diff --git a/src/classes/logstreammongodb.class.php b/src/classes/logstreammongodb.class.php
index a2762ce..feb26bc 100644
--- a/src/classes/logstreammongodb.class.php
+++ b/src/classes/logstreammongodb.class.php
@@ -248,11 +248,32 @@ class LogStreamMongoDB extends LogStream {
*/
public function VerifyIndexes( $arrProperitesIn )
{
- /*
- TODO!!!
- needed ?
- */
+ global $dbmapping, $fields;
+ // Get List of Indexes as Array
+ $arrIndexKeys = $this->GetIndexesAsArray();
+ $szTableType = $this->_logStreamConfigObj->DBTableType;
+
+ // Loop through all fields to see which one is missing!
+ foreach ( $arrProperitesIn as $myproperty )
+ {
+// echo $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] . "
";
+ if ( isset($dbmapping[$szTableType]['DBMAPPINGS'][$myproperty]) )
+ {
+ if ( in_array($dbmapping[$szTableType]['DBMAPPINGS'][$myproperty], $arrIndexKeys) )
+ {
+ OutputDebugMessage("LogStreamDB|VerifyIndexes: Found INDEX for '" . $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] . "'", DEBUG_ULTRADEBUG);
+ continue;
+ }
+ else
+ {
+ // Index is missing for this field!
+ OutputDebugMessage("LogStreamDB|VerifyIndexes: Missing INDEX for '" . $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] . "'", DEBUG_WARN);
+ return ERROR_DB_INDEXESMISSING;
+ }
+ }
+ }
+
// Successfull
return SUCCESS;
}
@@ -272,6 +293,45 @@ class LogStreamMongoDB extends LogStream {
*/
public function CreateMissingIndexes( $arrProperitesIn )
{
+ global $dbmapping, $fields, $querycount;
+
+ // Get List of Indexes as Array
+ $arrIndexKeys = $this->GetIndexesAsArray();
+ $szTableType = $this->_logStreamConfigObj->DBTableType;
+
+ // Loop through all fields to see which one is missing!
+ foreach ( $arrProperitesIn as $myproperty )
+ {
+ if ( isset($dbmapping[$szTableType]['DBMAPPINGS'][$myproperty]) )
+ {
+ if (in_array($dbmapping[$szTableType]['DBMAPPINGS'][$myproperty], $arrIndexKeys) )
+ continue;
+ else
+ {
+ try
+ {
+ // Add Unique Index for DBMapping
+ $this->_myMongoCollection->ensureIndex(array( $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] => 1) /*, array("unique" => true) */ );
+
+ // Index is missing for this field!
+ OutputDebugMessage("LogStreamDB|CreateMissingIndexes: Createing missing INDEX for '" . $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] . "'", DEBUG_INFO);
+ }
+ catch ( MongoException $e )
+ {
+ // Log error!
+ $this->PrintDebugError("CreateMissingIndexes failed with error ' " . $e->getMessage() . " '");
+
+ // Return error code
+ return ERROR_DB_QUERYFAILED;
+ }
+
+ // // Return failure!
+ // $this->PrintDebugError("Dynamically Adding INDEX for '" . $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] . "' failed with Statement: '" . $szSql . "'");
+ // return ERROR_DB_INDEXFAILED;
+ }
+ }
+ }
+
// Successfull
return SUCCESS;
}
@@ -993,31 +1053,38 @@ class LogStreamMongoDB extends LogStream {
$groupReduce = "
function (obj, prev)
{
- prev." . $myDBSortedFieldName . "++; ";
+ try {\n
+ prev." . $myDBSortedFieldName . "++;\n";
// Add fields!
foreach( $myMongoFields as $key => $myfield )
{
if ( $key != $myDBConsFieldName )
- $groupReduce .= "prev." . $key . " = obj." . $key . ";";
+ $groupReduce .= "if ( prev.$key == null )\n prev.$key = obj.$key;\n";
}
if ( $bIncludeMinMaxDateFields )
{
$groupReduce .= "
- if ( prev.firstoccurrence_date == null || prev.firstoccurrence_date > obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . " ) {
- prev.firstoccurrence_date = obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . ";
+ if ( prev.firstoccurrence_date == null || prev.firstoccurrence_date > obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . " ) {\n
+ prev.firstoccurrence_date = obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . ";\n
}
- if ( prev.lastoccurrence_date == null || prev.lastoccurrence_date < obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . " ) {
- prev.lastoccurrence_date = obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . ";
+ if ( prev.lastoccurrence_date == null || prev.lastoccurrence_date < obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . " ) {\n
+ prev.lastoccurrence_date = obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . ";\n
}";
}
$groupReduce .= "
+ }
+ catch ( e ){
+ // For now ingore error!
+ theerror = e.toString();
+ }
+ // assert( theerror, \"B3\" )
}
";
try
{
// Output Debug Informations
- OutputDebugMessage("LogStreamMongoDB|ConsolidateDataByField: Running MongoDB group query", DEBUG_ULTRADEBUG);
+ OutputDebugMessage("LogStreamMongoDB|ConsolidateDataByField: Running MongoDB group query with Recude Function: " . $groupReduce . "
", DEBUG_ULTRADEBUG);
// mongodb group is simular to groupby from MYSQL
$myResult = $this->_myMongoCollection->group( array($myDBConsFieldName => 1), $myMongoInit, $groupReduce, $myOptions);
@@ -1035,46 +1102,55 @@ class LogStreamMongoDB extends LogStream {
$aResult = array();
// Loop through results
- foreach ($myResult['retval'] as $myid => $myRow)
+ if ( isset($myResult['retval']) )
{
-
- // Create new row for resultarray
- $aNewRow = array();
-
- // Handly Datefields for min and max!
- if ( $bIncludeMinMaxDateFields )
+ foreach ($myResult['retval'] as $myid => $myRow)
{
- if ( isset($myRow['firstoccurrence_date']) && isset($myRow['lastoccurrence_date']) )
+
+ // Create new row for resultarray
+ $aNewRow = array();
+
+ // Handly Datefields for min and max!
