From 809c9ea591dd8671fee609afeb7e31ac5d6b4fd3 Mon Sep 17 00:00:00 2001 From: deepseth Date: Fri, 1 Sep 2017 18:37:01 +0100 Subject: [PATCH] feature: Added Syslog hook for ASA support (#7268) * Added limited support for ASA using emblem logging * Updated documentation * Updated ASA support to cover regular and emblem logging * Gave the variable a more suitable name * Removed debug output --- doc/Extensions/Syslog.md | 7 ++++++- includes/syslog.php | 5 +++-- scripts/syslog-notify-oxidized.php | 3 +++ 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/doc/Extensions/Syslog.md b/doc/Extensions/Syslog.md index 45ff122663..60d71a42fb 100644 --- a/doc/Extensions/Syslog.md +++ b/doc/Extensions/Syslog.md @@ -180,7 +180,12 @@ Trigger external scripts based on specific syslog patterns being matched with sy $config['enable_syslog_hooks'] = 1; ``` -The below are some example hooks to call an external script in the event of a configuration change on Cisco IOS, IOS-XR and NX-OS devices. Add to your `config.php` file to enable. +The below are some example hooks to call an external script in the event of a configuration change on Cisco ASA, IOS, NX-OS and IOS-XR devices. Add to your `config.php` file to enable. + +#### Cisco ASA +```ssh +$config['os']['asa']['syslog_hook'][] = Array('regex' => '/%ASA-(config-)?5-111005/', 'script' => '/opt/librenms/scripts/syslog-notify-oxidized.php'); +``` #### Cisco IOS ```ssh diff --git a/includes/syslog.php b/includes/syslog.php index 2e7121a153..bb248d7327 100644 --- a/includes/syslog.php +++ b/includes/syslog.php @@ -64,8 +64,9 @@ function process_syslog($entry, $update) if ((isset($config['enable_syslog_hooks'])) && ($config['enable_syslog_hooks']) && (isset($config['os'][$os]['syslog_hook'])) && (is_array($config['os'][$os]['syslog_hook']))) { foreach ($config['os'][$os]['syslog_hook'] as $k => $v) { - if ((isset($v['script'])) && (isset($v['regex'])) && (preg_match($v['regex'], $entry['msg']))) { - shell_exec(escapeshellcmd($v['script']).' '.escapeshellarg($hostname).' '.escapeshellarg($os).' '.escapeshellarg($entry['msg']).' >/dev/null 2>&1 &'); + $syslogprogmsg = $entry['program'].": ".$entry['msg']; + if ((isset($v['script'])) && (isset($v['regex'])) && ((preg_match($v['regex'], $syslogprogmsg)))) { + shell_exec(escapeshellcmd($v['script']).' '.escapeshellarg($hostname).' '.escapeshellarg($os).' '.escapeshellarg($syslogprogmsg).' >/dev/null 2>&1 &'); } } } diff --git a/scripts/syslog-notify-oxidized.php b/scripts/syslog-notify-oxidized.php index eadc5a24a1..7952263c9d 100755 --- a/scripts/syslog-notify-oxidized.php +++ b/scripts/syslog-notify-oxidized.php @@ -35,4 +35,7 @@ if (preg_match('/(SYS-(SW[0-9]+-)?5-CONFIG_I|VSHD-5-VSHD_SYSLOG_CONFIG_I): Confi } elseif (preg_match('/GBL-CONFIG-6-DB_COMMIT : Configuration committed by user \\\\\'(?P.+?)\\\\\'..*/', $msg, $matches)) { $username = $matches['user']; oxidized_node_update($hostname, $username, $msg); +} elseif (preg_match('/ASA-(config-)?5-111005: (?P.+) end configuration: OK/', $msg, $matches)) { + $username = $matches['user']; + oxidized_node_update($hostname, $username, $msg); }