includes/syslog.php

<?php

function process_syslog ($entry, $update) {

  global $config;

  foreach($config['syslog_filter'] as $bi) {
    if (strstr($entry['msg'], $bi)) {
        $delete = 1;
    }
  }

  $device_id_host = @mysql_result(mysql_query("SELECT device_id FROM devices WHERE `hostname` = '".$entry['host']."'"),0);

  if($device_id_host) { 
    $device_id = $device_id_host;
  } else {
    $device_id_ip = @mysql_result(mysql_query("SELECT D.device_id as device_id FROM ipv4_addresses AS A, interfaces AS I, devices AS D WHERE A.ipv4_address = '" . $entry['host']."' AND I.interface_id = A.interface_id AND D.device_id = I.device_id"),0);
    if($device_id_ip) { 
      $device_id = $device_id_ip;
    }
  } 

  if($device_id && !$delete) {
    $entry['device_id'] = $device_id;
    $os = mysql_result(mysql_query("SELECT `os` FROM `devices` WHERE `device_id` = '$device_id'"),0);
    if($os == "ios" || $os == "iosxe") {
      if(strstr($entry[msg], "%")) {
        $entry['msg'] = preg_replace("/^%(.+?):\ /", "\\1||", $entry['msg']);
        list(,$entry[msg]) = split(": %", $entry['msg']);
        $entry['msg'] = "%" . $entry['msg'];
        $entry['msg'] = preg_replace("/^%(.+?):\ /", "\\1||", $entry['msg']);      
      } else { 
        $entry['msg'] = preg_replace("/^.*[0-9]:/", "", $entry['msg']);
        $entry['msg'] = preg_replace("/^[0-9][0-9]\ [A-Z]{3}:/", "", $entry['msg']);
        $entry['msg'] = preg_replace("/^(.+?):\ /", "\\1||", $entry['msg']);
        #$entry['msg'] = "||" . $entry['msg'];
      }

      $entry['msg'] = preg_replace("/^.+\.[0-9]{3}:/", "", $entry['msg']);
      $entry['msg'] = preg_replace("/^.+-Traceback=/", "Traceback||", $entry['msg']);

      list($entry['program'], $entry['msg']) = explode("||", $entry['msg']);
      $entry['msg'] = preg_replace("/^[0-9]+:/", "", $entry['msg']);

      if(!$entry['program']) {
         $entry['msg'] = preg_replace("/^([0-9A-Z\-]+?):\ /", "\\1||", $entry['msg']);
	 list($entry['program'], $entry['msg']) = explode("||", $entry['msg']);
      }

      if(!$entry['msg']) { $entry['msg'] = $entry['program']; unset ($entry['program']); }

    } else {
      $program = preg_quote($entry['program'],'/');
      $entry['msg'] = preg_replace("/^$program:\ /", "", $entry['msg']);
      if(preg_match("/^[a-zA-Z\/]+\[[0-9]+\]:/", $entry['msg'])) {
        $entry['msg'] = preg_replace("/^(.+?)\[[0-9]+\]:\ /", "\\1||", $entry['msg']);
        list($entry['program'], $entry['msg']) = explode("||", $entry['msg']);
      }
    }
    $x  = "UPDATE `syslog` set `device_id` = '$device_id', `program` = '".$entry['program']."', `msg` = '" . mysql_real_escape_string($entry['msg']) . "', processed = '1' WHERE `seq` = '" . $entry['seq'] . "'";
    $entry['processed'] = 1;
    if($update) { mysql_query($x); }
    unset ($fix);
  } else {
     $x = "DELETE FROM `syslog` where `seq` = '" . $entry['seq'] . "'"; 
     if($update) { mysql_query($x);}

     $entry['deleted'] = '1';

  }

  return $entry; 

}


?>
missing file! 2008-03-23 21:32:54 +00:00			`<?php`

			`function process_syslog ($entry, $update) {`

			`global $config;`

			`foreach($config['syslog_filter'] as $bi) {`
			`if (strstr($entry['msg'], $bi)) {`
			`$delete = 1;`
			`}`
			`}`

			$device_id_host = @mysql_result(mysql_query("SELECT device_id FROM devices WHERE `hostname` = '".$entry['host']."'"),0);