+ if ( $bIncludeMinMaxDateFields )
{
- $aNewRow['firstoccurrence_date'] = date( "Y-m-d H:i:s ", $myRow['firstoccurrence_date']->sec );
- $aNewRow['lastoccurrence_date'] = date( "Y-m-d H:i:s", $myRow['lastoccurrence_date']->sec );
- }
- else
- {
- // Get default date
- $myDate = $myRow[$dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE]];
- if ( gettype($myDate) == "object" && get_class($myDate) == "MongoDate" )
+ if ( isset($myRow['firstoccurrence_date']) && isset($myRow['lastoccurrence_date']) )
{
- $aNewRow['firstoccurrence_date'] = date( "Y-m-d H:i:s ", $myDate->sec );
- $aNewRow['lastoccurrence_date'] = date( "Y-m-d H:i:s", $myDate->sec );
+ $aNewRow['firstoccurrence_date'] = date( "Y-m-d H:i:s ", $myRow['firstoccurrence_date']->sec );
+ $aNewRow['lastoccurrence_date'] = date( "Y-m-d H:i:s", $myRow['lastoccurrence_date']->sec );
+ }
+ else
+ {
+ // Get default date
+ $myDate = $myRow[$dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE]];
+ if ( gettype($myDate) == "object" && get_class($myDate) == "MongoDate" )
+ {
+ $aNewRow['firstoccurrence_date'] = date( "Y-m-d H:i:s ", $myDate->sec );
+ $aNewRow['lastoccurrence_date'] = date( "Y-m-d H:i:s", $myDate->sec );
+ }
+ }
+ //echo "!". gettype($myDate);
+ //echo "!" . $myDate->sec;
+ //var_dump ( $myRow );
+ //exit;
+ }
+
+ foreach ( $myRow as $myFieldName => $myFieldValue )
+ {
+ if ( !is_array($myFieldValue) && !is_object($myFieldValue) ) // Only Copy NON-Array and NON-Object values!
+ {
+ $myFieldID = $this->GetFieldIDbyDatabaseMapping($szTableType, $myFieldName);
+ $aNewRow[ $myFieldID ] = $myFieldValue;
}
}
-//echo "!". gettype($myDate);
-//echo "!" . $myDate->sec;
-//var_dump ( $myRow );
-//exit;
+ // Add new row to result
+ $aResult[] = $aNewRow;
}
-
- foreach ( $myRow as $myFieldName => $myFieldValue )
- {
- if ( !is_array($myFieldValue) && !is_object($myFieldValue) ) // Only Copy NON-Array and NON-Object values!
- {
- $myFieldID = $this->GetFieldIDbyDatabaseMapping($szTableType, $myFieldName);
- $aNewRow[ $myFieldID ] = $myFieldValue;
- }
- }
- // Add new row to result
- $aResult[] = $aNewRow;
+ }
+ else
+ {
+ // Return error code
+ OutputDebugMessage("LogStreamMongoDB|ConsolidateDataByField: myResult['retval'] was empty, see myResult: " . var_export($myResult, true) . ")", DEBUG_WARN);
+ return ERROR_NOMORERECORDS;
}
// return finished array
@@ -1717,7 +1793,6 @@ class LogStreamMongoDB extends LogStream {
// Uncomment for debug!
// OutputDebugMessage("LogStreamMongoDB|ReadNextRecordsFromDB: bufferedRecords = Array " . var_export($this->bufferedRecords, true) . "
", DEBUG_ULTRADEBUG);
-
OutputDebugMessage("LogStreamMongoDB|ReadNextRecordsFromDB: ibegin = $iBegin, recordnum = " . $this->_currentRecordNum, DEBUG_ULTRADEBUG);
// --- Check if results were found
@@ -1757,20 +1832,57 @@ class LogStreamMongoDB extends LogStream {
}
}
+ /*
+ * Helper function to return a list of Indexes for the logstream table
+ */
+ private function GetIndexesAsArray()
+ {
+ global $querycount;
+
+ // Verify database connection (This also opens the database!)
+ $res = $this->Verify();
+ if ( $res != SUCCESS )
+ return $res;
+
+ // Init Array
+ $arrIndexKeys = array();
+ $aMongoIndexes = $this->_myMongoCollection->getIndexInfo();
+ if (is_array($aMongoIndexes) && count($aMongoIndexes) > 0 )
+ {
+ // LOOP through indexes
+ foreach($aMongoIndexes as $myIndex)
+ {
+ if ( strpos($myIndex['ns'], $this->_logStreamConfigObj->DBCollection) !== FALSE )
+ {
+ // LOOP through keys
+ foreach($myIndex['key'] as $myKeyID => $myKey)
+ {
+ // Add to index keys
+ $arrIndexKeys[] = strtolower($myKeyID);
+ }
+ }
+ }
+ }
+
+ //echo "" . var_export($this->_myMongoCollection->getIndexInfo(), true) . "
";
+ //echo "" . var_export($arrIndexKeys, true) . "
";
+ //exit;
+
+ // Increment for the Footer Stats
+ $querycount++;
+
+ // return Array
+ return $arrIndexKeys;
+ }
+
/*
* Helper function to display SQL Errors for now!
*/
private function PrintDebugError($szErrorMsg)
{
global $extraErrorDescription;
-
- $errdesc = mysql_error();
- $errno = mysql_errno();
-
$errormsg="$szErrorMsg
";
- $errormsg.="Detail error: $errdesc
";
- $errormsg.="Error Code: $errno
";
-
+
// Add to additional error output
$extraErrorDescription = $errormsg;
diff --git a/src/classes/reports/report.syslog.syslogsummary.class.php b/src/classes/reports/report.syslog.syslogsummary.class.php
index 1082d2c..8405160 100644
--- a/src/classes/reports/report.syslog.syslogsummary.class.php
+++ b/src/classes/reports/report.syslog.syslogsummary.class.php
@@ -1,594 +1,516 @@
-.
- *
- * A copy of the GPL can be found in the file "COPYING" in this
- * distribution.
- *********************************************************************
-*/
-
-// --- Avoid directly accessing this file!
-if ( !defined('IN_PHPLOGCON') )
-{
- die('Hacking attempt');
- exit;
-}
-// ---
-
-// --- Basic Includes!
-require_once($gl_root_path . 'classes/reports/report.class.php');
-// ---
-
-class Report_syslogsummary extends Report {
- // Common Properties
- public $_reportVersion = 1; // Internally Version of the ReportEngine
- public $_reportID = "report.syslog.syslogsummary.class"; // ID for the report, needs to be unique!
- public $_reportFileBasicName = "report.syslog.syslogsummary"; // Basic Filename for reportfiles
- public $_reportTitle = "Syslog Summary Report"; // Display name for the report
- public $_reportDescription = "This is a Syslog Summary Report";
- public $_reportHelpArticle = "http://loganalyzer.adiscon.com/plugins/reports/syslog-syslogsummary";
- public $_reportNeedsInit = false; // True means that this report needs additional init stuff
- public $_reportInitialized = false; // True means report is installed
-
- // Advanced Report Options
- private $_maxHosts = 20; // Threshold for maximum hosts to analyse!
