예제 #1
0
function api_syslog_alert_enable($id)
{
    include dirname(__FILE__) . "/config.php";
    syslog_db_execute("UPDATE `" . $syslogdb_default . "`.`syslog_alert` SET enabled='on' WHERE id='" . $id . "'");
}
예제 #2
0
    syslog_db_execute('DELETE FROM `' . $syslogdb_default . "`.`syslog_host_facilities`\n\t\tWHERE last_updated<'" . date('Y-m-d H:i:s', time() - read_config_option('syslog_alert_retention') * 86400) . "'");
    syslog_debug('Deleted ' . db_affected_rows($syslog_cnn) . ',  Syslog Host/Facility Record(s)');
}
/* OPTIMIZE THE TABLES ONCE A DAY, JUST TO HELP CLEANUP */
if (date('G') == 0 && date('i') < 5) {
    syslog_debug('Optimizing Tables');
    if (!syslog_is_partitioned()) {
        syslog_db_execute('OPTIMIZE TABLE
			`' . $syslogdb_default . '`.`syslog_incoming`,
			`' . $syslogdb_default . '`.`syslog`,
			`' . $syslogdb_default . '`.`syslog_remove`,
			`' . $syslogdb_default . '`.`syslog_removed`,
			`' . $syslogdb_default . '`.`syslog_alert`');
    } else {
        syslog_db_execute('OPTIMIZE TABLE
			`' . $syslogdb_default . '`.`syslog_incoming`,
			`' . $syslogdb_default . '`.`syslog_remove`,
			`' . $syslogdb_default . '`.`syslog_alert`');
    }
}
syslog_debug('Processing Reports...');
/* Lets run the reports */
$reports = syslog_db_fetch_assoc('SELECT * FROM `' . $syslogdb_default . "`.`syslog_reports` WHERE enabled='on'");
$syslog_reports = sizeof($reports);
syslog_debug('We have ' . $syslog_reports . ' Reports in the database');
if (sizeof($reports)) {
    foreach ($reports as $syslog_report) {
        print '   Report: ' . $syslog_report['name'] . "\n";
        $base_start_time = $syslog_report['timepart'];
        $current_time = strtotime('now');
        if (empty($last_run_time)) {
            if ($current_time > strtotime($base_start_time)) {
예제 #3
0
function syslog_utilities_action($action)
{
    global $config, $colors, $refresh, $syslog_cnn;
    if ($action == 'purge_syslog_hosts') {
        $records = 0;
        syslog_db_execute('DELETE FROM syslog_hosts WHERE host_id NOT IN (SELECT DISTINCT host_id FROM syslog UNION SELECT DISTINCT host_id FROM syslog_removed)');
        $records += db_affected_rows($syslog_cnn);
        syslog_db_execute('DELETE FROM syslog_host_facilities WHERE host_id NOT IN (SELECT DISTINCT host_id FROM syslog UNION SELECT DISTINCT host_id FROM syslog_removed)');
        $records += db_affected_rows($syslog_cnn);
        syslog_db_execute('DELETE FROM syslog_statistics WHERE host_id NOT IN (SELECT DISTINCT host_id FROM syslog UNION SELECT DISTINCT host_id FROM syslog_removed)');
        $records += db_affected_rows($syslog_cnn);
        $_SESSION['syslog_info'] = "<b>There were {$records} host records removed from the Syslog database";
        raise_message('syslog_info');
        header('Location: utilities.php');
        exit;
    }
    return $action;
}
예제 #4
0
}
$options["engine"] = $engine;
$options["db_type"] = $type;
$options["days"] = $days;
$options["upgrade_type"] = "background";
/* record the start time */
list($micro, $seconds) = explode(" ", microtime());
$start_time = $seconds + $micro;
$dir = dirname(__FILE__);
chdir($dir);
if (strpos($dir, 'plugins') !== false) {
    chdir('../../');
}
include "./include/global.php";
include_once dirname(__FILE__) . "/setup.php";
include dirname(__FILE__) . "/config.php";
include_once dirname(__FILE__) . "/functions.php";
/* Connect to the Syslog Database */
syslog_connect();
if (sizeof(syslog_db_fetch_row("SHOW TABLES IN " . $syslogdb_default . " LIKE 'syslog'"))) {
    syslog_db_execute("RENAME TABLE `" . $syslogdb_default . "`.`syslog` TO `" . $syslogdb_default . "`.`syslog_pre_upgrade`");
}
/* perform the upgrade */
syslog_upgrade_pre_oneoh_tables($options, true);
cacti_log("SYSLOG NOTE: Background Syslog Database Upgrade Process Completed", false, "SYSTEM");
function display_help()
{
    echo "Syslog Database Upgrade, Copyright 2004-2011 - The Cacti Group\n\n";
    echo "Syslog Database Upgrade script for Cacti Syslogging.\n\n";
    echo "usage: syslog_upgrade.php --type=trad|part --engine=MyISAM|InnoDB --days=N [--debug|-d]\n\n";
