tyler.durden/loganalyzer
1
0
Fork 0
mirror of https://github.com/rsyslog/loganalyzer.git synced 2025-09-25 18:59:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Enhanced Eventlog Summary Report, it used the new functions to generate the reports

Browse Source
This commit is contained in:
Andre Lorbach 2011-10-27 16:16:51 +02:00
parent ea7db9a839
commit 49aa37721d
3 changed files with 106 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
src/classes/reports/report.eventlog.eventsummary.class.php
View File

@ -296,15 +296,50 @@ class Report_eventsummary extends Report {
*/
private function ConsolidateEventsPerHost( $arrHosts )
{
global $content, $gl_starttime;
global $content, $gl_starttime, $fields;
// Now open the stream for data processing
$res = $this->_streamObj->Open( $this->_arrProperties, true );
if ( $res == SUCCESS )
{
// Set reading direction
// $this->_streamObj->SetReadDirection( EnumReadDirection::Backward );
// --- New Method to consolidate data!
// TimeStats
$nowtime = microtime_float();
$content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
// Update all Checksums first!
$this->_streamObj->UpdateAllMessageChecksum();
// TimeStats
$nowtime = microtime_float();
$content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
foreach ( $arrHosts as $myHost )
{
// Set custom filters
$this->_streamObj->ResetFilters();
$this->_streamObj->SetFilter( $this->_filterString . " " . $fields[SYSLOG_MESSAGETYPE]['SearchField'] . ":=" . IUT_NT_EventReport . ",=" . IUT_WEVTMONV2 . " " . $fields[SYSLOG_HOST]['SearchField'] . ":=" . $myHost );
// Set Host Item Basics if not set yet
$content["report_consdata"][ $myHost ][SYSLOG_HOST] = $myHost;
// Get Data for single host
$content["report_consdata"][ $myHost ]['cons_events'] = $this->_streamObj->ConsolidateDataByField( MISC_CHECKSUM, $this->_maxEventsPerHost, MISC_CHECKSUM, SORTING_ORDER_DESC, null, true, true );
//print_r ($fields[SYSLOG_MESSAGE]);
foreach ( $content["report_consdata"][ $myHost ]['cons_events'] as &$myConsData )
{
// Set Basic data entries
if (!isset( $content['filter_severity_list'][$myConsData[SYSLOG_SEVERITY]] ))
$myConsData[SYSLOG_SEVERITY] = SYSLOG_NOTICE; // Set default in this case
}
}
// TimeStats
$nowtime = microtime_float();
$content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
// ---
/* OLD CODE
// Init uid helper
$uID = UID_UNKNOWN;
@ -381,59 +416,74 @@ class Report_eventsummary extends Report {
// TimeStats
$nowtime = microtime_float();
$content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
}
*/
// Start Postprocessing
foreach( $content["report_consdata"] as &$tmpConsolidatedComputer )
// Start Postprocessing
foreach( $content["report_consdata"] as &$tmpConsolidatedComputer )
{
// First use callback function to sort array
uasort($tmpConsolidatedComputer['cons_events'], "MultiSortArrayByItemCountDesc");
// Remove entries according to _maxEventsPerHost
if ( count($tmpConsolidatedComputer['cons_events']) > $this->_maxEventsPerHost )
{
// First use callback function to sort array
uasort($tmpConsolidatedComputer['cons_events'], "MultiSortArrayByItemCountDesc");
$iDropCount = 0;
do
{
array_pop($tmpConsolidatedComputer['cons_events']);
$iDropCount++;
} while ( count($tmpConsolidatedComputer['cons_events']) > $this->_maxEventsPerHost );
// Remove entries according to _maxEventsPerHost
if ( count($tmpConsolidatedComputer['cons_events']) > $this->_maxEventsPerHost )
// Append a dummy entry which shows count of all other events
if ( $iDropCount > 0 )
{
$iDropCount = 0;
$lastEntry[SYSLOG_SEVERITY] = SYSLOG_NOTICE;
$lastEntry[SYSLOG_EVENT_ID] = "-";
$lastEntry[SYSLOG_EVENT_SOURCE] = $content['LN_GEN_ALL_OTHER_EVENTS'];
$lastEntry[SYSLOG_MESSAGE] = $content['LN_GEN_ALL_OTHER_EVENTS'];
$lastEntry['ItemCount'] = $iDropCount;
$lastEntry['FirstEvent_Date'] = "-";
$lastEntry['LastEvent_Date'] = "-";
do
{
array_pop($tmpConsolidatedComputer['cons_events']);
$iDropCount++;
} while ( count($tmpConsolidatedComputer['cons_events']) > $this->_maxEventsPerHost );
// Append a dummy entry which shows count of all other events
if ( $iDropCount > 0 )
{
$lastEntry[SYSLOG_SEVERITY] = SYSLOG_NOTICE;
$lastEntry[SYSLOG_EVENT_ID] = "-";
$lastEntry[SYSLOG_EVENT_SOURCE] = $content['LN_GEN_ALL_OTHER_EVENTS'];
$lastEntry[SYSLOG_MESSAGE] = $content['LN_GEN_ALL_OTHER_EVENTS'];
$lastEntry['ItemCount'] = $iDropCount;
$lastEntry['FirstEvent_Date'] = "-";
$lastEntry['LastEvent_Date'] = "-";
$tmpConsolidatedComputer['cons_events'][] = $lastEntry;
}
}
// TimeStats
$nowtime = microtime_float();
$content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
// PostProcess Events!
foreach( $tmpConsolidatedComputer["cons_events"] as &$tmpMyEvent )
{
$tmpMyEvent['FirstEvent_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['FirstEvent_Date'] );
$tmpMyEvent['LastEvent_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['LastEvent_Date'] );
$tmpMyEvent['syslogseverity_text'] = $content['filter_severity_list'][ $tmpMyEvent['syslogseverity'] ]["DisplayName"];
$tmpConsolidatedComputer['cons_events'][] = $lastEntry;
}
}
// TimeStats
$nowtime = microtime_float();
$content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
// PostProcess Events!
foreach( $tmpConsolidatedComputer["cons_events"] as &$tmpMyEvent )
{
$tmpMyEvent['FirstEvent_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['FirstOccurrence_Date'] );
$tmpMyEvent['LastEvent_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['LastOccurrence_Date'] );
$tmpMyEvent['syslogseverity_text'] = $content['filter_severity_list'][ $tmpMyEvent['syslogseverity'] ]["DisplayName"];
$tmpMyEvent['syslogseverity_bgcolor'] = $this->GetSeverityBGColor($tmpMyEvent['syslogseverity']);
}
}
else
return $ret;
// ---
}
// Work done!
return SUCCESS;
}
/*
* Helper function to obtain Severity background color
*/
private function GetSeverityBGColor( $nSeverity )
{
global $severity_colors;
if ( isset( $severity_colors[$nSeverity] ) )
return $severity_colors[$nSeverity];
else
return $severity_colors[SYSLOG_INFO]; //Default
}
}
?>