- private $_maxMsgsPerHost = 100; // Threshold for maximum amount of syslogmessages to analyse per host
- private $_colorThreshold = 10; // Threshold for coloured display of Eventcounter
-
- // Constructor
- public function Report_syslogsummary() {
-// $this->_logStreamConfigObj = $streamConfigObj;
-
- // Fill fields we need for this report
- $this->_arrProperties[] = SYSLOG_UID;
- $this->_arrProperties[] = SYSLOG_DATE;
- $this->_arrProperties[] = SYSLOG_HOST;
- $this->_arrProperties[] = SYSLOG_MESSAGETYPE;
- $this->_arrProperties[] = SYSLOG_FACILITY;
- $this->_arrProperties[] = SYSLOG_SEVERITY;
- $this->_arrProperties[] = SYSLOG_SYSLOGTAG;
- // $this->_arrProperties[] = SYSLOG_PROCESSID;
- $this->_arrProperties[] = SYSLOG_MESSAGE;
- $this->_arrProperties[] = MISC_CHECKSUM;
-
- // Init Customfilters Array
- $this->_arrCustomFilters['_maxHosts'] = array ( 'InternalID' => '_maxHosts',
- 'DisplayLangID' => 'ln_report_maxHosts_displayname',
- 'DescriptLangID'=> 'ln_report_maxHosts_description',
- FILTER_TYPE => FILTER_TYPE_NUMBER,
- 'DefaultValue' => 20,
- 'MinValue' => 1,
-/* 'MaxValue' => 0,*/
- );
- $this->_arrCustomFilters['_maxMsgsPerHost'] =
- array ( 'InternalID' => '_maxMsgsPerHost',
- 'DisplayLangID' => 'ln_report_maxMsgsPerHost_displayname',
- 'DescriptLangID'=> 'ln_report_maxMsgsPerHost_description',
- FILTER_TYPE => FILTER_TYPE_NUMBER,
- 'DefaultValue' => 100,
- 'MinValue' => 1,
-/* 'MaxValue' => 0,*/
- );
- $this->_arrCustomFilters['_colorThreshold'] =
- array ( 'InternalID' => '_colorThreshold',
- 'DisplayLangID' => 'ln_report_colorThreshold_displayname',
- 'DescriptLangID'=> 'ln_report_colorThreshold_description',
- FILTER_TYPE => FILTER_TYPE_NUMBER,
- 'DefaultValue' => 10,
- 'MinValue' => 1,
-/* 'MaxValue' => 0,*/
- );
-
-
-
- }
-
- /**
- * startDataProcessing, analysing data
- *
- * @param arrProperties array in: Properties wish list.
- * @return integer Error stat
- */
- public function startDataProcessing()
- {
- global $content, $severity_colors, $gl_starttime, $fields;
-
- // Create Filter string, append filter for EventLog Type msgs!
- $szFilters = $this->_filterString . " " . $fields[SYSLOG_MESSAGETYPE]['SearchField'] . ":=" . IUT_Syslog;
-
- // Set Filter string
- $this->_streamObj->SetFilter( $szFilters );
-
- // Need to Open stream first!
- $res = $this->_streamObj->Open( $this->_arrProperties, true );
- if ( $res == SUCCESS )
- {
- // Set to common content variables
- $this->SetCommonContentVariables();
-
- // Set report specific content variables
- $content["_colorThreshold"] = $this->_colorThreshold;
-
- // --- Report logic starts here
- $content["report_rendertime"] = "";
-
- // Step 1: Gather Summaries
- // Obtain data from the logstream!
- $content["report_summary"] = $this->_streamObj->ConsolidateDataByField( SYSLOG_SEVERITY, 0, SYSLOG_SEVERITY, SORTING_ORDER_DESC, null, false );
-
- // TimeStats
- $nowtime = microtime_float();
- $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s, ";
-
- // If data is valid, we have an array!
- if ( is_array($content["report_summary"]) && count($content["report_summary"]) > 0 )
- {
- // Count Total Events
- $iTotalEvents = 0;
-
- foreach ($content["report_summary"] as &$tmpReportData )
- {
- $tmpReportData['DisplayName'] = $this->GetSeverityDisplayName( $tmpReportData[SYSLOG_SEVERITY] );
- $tmpReportData['bgcolor'] = $this->GetSeverityBGColor( $tmpReportData[SYSLOG_SEVERITY] ); // $severity_colors[ $tmpReportData[SYSLOG_SEVERITY] ];
-
- $iTotalEvents += $tmpReportData['itemcount'];
- }
-
- // Prepent Item with totalevents count
- $totalItem['DisplayName'] = "Total Events";
- $totalItem['bgcolor'] = "#999999";
- $totalItem['itemcount'] = $iTotalEvents;
-
- // Prepent to array
- array_unshift( $content["report_summary"], $totalItem );
- }
- else
- return ERROR_REPORT_NODATA;
-
- // Get List of hosts
- $content["report_computers"] = $this->_streamObj->ConsolidateItemListByField( SYSLOG_HOST, $this->_maxHosts, SYSLOG_HOST, SORTING_ORDER_DESC );
-
- // TimeStats
- $nowtime = microtime_float();
- $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s, ";
-
- if ( is_array($content["report_computers"]) && count($content["report_computers"]) > 0 )
- {
- // Create plain hosts list for Consolidate function
- foreach ( $content["report_computers"] as $tmpComputer )
- $arrHosts[] = $tmpComputer[SYSLOG_HOST];
- }
- else
- return ERROR_REPORT_NODATA;
-
- // This function will consolidate the Events based per Host!
- $this->ConsolidateSyslogmessagesPerHost($arrHosts);
-
- // TimeStats
- $nowtime = microtime_float();
- $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
- // ---
- }
- else
- return $ret;
-
- // Return success!
- return SUCCESS;
- }
-
-
- /**
- * InitReport, empty
- *
- */
- public function InitReport()
- {
- // Nothing to do
- return SUCCESS;
- }
-
-
- /**
- * RemoveReport, empty
- *
- */
- public function RemoveReport()
- {
- // Nothing to do
- return SUCCESS;
- }
-
-
- /**
- * validateLicense, check license code
- *
- */
- public function validateLicense()
- {
- // This is a free report!
