diff --git a/README.md b/README.md index 8fcc60f..203124a 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,17 @@ ![loganalizer_example](https://user-images.githubusercontent.com/8426197/209875963-b7438f3b-9052-4e8f-9f22-05794e1e54a5.png) Adiscon LogAnalyzer, a web frontend to log data from the same folks the created rsyslog +# todo + - export: add checkbox to export full filtered history (now exports only current page) + - export: place ts into export filename (range from-to) + - BUG: "Suppress duplicated messages" doesn't work + - filter: allow to specify AFTER:n BEFORE:n (if possible/fast to implement) <- include records before and after match + - export: configure columns for file export (allow to remove unnecessary columns) <- exclude list of columns + - BUG: sometimes spinner on index page is drawn in the middle of page irrespective of it's size, but should be drawn in the middle of screen + +# changes 230121 + - datelastx - keep for backward compatibility (for saved searches); add datelastxx + # changes 230114 - fix bug: WHERE ( message LIKE '%LTE%unreachable%' ) give no result on filter page, yet works for charts, i.e. input = msg:LTE%unreachable (todo# in chart records have wrong date today merged with yesterday) - cfg[EventEmptySearchDefaultFilter] - config to use in case filter is empty (first load) @@ -31,11 +42,6 @@ Adiscon LogAnalyzer, a web frontend to log data from the same folks the created - filter: support TRACE severity level; - gui: add loglevel style colors and change color for full line; - filter: change datelastx behaviour - use number as hours indicator, i.e. datelastx:3 is 3 hours limit - -# todo - - export: add checkbox to export full filtered history (now exports selected page only) - - export: configure columns for file export (allow to remove unnecessary columns) <- exclude list of columns - - export: place ts into export filename (range from-to) #obsolete - filter: allow to OR msg, i.e. key1 &key2 |key3; diff --git a/src/classes/logstream.class.php b/src/classes/logstream.class.php index 0d26a6b..daa450d 100644 --- a/src/classes/logstream.class.php +++ b/src/classes/logstream.class.php @@ -566,9 +566,35 @@ abstract class LogStream { case FILTER_TYPE_DATE: // Get Log TimeStamp $nLogTimeStamp = $arrProperitesOut[$propertyname][EVTIME_TIMESTAMP]; - if ( $myfilter[FILTER_DATEMODE] == DATEMODE_LASTX ) + + //FIXME keep for backward compatibility + if ( $myfilter[FILTER_DATEMODE] == DATEMODE_LASTX ) { - //datelastx:x handle x as hours instead of constant + // Get current timestamp + $nNowTimeStamp = time(); + + //Get range timestamp + $nLastXTime = time() - (60 * 60 * floatval($myfilter[FILTER_VALUE])); + if ( $myfilter[FILTER_VALUE] == 1 /*DATE_LASTX_HOUR*/ ) + $nLastXTime = 60 * 60; // One Hour! + else if ( $myfilter[FILTER_VALUE] == 2 /*DATE_LASTX_12HOURS*/ ) + $nLastXTime = 60 * 60 * 12; // 12 Hours! + else if ( $myfilter[FILTER_VALUE] == 3 /*DATE_LASTX_24HOURS*/ ) + $nLastXTime = 60 * 60 * 24; // 24 Hours! + else if ( $myfilter[FILTER_VALUE] == 4 /*DATE_LASTX_7DAYS*/ ) + $nLastXTime = 60 * 60 * 24 * 7; // 7 days + else if ( $myfilter[FILTER_VALUE] == 5 /*DATE_LASTX_31DAYS*/ ) + $nLastXTime = 60 * 60 * 24 * 31; // 31 days + else + // WTF default? + $nLastXTime = 86400; + + // If Nowtime + LastX is higher then the log timestamp, the this logline is to old for us. + if ( ($nNowTimeStamp - $nLastXTime) > $nLogTimeStamp ) + $bEval = false; + } + else if ( $myfilter[FILTER_DATEMODE] == DATEMODE_LASTXX ) + {//handle x as hours //Get range timestamp $nLastXTime = time() - (60 * 60 * floatval($myfilter[FILTER_VALUE])); @@ -1027,11 +1053,16 @@ abstract class LogStream { $tmpFilterType = FILTER_TYPE_DATE; $tmpTimeMode = DATEMODE_RANGE_TO; break; - case "datelastx": + case "datelastx": //FIXME keep for backward compatibility $tmpKeyName = SYSLOG_DATE; $tmpFilterType = FILTER_TYPE_DATE; $tmpTimeMode = DATEMODE_LASTX; break; + case "datelastxx": + $tmpKeyName = SYSLOG_DATE; + $tmpFilterType = FILTER_TYPE_DATE; + $tmpTimeMode = DATEMODE_LASTXX; + break; case "timereported": $tmpKeyName = SYSLOG_DATE; $tmpFilterType = FILTER_TYPE_DATE; diff --git a/src/classes/logstreamdb.class.php b/src/classes/logstreamdb.class.php index c7ab5d3..26709c6 100644 --- a/src/classes/logstreamdb.class.php +++ b/src/classes/logstreamdb.class.php @@ -1510,9 +1510,34 @@ class LogStreamDB extends LogStream { $tmpfilters[$propertyname][FILTER_TYPE] = FILTER_TYPE_DATE; } + //FIXME keep for backward compatibility if ( $myfilter[FILTER_DATEMODE] == DATEMODE_LASTX ) - { - // Get current timestamp + { + // Get current timestamp + $nNowTimeStamp = time(); + if ( $myfilter[FILTER_VALUE] == 1 /*DATE_LASTX_HOUR*/ ) + $nNowTimeStamp -= 60 * 60; // One Hour! + else if ( $myfilter[FILTER_VALUE] == 2 /*DATE_LASTX_12HOURS*/) + $nNowTimeStamp -= 60 * 60 * 12; // 12 Hours! + else if ( $myfilter[FILTER_VALUE] == 3 /*DATE_LASTX_24HOURS*/ ) + $nNowTimeStamp -= 60 * 60 * 24; // 24 Hours! + else if ( $myfilter[FILTER_VALUE] == 4 /*DATE_LASTX_7DAYS*/ ) + $nNowTimeStamp -= 60 * 60 * 24 * 7; // 7 days + else if ( $myfilter[FILTER_VALUE] == 5 /*DATE_LASTX_31DAYS*/ ) + $nNowTimeStamp -= 60 * 60 * 24 * 31; // 31 days + else + { + // Set filter to unknown and Abort in this case! + $tmpfilters[$propertyname][FILTER_TYPE] = FILTER_TYPE_UNKNOWN; + break; + } + + // Append filter + $tmpfilters[$propertyname][FILTER_VALUE] .= $dbmapping[$szTableType]['DBMAPPINGS'][$propertyname] . " > '" . date("Y-m-d H:i:s", $nNowTimeStamp) . "'"; + } + else if ( $myfilter[FILTER_DATEMODE] == DATEMODE_LASTXX ) + {//handle x as hours + // Calculate offset timestamp $nNowTimeStamp = time() - (60 * 60 * floatval($myfilter[FILTER_VALUE])); // Append filter diff --git a/src/include/config.sample.php b/src/include/config.sample.php index 1ee46e8..9dfd00f 100644 --- a/src/include/config.sample.php +++ b/src/include/config.sample.php @@ -130,11 +130,11 @@ $CFG['DefaultViewsID'] = ""; // --- Predefined Searches! $CFG['Search'][] = array ( "DisplayName" => "Syslog Warnings and Errors", "SearchQuery" => "filter=severity%3A0%2C1%2C2%2C3%2C4&search=Search" ); $CFG['Search'][] = array ( "DisplayName" => "Syslog Errors", "SearchQuery" => "filter=severity%3A0%2C1%2C2%2C3&search=Search" ); -$CFG['Search'][] = array ( "DisplayName" => "All messages from the last hour", "SearchQuery" => "filter=datelastx%3A1&search=Search" ); -$CFG['Search'][] = array ( "DisplayName" => "All messages from last 12 hours", "SearchQuery" => "filter=datelastx%3A12&search=Search" ); -$CFG['Search'][] = array ( "DisplayName" => "All messages from last 24 hours", "SearchQuery" => "filter=datelastx%3A24&search=Search" ); -$CFG['Search'][] = array ( "DisplayName" => "All messages from last 7 days", "SearchQuery" => "filter=datelastx%3A168&search=Search" ); -$CFG['Search'][] = array ( "DisplayName" => "All messages from last 31 days", "SearchQuery" => "filter=datelastx%3A744&search=Search" ); +$CFG['Search'][] = array ( "DisplayName" => "All messages from the last hour", "SearchQuery" => "filter=datelastxx%3A1&search=Search" ); +$CFG['Search'][] = array ( "DisplayName" => "All messages from last 12 hours", "SearchQuery" => "filter=datelastxx%3A12&search=Search" ); +$CFG['Search'][] = array ( "DisplayName" => "All messages from last 24 hours", "SearchQuery" => "filter=datelastxx%3A24&search=Search" ); +$CFG['Search'][] = array ( "DisplayName" => "All messages from last 7 days", "SearchQuery" => "filter=datelastxx%3A168&search=Search" ); +$CFG['Search'][] = array ( "DisplayName" => "All messages from last 31 days", "SearchQuery" => "filter=datelastxx%3A744&search=Search" ); // $CFG['Search'][] = array ( "DisplayName" => "", "SearchQuery" => "" ); // --- diff --git a/src/include/constants_filters.php b/src/include/constants_filters.php index 64384ce..23abca0 100644 --- a/src/include/constants_filters.php +++ b/src/include/constants_filters.php @@ -47,15 +47,16 @@ if ( !defined('IN_PHPLOGCON') ) define('DATEMODE_ALL', 1); define('DATEMODE_RANGE', 2); define('DATEMODE_LASTX', 3); +define('DATEMODE_LASTXX', 33); define('DATEMODE_RANGE_FROM', 4); define('DATEMODE_RANGE_TO', 5); define('DATEMODE_RANGE_DATE', 6); define('DATE_LASTX_HOUR', 1); -define('DATE_LASTX_12HOURS', 2); -define('DATE_LASTX_24HOURS', 3); -define('DATE_LASTX_7DAYS', 4); -define('DATE_LASTX_31DAYS', 5); +define('DATE_LASTX_12HOURS', 12); +define('DATE_LASTX_24HOURS', 24); +define('DATE_LASTX_7DAYS', 168); +define('DATE_LASTX_31DAYS', 744); // --- diff --git a/src/include/functions_filters.php b/src/include/functions_filters.php index 74f21ed..6524e09 100644 --- a/src/include/functions_filters.php +++ b/src/include/functions_filters.php @@ -60,9 +60,9 @@ function InitFilterHelpers() $content['datemodes'][1]['ID'] = DATEMODE_RANGE; $content['datemodes'][1]['DisplayName'] = $content['LN_DATEMODE_RANGE']; if ( $filters['filter_datemode'] == DATEMODE_RANGE ) { $content['datemodes'][1]['selected'] = "selected"; } else { $content['datemodes'][1]['selected'] = ""; } - $content['datemodes'][2]['ID'] = DATEMODE_LASTX; + $content['datemodes'][2]['ID'] = DATEMODE_LASTXX; $content['datemodes'][2]['DisplayName'] = $content['LN_DATEMODE_LASTX']; - if ( $filters['filter_datemode'] == DATEMODE_LASTX ) { $content['datemodes'][2]['selected'] = "selected"; } else { $content['datemodes'][2]['selected'] = ""; } + if ( $filters['filter_datemode'] == DATEMODE_LASTXX ) { $content['datemodes'][2]['selected'] = "selected"; } else { $content['datemodes'][2]['selected'] = ""; } // Init Date Range Parameters global $currentTime, $currentDay, $currentMonth, $currentYear, $tomorrowTime, $tomorrowDay, $tomorrowMonth, $tomorrowYear; diff --git a/src/js/searchhelpers.js b/src/js/searchhelpers.js index 181e658..32be574 100644 --- a/src/js/searchhelpers.js +++ b/src/js/searchhelpers.js @@ -1,8 +1,8 @@ /* Helper Javascript Constants */ -const DATEMODE_ALL = 1, DATEMODE_RANGE = 2, DATEMODE_LASTX = 3; -const DATE_LASTX_HOUR = 1, DATE_LASTX_12HOURS = 2, DATE_LASTX_24HOURS = 3, DATE_LASTX_7DAYS = 4,DATE_LASTX_31DAYS = 5; +const DATEMODE_ALL = 1, DATEMODE_RANGE = 2, DATEMODE_LASTXX = 33; +const DATE_LASTX_HOUR = 1, DATE_LASTX_12HOURS = 12, DATE_LASTX_24HOURS = 24, DATE_LASTX_7DAYS = 168, DATE_LASTX_31DAYS = 744; /* Helper Javascript functions @@ -54,7 +54,7 @@ function toggleDatefiltervisibility(FormName) toggleformelement('filter_daterange_last_x', false); } - else if (myform.elements['filter_datemode'].value == DATEMODE_LASTX) + else if (myform.elements['filter_datemode'].value == DATEMODE_LASTXX) { togglevisibility('HiddenDateLastXOptions'); hidevisibility('HiddenDateFromOptions'); @@ -99,9 +99,9 @@ function CalculateSearchPreview(szSearchFormName, szPreviewArea) + mySearchform.elements['filter_daterange_to_minute'].value + ":" + mySearchform.elements['filter_daterange_to_second'].value + " "; } - else if (mySearchform.elements['filter_datemode'].value == DATEMODE_LASTX) + else if (mySearchform.elements['filter_datemode'].value == DATEMODE_LASTXX) { - szOutString += "datelastx:" + mySearchform.elements['filter_daterange_last_x'].value + " "; + szOutString += "datelastxx:" + mySearchform.elements['filter_daterange_last_x'].value + " "; } // --- Syslog Facility diff --git a/src/search.php b/src/search.php index 5336808..df77d94 100644 --- a/src/search.php +++ b/src/search.php @@ -149,12 +149,12 @@ if ( (isset($_POST['search']) || isset($_GET['search'])) ) $filters['filter_daterange_to_second'] . " "; } - else if ( $filters['filter_datemode'] == DATEMODE_LASTX ) + else if ( $filters['filter_datemode'] == DATEMODE_LASTXX ) { if ( isset($_GET['filter_daterange_last_x']) ) { $filters['filter_daterange_last_x'] = intval($_GET['filter_daterange_last_x']); - $content['searchstr'] .= "datelastx:" . $filters['filter_daterange_last_x'] . " "; + $content['searchstr'] .= "datelastxx:" . $filters['filter_daterange_last_x'] . " "; } } }