From cee7dbe5750ee6e78013b2e035fcdc0c752ff92f Mon Sep 17 00:00:00 2001 From: Andre Lorbach Date: Thu, 3 May 2012 16:36:09 +0200 Subject: [PATCH] Added support for creating Indexes in MongoDB Logstream This will improve Report performance. Also enhanced Reduce functions used to group results. Added an Exception handler into reduce function in order to avoid MongoDB Error 9010 --- src/classes/logstreammongodb.class.php | 216 +++- .../report.syslog.syslogsummary.class.php | 1108 ++++++++--------- 2 files changed, 679 insertions(+), 645 deletions(-) diff --git a/src/classes/logstreammongodb.class.php b/src/classes/logstreammongodb.class.php index a2762ce..feb26bc 100644 --- a/src/classes/logstreammongodb.class.php +++ b/src/classes/logstreammongodb.class.php @@ -248,11 +248,32 @@ class LogStreamMongoDB extends LogStream { */ public function VerifyIndexes( $arrProperitesIn ) { - /* - TODO!!! - needed ? - */ + global $dbmapping, $fields; + // Get List of Indexes as Array + $arrIndexKeys = $this->GetIndexesAsArray(); + $szTableType = $this->_logStreamConfigObj->DBTableType; + + // Loop through all fields to see which one is missing! + foreach ( $arrProperitesIn as $myproperty ) + { +// echo $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] . "
"; + if ( isset($dbmapping[$szTableType]['DBMAPPINGS'][$myproperty]) ) + { + if ( in_array($dbmapping[$szTableType]['DBMAPPINGS'][$myproperty], $arrIndexKeys) ) + { + OutputDebugMessage("LogStreamDB|VerifyIndexes: Found INDEX for '" . $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] . "'", DEBUG_ULTRADEBUG); + continue; + } + else + { + // Index is missing for this field! + OutputDebugMessage("LogStreamDB|VerifyIndexes: Missing INDEX for '" . $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] . "'", DEBUG_WARN); + return ERROR_DB_INDEXESMISSING; + } + } + } + // Successfull return SUCCESS; } @@ -272,6 +293,45 @@ class LogStreamMongoDB extends LogStream { */ public function CreateMissingIndexes( $arrProperitesIn ) { + global $dbmapping, $fields, $querycount; + + // Get List of Indexes as Array + $arrIndexKeys = $this->GetIndexesAsArray(); + $szTableType = $this->_logStreamConfigObj->DBTableType; + + // Loop through all fields to see which one is missing! + foreach ( $arrProperitesIn as $myproperty ) + { + if ( isset($dbmapping[$szTableType]['DBMAPPINGS'][$myproperty]) ) + { + if (in_array($dbmapping[$szTableType]['DBMAPPINGS'][$myproperty], $arrIndexKeys) ) + continue; + else + { + try + { + // Add Unique Index for DBMapping + $this->_myMongoCollection->ensureIndex(array( $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] => 1) /*, array("unique" => true) */ ); + + // Index is missing for this field! + OutputDebugMessage("LogStreamDB|CreateMissingIndexes: Createing missing INDEX for '" . $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] . "'", DEBUG_INFO); + } + catch ( MongoException $e ) + { + // Log error! + $this->PrintDebugError("CreateMissingIndexes failed with error ' " . $e->getMessage() . " '"); + + // Return error code + return ERROR_DB_QUERYFAILED; + } + + // // Return failure! + // $this->PrintDebugError("Dynamically Adding INDEX for '" . $dbmapping[$szTableType]['DBMAPPINGS'][$myproperty] . "' failed with Statement: '" . $szSql . "'"); + // return ERROR_DB_INDEXFAILED; + } + } + } + // Successfull return SUCCESS; } @@ -993,31 +1053,38 @@ class LogStreamMongoDB extends LogStream { $groupReduce = " function (obj, prev) { - prev." . $myDBSortedFieldName . "++; "; + try {\n + prev." . $myDBSortedFieldName . "++;\n"; // Add fields! foreach( $myMongoFields as $key => $myfield ) { if ( $key != $myDBConsFieldName ) - $groupReduce .= "prev." . $key . " = obj." . $key . ";"; + $groupReduce .= "if ( prev.$key == null )\n prev.$key = obj.$key;\n"; } if ( $bIncludeMinMaxDateFields ) { $groupReduce .= " - if ( prev.firstoccurrence_date == null || prev.firstoccurrence_date > obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . " ) { - prev.firstoccurrence_date = obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . "; + if ( prev.firstoccurrence_date == null || prev.firstoccurrence_date > obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . " ) {\n + prev.firstoccurrence_date = obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . ";\n } - if ( prev.lastoccurrence_date == null || prev.lastoccurrence_date < obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . " ) { - prev.lastoccurrence_date = obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . "; + if ( prev.lastoccurrence_date == null || prev.lastoccurrence_date < obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . " ) {\n + prev.lastoccurrence_date = obj." . $dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE] . ";\n }"; } $groupReduce .= " + } + catch ( e ){ + // For now ingore error! + theerror = e.toString(); + } + // assert( theerror, \"B3\" ) } "; try { // Output Debug Informations - OutputDebugMessage("LogStreamMongoDB|ConsolidateDataByField: Running MongoDB group query", DEBUG_ULTRADEBUG); + OutputDebugMessage("LogStreamMongoDB|ConsolidateDataByField: Running MongoDB group query with Recude Function: 
" . $groupReduce . "