- return SUCCESS;
- }
-
- /**
- * Init advanced settings from _customFilters string
- */
- public function InitAdvancedSettings()
- {
- // Parse and Split _customFilters
- if ( strlen($this->_customFilters) > 0 )
- {
- // First of all split by comma
- $tmpFilterValues = explode( ",", $this->_customFilters );
-
- //Loop through mappings
- foreach ($tmpFilterValues as &$myFilterValue )
- {
- // Split subvalues
- $tmpArray = explode( "=>", $myFilterValue );
-
- // Set into temporary array
- $tmpfilterid = trim($tmpArray[0]);
-
- // Set advanced property
- if ( isset($this->_arrCustomFilters[$tmpfilterid]) )
- {
- // Copy New value first!
- $szNewVal = trim($tmpArray[1]);
-
- // Negated logic
- if (
- $this->_arrCustomFilters[$tmpfilterid][FILTER_TYPE] == FILTER_TYPE_NUMBER &&
- !(isset($this->_arrCustomFilters[$tmpfilterid]['MinValue']) && intval($szNewVal) < $this->_arrCustomFilters[$tmpfilterid]['MinValue']) &&
- !(isset($this->_arrCustomFilters[$tmpfilterid]['MaxValue']) && intval($szNewVal) >= $this->_arrCustomFilters[$tmpfilterid]['MaxValue'])
- )
- {
- if ( $tmpfilterid == '_maxHosts' )
- $this->_maxHosts = intval($szNewVal);
- else if ( $tmpfilterid == '_maxMsgsPerHost' )
- $this->_maxMsgsPerHost = intval($szNewVal);
- else if ( $tmpfilterid == '_colorThreshold' )
- $this->_colorThreshold = intval($szNewVal);
- }
- else
- {
- // Write to debuglog
- OutputDebugMessage("Failed setting advanced report option property '" . $tmpfilterid . "', value not in value range!", DEBUG_ERROR);
- }
- }
- }
- }
- }
-
-
- /*
- * Implementation of CheckLogStreamSource
- */
- public function CheckLogStreamSource( $mySourceID )
- {
- // Call basic report Check function
- $res = $this->CheckLogStreamSourceByPropertyArray( $mySourceID, array(SYSLOG_HOST, MISC_CHECKSUM, SYSLOG_DATE, SYSLOG_SEVERITY, SYSLOG_MESSAGETYPE), SYSLOG_MESSAGE );
-
- // return results!
- return $res;
- }
-
-
- /*
- * Implementation of CreateLogStreamIndexes | Will create missing INDEXES
- */
- public function CreateLogStreamIndexes( $mySourceID )
- {
- // Call basic report Check function
- $res = $this->CreateLogStreamIndexesByPropertyArray( $mySourceID, array(SYSLOG_HOST, MISC_CHECKSUM, SYSLOG_DATE, SYSLOG_SEVERITY, SYSLOG_MESSAGETYPE) );
-
- // return results!
- return $res;
- }
-
-
- /*
- * Implementation of CreateLogStreamIndexes | Will create missing INDEXES
- */
- public function CreateLogStreamTrigger( $mySourceID )
- {
- // Call basic report Check function
- $res = $this->CreateLogStreamTriggerByPropertyArray( $mySourceID, SYSLOG_MESSAGE, MISC_CHECKSUM );
-
- // return results!
- return $res;
- }
-
-
- // --- Private functions...
- /**
- * Helper function to consolidate syslogmessages
- */
- private function ConsolidateSyslogmessagesPerHost( $arrHosts )
- {
- global $content, $gl_starttime, $fields;
-
- // Now open the stream for data processing
- $res = $this->_streamObj->Open( $this->_arrProperties, true );
- if ( $res == SUCCESS )
- {
- // --- New Method to consolidate data!
- // TimeStats
- $nowtime = microtime_float();
- $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
-
- // Update all Checksums first!
- $this->_streamObj->UpdateAllMessageChecksum();
-
- // TimeStats
- $nowtime = microtime_float();
- $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
-
- foreach ( $arrHosts as $myHost )
- {
- // Set custom filters
- $this->_streamObj->ResetFilters();
- $this->_streamObj->SetFilter( $this->_filterString . " " . $fields[SYSLOG_MESSAGETYPE]['SearchField'] . ":=" . IUT_Syslog );
- $this->_streamObj->RemoveFilters( SYSLOG_HOST );
- $this->_streamObj->AppendFilter( $fields[SYSLOG_HOST]['SearchField'] . ":=" . $myHost );
-
- // Set Host Item Basics if not set yet
- $content["report_consdata"][ $myHost ][SYSLOG_HOST] = $myHost;
-
- // Get Data for single host
- $content["report_consdata"][ $myHost ]['cons_msgs'] = $this->_streamObj->ConsolidateDataByField( MISC_CHECKSUM, $this->_maxMsgsPerHost, MISC_CHECKSUM, SORTING_ORDER_DESC, null, true, true );
-
- //print_r ($fields[SYSLOG_MESSAGE]);
- foreach ( $content["report_consdata"][ $myHost ]['cons_msgs'] as &$myConsData )
- {
- // Set Basic data entries
- if (!isset( $content['filter_facility_list'][$myConsData[SYSLOG_FACILITY]] ))
- $myConsData[SYSLOG_FACILITY] = SYSLOG_LOCAL0; // Set default in this case
- if (!isset( $content['filter_severity_list'][$myConsData[SYSLOG_SEVERITY]] ))
- $myConsData[SYSLOG_SEVERITY] = SYSLOG_NOTICE; // Set default in this case
- }
- }
-
- // TimeStats
- $nowtime = microtime_float();
- $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
- // ---
-
-/*
- // --- Old Method!
- // Init uid helper
- $uID = UID_UNKNOWN;
-
- // Set position to BEGIN of FILE
- $this->_streamObj->Sseek($uID, EnumSeek::BOS, 0);
-
- // Start reading data
- $ret = $this->_streamObj->Read($uID, $logArray);
-
- // TimeStats
- $nowtime = microtime_float();
- $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
-
- // Found first data record
- if ( $ret == SUCCESS )
- {
- do
- {
- // Check if Event from host is in our hosts array
- if ( in_array($logArray[SYSLOG_HOST], $arrHosts) )
- {
- // Set Host Item Basics if not set yet
- if ( !isset($content["report_consdata"][ $logArray[SYSLOG_HOST] ][SYSLOG_HOST]) )
- {
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ][SYSLOG_HOST] = $logArray[SYSLOG_HOST];
- }
-
- // Calc checksum
- if ( !isset($logArray[MISC_CHECKSUM]) || $logArray[MISC_CHECKSUM] == 0 )
- {
- // Calc crc32 from message, we use this as index
- $logArray[MISC_CHECKSUM] = crc32( $logArray[SYSLOG_MESSAGE] ); // Maybe useful somewhere else: sprintf( "%u", crc32 ( $logArray[SYSLOG_MESSAGE] ));
- $strChecksum = $logArray[MISC_CHECKSUM];
-
- // Save calculated Checksum into DB!
