From 4064d7b8241f0a79e57974b6c9539290dd8279e4 Mon Sep 17 00:00:00 2001
From: Adam Amstrong <adama@localhost>
Date: Fri, 19 Feb 2010 01:40:38 +0000
Subject: [PATCH] migrate from reprocessing syslog from sql to native sql
 injector. changes dateime to timestamp in database. will break existing
 syslog dates! ** BEWARE **

git-svn-id: http://www.observium.org/svn/observer/trunk@885 61d68cd4-352d-0410-923a-c4978735b2b8
---
 database-update.sql              |  2 ++
 html/includes/print-syslog.inc   |  6 -----
 html/pages/default-jt.php        |  2 +-
 html/pages/device/syslog.inc.php |  4 ++--
 html/pages/front/default.php     |  2 +-
 html/pages/front/demo.php        |  4 ++--
 html/pages/front/example2.php    |  2 +-
 html/pages/front/jt.php          |  2 +-
 html/pages/syslog.php            |  8 +++----
 includes/syslog.php              | 10 +++-----
 process-syslog.php               | 41 --------------------------------
 syslog.php                       | 29 ++++++++++++++++++++++
 12 files changed, 46 insertions(+), 66 deletions(-)
 delete mode 100755 process-syslog.php
 create mode 100755 syslog.php

diff --git a/database-update.sql b/database-update.sql
index 10a03ab6c6..69ceded358 100644
--- a/database-update.sql
+++ b/database-update.sql
@@ -102,3 +102,5 @@ ALTER TABLE `links` CHANGE `vendor` `protocol` VARCHAR( 11 ) CHARACTER SET latin
 ALTER TABLE `processors` CHANGE `processor_type` `processor_type` varchar(16) NOT NULL;
 ALTER TABLE `bgpPeers_cbgp` CHANGE `afi` `afi` VARCHAR( 16 ) NOT NULL , CHANGE `safi` `safi` VARCHAR( 16 ) NOT NULL; 
 ALTER TABLE  `eventlog` ADD  `reference` VARCHAR( 64 ) NOT NULL AFTER  `type`;
+ALTER TABLE `syslog` CHANGE `datetime` `datetime` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
+ALTER TABLE `syslog`  DROP `host`,  DROP `processed`;
diff --git a/html/includes/print-syslog.inc b/html/includes/print-syslog.inc
index 9c25aad1ef..67bf695e18 100644
--- a/html/includes/print-syslog.inc
+++ b/html/includes/print-syslog.inc
@@ -5,10 +5,6 @@
 $syslog_iter++;
 if(!is_integer($syslog_iter/2)) { $bg_colour = $list_colour_a; } else { $bg_colour = $list_colour_b; }
 
-
-  if(!$entry['processed']) { $entry = process_syslog($entry, 1); }
-  if(!$entry['deleted']) {
-
   echo("<tr style=\"background-color: $bg_colour\">
     <td width=0></td>");
 
@@ -27,6 +23,4 @@ if(!is_integer($syslog_iter/2)) { $bg_colour = $list_colour_a; } else { $bg_colo
     <td></td>
   </tr>");
 
- }
-
 ?>
diff --git a/html/pages/default-jt.php b/html/pages/default-jt.php
index 3aed39019c..d3e442ee61 100644
--- a/html/pages/default-jt.php
+++ b/html/pages/default-jt.php
@@ -91,7 +91,7 @@ if($config['frontpage_display'] == 'syslog') {
     <h3>Recent Syslog Messages</h3>
   ");
 
-  $sql = "SELECT *, DATE_FORMAT(datetime, '%D %b %T') AS date from syslog ORDER BY datetime DESC LIMIT 20";
+  $sql = "SELECT *, DATE_FORMAT(timestamp, '%D %b %T') AS date from syslog ORDER BY timestamp DESC LIMIT 20";
   $query = mysql_query($sql);
   echo("<table cellspacing=0 cellpadding=2 width=100%>");
   while($entry = mysql_fetch_array($query)) { include("includes/print-syslog.inc"); }
diff --git a/html/pages/device/syslog.inc.php b/html/pages/device/syslog.inc.php
index 8716a0ce2b..eb8d6518c2 100644
--- a/html/pages/device/syslog.inc.php
+++ b/html/pages/device/syslog.inc.php
@@ -37,8 +37,8 @@ if($_POST['program']) {
   $where .= " AND program = '".$_POST['program']."'";
 }
 
-$sql =  "SELECT *, DATE_FORMAT(datetime, '%D %b %T') AS date from syslog WHERE device_id = '" . $_GET['id'] . "' $where";
-$sql .= " ORDER BY datetime DESC LIMIT 1000";
+$sql =  "SELECT *, DATE_FORMAT(timestamp, '%D %b %T') AS date from syslog WHERE device_id = '" . $_GET['id'] . "' $where";
+$sql .= " ORDER BY timestamp DESC LIMIT 1000";
 $query = mysql_query($sql);
 echo("<table cellspacing=0 cellpadding=2 width=100%>");
 while($entry = mysql_fetch_array($query)) { include("includes/print-syslog.inc"); }
diff --git a/html/pages/front/default.php b/html/pages/front/default.php
index 14a508e601..08fc56c4ca 100644
--- a/html/pages/front/default.php
+++ b/html/pages/front/default.php
@@ -99,7 +99,7 @@ if($config['enable_syslog']) {
     <h3>Recent Syslog Messages</h3>
   ");
 