", DEBUG_ULTRADEBUG); // mongodb group is simular to groupby from MYSQL $myResult = $this->_myMongoCollection->group( array($myDBConsFieldName => 1), $myMongoInit, $groupReduce, $myOptions); @@ -1035,46 +1102,55 @@ class LogStreamMongoDB extends LogStream { $aResult = array(); // Loop through results - foreach ($myResult['retval'] as $myid => $myRow) + if ( isset($myResult['retval']) ) { - - // Create new row for resultarray - $aNewRow = array(); - - // Handly Datefields for min and max! - if ( $bIncludeMinMaxDateFields ) + foreach ($myResult['retval'] as $myid => $myRow) { - if ( isset($myRow['firstoccurrence_date']) && isset($myRow['lastoccurrence_date']) ) + + // Create new row for resultarray + $aNewRow = array(); + + // Handly Datefields for min and max! + if ( $bIncludeMinMaxDateFields ) { - $aNewRow['firstoccurrence_date'] = date( "Y-m-d H:i:s ", $myRow['firstoccurrence_date']->sec ); - $aNewRow['lastoccurrence_date'] = date( "Y-m-d H:i:s", $myRow['lastoccurrence_date']->sec ); - } - else - { - // Get default date - $myDate = $myRow[$dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE]]; - if ( gettype($myDate) == "object" && get_class($myDate) == "MongoDate" ) + if ( isset($myRow['firstoccurrence_date']) && isset($myRow['lastoccurrence_date']) ) { - $aNewRow['firstoccurrence_date'] = date( "Y-m-d H:i:s ", $myDate->sec ); - $aNewRow['lastoccurrence_date'] = date( "Y-m-d H:i:s", $myDate->sec ); + $aNewRow['firstoccurrence_date'] = date( "Y-m-d H:i:s ", $myRow['firstoccurrence_date']->sec ); + $aNewRow['lastoccurrence_date'] = date( "Y-m-d H:i:s", $myRow['lastoccurrence_date']->sec ); + } + else + { + // Get default date + $myDate = $myRow[$dbmapping[$szTableType]['DBMAPPINGS'][SYSLOG_DATE]]; + if ( gettype($myDate) == "object" && get_class($myDate) == "MongoDate" ) + { + $aNewRow['firstoccurrence_date'] = date( "Y-m-d H:i:s ", $myDate->sec ); + $aNewRow['lastoccurrence_date'] = date( "Y-m-d H:i:s", $myDate->sec ); + } + } + //echo "!". gettype($myDate); + //echo "!" . $myDate->sec; + //var_dump ( $myRow ); + //exit; + } + + foreach ( $myRow as $myFieldName => $myFieldValue ) + { + if ( !is_array($myFieldValue) && !is_object($myFieldValue) ) // Only Copy NON-Array and NON-Object values! + { + $myFieldID = $this->GetFieldIDbyDatabaseMapping($szTableType, $myFieldName); + $aNewRow[ $myFieldID ] = $myFieldValue; } } -//echo "!". gettype($myDate); -//echo "!" . $myDate->sec; -//var_dump ( $myRow ); -//exit; + // Add new row to result + $aResult[] = $aNewRow; } - - foreach ( $myRow as $myFieldName => $myFieldValue ) - { - if ( !is_array($myFieldValue) && !is_object($myFieldValue) ) // Only Copy NON-Array and NON-Object values! - { - $myFieldID = $this->GetFieldIDbyDatabaseMapping($szTableType, $myFieldName); - $aNewRow[ $myFieldID ] = $myFieldValue; - } - } - // Add new row to result - $aResult[] = $aNewRow; + } + else + { + // Return error code + OutputDebugMessage("LogStreamMongoDB|ConsolidateDataByField: myResult['retval'] was empty, see myResult: " . var_export($myResult, true) . ")", DEBUG_WARN); + return ERROR_NOMORERECORDS; } // return finished array @@ -1717,7 +1793,6 @@ class LogStreamMongoDB extends LogStream { // Uncomment for debug! // OutputDebugMessage("LogStreamMongoDB|ReadNextRecordsFromDB: bufferedRecords = Array 
" . var_export($this->bufferedRecords, true) . "
", DEBUG_ULTRADEBUG); - OutputDebugMessage("LogStreamMongoDB|ReadNextRecordsFromDB: ibegin = $iBegin, recordnum = " . $this->_currentRecordNum, DEBUG_ULTRADEBUG); // --- Check if results were found @@ -1757,20 +1832,57 @@ class LogStreamMongoDB extends LogStream { } } + /* + * Helper function to return a list of Indexes for the logstream table + */ + private function GetIndexesAsArray() + { + global $querycount; + + // Verify database connection (This also opens the database!) + $res = $this->Verify(); + if ( $res != SUCCESS ) + return $res; + + // Init Array + $arrIndexKeys = array(); + $aMongoIndexes = $this->_myMongoCollection->getIndexInfo(); + if (is_array($aMongoIndexes) && count($aMongoIndexes) > 0 ) + { + // LOOP through indexes + foreach($aMongoIndexes as $myIndex) + { + if ( strpos($myIndex['ns'], $this->_logStreamConfigObj->DBCollection) !== FALSE ) + { + // LOOP through keys + foreach($myIndex['key'] as $myKeyID => $myKey) + { + // Add to index keys + $arrIndexKeys[] = strtolower($myKeyID); + } + } + } + } + + //echo "
" . var_export($this->_myMongoCollection->getIndexInfo(), true) . "
"; + //echo "
" . var_export($arrIndexKeys, true) . "
"; + //exit; + + // Increment for the Footer Stats + $querycount++; + + // return Array + return $arrIndexKeys; + } + /* * Helper function to display SQL Errors for now! */ private function PrintDebugError($szErrorMsg) { global $extraErrorDescription; - - $errdesc = mysql_error(); - $errno = mysql_errno(); - $errormsg="$szErrorMsg
"; - $errormsg.="Detail error: $errdesc
"; - $errormsg.="Error Code: $errno