- $this->_streamObj->SaveMessageChecksum($logArray);
- }
- else // Get checksum
- $strChecksum = $logArray[MISC_CHECKSUM];
-
- // Check if entry exists in result array
- if ( isset($content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]) )
- {
- // Increment counter and set First/Last Event date
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['itemcount']++;
-
- // Set FirstEvent date if necessary!
- if ( $logArray[SYSLOG_DATE][EVTIME_TIMESTAMP] < $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['firstoccurrence_date'][EVTIME_TIMESTAMP] )
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['firstoccurrence_date'] = $logArray[SYSLOG_DATE];
-
- // Set LastEvent date if necessary!
- if ( $logArray[SYSLOG_DATE][EVTIME_TIMESTAMP] > $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['lastoccurrence_date'][EVTIME_TIMESTAMP] )
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['lastoccurrence_date'] = $logArray[SYSLOG_DATE];
- }
- else
- {
- // Set Basic data entries
- if (isset( $content['filter_facility_list'][$logArray[SYSLOG_FACILITY]] ))
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_FACILITY] = $logArray[SYSLOG_FACILITY];
- else
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_FACILITY] = SYSLOG_LOCAL0; // Set default in this case
- if (isset( $content['filter_severity_list'][$logArray[SYSLOG_SEVERITY]] ))
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_SEVERITY] = $logArray[SYSLOG_SEVERITY];
- else
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_SEVERITY] = SYSLOG_NOTICE; // Set default in this case
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_SYSLOGTAG] = $logArray[SYSLOG_SYSLOGTAG];
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_MESSAGE] = $logArray[SYSLOG_MESSAGE];
-
- // Set Counter and First/Last Event date
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['itemcount'] = 1;
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['firstoccurrence_date'] = $logArray[SYSLOG_DATE];
- $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['lastoccurrence_date'] = $logArray[SYSLOG_DATE];
- }
- }
-
- // Get next data record
- $ret = $this->_streamObj->ReadNext($uID, $logArray);
- } while ( $ret == SUCCESS );
-
- // TimeStats
- $nowtime = microtime_float();
- $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
- }
- else
- return $ret;
-*/
-
- // --- Start Postprocessing
- foreach( $content["report_consdata"] as &$tmpConsolidatedComputer )
- {
- // First use callback function to sort array
- uasort($tmpConsolidatedComputer['cons_msgs'], "MultiSortArrayByItemCountDesc");
-
- // Remove entries according to _maxMsgsPerHost
- if ( count($tmpConsolidatedComputer['cons_msgs']) > $this->_maxMsgsPerHost )
- {
- $iDropCount = 0;
-
- do
- {
- array_pop($tmpConsolidatedComputer['cons_msgs']);
- $iDropCount++;
- } while ( count($tmpConsolidatedComputer['cons_msgs']) > $this->_maxMsgsPerHost );
-
- // Append a dummy entry which shows count of all other events
- if ( $iDropCount > 0 )
- {
- $lastEntry[SYSLOG_SEVERITY] = SYSLOG_NOTICE;
- $lastEntry[SYSLOG_FACILITY] = SYSLOG_LOCAL0;
- $lastEntry[SYSLOG_SYSLOGTAG] = $content['LN_GEN_ALL_OTHER_EVENTS'];
- $lastEntry[SYSLOG_MESSAGE] = $content['LN_GEN_ALL_OTHER_EVENTS'];
- $lastEntry['itemcount'] = $iDropCount;
- $lastEntry['firstoccurrence_date'] = "-";
- $lastEntry['lastoccurrence_date'] = "-";
-
- $tmpConsolidatedComputer['cons_msgs'][] = $lastEntry;
- }
- }
-
- // TimeStats
- $nowtime = microtime_float();
- $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
-
- // PostProcess Events!
- foreach( $tmpConsolidatedComputer["cons_msgs"] as &$tmpMyEvent )
- {
- $tmpMyEvent['FirstOccurrence_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['firstoccurrence_date'] );
- $tmpMyEvent['LastOccurrence_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['lastoccurrence_date'] );
- $tmpMyEvent['syslogseverity_text'] = $this->GetSeverityDisplayName($tmpMyEvent['syslogseverity']); //$content['filter_severity_list'][ $tmpMyEvent['syslogseverity'] ]["DisplayName"];
- $tmpMyEvent['syslogfacility_text'] = $this->GetFacilityDisplayName($tmpMyEvent['syslogfacility']); //$content['filter_facility_list'][ $tmpMyEvent['syslogfacility'] ]["DisplayName"];
- $tmpMyEvent['syslogseverity_bgcolor'] = $this->GetSeverityBGColor($tmpMyEvent['syslogseverity']);
- $tmpMyEvent['syslogfacility_bgcolor'] = $this->GetSeverityBGColor($tmpMyEvent['syslogfacility']);
- }
- }
- // ---
- }
-
- // Work done!
- return SUCCESS;
- }
-
- /*
- * Helper function to convert a facility string into a facility number
- */
- private function GetFacilityDisplayName($nFacility)
- {
- global $content;
- if ( isset($nFacility) && is_numeric($nFacility) )
- {
- foreach ( $content['filter_facility_list'] as $myfacility )
- {
- // check if valid!
- if ( $myfacility['ID'] == $nFacility )
- return $myfacility['DisplayName'];
- }
- }
-
- // If we reach this point, facility is not valid
- return $content['LN_GEN_UNKNOWN'];
- }
-
- /*
- * Helper function to convert a severity string into a severity number
- */
- private function GetSeverityDisplayName($nSeverity)
- {
- global $content;
- if ( isset($nSeverity) && is_numeric($nSeverity) )
- {
- foreach ( $content['filter_severity_list'] as $myseverity )
- {
- // check if valid!