}
예제 #5
0
function api_syslog_removal_enable($id)
{
    include dirname(__FILE__) . '/config.php';
    syslog_db_execute("UPDATE `" . $syslogdb_default . "`.`syslog_remove` SET enabled='on' WHERE id='" . $id . "'");
}
예제 #6
0
function syslog_setup_table_new($options)
{
    global $config, $cnn_id, $settings, $syslog_incoming_config, $syslog_levels, $database_default, $database_hostname, $database_username;
    include dirname(__FILE__) . "/config.php";
    $tables = array();
    $syslog_levels = array(1 => 'emerg', 2 => 'crit', 3 => 'alert', 4 => 'err', 5 => 'warn', 6 => 'notice', 7 => 'info', 8 => 'debug', 9 => 'other');
    syslog_connect();
    /* validate some simple information */
    $mysqlVersion = syslog_get_mysql_version("syslog");
    $truncate = isset($options["upgrade_type"]) && $options["upgrade_type"] == "truncate" ? true : false;
    $engine = isset($options["engine"]) && $options["engine"] == "innodb" ? "InnoDB" : "MyISAM";
    $partitioned = isset($options["db_type"]) && $options["db_type"] == "part" ? true : false;
    $syslogexists = sizeof(syslog_db_fetch_row("SHOW TABLES FROM `" . $syslogdb_default . "` LIKE 'syslog'"));
    if ($truncate) {
        syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog`");
    }
    if (!$partitioned) {
        syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog` (\n\t\t\tfacility_id int(10) default NULL,\n\t\t\tpriority_id int(10) default NULL,\n\t\t\thost_id int(10) default NULL,\n\t\t\tlogtime TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00',\n\t\t\tmessage " . ($mysqlVersion > 5 ? "varchar(1024)" : "text") . " NOT NULL default '',\n\t\t\tseq bigint unsigned NOT NULL auto_increment,\n\t\t\tPRIMARY KEY (seq),\n\t\t\tKEY logtime (logtime),\n\t\t\tKEY host_id (host_id),\n\t\t\tKEY priority_id (priority_id),\n\t\t\tKEY facility_id (facility_id)) ENGINE={$engine};");
    } else {
        syslog_create_partitioned_syslog_table($engine, $options["days"]);
    }
    if ($truncate) {
        syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_alert`");
    }
    syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_alert` (\n\t\t`id` int(10) NOT NULL auto_increment,\n\t\t`name` varchar(255) NOT NULL default '',\n\t\t`severity` INTEGER UNSIGNED NOT NULL default '0',\n\t\t`method` int(10) unsigned NOT NULL default '0',\n\t\t`num` int(10) unsigned NOT NULL default '1',\n\t\t`type` varchar(16) NOT NULL default '',\n\t\t`enabled` CHAR(2) default 'on',\n\t\t`repeat_alert` int(10) unsigned NOT NULL default '0',\n\t\t`open_ticket` CHAR(2) default '',\n\t\t`message` VARCHAR(128) NOT NULL default '',\n\t\t`user` varchar(32) NOT NULL default '',\n\t\t`date` int(16) NOT NULL default '0',\n\t\t`email` varchar(255) default NULL,\n\t\t`command` varchar(255) default NULL,\n\t\t`notes` varchar(255) default NULL,\n\t\tPRIMARY KEY (id)) ENGINE={$engine};");
    if ($truncate) {
        syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_incoming`");
    }
    syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_incoming` (\n\t\tfacility varchar(10) default NULL,\n\t\tpriority varchar(10) default NULL,\n\t\t`date` date default NULL,\n\t\t`time` time default NULL,\n\t\thost varchar(128) default NULL,\n\t\tmessage " . ($mysqlVersion > 5 ? "varchar(1024)" : "text") . " NOT NULL DEFAULT '',\n\t\tseq bigint unsigned NOT NULL auto_increment,\n\t\t`status` tinyint(4) NOT NULL default '0',\n\t\tPRIMARY KEY (seq),\n\t\tKEY `status` (`status`)) ENGINE={$engine};");
    if ($truncate) {
        syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_remove`");
    }
    syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_remove` (\n\t\tid int(10) NOT NULL auto_increment,\n\t\tname varchar(255) NOT NULL default '',\n\t\t`type` varchar(16) NOT NULL default '',\n\t\tenabled CHAR(2) DEFAULT 'on',\n\t\tmethod CHAR(5) DEFAULT 'del',\n\t\tmessage VARCHAR(128) NOT NULL default '',\n\t\t`user` varchar(32) NOT NULL default '',\n\t\t`date` int(16) NOT NULL default '0',\n\t\tnotes varchar(255) default NULL,\n\t\tPRIMARY KEY (id)) ENGINE={$engine};");
