includes/syslog.php

<?php

/**
 * @package syslog
 */

/**
 * function process_syslog
 */
function process_syslog ($entry, $update) {

  global $config;
  global $dev_cache;

  foreach($config['syslog_filter'] as $bi) {
    if (strpos($entry['msg'], $bi) !== FALSE) {
        $delete = 1;
    }
  }
 
  if (strpos($entry['msg'], "diskio.c: don't know how to handle") !== FALSE)
  {
    $delete = 1;
  }


  if($dev_cache[$entry[host]]) 
  { 
    $entry['device_id'] = $dev_cache[$entry[host]];
  } else {
    $device_id_host = @mysql_result(mysql_query("SELECT device_id FROM devices WHERE `hostname` = '".$entry['host']."' OR `sysName` = '".$entry['host']."'"),0);
    if($device_id_host) {
      $dev_cache[$entry[host]] = $device_id_host;
      $entry['device_id'] = $device_id_host;
    } else {
      $device_id_ip = @mysql_result(mysql_query("SELECT device_id FROM ipv4_addresses AS A, ports AS I WHERE 
      A.ipv4_address = '" . $entry['host']."' AND I.interface_id = A.interface_id"),0);
      if($device_id_ip) { 
        $entry['device_id'] = $device_id_ip;
        $dev_cache[$entry[host]] = $device_id_ip;
      }
    }
  } 

  if($entry['device_id'] && !$delete) {
    $os = mysql_result(mysql_query("SELECT `os` FROM `devices` WHERE `device_id` = '".$entry['device_id']."'"),0);

    if($os == "ios" || $os == "iosxe") {
      if(strpos($entry[msg], "%") !== FALSE) {
        
#        list(,$entry[msg]) = split(": %", $entry['msg'], 2);
#        $entry['msg'] = "%" . $entry['msg'];
#        $entry['msg'] = preg_replace("/^%(.+?):\ /", "\\1||", $entry['msg']);      
      } else { 
        $entry['msg'] = preg_replace("/^.*[0-9]:/", "", $entry['msg']);
        $entry['msg'] = preg_replace("/^[0-9][0-9]\ [A-Z]{3}:/", "", $entry['msg']);
#        $entry['msg'] = preg_replace("/^(.+?):\ /", "\\1||", $entry['msg']);
      }

      $entry['msg'] = preg_replace("/^.+\.[0-9]{3}:/", "", $entry['msg']);
      $entry['msg'] = preg_replace("/^.+-Traceback=/", "Traceback:", $entry['msg']);

      list($entry['program'], $entry['msg']) = explode(":", $entry['msg'], 2);
      $entry['program'] = str_replace("%", "", $entry['program']);
      $entry['msg'] = preg_replace("/^[0-9]+:/", "", $entry['msg']);

      if(!$entry['program']) {
         #$entry['msg'] = preg_replace("/^([0-9A-Z\-]+?):\ /", "\\1||", $entry['msg']);
	 list($entry['program'], $entry['msg']) = explode(":", $entry['msg'], 2);
      }

      if(!$entry['msg']) { $entry['msg'] = $entry['program']; unset ($entry['program']); }

    } else {
      #$program = preg_quote($entry['program'],'/');
      #$entry['msg'] = preg_replace("/^$program:\ /", "", $entry['msg']);
#      if(preg_match("/^[a-zA-Z\/]+\[[0-9]+\]:/", $entry['msg'])) {
        #$entry['msg'] = preg_replace("/^(.+?)\[[0-9]+\]:\ /", "\\1||", $entry['msg']);
        #if(strpos($entry['msg'], "||") !== FALSE) { $entry['msg'] = preg_replace("/^(.+?):\ /", "\\1||", $entry['msg']);}
        #00:38:39.139606
        if(!$entry['program']) {      
        #  list($entry['program'], $entry['msg']) = explode(":", $entry['msg'], 2);
        }
#        $entry['program'] = preg_replace("@\-[0-9]+@", "", $entry['program']);
#      }
    }