- if ( $myseverity['ID'] == $nSeverity )
- return $myseverity['DisplayName'];
- }
- }
-
- // If we reach this point, severity is not valid
- return $content['LN_GEN_UNKNOWN'];
- }
-
- /*
- * Helper function to obtain Severity background color
- */
- private function GetSeverityBGColor( $nSeverity )
- {
- global $severity_colors;
-
- if ( isset( $severity_colors[$nSeverity] ) )
- return $severity_colors[$nSeverity];
- else
- return $severity_colors[SYSLOG_INFO]; //Default
- }
-
- /*
- * Helper function to obtain Severity background color
- */
- private function GetFacilityBGColor( $nFacility )
- {
- global $facility_colors;
-
- if ( isset( $facility_colors[$nFacility] ) )
- return $facility_colors[$nFacility];
- else
- return $facility_colors[SYSLOG_LOCAL0]; //Default
- }
-
- //---
-}
-
+.
+ *
+ * A copy of the GPL can be found in the file "COPYING" in this
+ * distribution.
+ *********************************************************************
+*/
+
+// --- Avoid directly accessing this file!
+if ( !defined('IN_PHPLOGCON') )
+{
+ die('Hacking attempt');
+ exit;
+}
+// ---
+
+// --- Basic Includes!
+require_once($gl_root_path . 'classes/reports/report.class.php');
+// ---
+
+class Report_syslogsummary extends Report {
+ // Common Properties
+ public $_reportVersion = 1; // Internally Version of the ReportEngine
+ public $_reportID = "report.syslog.syslogsummary.class"; // ID for the report, needs to be unique!
+ public $_reportFileBasicName = "report.syslog.syslogsummary"; // Basic Filename for reportfiles
+ public $_reportTitle = "Syslog Summary Report"; // Display name for the report
+ public $_reportDescription = "This is a Syslog Summary Report";
+ public $_reportHelpArticle = "http://loganalyzer.adiscon.com/plugins/reports/syslog-syslogsummary";
+ public $_reportNeedsInit = false; // True means that this report needs additional init stuff
+ public $_reportInitialized = false; // True means report is installed
+
+ // Advanced Report Options
+ private $_maxHosts = 20; // Threshold for maximum hosts to analyse!
+ private $_maxMsgsPerHost = 100; // Threshold for maximum amount of syslogmessages to analyse per host
+ private $_colorThreshold = 10; // Threshold for coloured display of Eventcounter
+
+ // Constructor
+ public function Report_syslogsummary() {
+// $this->_logStreamConfigObj = $streamConfigObj;
+
+ // Fill fields we need for this report
+ $this->_arrProperties[] = SYSLOG_UID;
+ $this->_arrProperties[] = SYSLOG_DATE;
+ $this->_arrProperties[] = SYSLOG_HOST;
+ $this->_arrProperties[] = SYSLOG_MESSAGETYPE;
+ $this->_arrProperties[] = SYSLOG_FACILITY;
+ $this->_arrProperties[] = SYSLOG_SEVERITY;
+ $this->_arrProperties[] = SYSLOG_SYSLOGTAG;
+ // $this->_arrProperties[] = SYSLOG_PROCESSID;
+ $this->_arrProperties[] = SYSLOG_MESSAGE;
+ $this->_arrProperties[] = MISC_CHECKSUM;
+
+ // Init Customfilters Array
+ $this->_arrCustomFilters['_maxHosts'] = array ( 'InternalID' => '_maxHosts',
+ 'DisplayLangID' => 'ln_report_maxHosts_displayname',
+ 'DescriptLangID'=> 'ln_report_maxHosts_description',
+ FILTER_TYPE => FILTER_TYPE_NUMBER,
+ 'DefaultValue' => 20,
+ 'MinValue' => 1,
+/* 'MaxValue' => 0,*/
+ );
+ $this->_arrCustomFilters['_maxMsgsPerHost'] =
+ array ( 'InternalID' => '_maxMsgsPerHost',
+ 'DisplayLangID' => 'ln_report_maxMsgsPerHost_displayname',
+ 'DescriptLangID'=> 'ln_report_maxMsgsPerHost_description',
+ FILTER_TYPE => FILTER_TYPE_NUMBER,
+ 'DefaultValue' => 100,
+ 'MinValue' => 1,
+/* 'MaxValue' => 0,*/
+ );
+ $this->_arrCustomFilters['_colorThreshold'] =
+ array ( 'InternalID' => '_colorThreshold',
+ 'DisplayLangID' => 'ln_report_colorThreshold_displayname',
+ 'DescriptLangID'=> 'ln_report_colorThreshold_description',
+ FILTER_TYPE => FILTER_TYPE_NUMBER,
+ 'DefaultValue' => 10,
+ 'MinValue' => 1,
+/* 'MaxValue' => 0,*/
+ );
+
+
+
+ }
+
+ /**
+ * startDataProcessing, analysing data
+ *
+ * @param arrProperties array in: Properties wish list.
+ * @return integer Error stat
+ */
+ public function startDataProcessing()
+ {
+ global $content, $severity_colors, $gl_starttime, $fields;
+
+ // Create Filter string, append filter for EventLog Type msgs!
+ $szFilters = $this->_filterString . " " . $fields[SYSLOG_MESSAGETYPE]['SearchField'] . ":=" . IUT_Syslog;
+
+ // Set Filter string
+ $this->_streamObj->SetFilter( $szFilters );
+
+ // Need to Open stream first!
+ $res = $this->_streamObj->Open( $this->_arrProperties, true );
+ if ( $res == SUCCESS )
+ {
+ // Set to common content variables
+ $this->SetCommonContentVariables();
+
+ // Set report specific content variables
+ $content["_colorThreshold"] = $this->_colorThreshold;
+
+ // --- Report logic starts here
+ $content["report_rendertime"] = "";
+
+ // Step 1: Gather Summaries
+ // Obtain data from the logstream!
+ $content["report_summary"] = $this->_streamObj->ConsolidateDataByField( SYSLOG_SEVERITY, 0, SYSLOG_SEVERITY, SORTING_ORDER_DESC, null, false );
+
+ // TimeStats
+ $nowtime = microtime_float();
+ $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s, ";
+
+ // If data is valid, we have an array!