    $present = syslog_db_fetch_row("SHOW TABLES FROM `" . $syslogdb_default . "` LIKE 'syslog_reports'");
    if (sizeof($present)) {
        $newreport = sizeof(syslog_db_fetch_row("SHOW COLUMNS FROM `" . $syslogdb_default . "`.`syslog_reports` LIKE 'body'"));
    } else {
        $newreport = true;
    }
    if ($truncate || !$newreport) {
        syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_reports`");
    }
    syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_reports` (\n\t\tid int(10) NOT NULL auto_increment,\n\t\tname varchar(255) NOT NULL default '',\n\t\t`type` varchar(16) NOT NULL default '',\n\t\tenabled CHAR(2) DEFAULT 'on',\n\t\ttimespan int(16) NOT NULL default '0',\n\t\ttimepart char(5) NOT NULL default '00:00',\n\t\tlastsent int(16) NOT NULL default '0',\n\t\tbody " . ($mysqlVersion > 5 ? "varchar(1024)" : "text") . " default NULL,\n\t\tmessage varchar(128) default NULL,\n\t\t`user` varchar(32) NOT NULL default '',\n\t\t`date` int(16) NOT NULL default '0',\n\t\temail varchar(255) default NULL,\n\t\tnotes varchar(255) default NULL,\n\t\tPRIMARY KEY (id)) ENGINE={$engine};");
    if ($truncate) {
        syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_hosts`");
    }
    syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_hosts` (\n\t\t`host_id` int(10) unsigned NOT NULL auto_increment,\n\t\t`host` VARCHAR(128) NOT NULL,\n\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\tPRIMARY KEY (`host`),\n\t\tKEY host_id (`host_id`),\n\t\tKEY last_updated (`last_updated`)) ENGINE={$engine}\n\t\tCOMMENT='Contains all hosts currently in the syslog table'");
    if ($truncate) {
        syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_facilities`");
    }
    syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_facilities` (\n\t\t`facility_id` int(10) unsigned NOT NULL auto_increment,\n\t\t`facility` varchar(10) NOT NULL,\n\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\tPRIMARY KEY  (`facility`),\n\t\tKEY facility_id (`facility_id`),\n\t\tKEY last_updates (`last_updated`)) ENGINE={$engine};");
    if ($truncate) {
        syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_priorities`");
    }
    syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_priorities` (\n\t\t`priority_id` int(10) unsigned NOT NULL auto_increment,\n\t\t`priority` varchar(10) NOT NULL,\n\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\tPRIMARY KEY (`priority`),\n\t\tKEY priority_id (`priority_id`),\n\t\tKEY last_updated (`last_updated`)) ENGINE={$engine};");
    syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_host_facilities` (\n\t\t`host_id` int(10) unsigned NOT NULL,\n\t\t`facility_id` int(10) unsigned NOT NULL,\n\t\t`last_updated` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\n\t\tPRIMARY KEY  (`host_id`,`facility_id`)) ENGINE={$engine};");
    if ($truncate) {
        syslog_db_execute("DROP TABLE IF EXISTS `" . $syslogdb_default . "`.`syslog_removed`");
    }
    syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_removed` LIKE `" . $syslogdb_default . "`.`syslog`");
    syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_logs` (\n\t\talert_id integer unsigned not null default '0',\n\t\tlogseq bigint unsigned NOT NULL,\n\t\tlogtime TIMESTAMP NOT NULL default '0000-00-00 00:00:00',\n\t\tlogmsg " . ($mysqlVersion > 5 ? "varchar(1024)" : "text") . " default NULL,\n\t\thost varchar(32) default NULL,\n\t\tfacility varchar(10) default NULL,\n\t\tpriority varchar(10) default NULL,\n\t\tcount integer unsigned NOT NULL default '0',\n\t\thtml blob default NULL,\n\t\tseq bigint unsigned NOT NULL auto_increment,\n\t\tPRIMARY KEY (seq),\n\t\tKEY logseq (logseq),\n\t\tKEY alert_id (alert_id),\n\t\tKEY host (host),\n\t\tKEY seq (seq),\n\t\tKEY logtime (logtime),\n\t\tKEY priority (priority),\n\t\tKEY facility (facility)) ENGINE={$engine};");
