' => array(__('Alert Name'), 'ASC'), 'severity' => array(__('Severity'), 'ASC'), 'method' => array(__('Method'), 'ASC'), 'num' => array(__('Threshold Count'), 'ASC'), 'enabled' => array(__('Enabled'), 'ASC'), 'type' => array(__('Match Type'), 'ASC'), 'message' => array(__('Search String'), 'ASC'), 'email' => array(__('E-Mail Addresses'), 'DESC'), 'date' => array(__('Last Modified'), 'ASC'), 'user' => array(__('By User'), 'DESC')); html_header_sort_checkbox($display_text, get_request_var('sort_column'), get_request_var('sort_direction')); if (sizeof($alerts)) { foreach ($alerts as $alert) { form_alternate_row('line' . $alert['id'], true); form_selectable_cell("<a class='linkEditMain' href='" . $config['url_path'] . 'plugins/syslog/syslog_alerts.php?action=edit&id=' . $alert['id'] . "'>" . (get_request_var('filter') != '' ? preg_replace('/(' . preg_quote(get_request_var('filter')) . ')/i', "<span class='filteredValue'>\\1</span>", $alert['name']) : $alert['name']) . '</a>', $alert['id']); form_selectable_cell($severities[$alert['severity']], $alert['id']); form_selectable_cell($alert['method'] == 1 ? __('Threshold') : __('Individual'), $alert['id']); form_selectable_cell($alert['method'] == 1 ? $alert['num'] : __('N/A'), $alert['id']); form_selectable_cell($alert['enabled'] == 'on' ? __('Yes') : __('No'), $alert['id']); form_selectable_cell($message_types[$alert['type']], $alert['id']); form_selectable_cell(title_trim($alert['message'], 60), $alert['id']); form_selectable_cell(substr_count($alert['email'], ',') ? __('Multiple') : $alert['email'], $alert['id']); form_selectable_cell(date('Y-m-d H:i:s', $alert['date']), $alert['id']); form_selectable_cell($alert['user'], $alert['id']); form_checkbox_cell($alert['name'], $alert['id']); form_end_row(); } } else { print "<tr><td colspan='4'><em>" . __('No Syslog Alerts Defined') . "</em></td></tr>"; } html_end_box(false); if (sizeof($alerts)) { print $nav; } draw_actions_dropdown($syslog_actions); form_end(); }
function syslog_remove_items($table, $uniqueID) { global $config, $syslog_cnn, $syslog_incoming_config; include dirname(__FILE__) . "/config.php"; /* REMOVE ALL THE THINGS WE DONT WANT TO SEE */ $rows = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_remove` WHERE enabled='on'"); syslog_debug("Found " . sizeof($rows) . ", Removal Rule(s)" . " to process"); $removed = 0; $xferred = 0; $total = syslog_db_fetch_cell("SELECT count(*) FROM `" . $syslogdb_default . "`.`syslog_incoming` WHERE status={$uniqueID}"); if (sizeof($rows)) { foreach ($rows as $remove) { $sql = ""; $sql1 = ""; if ($remove['type'] == 'facility') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE " . $syslog_incoming_config["facilityField"] . "='" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE " . $syslog_incoming_config["facilityField"] . "='" . $remove['message'] . "' AND status='" . $uniqueID . "'"; } else { if ($remove['type'] == 'host') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE host='" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE host='" . $remove['message'] . "' AND status='" . $uniqueID . "'"; } else { if ($remove['type'] == 'messageb') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%' AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%' AND status='" . $uniqueID . "'"; } else { if ($remove['type'] == 'messagec') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%' AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%' AND status='" . $uniqueID . "'"; } else { if ($remove['type'] == 'messagee') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "' AND status='" . $uniqueID . "'"; } else { if ($remove['type'] == 'sql') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config["timeField"] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE (" . $remove['message'] . ") AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`" . $table . "`\n\t\t\t\t\tWHERE message (" . $remove['message'] . ") AND status='" . $uniqueID . "'"; } } } } } } if ($sql != '' || $sql1 != '') { $debugm = ''; /* process the removal rule first */ if ($sql1 != '') { /* move rows first */ syslog_db_execute($sql1); $messages_moved = $syslog_cnn->Affected_Rows(); $debugm = "Moved " . $messages_moved . ", "; $xferred += $messages_moved; } /* now delete the remainder that match */ syslog_db_execute($sql); $removed += $syslog_cnn->Affected_Rows(); $debugm = "Deleted " . $removed . ", "; syslog_debug($debugm . " Message" . ($syslog_cnn->Affected_rows() == 1 ? "" : "s") . " for removal rule '" . $remove['name'] . "'"); } } } if ($removed == 0) { $xferred = $total; } return array("removed" => $removed, "xferred" => $xferred); }