+ if ( is_array($content["report_summary"]) && count($content["report_summary"]) > 0 )
+ {
+ // Count Total Events
+ $iTotalEvents = 0;
+
+ foreach ($content["report_summary"] as &$tmpReportData )
+ {
+ $tmpReportData['DisplayName'] = $this->GetSeverityDisplayName( $tmpReportData[SYSLOG_SEVERITY] );
+ $tmpReportData['bgcolor'] = $this->GetSeverityBGColor( $tmpReportData[SYSLOG_SEVERITY] ); // $severity_colors[ $tmpReportData[SYSLOG_SEVERITY] ];
+
+ $iTotalEvents += $tmpReportData['itemcount'];
+ }
+
+ // Prepent Item with totalevents count
+ $totalItem['DisplayName'] = "Total Events";
+ $totalItem['bgcolor'] = "#999999";
+ $totalItem['itemcount'] = $iTotalEvents;
+
+ // Prepent to array
+ array_unshift( $content["report_summary"], $totalItem );
+ }
+ else
+ return ERROR_REPORT_NODATA;
+
+ // Get List of hosts
+ $content["report_computers"] = $this->_streamObj->ConsolidateItemListByField( SYSLOG_HOST, $this->_maxHosts, SYSLOG_HOST, SORTING_ORDER_DESC );
+
+ // TimeStats
+ $nowtime = microtime_float();
+ $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s, ";
+
+ if ( is_array($content["report_computers"]) && count($content["report_computers"]) > 0 )
+ {
+ // Create plain hosts list for Consolidate function
+ foreach ( $content["report_computers"] as $tmpComputer )
+ $arrHosts[] = $tmpComputer[SYSLOG_HOST];
+ }
+ else
+ return ERROR_REPORT_NODATA;
+
+ // This function will consolidate the Events based per Host!
+ $this->ConsolidateSyslogmessagesPerHost($arrHosts);
+
+ // TimeStats
+ $nowtime = microtime_float();
+ $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
+ // ---
+ }
+ else
+ return $ret;
+
+ // Return success!
+ return SUCCESS;
+ }
+
+
+ /**
+ * InitReport, empty
+ *
+ */
+ public function InitReport()
+ {
+ // Nothing to do
+ return SUCCESS;
+ }
+
+
+ /**
+ * RemoveReport, empty
+ *
+ */
+ public function RemoveReport()
+ {
+ // Nothing to do
+ return SUCCESS;
+ }
+
+
+ /**
+ * validateLicense, check license code
+ *
+ */
+ public function validateLicense()
+ {
+ // This is a free report!
+ return SUCCESS;
+ }
+
+ /**
+ * Init advanced settings from _customFilters string
+ */
+ public function InitAdvancedSettings()
+ {
+ // Parse and Split _customFilters
+ if ( strlen($this->_customFilters) > 0 )
+ {
+ // First of all split by comma
+ $tmpFilterValues = explode( ",", $this->_customFilters );
+
+ //Loop through mappings
+ foreach ($tmpFilterValues as &$myFilterValue )
+ {
+ // Split subvalues
+ $tmpArray = explode( "=>", $myFilterValue );
+
+ // Set into temporary array
+ $tmpfilterid = trim($tmpArray[0]);
+
+ // Set advanced property
+ if ( isset($this->_arrCustomFilters[$tmpfilterid]) )
+ {
+ // Copy New value first!
+ $szNewVal = trim($tmpArray[1]);
+
+ // Negated logic
+ if (
+ $this->_arrCustomFilters[$tmpfilterid][FILTER_TYPE] == FILTER_TYPE_NUMBER &&
+ !(isset($this->_arrCustomFilters[$tmpfilterid]['MinValue']) && intval($szNewVal) < $this->_arrCustomFilters[$tmpfilterid]['MinValue']) &&
+ !(isset($this->_arrCustomFilters[$tmpfilterid]['MaxValue']) && intval($szNewVal) >= $this->_arrCustomFilters[$tmpfilterid]['MaxValue'])
+ )
+ {
+ if ( $tmpfilterid == '_maxHosts' )
+ $this->_maxHosts = intval($szNewVal);
+ else if ( $tmpfilterid == '_maxMsgsPerHost' )
+ $this->_maxMsgsPerHost = intval($szNewVal);
+ else if ( $tmpfilterid == '_colorThreshold' )
+ $this->_colorThreshold = intval($szNewVal);
+ }
+ else
+ {
+ // Write to debuglog
+ OutputDebugMessage("Failed setting advanced report option property '" . $tmpfilterid . "', value not in value range!", DEBUG_ERROR);
+ }
+ }
+ }
+ }
+ }
+
+
+ /*
+ * Implementation of CheckLogStreamSource
+ */
+ public function CheckLogStreamSource( $mySourceID )
+ {
+ // Call basic report Check function
+ $res = $this->CheckLogStreamSourceByPropertyArray( $mySourceID, array(SYSLOG_HOST, MISC_CHECKSUM, SYSLOG_DATE, SYSLOG_SEVERITY, SYSLOG_MESSAGETYPE), SYSLOG_MESSAGE );
+
+ // return results!
+ return $res;
+ }
+
+
+ /*
+ * Implementation of CreateLogStreamIndexes | Will create missing INDEXES
+ */
+ public function CreateLogStreamIndexes( $mySourceID )
+ {
+ // Call basic report Check function
+ $res = $this->CreateLogStreamIndexesByPropertyArray( $mySourceID, array(SYSLOG_HOST, MISC_CHECKSUM, SYSLOG_DATE, SYSLOG_SEVERITY, SYSLOG_MESSAGETYPE) );
+
+ // return results!
+ return $res;
+ }
+
+
+ /*
+ * Implementation of CreateLogStreamIndexes | Will create missing INDEXES
+ */
+ public function CreateLogStreamTrigger( $mySourceID )
+ {
+ // Call basic report Check function
+ $res = $this->CreateLogStreamTriggerByPropertyArray( $mySourceID, SYSLOG_MESSAGE, MISC_CHECKSUM );
+
+ // return results!
+ return $res;
+ }
+
+
+ // --- Private functions...
+ /**
+ * Helper function to consolidate syslogmessages
+ */
+ private function ConsolidateSyslogmessagesPerHost( $arrHosts )
+ {
+ global $content, $gl_starttime, $fields;
+
+ // Now open the stream for data processing
+ $res = $this->_streamObj->Open( $this->_arrProperties, true );
+ if ( $res == SUCCESS )
+ {
+ // --- New Method to consolidate data!
+ // TimeStats
+ $nowtime = microtime_float();
+ $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
+
+ // Update all Checksums first!
+ $this->_streamObj->UpdateAllMessageChecksum();
+
+ // TimeStats
+ $nowtime = microtime_float();
+ $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
+
+ foreach ( $arrHosts as $myHost )
+ {
+ // Set custom filters
+ $this->_streamObj->ResetFilters();
+ $this->_streamObj->SetFilter( $this->_filterString . " " . $fields[SYSLOG_MESSAGETYPE]['SearchField'] . ":=" . IUT_Syslog );
+ $this->_streamObj->RemoveFilters( SYSLOG_HOST );
+ $this->_streamObj->AppendFilter( $fields[SYSLOG_HOST]['SearchField'] . ":=" . $myHost );
+
+ // Set Host Item Basics if not set yet
+ $content["report_consdata"][ $myHost ][SYSLOG_HOST] = $myHost;
+
+ // Get Data for single host
+ $content["report_consdata"][ $myHost ]['cons_msgs'] = $this->_streamObj->ConsolidateDataByField( MISC_CHECKSUM, $this->_maxMsgsPerHost, MISC_CHECKSUM, SORTING_ORDER_DESC, null, true, true );
+
+ // Only process results if valid!