    syslog_db_execute("CREATE TABLE IF NOT EXISTS `" . $syslogdb_default . "`.`syslog_statistics` (\n\t\t`host_id` INTEGER UNSIGNED NOT NULL,\n\t\t`facility_id` INTEGER UNSIGNED NOT NULL,\n\t\t`priority_id` INTEGER UNSIGNED NOT NULL,\n\t\t`insert_time` TIMESTAMP NOT NULL,\n\t\t`records` INTEGER UNSIGNED NOT NULL,\n\t\tPRIMARY KEY (`host_id`, `facility_id`, `priority_id`, `insert_time`),\n\t\tINDEX `host_id`(`host_id`),\n\t\tINDEX `facility_id`(`facility_id`),\n\t\tINDEX `priority_id`(`priority_id`),\n\t\tINDEX `insert_time`(`insert_time`))\n\t\tENGINE = MyISAM\n\t\tCOMMENT = 'Maintains High Level Statistics';");
    foreach ($syslog_levels as $id => $priority) {
        syslog_db_execute("REPLACE INTO `" . $syslogdb_default . "`.`syslog_priorities` (priority_id, priority) VALUES ({$id}, '{$priority}')");
    }
    if (!isset($settings["syslog"])) {
        syslog_config_settings();
    }
    foreach ($settings["syslog"] as $name => $values) {
        if (isset($values["default"])) {
            db_execute("REPLACE INTO `" . $database_default . "`.`settings` (name, value) VALUES ('{$name}', '" . $values["default"] . "')");
        }
    }
}
예제 #7
0
 | as published by the Free Software Foundation; either version 2          |
 | of the License, or (at your option) any later version.                  |
 |                                                                         |
 | This program is distributed in the hope that it will be useful,         |
 | but WITHOUT ANY WARRANTY; without even the implied warranty of          |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
 | GNU General Public License for more details.                            |
 +-------------------------------------------------------------------------+
 | Cacti: The Complete RRDTool-based Graphing Solution                     |
 +-------------------------------------------------------------------------+
 | This code is designed, written, and maintained by the Cacti Group. See  |
 | about.php and/or the AUTHORS file for specific developer information.   |
 +-------------------------------------------------------------------------+
 | http://www.cacti.net/                                                   |
 +-------------------------------------------------------------------------+
*/
/* do NOT run this script through a web browser */
if (!isset($_SERVER["argv"][0]) || isset($_SERVER['REQUEST_METHOD']) || isset($_SERVER['REMOTE_ADDR'])) {
    die("<br><strong>This script is only meant to run at the command line.</strong>");
}
$no_http_headers = true;
chdir(dirname(__FILE__) . '/../../');
include dirname(__FILE__) . '/../../include/global.php';
echo "NOTE: Fixing Warning vs. Warn Errors\n";
$found = syslog_db_fetch_row("SELECT * FROM syslog_priorities WHERE priority='warning' LIMIT 1");
if (sizeof($found)) {
    syslog_db_execute("UPDATE syslog SET priority_id=5 WHERE priority_id=" . $found["priority_id"]);
    syslog_db_execute("UPDATE syslog_statistics SET priority_id=5 WHERE priority_id=" . $found["priority_id"]);
    syslog_db_execute("DELETE FROM syslog_priorities WHERE priority='warning'");
}
echo "NOTE: Finished\n";
예제 #8
0
if (read_config_option("syslog_retention") > 0) {
    syslog_db_execute("DELETE FROM `" . $syslogdb_default . "`.`syslog_statistics`\n\t\tWHERE insert_time<'" . date("Y-m-d H:i:s", time() - read_config_option("syslog_retention") * 86400) . "'");
    syslog_debug("Deleted " . $syslog_cnn->Affected_Rows() . ",  Syslog Statistics Record(s)");
}
/* remove alert log messages */
if (read_config_option("syslog_alert_retention") > 0) {
    syslog_db_execute("DELETE FROM `" . $syslogdb_default . "`.`syslog_logs`\n\t\tWHERE logtime<'" . date("Y-m-d H:i:s", time() - read_config_option("syslog_alert_retention") * 86400) . "'");
    syslog_debug("Deleted " . $syslog_cnn->Affected_Rows() . ",  Syslog alarm log Record(s)");
}
/* OPTIMIZE THE TABLES ONCE A DAY, JUST TO HELP CLEANUP */
if (date("G") == 0 && date("i") < 5) {
    syslog_debug("Optimizing Tables");
    if (!syslog_is_partitioned()) {
        syslog_db_execute("OPTIMIZE TABLE\n\t\t\t`" . $syslogdb_default . "`.`syslog_incoming`,\n\t\t\t`" . $syslogdb_default . "`.`syslog`,\n\t\t\t`" . $syslogdb_default . "`.`syslog_remove`,\n\t\t\t`" . $syslogdb_default . "`.`syslog_removed`,\n\t\t\t`" . $syslogdb_default . "`.`syslog_alert`");