-  $sql = "SELECT *, DATE_FORMAT(datetime, '%D %b %T') AS date from syslog ORDER BY datetime DESC LIMIT 20";
+  $sql = "SELECT *, DATE_FORMAT(timestamp, '%D %b %T') AS date from syslog ORDER BY timestamp DESC LIMIT 20";
   $query = mysql_query($sql);
   echo("<table cellspacing=0 cellpadding=2 width=100%>");
   while($entry = mysql_fetch_array($query)) { 
diff --git a/html/pages/front/demo.php b/html/pages/front/demo.php
index 2706db9e9f..77e5edf175 100644
--- a/html/pages/front/demo.php
+++ b/html/pages/front/demo.php
@@ -72,8 +72,8 @@ echo("
 <h3>Recent Syslog Messages</h3>
 
 ");
-$sql = "SELECT *, DATE_FORMAT(datetime, '%D %b %T') AS date from syslog AS S, devices AS D 
-        WHERE S.device_id = D.device_id ORDER BY datetime DESC LIMIT 20";
+$sql = "SELECT *, DATE_FORMAT(timestamp, '%D %b %T') AS date from syslog AS S, devices AS D 
+        WHERE S.device_id = D.device_id ORDER BY timestamp DESC LIMIT 20";
 $query = mysql_query($sql);
 echo("<table cellspacing=0 cellpadding=2 width=100%>");
 while($entry = mysql_fetch_array($query)) { include("includes/print-syslog.inc"); }
diff --git a/html/pages/front/example2.php b/html/pages/front/example2.php
index 52f14801d5..fa0a027430 100644
--- a/html/pages/front/example2.php
+++ b/html/pages/front/example2.php
@@ -93,7 +93,7 @@ echo("
 
 ");
 
-$sql = "SELECT *, DATE_FORMAT(datetime, '%D %b %T') AS date from syslog ORDER BY datetime DESC LIMIT 20";
+$sql = "SELECT *, DATE_FORMAT(timestamp, '%D %b %T') AS date from syslog ORDER BY timestamp DESC LIMIT 20";
 $query = mysql_query($sql);
 echo("<table cellspacing=0 cellpadding=2 width=100%>");
 while($entry = mysql_fetch_array($query)) { include("includes/print-syslog.inc"); }
diff --git a/html/pages/front/jt.php b/html/pages/front/jt.php
index 4a2046ac55..23befc9821 100644
--- a/html/pages/front/jt.php
+++ b/html/pages/front/jt.php
@@ -93,7 +93,7 @@ echo("
 
 ");
 
-$sql = "SELECT *, DATE_FORMAT(datetime, '%D %b %T') AS date from syslog,devices WHERE syslog.device_id = devices.device_id ORDER BY seq DESC LIMIT 20";
+$sql = "SELECT *, DATE_FORMAT(timestamp, '%D %b %T') AS date from syslog,devices WHERE syslog.device_id = devices.device_id ORDER BY seq DESC LIMIT 20";
 $query = mysql_query($sql);
 echo("<table cellspacing=0 cellpadding=2 width=100%>");
 while($entry = mysql_fetch_array($query)) { include("includes/print-syslog.inc"); }
diff --git a/html/pages/syslog.php b/html/pages/syslog.php
index c68aece9cd..6b433dec17 100644
--- a/html/pages/syslog.php
+++ b/html/pages/syslog.php
@@ -60,11 +60,11 @@ if($_POST['device']) {
 }
 
 if($_SESSION['userlevel'] >= '5') {
-  $sql = "SELECT *, DATE_FORMAT(datetime, '%D %b %T') AS date from syslog AS S, devices AS D 
-          WHERE S.device_id = D.device_id $where ORDER BY datetime DESC LIMIT 1000";
+  $sql = "SELECT *, DATE_FORMAT(timestamp, '%D %b %T') AS date from syslog AS S, devices AS D 
+          WHERE S.device_id = D.device_id $where ORDER BY timestamp DESC LIMIT 1000";
 } else {
-  $sql = "SELECT *, DATE_FORMAT(datetime, '%D %b %T') AS date from syslog AS S, devices AS D, devices_perms AS P
-          WHERE S.device_id = P.device_id AND P.user_id = " . $_SESSION['user_id'] . " AND S.device_id = D.device_id $where ORDER BY datetime DESC LIMIT 1000";
+  $sql = "SELECT *, DATE_FORMAT(timestamp, '%D %b %T') AS date from syslog AS S, devices AS D, devices_perms AS P
+          WHERE S.device_id = P.device_id AND P.user_id = " . $_SESSION['user_id'] . " AND S.device_id = D.device_id $where ORDER BY timestamp DESC LIMIT 1000";
 }
 
