more changes in report code

src/classes/logstream.class.php

@@ -209,7 +209,15 @@ abstract class LogStream {
 	*/
 	public abstract function ConsolidateDataByField($szConsFieldId, $nRecordLimit, $szSortFieldId, $nSortingOrder, $bIncludeLogStreamFields = false);
 
-	
+
+	/**
+	* This functions is used by reports to consolidate data
+	*
+	* @return integer Error stat
+	*/
+	public abstract function ConsolidateItemListByField($szConsFieldId, $nRecordLimit, $szSortFieldId, $nSortingOrder);
+
+
 	/**
 	* Gets a property and checks if the class is able to sort the records
 	* by this property. 

src/classes/logstreamdb.class.php

@@ -689,6 +689,102 @@ class LogStreamDB extends LogStream {
 	}
 
 
+	/**
+	* Implementation of ConsolidateItemListByField 
+	*
+	* In the native MYSQL Logstream, the database will do most of the work
+	*
+	* @return integer Error stat
+	*/
+	public function ConsolidateItemListByField($szConsFieldId, $nRecordLimit, $szSortFieldId, $nSortingOrder)
+	{
+		global $content, $dbmapping, $fields;
+
+		// Copy helper variables, this is just for better readability
+		$szTableType = $this->_logStreamConfigObj->DBTableType;
+		
+		// Check if fields are available 
+		if ( !isset($dbmapping[$szTableType]['DBMAPPINGS'][$szConsFieldId]) || !isset($dbmapping[$szTableType]['DBMAPPINGS'][$szSortFieldId]) )
+			return ERROR_DB_DBFIELDNOTFOUND;
+
+		// --- Set Options 
+		$nConsFieldType = $fields[$szConsFieldId]['FieldType'];
+
+		if ( $nSortingOrder == SORTING_ORDER_DESC ) 
+			$szSortingOrder = "DESC"; 
+		else
+			$szSortingOrder = "ASC"; 
+		// --- 
+
+		// --- Set DB Field names
+		$myDBConsFieldName = $dbmapping[$szTableType]['DBMAPPINGS'][$szConsFieldId];
+		$myDBGroupByFieldName = $myDBConsFieldName;
+		$myDBQueryFields = $myDBConsFieldName . ", ";
+
+		// Set Sorted Field
+		if ( $szConsFieldId == $szSortFieldId ) 
+			$myDBSortedFieldName = "ItemCount"; 
+		else
+			$myDBSortedFieldName = $szSortFieldId; 
+		// --- 
+		
+		// Special handling for date fields
+		if ( $nConsFieldType == FILTER_TYPE_DATE )
+		{
+			// Helper variable for the select statement
+			$mySelectFieldName = $myDBGroupByFieldName . "Grouped";
+			$myDBQueryFieldName = "DATE( " . $myDBConsFieldName . ") AS " . $myDBGroupByFieldName ;
+		}
+
+		// Set Limit String
+		if ( $nRecordLimit > 0 ) 
+			$szLimitSql = " LIMIT " . $nRecordLimit;
+		else
+			$szLimitSql = "";
+
+		// Create SQL String now!
+		$szSql =	"SELECT " . 
+					$myDBQueryFields .  
+					"count(" . $myDBConsFieldName . ") as ItemCount " . 
+					" FROM " . $this->_logStreamConfigObj->DBTableName . 
+					" GROUP BY " . $myDBGroupByFieldName . 
+					" ORDER BY " . $myDBSortedFieldName . " " . $szSortingOrder . 
+					$szLimitSql ;
+
+		// Perform Database Query
+		$myquery = mysql_query($szSql, $this->_dbhandle);
+		if ( !$myquery ) 
+			return ERROR_DB_QUERYFAILED;
+		
+		// Initialize Array variable
+		$aResult = array();
+
+		// read data records
+		while ($myRow = mysql_fetch_array($myquery,  MYSQL_ASSOC))
+		{
+			// Create new row
+			$aNewRow = array();
+
+			foreach ( $myRow as $myFieldName => $myFieldValue ) 
+			{
+				if ( $myFieldName == $dbmapping[$szTableType]['DBMAPPINGS'][$szConsFieldId] )
+					$aNewRow[$szConsFieldId] = $myFieldValue;
+				else
+					$aNewRow[$myFieldName] = $myFieldValue;
+			}
+			
+			// Add new row to result
+			$aResult[] = $aNewRow;
+		}
+
+		// return finished array
+		if ( count($aResult) > 0 )
+			return $aResult;
+		else
+			return ERROR_NOMORERECORDS;
+	}
+
+
 	/**
 	* Implementation of ConsolidateDataByField 
 	*
@@ -749,7 +845,7 @@ class LogStreamDB extends LogStream {
 
 
 		if ( $szConsFieldId == $szSortFieldId ) 
-			$myDBSortedFieldName = "ConsolidatedField"; 
+			$myDBSortedFieldName = "ItemCount"; 
 		else
 			$myDBSortedFieldName = $szSortFieldId; 
 		// --- 
@@ -762,14 +858,20 @@ class LogStreamDB extends LogStream {
 			$myDBQueryFieldName = "DATE( " . $myDBConsFieldName . ") AS " . $myDBGroupByFieldName ;
 		}
 