function syslog_remove_items($table, $uniqueID) { global $config, $syslog_cnn, $syslog_incoming_config; include dirname(__FILE__) . '/config.php'; if ($table == 'syslog') { $rows = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_remove` WHERE enabled='on' AND id={$uniqueID}"); } else { $rows = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_remove` WHERE enabled='on'"); } syslog_debug("Found " . sizeof($rows) . ", Removal Rule(s) to process"); $removed = 0; $xferred = 0; if ($table == 'syslog_incoming') { $total = syslog_db_fetch_cell("SELECT count(*) FROM `" . $syslogdb_default . "`.`syslog_incoming` WHERE status={$uniqueID}"); } else { $total = 0; } if (sizeof($rows)) { foreach ($rows as $remove) { $sql = ''; $sql1 = ''; if ($remove['type'] == 'facility') { if ($table == 'syslog_incoming') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE " . $syslog_incoming_config["facilityField"] . "='" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE " . $syslog_incoming_config['facilityField'] . "='" . $remove['message'] . "' AND status='" . $uniqueID . "'"; } else { $facility_id = syslog_db_fetch_cell("SELECT facility_id FROM `" . $syslogdb_default . "`.`syslog_facilities` WHERE facility='" . $remove['message'] . "'"); if (!empty($facility_id)) { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE facility_id={$facility_id}"; } $sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE facility_id={$facility_id}"; } } } else { if ($remove['type'] == 'host') { if ($table == 'syslog_incoming') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE host='" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE host='" . $remove['message'] . "' AND status='" . $uniqueID . "'"; } else { $host_id = syslog_db_fetch_cell("SELECT host_id FROM `" . $syslogdb_default . "`.`syslog_hosts` WHERE host='" . $remove['message'] . "'"); if (!empty($host_id)) { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE host_id={$host_id}"; } $sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE host_id={$host_id}"; } } } else { if ($remove['type'] == 'messageb') { if ($table == 'syslog_incoming') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%' AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%' AND status='" . $uniqueID . "'"; } else { if ($remove['message'] != '') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%'"; } $sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%'"; } } } else { if ($remove['type'] == 'messagec') { if ($table == 'syslog_incoming') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%' AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%' AND status='" . $uniqueID . "'"; } else { if ($remove['message'] != '') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%'"; } $sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%'"; } } } else { if ($remove['type'] == 'messagee') { if ($table == 'syslog_incoming') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "' AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "' AND status='" . $uniqueID . "'"; } else { if ($remove['message'] != '') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "'"; } $sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "'"; } } } else { if ($remove['type'] == 'sql') { if ($table == 'syslog_incoming') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\tSELECT TIMESTAMP(`" . $syslog_incoming_config['dateField'] . "`, `" . $syslog_incoming_config['timeField'] . "`),\n\t\t\t\t\t\tpriority_id, facility_id, host_id, message\n\t\t\t\t\t\tFROM (SELECT date, time, priority_id, facility_id, host_id, message\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming` AS si\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_facilities` AS sf\n\t\t\t\t\t\t\tON sf.facility=si.facility\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_priorities` AS sp\n\t\t\t\t\t\t\tON sp.priority=si.priority\n\t\t\t\t\t\t\tINNER JOIN `" . $syslogdb_default . "`.`syslog_hosts` AS sh\n\t\t\t\t\t\t\tON sh.host=si.host\n\t\t\t\t\t\t\tWHERE (" . $remove['message'] . ") AND status=" . $uniqueID . ") AS merge"; } $sql = "DELETE\n\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog_incoming`\n\t\t\t\t\tWHERE (" . $remove['message'] . ") AND status='" . $uniqueID . "'"; } else { if ($remove['message'] != '') { if ($remove['method'] != 'del') { $sql1 = "INSERT INTO `" . $syslogdb_default . "`.`syslog_removed`\n\t\t\t\t\t\t\t(logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tSELECT (logtime, priority_id, facility_id, host_id, message)\n\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\t\tWHERE " . $remove['message']; } $sql = "DELETE FROM `" . $syslogdb_default . "`.`syslog`\n\t\t\t\t\t\tWHERE " . $remove['message']; } } } } } } } } if ($sql != '' || $sql1 != '') { $debugm = ''; /* process the removal rule first */ if ($sql1 != '') { /* now delete the remainder that match */ syslog_db_execute($sql1); } /* now delete the remainder that match */ syslog_db_execute($sql); $removed += db_affected_rows($syslog_cnn); $debugm = 'Deleted ' . $removed . ', '; if ($sql1 != '') { $xferred += db_affected_rows($syslog_cnn); $debugm = 'Moved ' . $xferred . ', '; } syslog_debug($debugm . ' Message' . (db_affected_rows($syslog_cnn) == 1 ? '' : 's') . " for removal rule '" . $remove['name'] . "'"); } } } if ($removed == 0) { $xferred = $total; } return array('removed' => $removed, 'xferred' => $xferred); }