"; - + // Add to additional error output $extraErrorDescription = $errormsg; diff --git a/src/classes/reports/report.syslog.syslogsummary.class.php b/src/classes/reports/report.syslog.syslogsummary.class.php index 1082d2c..8405160 100644 --- a/src/classes/reports/report.syslog.syslogsummary.class.php +++ b/src/classes/reports/report.syslog.syslogsummary.class.php @@ -1,594 +1,516 @@ -. - * - * A copy of the GPL can be found in the file "COPYING" in this - * distribution. - ********************************************************************* -*/ - -// --- Avoid directly accessing this file! -if ( !defined('IN_PHPLOGCON') ) -{ - die('Hacking attempt'); - exit; -} -// --- - -// --- Basic Includes! -require_once($gl_root_path . 'classes/reports/report.class.php'); -// --- - -class Report_syslogsummary extends Report { - // Common Properties - public $_reportVersion = 1; // Internally Version of the ReportEngine - public $_reportID = "report.syslog.syslogsummary.class"; // ID for the report, needs to be unique! - public $_reportFileBasicName = "report.syslog.syslogsummary"; // Basic Filename for reportfiles - public $_reportTitle = "Syslog Summary Report"; // Display name for the report - public $_reportDescription = "This is a Syslog Summary Report"; - public $_reportHelpArticle = "http://loganalyzer.adiscon.com/plugins/reports/syslog-syslogsummary"; - public $_reportNeedsInit = false; // True means that this report needs additional init stuff - public $_reportInitialized = false; // True means report is installed - - // Advanced Report Options - private $_maxHosts = 20; // Threshold for maximum hosts to analyse! - private $_maxMsgsPerHost = 100; // Threshold for maximum amount of syslogmessages to analyse per host - private $_colorThreshold = 10; // Threshold for coloured display of Eventcounter - - // Constructor - public function Report_syslogsummary() { -// $this->_logStreamConfigObj = $streamConfigObj; - - // Fill fields we need for this report - $this->_arrProperties[] = SYSLOG_UID; - $this->_arrProperties[] = SYSLOG_DATE; - $this->_arrProperties[] = SYSLOG_HOST; - $this->_arrProperties[] = SYSLOG_MESSAGETYPE; - $this->_arrProperties[] = SYSLOG_FACILITY; - $this->_arrProperties[] = SYSLOG_SEVERITY; - $this->_arrProperties[] = SYSLOG_SYSLOGTAG; - // $this->_arrProperties[] = SYSLOG_PROCESSID; - $this->_arrProperties[] = SYSLOG_MESSAGE; - $this->_arrProperties[] = MISC_CHECKSUM; - - // Init Customfilters Array - $this->_arrCustomFilters['_maxHosts'] = array ( 'InternalID' => '_maxHosts', - 'DisplayLangID' => 'ln_report_maxHosts_displayname', - 'DescriptLangID'=> 'ln_report_maxHosts_description', - FILTER_TYPE => FILTER_TYPE_NUMBER, - 'DefaultValue' => 20, - 'MinValue' => 1, -/* 'MaxValue' => 0,*/ - ); - $this->_arrCustomFilters['_maxMsgsPerHost'] = - array ( 'InternalID' => '_maxMsgsPerHost', - 'DisplayLangID' => 'ln_report_maxMsgsPerHost_displayname', - 'DescriptLangID'=> 'ln_report_maxMsgsPerHost_description', - FILTER_TYPE => FILTER_TYPE_NUMBER, - 'DefaultValue' => 100, - 'MinValue' => 1, -/* 'MaxValue' => 0,*/ - ); - $this->_arrCustomFilters['_colorThreshold'] = - array ( 'InternalID' => '_colorThreshold', - 'DisplayLangID' => 'ln_report_colorThreshold_displayname', - 'DescriptLangID'=> 'ln_report_colorThreshold_description', - FILTER_TYPE => FILTER_TYPE_NUMBER, - 'DefaultValue' => 10, - 'MinValue' => 1, -/* 'MaxValue' => 0,*/ - ); - - - - } - - /** - * startDataProcessing, analysing data - * - * @param arrProperties array in: Properties wish list. - * @return integer Error stat - */ - public function startDataProcessing() - { - global $content, $severity_colors, $gl_starttime, $fields; - - // Create Filter string, append filter for EventLog Type msgs! - $szFilters = $this->_filterString . " " . $fields[SYSLOG_MESSAGETYPE]['SearchField'] . ":=" . IUT_Syslog; - - // Set Filter string - $this->_streamObj->SetFilter( $szFilters ); - - // Need to Open stream first! - $res = $this->_streamObj->Open( $this->_arrProperties, true ); - if ( $res == SUCCESS ) - { - // Set to common content variables - $this->SetCommonContentVariables(); - - // Set report specific content variables - $content["_colorThreshold"] = $this->_colorThreshold; - - // --- Report logic starts here - $content["report_rendertime"] = ""; - - // Step 1: Gather Summaries - // Obtain data from the logstream! - $content["report_summary"] = $this->_streamObj->ConsolidateDataByField( SYSLOG_SEVERITY, 0, SYSLOG_SEVERITY, SORTING_ORDER_DESC, null, false ); - - // TimeStats - $nowtime = microtime_float(); - $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s, "; - - // If data is valid, we have an array! - if ( is_array($content["report_summary"]) && count($content["report_summary"]) > 0 ) - { - // Count Total Events - $iTotalEvents = 0; - - foreach ($content["report_summary"] as &$tmpReportData ) - { - $tmpReportData['DisplayName'] = $this->GetSeverityDisplayName( $tmpReportData[SYSLOG_SEVERITY] ); - $tmpReportData['bgcolor'] = $this->GetSeverityBGColor( $tmpReportData[SYSLOG_SEVERITY] ); // $severity_colors[ $tmpReportData[SYSLOG_SEVERITY] ]; - - $iTotalEvents += $tmpReportData['itemcount']; - } - - // Prepent Item with totalevents count - $totalItem['DisplayName'] = "Total Events"; - $totalItem['bgcolor'] = "#999999"; - $totalItem['itemcount'] = $iTotalEvents; - - // Prepent to array - array_unshift( $content["report_summary"], $totalItem ); - } - else - return ERROR_REPORT_NODATA; - - // Get List of hosts - $content["report_computers"] = $this->_streamObj->ConsolidateItemListByField( SYSLOG_HOST, $this->_maxHosts, SYSLOG_HOST, SORTING_ORDER_DESC ); - - // TimeStats - $nowtime = microtime_float(); - $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s, "; - - if ( is_array($content["report_computers"]) && count($content["report_computers"]) > 0 ) - { - // Create plain hosts list for Consolidate function - foreach ( $content["report_computers"] as $tmpComputer ) - $arrHosts[] = $tmpComputer[SYSLOG_HOST]; - } - else - return ERROR_REPORT_NODATA; - - // This function will consolidate the Events based per Host! - $this->ConsolidateSyslogmessagesPerHost($arrHosts); - - // TimeStats - $nowtime = microtime_float(); - $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; - // --- - } - else - return $ret; - - // Return success! - return SUCCESS; - } - - - /** - * InitReport, empty - * - */ - public function InitReport() - { - // Nothing to do - return SUCCESS; - } - - - /** - * RemoveReport, empty - * - */ - public function RemoveReport() - { - // Nothing to do - return SUCCESS; - } - - - /** - * validateLicense, check license code - * - */ - public function validateLicense() - { - // This is a free report! - return SUCCESS; - } - - /** - * Init advanced settings from _customFilters string - */ - public function InitAdvancedSettings() - { - // Parse and Split _customFilters - if ( strlen($this->_customFilters) > 0 ) - { - // First of all split by comma - $tmpFilterValues = explode( ",", $this->_customFilters ); - - //Loop through mappings - foreach ($tmpFilterValues as &$myFilterValue ) - { - // Split subvalues - $tmpArray = explode( "=>", $myFilterValue ); - - // Set into temporary array - $tmpfilterid = trim($tmpArray[0]); - - // Set advanced property - if ( isset($this->_arrCustomFilters[$tmpfilterid]) ) - { - // Copy New value first! - $szNewVal = trim($tmpArray[1]); - - // Negated logic - if ( - $this->_arrCustomFilters[$tmpfilterid][FILTER_TYPE] == FILTER_TYPE_NUMBER && - !(isset($this->_arrCustomFilters[$tmpfilterid]['MinValue']) && intval($szNewVal) < $this->_arrCustomFilters[$tmpfilterid]['MinValue']) && - !(isset($this->_arrCustomFilters[$tmpfilterid]['MaxValue']) && intval($szNewVal) >= $this->_arrCustomFilters[$tmpfilterid]['MaxValue']) - ) - { - if ( $tmpfilterid == '_maxHosts' ) - $this->_maxHosts = intval($szNewVal); - else if ( $tmpfilterid == '_maxMsgsPerHost' ) - $this->_maxMsgsPerHost = intval($szNewVal); - else if ( $tmpfilterid == '_colorThreshold' ) - $this->_colorThreshold = intval($szNewVal); - } - else - { - // Write to debuglog - OutputDebugMessage("Failed setting advanced report option property '" . $tmpfilterid . "', value not in value range!", DEBUG_ERROR); - } - } - } - } - } - - - /* - * Implementation of CheckLogStreamSource - */ - public function CheckLogStreamSource( $mySourceID ) - { - // Call basic report Check function - $res = $this->CheckLogStreamSourceByPropertyArray( $mySourceID, array(SYSLOG_HOST, MISC_CHECKSUM, SYSLOG_DATE, SYSLOG_SEVERITY, SYSLOG_MESSAGETYPE), SYSLOG_MESSAGE ); - - // return results! - return $res; - } - - - /* - * Implementation of CreateLogStreamIndexes | Will create missing INDEXES - */ - public function CreateLogStreamIndexes( $mySourceID ) - { - // Call basic report Check function - $res = $this->CreateLogStreamIndexesByPropertyArray( $mySourceID, array(SYSLOG_HOST, MISC_CHECKSUM, SYSLOG_DATE, SYSLOG_SEVERITY, SYSLOG_MESSAGETYPE) ); - - // return results! - return $res; - } - - - /* - * Implementation of CreateLogStreamIndexes | Will create missing INDEXES - */ - public function CreateLogStreamTrigger( $mySourceID ) - { - // Call basic report Check function - $res = $this->CreateLogStreamTriggerByPropertyArray( $mySourceID, SYSLOG_MESSAGE, MISC_CHECKSUM ); - - // return results! - return $res; - } - - - // --- Private functions... - /** - * Helper function to consolidate syslogmessages - */ - private function ConsolidateSyslogmessagesPerHost( $arrHosts ) - { - global $content, $gl_starttime, $fields; - - // Now open the stream for data processing - $res = $this->_streamObj->Open( $this->_arrProperties, true ); - if ( $res == SUCCESS ) - { - // --- New Method to consolidate data! - // TimeStats - $nowtime = microtime_float(); - $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; - - // Update all Checksums first! - $this->_streamObj->UpdateAllMessageChecksum(); - - // TimeStats - $nowtime = microtime_float(); - $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; - - foreach ( $arrHosts as $myHost ) - { - // Set custom filters - $this->_streamObj->ResetFilters(); - $this->_streamObj->SetFilter( $this->_filterString . " " . $fields[SYSLOG_MESSAGETYPE]['SearchField'] . ":=" . IUT_Syslog ); - $this->_streamObj->RemoveFilters( SYSLOG_HOST ); - $this->_streamObj->AppendFilter( $fields[SYSLOG_HOST]['SearchField'] . ":=" . $myHost ); - - // Set Host Item Basics if not set yet - $content["report_consdata"][ $myHost ][SYSLOG_HOST] = $myHost; - - // Get Data for single host - $content["report_consdata"][ $myHost ]['cons_msgs'] = $this->_streamObj->ConsolidateDataByField( MISC_CHECKSUM, $this->_maxMsgsPerHost, MISC_CHECKSUM, SORTING_ORDER_DESC, null, true, true ); - - //print_r ($fields[SYSLOG_MESSAGE]); - foreach ( $content["report_consdata"][ $myHost ]['cons_msgs'] as &$myConsData ) - { - // Set Basic data entries - if (!isset( $content['filter_facility_list'][$myConsData[SYSLOG_FACILITY]] )) - $myConsData[SYSLOG_FACILITY] = SYSLOG_LOCAL0; // Set default in this case - if (!isset( $content['filter_severity_list'][$myConsData[SYSLOG_SEVERITY]] )) - $myConsData[SYSLOG_SEVERITY] = SYSLOG_NOTICE; // Set default in this case - } - } - - // TimeStats - $nowtime = microtime_float(); - $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; - // --- - -/* - // --- Old Method! - // Init uid helper - $uID = UID_UNKNOWN; - - // Set position to BEGIN of FILE - $this->_streamObj->Sseek($uID, EnumSeek::BOS, 0); - - // Start reading data - $ret = $this->_streamObj->Read($uID, $logArray); - - // TimeStats - $nowtime = microtime_float(); - $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; - - // Found first data record - if ( $ret == SUCCESS ) - { - do - { - // Check if Event from host is in our hosts array - if ( in_array($logArray[SYSLOG_HOST], $arrHosts) ) - { - // Set Host Item Basics if not set yet - if ( !isset($content["report_consdata"][ $logArray[SYSLOG_HOST] ][SYSLOG_HOST]) ) - { - $content["report_consdata"][ $logArray[SYSLOG_HOST] ][SYSLOG_HOST] = $logArray[SYSLOG_HOST]; - } - - // Calc checksum - if ( !isset($logArray[MISC_CHECKSUM]) || $logArray[MISC_CHECKSUM] == 0 ) - { - // Calc crc32 from message, we use this as index - $logArray[MISC_CHECKSUM] = crc32( $logArray[SYSLOG_MESSAGE] ); // Maybe useful somewhere else: sprintf( "%u", crc32 ( $logArray[SYSLOG_MESSAGE] )); - $strChecksum = $logArray[MISC_CHECKSUM]; - - // Save calculated Checksum into DB! - $this->_streamObj->SaveMessageChecksum($logArray); - } - else // Get checksum - $strChecksum = $logArray[MISC_CHECKSUM]; - - // Check if entry exists in result array - if ( isset($content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]) ) - { - // Increment counter and set First/Last Event date - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['itemcount']++; - - // Set FirstEvent date if necessary! - if ( $logArray[SYSLOG_DATE][EVTIME_TIMESTAMP] < $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['firstoccurrence_date'][EVTIME_TIMESTAMP] ) - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['firstoccurrence_date'] = $logArray[SYSLOG_DATE]; - - // Set LastEvent date if necessary! - if ( $logArray[SYSLOG_DATE][EVTIME_TIMESTAMP] > $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['lastoccurrence_date'][EVTIME_TIMESTAMP] ) - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['lastoccurrence_date'] = $logArray[SYSLOG_DATE]; - } - else - { - // Set Basic data entries - if (isset( $content['filter_facility_list'][$logArray[SYSLOG_FACILITY]] )) - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_FACILITY] = $logArray[SYSLOG_FACILITY]; - else - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_FACILITY] = SYSLOG_LOCAL0; // Set default in this case - if (isset( $content['filter_severity_list'][$logArray[SYSLOG_SEVERITY]] )) - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_SEVERITY] = $logArray[SYSLOG_SEVERITY]; - else - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_SEVERITY] = SYSLOG_NOTICE; // Set default in this case - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_SYSLOGTAG] = $logArray[SYSLOG_SYSLOGTAG]; - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ][SYSLOG_MESSAGE] = $logArray[SYSLOG_MESSAGE]; - - // Set Counter and First/Last Event date - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['itemcount'] = 1; - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['firstoccurrence_date'] = $logArray[SYSLOG_DATE]; - $content["report_consdata"][ $logArray[SYSLOG_HOST] ]['cons_msgs'][ $strChecksum ]['lastoccurrence_date'] = $logArray[SYSLOG_DATE]; - } - } - - // Get next data record - $ret = $this->_streamObj->ReadNext($uID, $logArray); - } while ( $ret == SUCCESS ); - - // TimeStats - $nowtime = microtime_float(); - $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; - } - else - return $ret; -*/ - - // --- Start Postprocessing - foreach( $content["report_consdata"] as &$tmpConsolidatedComputer ) - { - // First use callback function to sort array - uasort($tmpConsolidatedComputer['cons_msgs'], "MultiSortArrayByItemCountDesc"); - - // Remove entries according to _maxMsgsPerHost - if ( count($tmpConsolidatedComputer['cons_msgs']) > $this->_maxMsgsPerHost ) - { - $iDropCount = 0; - - do - { - array_pop($tmpConsolidatedComputer['cons_msgs']); - $iDropCount++; - } while ( count($tmpConsolidatedComputer['cons_msgs']) > $this->_maxMsgsPerHost ); - - // Append a dummy entry which shows count of all other events - if ( $iDropCount > 0 ) - { - $lastEntry[SYSLOG_SEVERITY] = SYSLOG_NOTICE; - $lastEntry[SYSLOG_FACILITY] = SYSLOG_LOCAL0; - $lastEntry[SYSLOG_SYSLOGTAG] = $content['LN_GEN_ALL_OTHER_EVENTS']; - $lastEntry[SYSLOG_MESSAGE] = $content['LN_GEN_ALL_OTHER_EVENTS']; - $lastEntry['itemcount'] = $iDropCount; - $lastEntry['firstoccurrence_date'] = "-"; - $lastEntry['lastoccurrence_date'] = "-"; - - $tmpConsolidatedComputer['cons_msgs'][] = $lastEntry; - } - } - - // TimeStats - $nowtime = microtime_float(); - $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; - - // PostProcess Events! - foreach( $tmpConsolidatedComputer["cons_msgs"] as &$tmpMyEvent ) - { - $tmpMyEvent['FirstOccurrence_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['firstoccurrence_date'] ); - $tmpMyEvent['LastOccurrence_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['lastoccurrence_date'] ); - $tmpMyEvent['syslogseverity_text'] = $this->GetSeverityDisplayName($tmpMyEvent['syslogseverity']); //$content['filter_severity_list'][ $tmpMyEvent['syslogseverity'] ]["DisplayName"]; - $tmpMyEvent['syslogfacility_text'] = $this->GetFacilityDisplayName($tmpMyEvent['syslogfacility']); //$content['filter_facility_list'][ $tmpMyEvent['syslogfacility'] ]["DisplayName"]; - $tmpMyEvent['syslogseverity_bgcolor'] = $this->GetSeverityBGColor($tmpMyEvent['syslogseverity']); - $tmpMyEvent['syslogfacility_bgcolor'] = $this->GetSeverityBGColor($tmpMyEvent['syslogfacility']); - } - } - // --- - } - - // Work done! - return SUCCESS; - } - - /* - * Helper function to convert a facility string into a facility number - */ - private function GetFacilityDisplayName($nFacility) - { - global $content; - if ( isset($nFacility) && is_numeric($nFacility) ) - { - foreach ( $content['filter_facility_list'] as $myfacility ) - { - // check if valid! - if ( $myfacility['ID'] == $nFacility ) - return $myfacility['DisplayName']; - } - } - - // If we reach this point, facility is not valid - return $content['LN_GEN_UNKNOWN']; - } - - /* - * Helper function to convert a severity string into a severity number - */ - private function GetSeverityDisplayName($nSeverity) - { - global $content; - if ( isset($nSeverity) && is_numeric($nSeverity) ) - { - foreach ( $content['filter_severity_list'] as $myseverity ) - { - // check if valid! - if ( $myseverity['ID'] == $nSeverity ) - return $myseverity['DisplayName']; - } - } - - // If we reach this point, severity is not valid - return $content['LN_GEN_UNKNOWN']; - } - - /* - * Helper function to obtain Severity background color - */ - private function GetSeverityBGColor( $nSeverity ) - { - global $severity_colors; - - if ( isset( $severity_colors[$nSeverity] ) ) - return $severity_colors[$nSeverity]; - else - return $severity_colors[SYSLOG_INFO]; //Default - } - - /* - * Helper function to obtain Severity background color - */ - private function GetFacilityBGColor( $nFacility ) - { - global $facility_colors; - - if ( isset( $facility_colors[$nFacility] ) ) - return $facility_colors[$nFacility]; - else - return $facility_colors[SYSLOG_LOCAL0]; //Default - } - - //--- -} - +. + * + * A copy of the GPL can be found in the file "COPYING" in this + * distribution. + ********************************************************************* +*/ + +// --- Avoid directly accessing this file! +if ( !defined('IN_PHPLOGCON') ) +{ + die('Hacking attempt'); + exit; +} +// --- + +// --- Basic Includes! +require_once($gl_root_path . 'classes/reports/report.class.php'); +// --- + +class Report_syslogsummary extends Report { + // Common Properties + public $_reportVersion = 1; // Internally Version of the ReportEngine + public $_reportID = "report.syslog.syslogsummary.class"; // ID for the report, needs to be unique! + public $_reportFileBasicName = "report.syslog.syslogsummary"; // Basic Filename for reportfiles + public $_reportTitle = "Syslog Summary Report"; // Display name for the report + public $_reportDescription = "This is a Syslog Summary Report"; + public $_reportHelpArticle = "http://loganalyzer.adiscon.com/plugins/reports/syslog-syslogsummary"; + public $_reportNeedsInit = false; // True means that this report needs additional init stuff + public $_reportInitialized = false; // True means report is installed + + // Advanced Report Options + private $_maxHosts = 20; // Threshold for maximum hosts to analyse! + private $_maxMsgsPerHost = 100; // Threshold for maximum amount of syslogmessages to analyse per host + private $_colorThreshold = 10; // Threshold for coloured display of Eventcounter + + // Constructor + public function Report_syslogsummary() { +// $this->_logStreamConfigObj = $streamConfigObj; + + // Fill fields we need for this report + $this->_arrProperties[] = SYSLOG_UID; + $this->_arrProperties[] = SYSLOG_DATE; + $this->_arrProperties[] = SYSLOG_HOST; + $this->_arrProperties[] = SYSLOG_MESSAGETYPE; + $this->_arrProperties[] = SYSLOG_FACILITY; + $this->_arrProperties[] = SYSLOG_SEVERITY; + $this->_arrProperties[] = SYSLOG_SYSLOGTAG; + // $this->_arrProperties[] = SYSLOG_PROCESSID; + $this->_arrProperties[] = SYSLOG_MESSAGE; + $this->_arrProperties[] = MISC_CHECKSUM; + + // Init Customfilters Array + $this->_arrCustomFilters['_maxHosts'] = array ( 'InternalID' => '_maxHosts', + 'DisplayLangID' => 'ln_report_maxHosts_displayname', + 'DescriptLangID'=> 'ln_report_maxHosts_description', + FILTER_TYPE => FILTER_TYPE_NUMBER, + 'DefaultValue' => 20, + 'MinValue' => 1, +/* 'MaxValue' => 0,*/ + ); + $this->_arrCustomFilters['_maxMsgsPerHost'] = + array ( 'InternalID' => '_maxMsgsPerHost', + 'DisplayLangID' => 'ln_report_maxMsgsPerHost_displayname', + 'DescriptLangID'=> 'ln_report_maxMsgsPerHost_description', + FILTER_TYPE => FILTER_TYPE_NUMBER, + 'DefaultValue' => 100, + 'MinValue' => 1, +/* 'MaxValue' => 0,*/ + ); + $this->_arrCustomFilters['_colorThreshold'] = + array ( 'InternalID' => '_colorThreshold', + 'DisplayLangID' => 