includes/syslog.php

<?php

function process_syslog ($entry, $update) {

  global $config;

  foreach($config['syslog_filter'] as $bi) {
    if (strstr($entry['msg'], $bi)) {
        $delete = 1;
    }
  }

  $device_id_host = @mysql_result(mysql_query("SELECT device_id FROM devices WHERE `hostname` = '".$entry['host']."' OR `sysName` = '".$entry['host']."'"),0);

  if($device_id_host) { 
    $entry['device_id'] = $device_id_host;
  } else {
    $device_id_ip = @mysql_result(mysql_query("SELECT device_id FROM ipv4_addresses AS A, ports AS I WHERE 
    A.ipv4_address = '" . $entry['host']."' AND I.interface_id = A.interface_id"),0);
    if($device_id_ip) { 
      $entry['device_id'] = $device_id_ip;
    }
  } 

  if($entry['device_id'] && !$delete) {
    $os = mysql_result(mysql_query("SELECT `os` FROM `devices` WHERE `device_id` = '".$entry['device_id']."'"),0);
    if($os == "ios" || $os == "iosxe") {
      if(strstr($entry[msg], "%")) {
        $entry['msg'] = preg_replace("/^%(.+?):\ /", "\\1||", $entry['msg']);
        list(,$entry[msg]) = split(": %", $entry['msg']);
        $entry['msg'] = "%" . $entry['msg'];
        $entry['msg'] = preg_replace("/^%(.+?):\ /", "\\1||", $entry['msg']);      
      } else { 
        $entry['msg'] = preg_replace("/^.*[0-9]:/", "", $entry['msg']);
        $entry['msg'] = preg_replace("/^[0-9][0-9]\ [A-Z]{3}:/", "", $entry['msg']);
        $entry['msg'] = preg_replace("/^(.+?):\ /", "\\1||", $entry['msg']);
      }

      $entry['msg'] = preg_replace("/^.+\.[0-9]{3}:/", "", $entry['msg']);
      $entry['msg'] = preg_replace("/^.+-Traceback=/", "Traceback||", $entry['msg']);

      list($entry['program'], $entry['msg']) = explode("||", $entry['msg']);
      $entry['msg'] = preg_replace("/^[0-9]+:/", "", $entry['msg']);

      if(!$entry['program']) {
         $entry['msg'] = preg_replace("/^([0-9A-Z\-]+?):\ /", "\\1||", $entry['msg']);
	 list($entry['program'], $entry['msg']) = explode("||", $entry['msg']);
      }

      if(!$entry['msg']) { $entry['msg'] = $entry['program']; unset ($entry['program']); }

    } else {
      $program = preg_quote($entry['program'],'/');
      $entry['msg'] = preg_replace("/^$program:\ /", "", $entry['msg']);
      if(preg_match("/^[a-zA-Z\/]+\[[0-9]+\]:/", $entry['msg'])) {
        $entry['msg'] = preg_replace("/^(.+?)\[[0-9]+\]:\ /", "\\1||", $entry['msg']);
        list($entry['program'], $entry['msg']) = explode("||", $entry['msg']);
      }
    }
    $x  = "UPDATE `syslog` set `device_id` = '".$entry['device_id']."', `program` = '".$entry['program']."', `msg` = '" . mres($entry['msg']) . "', processed = '1' WHERE `seq` = '" . $entry['seq'] . "'";
    $x  = "INSERT INTO `syslog` (`device_id`,`program`,`facility`,`priority`, `level`, `tag`, `msg`, `timestamp`) ";
    $x .= "VALUES ('".$entry['device_id']."','".$entry['program']."','".$entry['facility']."','".$entry['priority']."', '".$entry['level']."', '".$entry['tag']."', '".$entry['msg']."','".$entry['timestamp']."')";   
    if($update && $entry['device_id']) { mysql_query($x); }
    unset ($fix);
  } else { print_r($entry); echo("D-$delete");}

  return $entry; 

}


?>
missing file! 2008-03-23 21:32:54 +00:00			`<?php`

			`function process_syslog ($entry, $update) {`

			`global $config;`

			`foreach($config['syslog_filter'] as $bi) {`
			`if (strstr($entry['msg'], $bi)) {`
			`$delete = 1;`
			`}`
			`}`

clear $array at the start of each device. ignore fake cpus from net-snmpd. syslog additions. 2010-02-19 23:57:50 +00:00			$device_id_host = @mysql_result(mysql_query("SELECT device_id FROM devices WHERE `hostname` = '".$entry['host']."' OR `sysName` = '".$entry['host']."'"),0);
missing file! 2008-03-23 21:32:54 +00:00
			`if($device_id_host) {`
speedups to syslog page, caching of device_id 2010-01-29 21:10:05 +00:00			`$entry['device_id'] = $device_id_host;`
missing file! 2008-03-23 21:32:54 +00:00			`} else {`
change interfaces table to ports (to match GUI conventions) 2010-02-20 17:22:22 +00:00			`$device_id_ip = @mysql_result(mysql_query("SELECT device_id FROM ipv4_addresses AS A, ports AS I WHERE`
speedups to syslog page, caching of device_id 2010-01-29 21:10:05 +00:00			`A.ipv4_address = '" . $entry['host']."' AND I.interface_id = A.interface_id"),0);`
missing file! 2008-03-23 21:32:54 +00:00			`if($device_id_ip) {`
speedups to syslog page, caching of device_id 2010-01-29 21:10:05 +00:00			`$entry['device_id'] = $device_id_ip;`
missing file! 2008-03-23 21:32:54 +00:00			`}`
			`}`