    } else {
        syslog_db_execute("OPTIMIZE TABLE\n\t\t\t`" . $syslogdb_default . "`.`syslog_incoming`,\n\t\t\t`" . $syslogdb_default . "`.`syslog_remove`,\n\t\t\t`" . $syslogdb_default . "`.`syslog_alert`");
    }
}
syslog_debug("Processing Reports...");
/* Lets run the reports */
$reports = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_reports` WHERE enabled='on'");
$syslog_reports = sizeof($reports);
syslog_debug("We have " . $syslog_reports . " Reports in the database");
if (sizeof($reports)) {
    foreach ($reports as $syslog_report) {
        print '   Report: ' . $syslog_report['name'] . "\n";
        if ($syslog_report['min'] < 10) {
            $syslog_report['min'] = '0' . $syslog_report['min'];
        }
        $base_start_time = $syslog_report['hour'] . ' : ' . $syslog_report['min'];
        $current_time = strtotime("now");
예제 #9
0
function api_syslog_report_enable($id)
{
    include dirname(__FILE__) . '/config.php';
    syslog_db_execute('UPDATE `' . $syslogdb_default . "`.`syslog_reports` SET enabled='on' WHERE id=" . $id);
}
예제 #10
0
function syslog_manage_items($from_table, $to_table)
{
    global $config, $syslog_cnn, $syslog_incoming_config;
    include dirname(__FILE__) . "/config.php";
    /* Select filters to work on */
    $rows = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_remove` WHERE enabled='on'");
    //$rows = syslog_db_fetch_assoc("SELECT * FROM `" . $syslogdb_default . "`.`syslog_remove` WHERE enabled='on' AND message like 'last message repeated %'");
    syslog_debug("Found   " . sizeof($rows) . ",  Removal Rule(s)" . " to process");
    $removed = 0;
    $xferred = 0;
    $total = 0;
    if (sizeof($rows)) {
        foreach ($rows as $remove) {
            syslog_debug("Processing Rule  - " . $remove['message']);
            $sql_sel = "";
            $sql_dlt = "";
            if ($remove['type'] == 'facility') {
                if ($remove['method'] != 'del') {
                    $sql_sel = "SELECT seq\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table}\n\t\t\t\t\t\t\t\tWHERE facility_id in\n\t\t\t\t\t\t\t\t\t(SELECT distinct facility_id from `" . $syslogdb_default . "`syslog_facilities\n\t\t\t\t\t\t\t\t\t\tWHERE facility ='" . $remove['message'] . "')";
                } else {
                    $sql_dlt = "DELETE\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table} \n\t\t\t\t\t\t\t\tWHERE facility_id in\n\t\t\t\t\t\t\t\t\t(SELECT distinct facility_id from `" . $syslogdb_default . "`syslog_facilities\n\t\t\t\t\t\t\t\t\t\tWHERE facility ='" . $remove['message'] . "')";
                }
            } else {
                if ($remove['type'] == 'host') {
                    if ($remove['method'] != 'del') {
                        $sql_sel = "SELECT seq\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table}\n\t\t\t\t\t\t\t\tWHERE host_id in\n\t\t\t\t\t\t\t\t\t(SELECT distinct host_id from `" . $syslogdb_default . "`syslog_hosts\n\t\t\t\t\t\t\t\t\t\tWHERE host ='" . $remove['message'] . "')";
                    } else {
                        $sql_dlt = "DELETE\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table} \n\t\t\t\t\t\t\t\tWHERE host_id in\n\t\t\t\t\t\t\t\t\t(SELECT distinct host_id from `" . $syslogdb_default . "`syslog_hosts\n\t\t\t\t\t\t\t\t\t\tWHERE host ='" . $remove['message'] . "')";
                    }
                } else {
                    if ($remove['type'] == 'messageb') {
                        if ($remove['method'] != 'del') {
                            $sql_sel = "SELECT seq\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table}\n\t\t\t\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%' ";
                        } else {
                            $sql_dlt = "DELETE\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table} \n\t\t\t\t\t\t\t\tWHERE message LIKE '" . $remove['message'] . "%' ";
                        }
                    } else {
                        if ($remove['type'] == 'messagec') {
