mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #3099 from murrant/syslog-cisco

Browse Source 
Simplify and fix Cisco ios,iosxe,catos syslog processing
This commit is contained in:
Neil Lathwood
2016-03-03 19:55:13 +00:00
parent 833b169431 985ea9bea6
commit fa23fc4b6d
6 changed files with 132 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -4,7 +4,7 @@
!/.gitignore
!/.editorconfig
!/.scrutinizer.yml
!/.travis.yml
# Others #
##########

11
.travis.yml Normal file
View File

@@ -0,0 +1,11 @@
language: php php:
- '5.3'
- '5.4'
- '5.5'
- '5.6'
- '7.0'
- hhvm
matrix:
allow_failures:
- php: 7.0

47
includes/syslog.php
View File

@@ -52,38 +52,25 @@ function process_syslog($entry, $update) {
$os = get_cache($entry['host'], 'os');
if (in_array($os, array('ios', 'iosxe', 'catos'))) {
$matches = array();
// if (preg_match('#%(?P<program>.*):( ?)(?P<msg>.*)#', $entry['msg'], $matches)) {
// $entry['msg'] = $matches['msg'];
// $entry['program'] = $matches['program'];
// }
// unset($matches);
if (strstr($entry['msg'], '%')) {
$entry['msg'] = preg_replace('/^%(.+?):\ /', '\\1||', $entry['msg']);
list(,$entry['msg']) = explode(': %', $entry['msg']);
$entry['msg'] = '%'.$entry['msg'];
$entry['msg'] = preg_replace('/^%(.+?):\ /', '\\1||', $entry['msg']);
// multipart message
if(strpos($entry['msg'], ':') !== false) {
/* Split the following examples
* %CARD-SEVERITY-MSG:SLOT %FACILITY-SEVERITY-MNEMONIC: Message-text
* %FACILITY-SUBFACILITY-SEVERITY-MNEMONIC: Message-text
*/
$matches = array();
if(preg_match('/^(?<program>%?[A-Za-z\d\-_]+(:[A-Z]* %[A-Z\d\-_]+)?): ?(?<msg>.*)/', $entry['msg'], $matches)) {
$entry['program'] = $matches['program'];
$entry['msg'] = $matches['msg'];
}
unset($matches);
}
else {
$entry['msg'] = preg_replace('/^.*[0-9]:/', '', $entry['msg']);
$entry['msg'] = preg_replace('/^[0-9][0-9]\ [A-Z]{3}:/', '', $entry['msg']);
$entry['msg'] = preg_replace('/^(.+?):\ /', '\\1||', $entry['msg']);
}
$entry['msg'] = preg_replace('/^.+\.[0-9]{3}:/', '', $entry['msg']);
$entry['msg'] = preg_replace('/^.+-Traceback=/', 'Traceback||', $entry['msg']);
list($entry['program'], $entry['msg']) = explode('||', $entry['msg']);
$entry['msg'] = preg_replace('/^[0-9]+:/', '', $entry['msg']);
if (!$entry['program']) {
$entry['msg'] = preg_replace('/^([0-9A-Z\-]+?):\ /', '\\1||', $entry['msg']);
list($entry['program'], $entry['msg']) = explode('||', $entry['msg']);
}
if (!$entry['msg']) {
$entry['msg'] = $entry['program'];
unset($entry['program']);
// if this looks like a program (no groups of 2 or more lowercase letters), move it to program
if (!preg_match('/[(a-z)]{2,}/', $entry['msg'])) {
$entry['program'] = $entry['msg'];
unset($entry['msg']);
}
}
}
else if ($os == 'linux' and get_cache($entry['host'], 'version') == 'Point') {

5
misc/notifications.rss
View File

@@ -12,5 +12,10 @@
<description>This is the first notification. We will post these whenever an upcoming major change is about to happen.</description>
<pubDate>Tue, 19 Jan 2016 12:00:00 +0000</pubDate>
</item>
<item>
<title>Cisco syslog parsing changes</title>
<description>We have overhauled the Cisco syslog parsing. Please monitor your syslog entries from Cisco IOS, IOSXR, and CatOS devices. If you notice any issues please open a new issue on GitHub and include the original syslog message.</description>
<pubDate>Thu, 03 Mar 2016 12:00:00 +0000</pubDate>
</item>
</channel>
</rss>

8
phpunit.xml Normal file
View File

@@ -0,0 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit colors="true">
<testsuites>
<testsuite name="Application Test Suite">
<directory>./tests/</directory>
</testsuite>
</testsuites>
</phpunit>