speedups to syslog page, caching of device_id 2010-01-29 21:10:05 +00:00			`if($entry['device_id'] && !$delete) {`
			$os = mysql_result(mysql_query("SELECT `os` FROM `devices` WHERE `device_id` = '".$entry['device_id']."'"),0);
a billion changes. ** MAKE SURE TO UPDATE DATABASE AND RUN poll-os.php AND discovery.php -h all ** This is VERY important, as a lot of things have changed! Expect missing files, and another update soon! 2009-11-28 09:48:23 +00:00			`if($os == "ios" \|\| $os == "iosxe") {`
better logon process 2008-11-26 14:01:09 +00:00			`if(strstr($entry[msg], "%")) {`
a million fixes. half way to 0.6.0! :D 2009-04-23 21:13:56 +00:00			`$entry['msg'] = preg_replace("/^%(.+?):\ /", "\\1\|\|", $entry['msg']);`
better logon process 2008-11-26 14:01:09 +00:00			`list(,$entry[msg]) = split(": %", $entry['msg']);`
			`$entry['msg'] = "%" . $entry['msg'];`
			`$entry['msg'] = preg_replace("/^%(.+?):\ /", "\\1\|\|", $entry['msg']);`
add cisco processor polling and many other fixes 2009-04-11 19:10:48 +00:00			`} else {`
			`$entry['msg'] = preg_replace("/^.*[0-9]:/", "", $entry['msg']);`
			`$entry['msg'] = preg_replace("/^[0-9][0-9]\ [A-Z]{3}:/", "", $entry['msg']);`
			`$entry['msg'] = preg_replace("/^(.+?):\ /", "\\1\|\|", $entry['msg']);`
			`}`

updates 2008-11-28 12:59:33 +00:00			`$entry['msg'] = preg_replace("/^.+\.[0-9]{3}:/", "", $entry['msg']);`
			`$entry['msg'] = preg_replace("/^.+-Traceback=/", "Traceback\|\|", $entry['msg']);`

missing file! 2008-03-23 21:32:54 +00:00			`list($entry['program'], $entry['msg']) = explode("\|\|", $entry['msg']);`
better logon process 2008-11-26 14:01:09 +00:00			`$entry['msg'] = preg_replace("/^[0-9]+:/", "", $entry['msg']);`
updates 2008-11-28 12:59:33 +00:00
			`if(!$entry['program']) {`
			`$entry['msg'] = preg_replace("/^([0-9A-Z\-]+?):\ /", "\\1\|\|", $entry['msg']);`
			`list($entry['program'], $entry['msg']) = explode("\|\|", $entry['msg']);`
			`}`

add cisco processor polling and many other fixes 2009-04-11 19:10:48 +00:00			`if(!$entry['msg']) { $entry['msg'] = $entry['program']; unset ($entry['program']); }`
updates 2008-11-28 12:59:33 +00:00
missing file! 2008-03-23 21:32:54 +00:00			`} else {`
			`$program = preg_quote($entry['program'],'/');`
			`$entry['msg'] = preg_replace("/^$program:\ /", "", $entry['msg']);`
			`if(preg_match("/^[a-zA-Z\/]+\[[0-9]+\]:/", $entry['msg'])) {`
			`$entry['msg'] = preg_replace("/^(.+?)\[[0-9]+\]:\ /", "\\1\|\|", $entry['msg']);`
			`list($entry['program'], $entry['msg']) = explode("\|\|", $entry['msg']);`
			`}`
			`}`
cleanups 2010-02-21 11:58:07 +00:00			$x = "UPDATE `syslog` set `device_id` = '".$entry['device_id']."', `program` = '".$entry['program']."', `msg` = '" . mres($entry['msg']) . "', processed = '1' WHERE `seq` = '" . $entry['seq'] . "'";
migrate from reprocessing syslog from sql to native sql injector. changes dateime to timestamp in database. will break existing syslog dates! BEWARE 2010-02-19 01:40:38 +00:00			$x = "INSERT INTO `syslog` (`device_id`,`program`,`facility`,`priority`, `level`, `tag`, `msg`, `timestamp`) ";
			`$x .= "VALUES ('".$entry['device_id']."','".$entry['program']."','".$entry['facility']."','".$entry['priority']."', '".$entry['level']."', '".$entry['tag']."', '".$entry['msg']."','".$entry['timestamp']."')";`
clear $array at the start of each device. ignore fake cpus from net-snmpd. syslog additions. 2010-02-19 23:57:50 +00:00			`if($update && $entry['device_id']) { mysql_query($x); }`
missing file! 2008-03-23 21:32:54 +00:00			`unset ($fix);`
syslog fix + device_fanspeeds graph for health main page 2010-02-25 01:52:32 +00:00			`} else { print_r($entry); echo("D-$delete");}`
missing file! 2008-03-23 21:32:54 +00:00
			`return $entry;`

			`}`


			`?>`