 $query = mysql_query($sql);
diff --git a/includes/syslog.php b/includes/syslog.php
index a2a31d47fa..943f79c812 100755
--- a/includes/syslog.php
+++ b/includes/syslog.php
@@ -65,15 +65,11 @@ function process_syslog ($entry, $update) {
       }
     }
     $x  = "UPDATE `syslog` set `device_id` = '".$entry['device_id']."', `program` = '".$entry['program']."', `msg` = '" . mysql_real_escape_string($entry['msg']) . "', processed = '1' WHERE `seq` = '" . $entry['seq'] . "'";
-    $entry['processed'] = 1;
+    $x  = "INSERT INTO `syslog` (`device_id`,`program`,`facility`,`priority`, `level`, `tag`, `msg`, `timestamp`) ";
+    $x .= "VALUES ('".$entry['device_id']."','".$entry['program']."','".$entry['facility']."','".$entry['priority']."', '".$entry['level']."', '".$entry['tag']."', '".$entry['msg']."','".$entry['timestamp']."')";   
     if($update) { mysql_query($x); }
+    if(mysql_affected_rows() > "0") { shell_exec("echo written $x >> /tmp/syslog"); } else { echo(mysql_error()); }
     unset ($fix);
-  } else {
-     $x = "DELETE FROM `syslog` where `seq` = '" . $entry['seq'] . "'"; 
-     if($update) { mysql_query($x);}
-
-     $entry['deleted'] = '1';
-
   }
 
   return $entry; 
diff --git a/process-syslog.php b/process-syslog.php
deleted file mode 100755
index 632984499d..0000000000
--- a/process-syslog.php
+++ /dev/null
@@ -1,41 +0,0 @@
-#!/usr/bin/php
-<?php
-
-  ini_set('display_errors', 1);
-  ini_set('display_startup_errors', 1);
-  ini_set('log_errors', 1);
-  ini_set('error_reporting', E_ALL);
-
-
-include("config.php");
-
-if(!$config['enable_syslog']) {
-  echo("Syslog support disabled.\n");
-  exit();
-}
-
-include("includes/syslog.php");
-
-#mysql_query("DELETE FROM `syslog` WHERE `processed` = '0' AND `msg` LIKE '%last message repeated%'");
-#mysql_query("DELETE FROM `syslog` WHERE `processed` = '0' AND `msg` LIKE '%Connection from UDP: [%]:%'");
-#mysql_query("DELETE FROM `syslog` WHERE `processed` = '0' AND `msg` LIKE '%Traceback%'");
-#mysql_query("DELETE FROM `syslog` WHERE `processed` = '0' AND `msg` LIKE '%PM-3-INVALID_BRIDGE_PORT%'");
-#mysql_query("DELETE FROM `syslog` WHERE `processed` = '0' AND `msg` LIKE '%RHWatchdog%'");
-#mysql_query("DELETE FROM `syslog` WHERE `processed` = '0' AND `msg` LIKE '%Hardware Monitoring%'");
-#mysql_query("DELETE FROM `syslog` WHERE `program` LIKE 'SNMP-3-AUTHFAIL'");
-#mysql_query("DELETE FROM `syslog` WHERE `program` LIKE 'SW_MATM-4-MACFLAP_NOTIF'");
-#mysql_query("DELETE FROM `syslog` WHERE `priority` = 'debug'");
-
-## Delete all the old old old syslogs (as per config.php variable)
-
-mysql_query("DELETE FROM `syslog` WHERE `datetime` < DATE_SUB(NOW(), INTERVAL ".$config['syslog_age'].")");
-
-$q = mysql_query("SELECT * FROM `syslog` where `processed` = '0'");
-while($entry = mysql_fetch_array($q)){
-
-   process_syslog($entry, 1);
-
-
-}
-
-?>
diff --git a/syslog.php b/syslog.php
new file mode 100755
index 0000000000..2536f98734
--- /dev/null
+++ b/syslog.php
@@ -0,0 +1,29 @@
+#!/usr/bin/php
+<?php
+
+#  ini_set('display_errors', 0);
+#  ini_set('display_startup_errors', 0);
+#  ini_set('log_errors', 0);
+#  ini_set('error_reporting', E_ALL);
+
+
+include("config.php");
+include("includes/syslog.php");
+
+$i="1";
+
+#mysql_query("DELETE FROM `syslog` WHERE `datetime` < DATE_SUB(NOW(), INTERVAL ".$config['syslog_age'].")");
+
+$s=fopen('php://stdin','r');
+while($line=fgets($s)){
+ `echo "$line" >> /tmp/syslog`;
+ list($entry['host'],$entry['facility'],$entry['priority'], $entry['level'], $entry['tag'], $entry['timestamp'], $entry['msg']) = explode("||", trim($line));
+ shell_exec('echo "'.$i.'. '.$entry['host'].' -> '.$entry['msg'].'" >> /tmp/syslog');
+
+ process_syslog($entry, 1);
+
+ unset($entry); unset($line);
+ $i++;
+}
+
+?>