90
tests/SyslogTest.php Normal file
View File

@@ -0,0 +1,90 @@
<?php
include "includes/syslog.php";
class SyslogTest extends \PHPUnit_Framework_TestCase
{
// The format is:
// $SOURCEIP||$FACILITY||$PRIORITY||$LEVEL||$TAG||$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC||$MSG||$PROGRAM
// There add an IP for each OS you want to test and use that in the input file
private function fillLine($line) {
$entry = array();
list($entry['host'],$entry['facility'],$entry['priority'], $entry['level'], $entry['tag'], $entry['timestamp'], $entry['msg'], $entry['program']) = explode("||", trim($line));
return $entry;
}
private function createData($line, $resultDelta) {
$entry = $this->fillLine($line);
$data = array();
$data['input'] = $entry;
unset($entry['msg']); // empty msg
$data['result'] = array_merge($entry, $resultDelta);
return $data;
}
public function testCiscoSyslog()
{
// populate fake $dev_cache and $config
global $config, $dev_cache;
$dev_cache['1.1.1.1'] = ['device_id' => 1, 'os' => 'ios', 'version' => 1];;
$confg = array();
$config['syslog_filter'] = array();
// populate test data
$testdata = array();
// ---- IOS ----
$testdata[] = $this->createData(
"1.1.1.1||user||info||info||0e||2016-02-28 00:23:34||%CARD-SEVERITY-MSG:SLOT %FACILITY-SEVERITY-MNEMONIC: Message-text||",
['device_id'=>1, 'program'=>'%CARD-SEVERITY-MSG:SLOT %FACILITY-SEVERITY-MNEMONIC', 'msg'=>'Message-text']
);
$testdata[] = $this->createData(
"1.1.1.1||user||info||info||0e||2016-02-28 00:23:34||%FACILITY-SUBFACILITY-SEVERITY-MNEMONIC: Message-text||",
['device_id'=>1, 'program'=>'%FACILITY-SUBFACILITY-SEVERITY-MNEMONIC', 'msg'=>'Message-text']
);
// ---- CatOS ----
$testdata[] = $this->createData(
"1.1.1.1||user||info||info||0e||2016-02-28 00:23:34||%IP-3-UDP_SOCKOVFL:UDP socket overflow||",
['device_id'=>1, 'program'=>'%IP-3-UDP_SOCKOVFL', 'msg'=>'UDP socket overflow']
);
$testdata[] = $this->createData(
"1.1.1.1||user||info||info||0e||2016-02-28 00:23:34||DTP-1-ILGLCFG: Illegal config (on, isl--on,dot1q) on Port [mod/port]||",
['device_id'=>1, 'program'=>'DTP-1-ILGLCFG', 'msg'=>'Illegal config (on, isl--on,dot1q) on Port [mod/port]']
);
$testdata[] = $this->createData(
"1.1.1.1||user||info||info||0e||2016-02-28 00:23:34||Cannot enable text mode config if ACL config is cleared from nvram||",
['device_id'=>1, 'program'=>'', 'msg'=>'Cannot enable text mode config if ACL config is cleared from nvram']
);
$testdata[] = $this->createData(
"1.1.1.1||user||info||info||0e||2016-02-28 00:23:34||%PAGP-5-PORTFROMSTP / %PAGP-5-PORTTOSTP||",
['device_id'=>1, 'program'=>'%PAGP-5-PORTFROMSTP / %PAGP-5-PORTTOSTP']
);
$testdata[] = $this->createData(
"1.1.1.1||user||info||info||0e||2016-02-28 00:23:34||%SYS-3-EOBC_CHANNELREINIT||",
['device_id'=>1, 'program'=>'%SYS-3-EOBC_CHANNELREINIT']
);
$testdata[] = $this->createData(
"1.1.1.1||user||info||info||0e||2016-02-28 00:23:34||%SYS-4-MODHPRESET:||",
['device_id'=>1, 'program'=>'%SYS-4-MODHPRESET', 'msg'=>'']
);
$testdata[] = $this->createData(
"1.1.1.1||user||info||info||0e||2016-02-28 00:23:34||InbandPingProcessFailure:Module x not responding over inband||",
['device_id'=>1, 'program'=>'INBANDPINGPROCESSFAILURE', 'msg'=>'Module x not responding over inband']
);
$testdata[] = $this->createData(
"1.1.1.1||user||info||info||0e||2016-02-28 00:23:34||RxSBIF_SEQ_NUM_ERROR:slot=x||",
['device_id'=>1, 'program'=>'RXSBIF_SEQ_NUM_ERROR', 'msg'=>'slot=x']
);
// run tests
foreach($testdata as $data) {
$res = process_syslog($data['input'], 0);
$this->assertEquals($data['result'], $res);
}
}
}