+		// Set Limit String
+		if ( $nRecordLimit > 0 ) 
+			$szLimitSql = " LIMIT " . $nRecordLimit;
+		else
+			$szLimitSql = "";
+
 		// Create SQL String now!
 		$szSql =	"SELECT " . 
 					$myDBQueryFields .  
-					"count(" . $myDBConsFieldName . ") as ConsolidatedField " . 
+					"count(" . $myDBConsFieldName . ") as ItemCount " . 
 					" FROM " . $this->_logStreamConfigObj->DBTableName . 
 					" GROUP BY " . $myDBGroupByFieldName . 
 					" ORDER BY " . $myDBSortedFieldName . " " . $szSortingOrder . 
-					" LIMIT " . $nRecordLimit;
+					$szLimitSql ;
 
 		// Perform Database Query
 		$myquery = mysql_query($szSql, $this->_dbhandle);
@@ -812,12 +914,9 @@ class LogStreamDB extends LogStream {
 			return $aResult;
 		else
 			return ERROR_NOMORERECORDS;
-
-
 	}
 
 
-
 	/**
 	* Implementation of GetCountSortedByField 
 	*

src/classes/reports/report.eventlog.monilog.class.php

@@ -95,11 +95,12 @@ class Report_monilog extends Report {
 	*/
 	public function startDataProcessing()
 	{
-		global $content; 
+		global $content, $severity_colors; 
 
 		// Verify Datasource first!
 		if ( $this->verifyDataSource() == SUCCESS ) 
 		{
+			// Test opening the stream
 			$res = $this->_streamObj->Open( $this->_arrProperties, true );
 			if ( $res == SUCCESS )
 			{
@@ -107,19 +108,37 @@ class Report_monilog extends Report {
 
 				// Step 1: Gather Summaries 
 				// Obtain data from the logstream!
-				$reportData = $this->_streamObj->ConsolidateDataByField( SYSLOG_SEVERITY, 10, SYSLOG_SEVERITY, SORTING_ORDER_DESC, null, false );
+				$content["report_summary"] = $this->_streamObj->ConsolidateDataByField( SYSLOG_SEVERITY, 10, SYSLOG_SEVERITY, SORTING_ORDER_DESC, null, false );
 
 				// If data is valid, we have an array!
-				if ( is_array($reportData) && count($reportData) > 0 )
+				if ( is_array($content["report_summary"]) && count($content["report_summary"]) > 0 )
 				{
-					foreach ($reportData as &$tmpReportData )
+					foreach ($content["report_summary"] as &$tmpReportData )
 					{
 						$tmpReportData['DisplayName'] = GetSeverityDisplayName( $tmpReportData[SYSLOG_SEVERITY] );
+						$tmpReportData['bgcolor'] = $severity_colors[ $tmpReportData[SYSLOG_SEVERITY] ];
 					}
 				}
 
+				// Get List of hosts
+				$content["report_computers"] = $this->_streamObj->ConsolidateItemListByField( SYSLOG_HOST, 20, SYSLOG_HOST, SORTING_ORDER_DESC );
 
-print_r ( $reportData );
+				// This function will consolidate the Events based per Host!
+				$this->ConsolidateEventsPerHost();
+
+/*				// If data is valid, we have an array!
+				if ( is_array($content["report_computers"]) && count($content["report_computers"]) > 0 )
+				{
+					foreach ($content["report_computers"] as &$tmpReportComputer )
+					{
+						$tmpReportComputer['report_events'] = $this->_streamObj->ConsolidateDataByField( SYSLOG_MESSAGE, 100, SYSLOG_MESSAGE, SORTING_ORDER_DESC, null, false );
+
+						print_r ( $tmpReportComputer['report_events'] );
+					}
+				}
+*/
+
+print_r ( $content["report_computers"] );
 exit;
 
 				// ---
@@ -204,7 +223,38 @@ exit;
 	}
 
 
-	// Private functions...
+	// --- Private functions...
+
+
+	/**
+	*	Helper function to consolidate events 
+	*/
+	private function ConsolidateEventsPerHost()
+	{
+		// Create array with columns we need for analysis
+		$reportFields[] = SYSLOG_UID;
+		$reportFields[] = SYSLOG_DATE;
+		$reportFields[] = SYSLOG_HOST;
+		$reportFields[] = SYSLOG_SEVERITY;
+		$reportFields[] = SYSLOG_EVENT_ID;
+		$reportFields[] = SYSLOG_EVENT_SOURCE;
+		$reportFields[] = SYSLOG_MESSAGE;
+		
+		// Set Filter string
+		$this->_streamObj->SetFilter( $this->_filterString );
+
+		// Now open the stream for data processing
+		$res = $this->_streamObj->Open( $reportFields, true );
+		if ( $res == SUCCESS )
+		{
+
+
+
+		}
+
+		// Work done!
+		return SUCCESS;
+	}
 /*
 	private function ResetBuffer() {
 		$this->_bEOS = false;