                            if ($remove['method'] != 'del') {
                                $sql_sel = "SELECT seq\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table}\n\t\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%' ";
                            } else {
                                $sql_dlt = "DELETE\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table} \n\t\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "%' ";
                            }
                        } else {
                            if ($remove['type'] == 'messagee') {
                                if ($remove['method'] != 'del') {
                                    $sql_sel = "SELECT seq\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table}\n\t\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "' ";
                                } else {
                                    $sql_dlt = "DELETE\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table} \n\t\t\t\t\t\t\t\tWHERE message LIKE '%" . $remove['message'] . "' ";
                                }
                            } else {
                                if ($remove['type'] == 'sql') {
                                    if ($remove['method'] != 'del') {
                                        $sql_sel = "SELECT seq\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table}\n\t\t\t\t\t\t\t\tWHERE message (" . $remove['message'] . ") ";
                                    } else {
                                        $sql_dlt = "DELETE\n\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`. {$from_table} \n\t\t\t\t\t\t\t\tWHERE message (" . $remove['message'] . ") ";
                                    }
                                }
                            }
                        }
                    }
                }
            }
            if ($sql_sel != '' || $sql_dlt != '') {
                $debugm = '';
                /* process the removal rule first */
                if ($sql_sel != '') {
                    $move_count = 0;
                    /* first insert, then delete */
                    $move_records = syslog_db_fetch_assoc($sql_sel);
                    syslog_debug("Found   " . sizeof($move_records) . " Message(s)");
                    if (sizeof($move_records)) {
                        $all_seq = '';
                        $messages_moved = 0;
                        foreach ($move_records as $move_record) {
                            $all_seq = $all_seq . ", " . $move_record['seq'];
                        }
                        $all_seq = eregi_replace('^,', '', $all_seq);
                        syslog_db_execute("INSERT INTO `" . $syslogdb_default . "`.`" . $to_table . "` \n\t\t\t\t\t\t\t\t\t\t\t\t(facility_id, priority_id, host_id, logtime, message)\n\t\t\t\t\t\t\t\t\t\t\t\t(SELECT facility_id, priority_id, host_id, logtime, message \n\t\t\t\t\t\t\t\t\t\t\t\t\tFROM `" . $syslogdb_default . "`." . $from_table . "\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE seq in (" . $all_seq . "))");
                        $messages_moved = $syslog_cnn->Affected_Rows();
                        if ($messages_moved > 0) {
                            syslog_db_execute("DELETE FROM `" . $syslogdb_default . "`.`" . $from_table . "` \n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE seq in (" . $all_seq . ")");
                        }
                        $xferred += $messages_moved;
                        $move_count = $messages_moved;
                    }
                    $debugm = "Moved   " . $move_count . " Message(s)";
                }
                if ($sql_dlt != '') {
                    /* now delete the remainder that match */
                    syslog_db_execute($sql_dlt);
                    $removed += $syslog_cnn->Affected_Rows();
                    $debugm = "Deleted " . $removed . " Message(s)";
                }
                syslog_debug($debugm);
            }
        }
    }
    return array("removed" => $removed, "xferred" => $xferred);
}