15
src/classes/reports/report.eventlog.eventsummary/report.eventlog.eventsummary.template.html
View File

@ -94,30 +94,29 @@
<table width="100%" cellpadding="0" cellspacing="1" border="0" align="center" class="with_border_alternate">
<tr>
<td class="cellmenu1" align="center" width="50" nowrap>{ln_report_number}</td>
<td class="cellmenu1" align="center" width="50" nowrap>{ln_report_count}</td>
<td class="cellmenu1" align="center" width="100" nowrap>{ln_report_firstevent}</td>
<td class="cellmenu1" align="center" width="100" nowrap>{ln_report_lastevent}</td>
<td class="cellmenu1" align="center" width="150" nowrap>{ln_report_process}</td>
<td class="cellmenu1" align="center" width="100" nowrap>{ln_report_severity}</td>
<td class="cellmenu1" align="center" width="80" nowrap>{ln_report_eventid}</td>
<td class="cellmenu1" align="center" width="100%" nowrap>{ln_report_description}</td>
<td class="cellmenu1" align="center" width="50" nowrap>{ln_report_count}</td>
</tr>
<!-- BEGIN cons_events -->
<tr>
<td class="line1" valign="top" align="center">{ZAEHLER}</td>
<td class="line1" valign="top" align="center">{FirstEvent_Date_Formatted}</td>
<td class="line1" valign="top" align="center">{LastEvent_Date_Formatted}</td>
<td class="line1" valign="top" align="center"><a href="http://kb.monitorware.com/kbsearch.php?sa=Search&origin=phplogcon&oid=sourceproc&q={sourceproc}" target="_blank">{sourceproc}</a></td>
<td class="line1" valign="top" align="center">{syslogseverity_text}</td>
<td class="line1" valign="top" align="center"><a href="http://kb.monitorware.com/kbsearch.php?sa=Search&origin=phplogcon&oid=id&q={id}" target="_blank">{id}</a></td>
<td class="line1" valign="top" align="left">{msg}</td>
<!-- IF ItemCount>=$_colorThreshold -->
<td class="lineColouredWhite" valign="top" align="right" bgcolor="#990000"><b>{ItemCount}</b></td>
<!-- ENDIF ItemCount>=$_colorThreshold -->
<!-- IF ItemCount<$_colorThreshold -->
<td class="lineColouredWhite" valign="top" align="right" bgcolor="#AAAAAA"><b>{ItemCount}</b></td>
<!-- ENDIF ItemCount<$_colorThreshold -->
<td class="line1" valign="top" align="center">{FirstEvent_Date_Formatted}</td>
<td class="line1" valign="top" align="center">{LastEvent_Date_Formatted}</td>
<td class="line1" valign="top" align="center"><a href="http://kb.monitorware.com/kbsearch.php?sa=Search&origin=phplogcon&oid=sourceproc&q={sourceproc}" target="_blank">{sourceproc}</a></td>
<td class="lineColouredWhite" valign="top" align="center" bgcolor="{syslogseverity_bgcolor}"><b>{syslogseverity_text}</b></td>
<td class="line1" valign="top" align="center"><a href="http://kb.monitorware.com/kbsearch.php?sa=Search&origin=phplogcon&oid=id&q={id}" target="_blank">{id}</a></td>
<td class="line1" valign="top" align="left">{msg}</td>
</tr>
<!-- END cons_events -->