    $entry['program'] = strtoupper($entry['program']);
    $x  = "UPDATE `syslog` set `device_id` = '".$entry['device_id']."', `program` = '".$entry['program']."', `msg` = '" . mres($entry['msg']) . "', processed = '1' WHERE `seq` = '" . $entry['seq'] . "'";
    $x  = "INSERT INTO `syslog` (`device_id`,`program`,`facility`,`priority`, `level`, `tag`, `msg`, `timestamp`) ";
    $x .= "VALUES ('".$entry['device_id']."','".$entry['program']."','".$entry['facility']."','".$entry['priority']."', '".$entry['level']."', '".$entry['tag']."', '".$entry['msg']."','".$entry['timestamp']."')";   
    if($update && $entry['device_id']) { mysql_query($x); }
    unset ($fix);
  } else { print_r($entry); echo("D-$delete");}

  return $entry; 

}


?>
missing file! 2008-03-23 21:32:54 +00:00			`<?php`

more db 2011-05-14 21:51:58 +00:00			`/**`
			`* @package syslog`
			`*/`

			`/**`
			`* function process_syslog`
			`*/`
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`function process_syslog ($entry, $update) {`

missing file! 2008-03-23 21:32:54 +00:00			`global $config;`
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00			`global $dev_cache;`
missing file! 2008-03-23 21:32:54 +00:00
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`foreach($config['syslog_filter'] as $bi) {`
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00			`if (strpos($entry['msg'], $bi) !== FALSE) {`
missing file! 2008-03-23 21:32:54 +00:00			`$delete = 1;`
			`}`
			`}`
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00
			`if (strpos($entry['msg'], "diskio.c: don't know how to handle") !== FALSE)`
			`{`
			`$delete = 1;`
			`}`
missing file! 2008-03-23 21:32:54 +00:00

sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00			`if($dev_cache[$entry[host]])`
			`{`
			`$entry['device_id'] = $dev_cache[$entry[host]];`
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`} else {`
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00			$device_id_host = @mysql_result(mysql_query("SELECT device_id FROM devices WHERE `hostname` = '".$entry['host']."' OR `sysName` = '".$entry['host']."'"),0);
			`if($device_id_host) {`
			`$dev_cache[$entry[host]] = $device_id_host;`
			`$entry['device_id'] = $device_id_host;`
			`} else {`
			`$device_id_ip = @mysql_result(mysql_query("SELECT device_id FROM ipv4_addresses AS A, ports AS I WHERE`
			`A.ipv4_address = '" . $entry['host']."' AND I.interface_id = A.interface_id"),0);`
			`if($device_id_ip) {`
			`$entry['device_id'] = $device_id_ip;`
			`$dev_cache[$entry[host]] = $device_id_ip;`
			`}`
missing file! 2008-03-23 21:32:54 +00:00			`}`
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`}`
missing file! 2008-03-23 21:32:54 +00:00
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`if($entry['device_id'] && !$delete) {`
			$os = mysql_result(mysql_query("SELECT `os` FROM `devices` WHERE `device_id` = '".$entry['device_id']."'"),0);
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`if($os == "ios" \|\| $os == "iosxe") {`
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00			`if(strpos($entry[msg], "%") !== FALSE) {`

			`# list(,$entry[msg]) = split(": %", $entry['msg'], 2);`
			`# $entry['msg'] = "%" . $entry['msg'];`
			`# $entry['msg'] = preg_replace("/^%(.+?):\ /", "\\1\|\|", $entry['msg']);`
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`} else {`
add cisco processor polling and many other fixes 2009-04-11 19:10:48 +00:00			`$entry['msg'] = preg_replace("/^.*[0-9]:/", "", $entry['msg']);`
			`$entry['msg'] = preg_replace("/^[0-9][0-9]\ [A-Z]{3}:/", "", $entry['msg']);`
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00			`# $entry['msg'] = preg_replace("/^(.+?):\ /", "\\1\|\|", $entry['msg']);`
add cisco processor polling and many other fixes 2009-04-11 19:10:48 +00:00			`}`