+ if ( is_array($content["report_consdata"][ $myHost ]['cons_msgs']) )
+ {
+ foreach ( $content["report_consdata"][ $myHost ]['cons_msgs'] as &$myConsData )
+ {
+ // Set Basic data entries
+ if (!isset( $content['filter_facility_list'][$myConsData[SYSLOG_FACILITY]] ))
+ $myConsData[SYSLOG_FACILITY] = SYSLOG_LOCAL0; // Set default in this case
+ if (!isset( $content['filter_severity_list'][$myConsData[SYSLOG_SEVERITY]] ))
+ $myConsData[SYSLOG_SEVERITY] = SYSLOG_NOTICE; // Set default in this case
+ }
+ }
+ else
+ {
+ // Write to debuglog
+ OutputDebugMessage("Failed consolidating data for '" . $myHost . "' with error " . $content["report_consdata"][ $myHost ]['cons_msgs'], DEBUG_ERROR);
+
+ // Set to empty array
+ $content["report_consdata"][ $myHost ]['cons_msgs'] = array();
+ }
+ }
+
+ // TimeStats
+ $nowtime = microtime_float();
+ $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
+ // ---
+
+ // --- Start Postprocessing
+ foreach( $content["report_consdata"] as &$tmpConsolidatedComputer )
+ {
+ // First use callback function to sort array
+ uasort($tmpConsolidatedComputer['cons_msgs'], "MultiSortArrayByItemCountDesc");
+
+ // Remove entries according to _maxMsgsPerHost
+ if ( count($tmpConsolidatedComputer['cons_msgs']) > $this->_maxMsgsPerHost )
+ {
+ $iDropCount = 0;
+
+ do
+ {
+ array_pop($tmpConsolidatedComputer['cons_msgs']);
+ $iDropCount++;
+ } while ( count($tmpConsolidatedComputer['cons_msgs']) > $this->_maxMsgsPerHost );
+
+ // Append a dummy entry which shows count of all other events
+ if ( $iDropCount > 0 )
+ {
+ $lastEntry[SYSLOG_SEVERITY] = SYSLOG_NOTICE;
+ $lastEntry[SYSLOG_FACILITY] = SYSLOG_LOCAL0;
+ $lastEntry[SYSLOG_SYSLOGTAG] = $content['LN_GEN_ALL_OTHER_EVENTS'];
+ $lastEntry[SYSLOG_MESSAGE] = $content['LN_GEN_ALL_OTHER_EVENTS'];
+ $lastEntry['itemcount'] = $iDropCount;
+ $lastEntry['firstoccurrence_date'] = "-";
+ $lastEntry['lastoccurrence_date'] = "-";
+
+ $tmpConsolidatedComputer['cons_msgs'][] = $lastEntry;
+ }
+ }
+
+ // TimeStats
+ $nowtime = microtime_float();
+ $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s ";
+
+ // PostProcess Events!
+ foreach( $tmpConsolidatedComputer["cons_msgs"] as &$tmpMyEvent )
+ {
+ $tmpMyEvent['FirstOccurrence_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['firstoccurrence_date'] );
+ $tmpMyEvent['LastOccurrence_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['lastoccurrence_date'] );
+ $tmpMyEvent['syslogseverity_text'] = $this->GetSeverityDisplayName($tmpMyEvent['syslogseverity']); //$content['filter_severity_list'][ $tmpMyEvent['syslogseverity'] ]["DisplayName"];
+ $tmpMyEvent['syslogfacility_text'] = $this->GetFacilityDisplayName($tmpMyEvent['syslogfacility']); //$content['filter_facility_list'][ $tmpMyEvent['syslogfacility'] ]["DisplayName"];
+ $tmpMyEvent['syslogseverity_bgcolor'] = $this->GetSeverityBGColor($tmpMyEvent['syslogseverity']);
+ $tmpMyEvent['syslogfacility_bgcolor'] = $this->GetSeverityBGColor($tmpMyEvent['syslogfacility']);
+ }
+ }
+ // ---
+ }
+
+ // Work done!
+ return SUCCESS;
+ }
+
+ /*
+ * Helper function to convert a facility string into a facility number
+ */
+ private function GetFacilityDisplayName($nFacility)
+ {
+ global $content;
+ if ( isset($nFacility) && is_numeric($nFacility) )
+ {
+ foreach ( $content['filter_facility_list'] as $myfacility )
+ {
+ // check if valid!
+ if ( $myfacility['ID'] == $nFacility )
+ return $myfacility['DisplayName'];
+ }
+ }
+
+ // If we reach this point, facility is not valid
+ return $content['LN_GEN_UNKNOWN'];
+ }
+
+ /*
+ * Helper function to convert a severity string into a severity number
+ */
+ private function GetSeverityDisplayName($nSeverity)
+ {
+ global $content;
+ if ( isset($nSeverity) && is_numeric($nSeverity) )
+ {
+ foreach ( $content['filter_severity_list'] as $myseverity )
+ {
+ // check if valid!
+ if ( $myseverity['ID'] == $nSeverity )
+ return $myseverity['DisplayName'];
+ }
+ }
+
+ // If we reach this point, severity is not valid
+ return $content['LN_GEN_UNKNOWN'];
+ }
+
+ /*
+ * Helper function to obtain Severity background color
+ */
+ private function GetSeverityBGColor( $nSeverity )
+ {
+ global $severity_colors;
+
+ if ( isset( $severity_colors[$nSeverity] ) )
+ return $severity_colors[$nSeverity];
+ else
+ return $severity_colors[SYSLOG_INFO]; //Default
+ }
+
+ /*
+ * Helper function to obtain Severity background color
+ */
+ private function GetFacilityBGColor( $nFacility )
+ {
+ global $facility_colors;
+
+ if ( isset( $facility_colors[$nFacility] ) )
+ return $facility_colors[$nFacility];
+ else
+ return $facility_colors[SYSLOG_LOCAL0]; //Default
+ }
+
+ //---
+}
+
?>
\ No newline at end of file