12
src/classes/reports/report.eventlog.eventsummary/report.eventlog.eventsummary.template.pdf
View File

@ -68,27 +68,27 @@
<table width="100%" cellpadding="0" cellspacing="1" border="1" align="center" class="with_border_alternate">
<tr>
<td class="cellmenu1" bgcolor="#9FDAF1" align="center" width="50" nowrap>{ln_report_number}</td>
<td class="cellmenu1" bgcolor="#9FDAF1" align="center" width="50" nowrap>{ln_report_count}</td>
<td class="cellmenu1" bgcolor="#9FDAF1" align="left" width="100" nowrap>{ln_report_firstevent}</td>
<td class="cellmenu1" bgcolor="#9FDAF1" align="left" width="100" nowrap>{ln_report_lastevent}</td>
<td class="cellmenu1" bgcolor="#9FDAF1" align="left" width="100" nowrap>{ln_report_process}</td>
<td class="cellmenu1" bgcolor="#9FDAF1" align="left" width="50" nowrap>{ln_report_severity}</td>
<td class="cellmenu1" bgcolor="#9FDAF1" align="left" width="50" nowrap>{ln_report_eventid}</td>
<td class="cellmenu1" bgcolor="#9FDAF1" align="center" width="50" nowrap>{ln_report_count}</td>
</tr>
<!-- BEGIN cons_events -->
<tr>
<td class="line1" valign="top" align="center" rowspan="2">{ZAEHLER}</td>
<td class="line1" valign="top" align="left">{FirstEvent_Date_Formatted}</td>
<td class="line1" valign="top" align="left">{LastEvent_Date_Formatted}</td>
<td class="line1" valign="top" align="left"><a href="http://kb.monitorware.com/kbsearch.php?sa=Search&origin=phplogcon&oid=sourceproc&q={sourceproc}" target="_blank">{sourceproc}</a></td>
<td class="line1" valign="top" align="left">{syslogseverity_text}</td>
<td class="line1" valign="top" align="left"><a href="http://kb.monitorware.com/kbsearch.php?sa=Search&origin=phplogcon&oid=id&q={id}" target="_blank">{id}</a></td>
<!-- IF ItemCount>=$_colorThreshold -->
<td class="lineColouredWhite" valign="top" align="right" bgcolor="#DD0000"><b>{ItemCount}</b></td>
<!-- ENDIF ItemCount>=$_colorThreshold -->
<!-- IF ItemCount<$_colorThreshold -->
<td class="lineColouredWhite" valign="top" align="right" bgcolor="#CCCCCC"><b>{ItemCount}</b></td>
<!-- ENDIF ItemCount<$_colorThreshold -->
<td class="line1" valign="top" align="left">{FirstEvent_Date_Formatted}</td>
<td class="line1" valign="top" align="left">{LastEvent_Date_Formatted}</td>
<td class="line1" valign="top" align="left"><a href="http://kb.monitorware.com/kbsearch.php?sa=Search&origin=phplogcon&oid=sourceproc&q={sourceproc}" target="_blank">{sourceproc}</a></td>
<td class="line1" valign="top" align="left">{syslogseverity_text}</td>
<td class="line1" valign="top" align="left"><a href="http://kb.monitorware.com/kbsearch.php?sa=Search&origin=phplogcon&oid=id&q={id}" target="_blank">{id}</a></td>
</tr>
<tr>
<td class="cellmenu1" align="center" valign="top" nowrap colspan="2" width="200">{ln_report_description}</td>