updates 2008-11-28 12:59:33 +00:00			`$entry['msg'] = preg_replace("/^.+\.[0-9]{3}:/", "", $entry['msg']);`
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00			`$entry['msg'] = preg_replace("/^.+-Traceback=/", "Traceback:", $entry['msg']);`
updates 2008-11-28 12:59:33 +00:00
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00			`list($entry['program'], $entry['msg']) = explode(":", $entry['msg'], 2);`
			`$entry['program'] = str_replace("%", "", $entry['program']);`
better logon process 2008-11-26 14:01:09 +00:00			`$entry['msg'] = preg_replace("/^[0-9]+:/", "", $entry['msg']);`
updates 2008-11-28 12:59:33 +00:00
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`if(!$entry['program']) {`
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00			`#$entry['msg'] = preg_replace("/^([0-9A-Z\-]+?):\ /", "\\1\|\|", $entry['msg']);`
			`list($entry['program'], $entry['msg']) = explode(":", $entry['msg'], 2);`
updates 2008-11-28 12:59:33 +00:00			`}`

revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`if(!$entry['msg']) { $entry['msg'] = $entry['program']; unset ($entry['program']); }`
updates 2008-11-28 12:59:33 +00:00
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`} else {`
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00			`#$program = preg_quote($entry['program'],'/');`
			`#$entry['msg'] = preg_replace("/^$program:\ /", "", $entry['msg']);`
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`# if(preg_match("/^[a-zA-Z\/]+\[[0-9]+\]:/", $entry['msg'])) {`
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00			`#$entry['msg'] = preg_replace("/^(.+?)\[[0-9]+\]:\ /", "\\1\|\|", $entry['msg']);`
			`#if(strpos($entry['msg'], "\|\|") !== FALSE) { $entry['msg'] = preg_replace("/^(.+?):\ /", "\\1\|\|", $entry['msg']);}`
			`#00:38:39.139606`
			`if(!$entry['program']) {`
			`# list($entry['program'], $entry['msg']) = explode(":", $entry['msg'], 2);`
			`}`
			`# $entry['program'] = preg_replace("@\-[0-9]+@", "", $entry['program']);`
some graph cleanups and minor improvements 2010-06-13 14:39:09 +00:00			`# }`
missing file! 2008-03-23 21:32:54 +00:00			`}`
sort of fix syslog. ish. 2011-05-13 00:13:57 +00:00
some graph cleanups and minor improvements 2010-06-13 14:39:09 +00:00			`$entry['program'] = strtoupper($entry['program']);`
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			$x = "UPDATE `syslog` set `device_id` = '".$entry['device_id']."', `program` = '".$entry['program']."', `msg` = '" . mres($entry['msg']) . "', processed = '1' WHERE `seq` = '" . $entry['seq'] . "'";
			$x = "INSERT INTO `syslog` (`device_id`,`program`,`facility`,`priority`, `level`, `tag`, `msg`, `timestamp`) ";
			`$x .= "VALUES ('".$entry['device_id']."','".$entry['program']."','".$entry['facility']."','".$entry['priority']."', '".$entry['level']."', '".$entry['tag']."', '".$entry['msg']."','".$entry['timestamp']."')";`
			`if($update && $entry['device_id']) { mysql_query($x); }`
missing file! 2008-03-23 21:32:54 +00:00			`unset ($fix);`
revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00			`} else { print_r($entry); echo("D-$delete");}`

			`return $entry;`
missing file! 2008-03-23 21:32:54 +00:00
			`}`

revert something that broke syslog 2 months ago... 2011-05-12 23:15:56 +00:00
move includes/billing.php includes/syslog.php and includes/functions.php to dbFacile 2011-05-12 11:58:17 +00:00			`?>`