			`if($device_id_host) {`
			`$device_id = $device_id_host;`
			`} else {`
a million fixes. half way to 0.6.0! :D 2009-04-23 21:13:56 +00:00			`$device_id_ip = @mysql_result(mysql_query("SELECT D.device_id as device_id FROM ipv4_addresses AS A, interfaces AS I, devices AS D WHERE A.ipv4_address = '" . $entry['host']."' AND I.interface_id = A.interface_id AND D.device_id = I.device_id"),0);`
missing file! 2008-03-23 21:32:54 +00:00			`if($device_id_ip) {`
			`$device_id = $device_id_ip;`
			`}`
			`}`

			`if($device_id && !$delete) {`
			`$entry['device_id'] = $device_id;`
a million fixes. half way to 0.6.0! :D 2009-04-23 21:13:56 +00:00			$os = mysql_result(mysql_query("SELECT `os` FROM `devices` WHERE `device_id` = '$device_id'"),0);
a billion changes. ** MAKE SURE TO UPDATE DATABASE AND RUN poll-os.php AND discovery.php -h all ** This is VERY important, as a lot of things have changed! Expect missing files, and another update soon! 2009-11-28 09:48:23 +00:00			`if($os == "ios" \|\| $os == "iosxe") {`
better logon process 2008-11-26 14:01:09 +00:00			`if(strstr($entry[msg], "%")) {`
a million fixes. half way to 0.6.0! :D 2009-04-23 21:13:56 +00:00			`$entry['msg'] = preg_replace("/^%(.+?):\ /", "\\1\|\|", $entry['msg']);`
better logon process 2008-11-26 14:01:09 +00:00			`list(,$entry[msg]) = split(": %", $entry['msg']);`
			`$entry['msg'] = "%" . $entry['msg'];`
			`$entry['msg'] = preg_replace("/^%(.+?):\ /", "\\1\|\|", $entry['msg']);`
add cisco processor polling and many other fixes 2009-04-11 19:10:48 +00:00			`} else {`
			`$entry['msg'] = preg_replace("/^.*[0-9]:/", "", $entry['msg']);`
			`$entry['msg'] = preg_replace("/^[0-9][0-9]\ [A-Z]{3}:/", "", $entry['msg']);`
			`$entry['msg'] = preg_replace("/^(.+?):\ /", "\\1\|\|", $entry['msg']);`
			`#$entry['msg'] = "\|\|" . $entry['msg'];`
			`}`

updates 2008-11-28 12:59:33 +00:00			`$entry['msg'] = preg_replace("/^.+\.[0-9]{3}:/", "", $entry['msg']);`
			`$entry['msg'] = preg_replace("/^.+-Traceback=/", "Traceback\|\|", $entry['msg']);`

missing file! 2008-03-23 21:32:54 +00:00			`list($entry['program'], $entry['msg']) = explode("\|\|", $entry['msg']);`
better logon process 2008-11-26 14:01:09 +00:00			`$entry['msg'] = preg_replace("/^[0-9]+:/", "", $entry['msg']);`
updates 2008-11-28 12:59:33 +00:00
			`if(!$entry['program']) {`
			`$entry['msg'] = preg_replace("/^([0-9A-Z\-]+?):\ /", "\\1\|\|", $entry['msg']);`
			`list($entry['program'], $entry['msg']) = explode("\|\|", $entry['msg']);`
			`}`

add cisco processor polling and many other fixes 2009-04-11 19:10:48 +00:00			`if(!$entry['msg']) { $entry['msg'] = $entry['program']; unset ($entry['program']); }`
updates 2008-11-28 12:59:33 +00:00
missing file! 2008-03-23 21:32:54 +00:00			`} else {`
			`$program = preg_quote($entry['program'],'/');`
			`$entry['msg'] = preg_replace("/^$program:\ /", "", $entry['msg']);`
			`if(preg_match("/^[a-zA-Z\/]+\[[0-9]+\]:/", $entry['msg'])) {`
			`$entry['msg'] = preg_replace("/^(.+?)\[[0-9]+\]:\ /", "\\1\|\|", $entry['msg']);`
			`list($entry['program'], $entry['msg']) = explode("\|\|", $entry['msg']);`
			`}`
			`}`
			$x = "UPDATE `syslog` set `device_id` = '$device_id', `program` = '".$entry['program']."', `msg` = '" . mysql_real_escape_string($entry['msg']) . "', processed = '1' WHERE `seq` = '" . $entry['seq'] . "'";
			`$entry['processed'] = 1;`
			`if($update) { mysql_query($x); }`
			`unset ($fix);`
			`} else {`
			$x = "DELETE FROM `syslog` where `seq` = '" . $entry['seq'] . "'";
			`if($update) { mysql_query($x);}`

			`$entry['deleted'] = '1';`

			`}`

			`return $entry;`

			`}`


			`?>`