'ln_report_colorThreshold_displayname', + 'DescriptLangID'=> 'ln_report_colorThreshold_description', + FILTER_TYPE => FILTER_TYPE_NUMBER, + 'DefaultValue' => 10, + 'MinValue' => 1, +/* 'MaxValue' => 0,*/ + ); + + + + } + + /** + * startDataProcessing, analysing data + * + * @param arrProperties array in: Properties wish list. + * @return integer Error stat + */ + public function startDataProcessing() + { + global $content, $severity_colors, $gl_starttime, $fields; + + // Create Filter string, append filter for EventLog Type msgs! + $szFilters = $this->_filterString . " " . $fields[SYSLOG_MESSAGETYPE]['SearchField'] . ":=" . IUT_Syslog; + + // Set Filter string + $this->_streamObj->SetFilter( $szFilters ); + + // Need to Open stream first! + $res = $this->_streamObj->Open( $this->_arrProperties, true ); + if ( $res == SUCCESS ) + { + // Set to common content variables + $this->SetCommonContentVariables(); + + // Set report specific content variables + $content["_colorThreshold"] = $this->_colorThreshold; + + // --- Report logic starts here + $content["report_rendertime"] = ""; + + // Step 1: Gather Summaries + // Obtain data from the logstream! + $content["report_summary"] = $this->_streamObj->ConsolidateDataByField( SYSLOG_SEVERITY, 0, SYSLOG_SEVERITY, SORTING_ORDER_DESC, null, false ); + + // TimeStats + $nowtime = microtime_float(); + $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s, "; + + // If data is valid, we have an array! + if ( is_array($content["report_summary"]) && count($content["report_summary"]) > 0 ) + { + // Count Total Events + $iTotalEvents = 0; + + foreach ($content["report_summary"] as &$tmpReportData ) + { + $tmpReportData['DisplayName'] = $this->GetSeverityDisplayName( $tmpReportData[SYSLOG_SEVERITY] ); + $tmpReportData['bgcolor'] = $this->GetSeverityBGColor( $tmpReportData[SYSLOG_SEVERITY] ); // $severity_colors[ $tmpReportData[SYSLOG_SEVERITY] ]; + + $iTotalEvents += $tmpReportData['itemcount']; + } + + // Prepent Item with totalevents count + $totalItem['DisplayName'] = "Total Events"; + $totalItem['bgcolor'] = "#999999"; + $totalItem['itemcount'] = $iTotalEvents; + + // Prepent to array + array_unshift( $content["report_summary"], $totalItem ); + } + else + return ERROR_REPORT_NODATA; + + // Get List of hosts + $content["report_computers"] = $this->_streamObj->ConsolidateItemListByField( SYSLOG_HOST, $this->_maxHosts, SYSLOG_HOST, SORTING_ORDER_DESC ); + + // TimeStats + $nowtime = microtime_float(); + $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s, "; + + if ( is_array($content["report_computers"]) && count($content["report_computers"]) > 0 ) + { + // Create plain hosts list for Consolidate function + foreach ( $content["report_computers"] as $tmpComputer ) + $arrHosts[] = $tmpComputer[SYSLOG_HOST]; + } + else + return ERROR_REPORT_NODATA; + + // This function will consolidate the Events based per Host! + $this->ConsolidateSyslogmessagesPerHost($arrHosts); + + // TimeStats + $nowtime = microtime_float(); + $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; + // --- + } + else + return $ret; + + // Return success! + return SUCCESS; + } + + + /** + * InitReport, empty + * + */ + public function InitReport() + { + // Nothing to do + return SUCCESS; + } + + + /** + * RemoveReport, empty + * + */ + public function RemoveReport() + { + // Nothing to do + return SUCCESS; + } + + + /** + * validateLicense, check license code + * + */ + public function validateLicense() + { + // This is a free report! + return SUCCESS; + } + + /** + * Init advanced settings from _customFilters string + */ + public function InitAdvancedSettings() + { + // Parse and Split _customFilters + if ( strlen($this->_customFilters) > 0 ) + { + // First of all split by comma + $tmpFilterValues = explode( ",", $this->_customFilters ); + + //Loop through mappings + foreach ($tmpFilterValues as &$myFilterValue ) + { + // Split subvalues + $tmpArray = explode( "=>", $myFilterValue ); + + // Set into temporary array + $tmpfilterid = trim($tmpArray[0]); + + // Set advanced property + if ( isset($this->_arrCustomFilters[$tmpfilterid]) ) + { + // Copy New value first! + $szNewVal = trim($tmpArray[1]); + + // Negated logic + if ( + $this->_arrCustomFilters[$tmpfilterid][FILTER_TYPE] == FILTER_TYPE_NUMBER && + !(isset($this->_arrCustomFilters[$tmpfilterid]['MinValue']) && intval($szNewVal) < $this->_arrCustomFilters[$tmpfilterid]['MinValue']) && + !(isset($this->_arrCustomFilters[$tmpfilterid]['MaxValue']) && intval($szNewVal) >= $this->_arrCustomFilters[$tmpfilterid]['MaxValue']) + ) + { + if ( $tmpfilterid == '_maxHosts' ) + $this->_maxHosts = intval($szNewVal); + else if ( $tmpfilterid == '_maxMsgsPerHost' ) + $this->_maxMsgsPerHost = intval($szNewVal); + else if ( $tmpfilterid == '_colorThreshold' ) + $this->_colorThreshold = intval($szNewVal); + } + else + { + // Write to debuglog + OutputDebugMessage("Failed setting advanced report option property '" . $tmpfilterid . "', value not in value range!", DEBUG_ERROR); + } + } + } + } + } + + + /* + * Implementation of CheckLogStreamSource + */ + public function CheckLogStreamSource( $mySourceID ) + { + // Call basic report Check function + $res = $this->CheckLogStreamSourceByPropertyArray( $mySourceID, array(SYSLOG_HOST, MISC_CHECKSUM, SYSLOG_DATE, SYSLOG_SEVERITY, SYSLOG_MESSAGETYPE), SYSLOG_MESSAGE ); + + // return results! + return $res; + } + + + /* + * Implementation of CreateLogStreamIndexes | Will create missing INDEXES + */ + public function CreateLogStreamIndexes( $mySourceID ) + { + // Call basic report Check function + $res = $this->CreateLogStreamIndexesByPropertyArray( $mySourceID, array(SYSLOG_HOST, MISC_CHECKSUM, SYSLOG_DATE, SYSLOG_SEVERITY, SYSLOG_MESSAGETYPE) ); + + // return results! + return $res; + } + + + /* + * Implementation of CreateLogStreamIndexes | Will create missing INDEXES + */ + public function CreateLogStreamTrigger( $mySourceID ) + { + // Call basic report Check function + $res = $this->CreateLogStreamTriggerByPropertyArray( $mySourceID, SYSLOG_MESSAGE, MISC_CHECKSUM ); + + // return results! + return $res; + } + + + // --- Private functions... + /** + * Helper function to consolidate syslogmessages + */ + private function ConsolidateSyslogmessagesPerHost( $arrHosts ) + { + global $content, $gl_starttime, $fields; + + // Now open the stream for data processing + $res = $this->_streamObj->Open( $this->_arrProperties, true ); + if ( $res == SUCCESS ) + { + // --- New Method to consolidate data! + // TimeStats + $nowtime = microtime_float(); + $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; + + // Update all Checksums first! + $this->_streamObj->UpdateAllMessageChecksum(); + + // TimeStats + $nowtime = microtime_float(); + $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; + + foreach ( $arrHosts as $myHost ) + { + // Set custom filters + $this->_streamObj->ResetFilters(); + $this->_streamObj->SetFilter( $this->_filterString . " " . $fields[SYSLOG_MESSAGETYPE]['SearchField'] . ":=" . IUT_Syslog ); + $this->_streamObj->RemoveFilters( SYSLOG_HOST ); + $this->_streamObj->AppendFilter( $fields[SYSLOG_HOST]['SearchField'] . ":=" . $myHost ); + + // Set Host Item Basics if not set yet + $content["report_consdata"][ $myHost ][SYSLOG_HOST] = $myHost; + + // Get Data for single host + $content["report_consdata"][ $myHost ]['cons_msgs'] = $this->_streamObj->ConsolidateDataByField( MISC_CHECKSUM, $this->_maxMsgsPerHost, MISC_CHECKSUM, SORTING_ORDER_DESC, null, true, true ); + + // Only process results if valid! + if ( is_array($content["report_consdata"][ $myHost ]['cons_msgs']) ) + { + foreach ( $content["report_consdata"][ $myHost ]['cons_msgs'] as &$myConsData ) + { + // Set Basic data entries + if (!isset( $content['filter_facility_list'][$myConsData[SYSLOG_FACILITY]] )) + $myConsData[SYSLOG_FACILITY] = SYSLOG_LOCAL0; // Set default in this case + if (!isset( $content['filter_severity_list'][$myConsData[SYSLOG_SEVERITY]] )) + $myConsData[SYSLOG_SEVERITY] = SYSLOG_NOTICE; // Set default in this case + } + } + else + { + // Write to debuglog + OutputDebugMessage("Failed consolidating data for '" . $myHost . "' with error " . $content["report_consdata"][ $myHost ]['cons_msgs'], DEBUG_ERROR); + + // Set to empty array + $content["report_consdata"][ $myHost ]['cons_msgs'] = array(); + } + } + + // TimeStats + $nowtime = microtime_float(); + $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; + // --- + + // --- Start Postprocessing + foreach( $content["report_consdata"] as &$tmpConsolidatedComputer ) + { + // First use callback function to sort array + uasort($tmpConsolidatedComputer['cons_msgs'], "MultiSortArrayByItemCountDesc"); + + // Remove entries according to _maxMsgsPerHost + if ( count($tmpConsolidatedComputer['cons_msgs']) > $this->_maxMsgsPerHost ) + { + $iDropCount = 0; + + do + { + array_pop($tmpConsolidatedComputer['cons_msgs']); + $iDropCount++; + } while ( count($tmpConsolidatedComputer['cons_msgs']) > $this->_maxMsgsPerHost ); + + // Append a dummy entry which shows count of all other events + if ( $iDropCount > 0 ) + { + $lastEntry[SYSLOG_SEVERITY] = SYSLOG_NOTICE; + $lastEntry[SYSLOG_FACILITY] = SYSLOG_LOCAL0; + $lastEntry[SYSLOG_SYSLOGTAG] = $content['LN_GEN_ALL_OTHER_EVENTS']; + $lastEntry[SYSLOG_MESSAGE] = $content['LN_GEN_ALL_OTHER_EVENTS']; + $lastEntry['itemcount'] = $iDropCount; + $lastEntry['firstoccurrence_date'] = "-"; + $lastEntry['lastoccurrence_date'] = "-"; + + $tmpConsolidatedComputer['cons_msgs'][] = $lastEntry; + } + } + + // TimeStats + $nowtime = microtime_float(); + $content["report_rendertime"] .= number_format($nowtime - $gl_starttime, 2, '.', '') . "s "; + + // PostProcess Events! + foreach( $tmpConsolidatedComputer["cons_msgs"] as &$tmpMyEvent ) + { + $tmpMyEvent['FirstOccurrence_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['firstoccurrence_date'] ); + $tmpMyEvent['LastOccurrence_Date_Formatted'] = GetFormatedDate( $tmpMyEvent['lastoccurrence_date'] ); + $tmpMyEvent['syslogseverity_text'] = $this->GetSeverityDisplayName($tmpMyEvent['syslogseverity']); //$content['filter_severity_list'][ $tmpMyEvent['syslogseverity'] ]["DisplayName"]; + $tmpMyEvent['syslogfacility_text'] = $this->GetFacilityDisplayName($tmpMyEvent['syslogfacility']); //$content['filter_facility_list'][ $tmpMyEvent['syslogfacility'] ]["DisplayName"]; + $tmpMyEvent['syslogseverity_bgcolor'] = $this->GetSeverityBGColor($tmpMyEvent['syslogseverity']); + $tmpMyEvent['syslogfacility_bgcolor'] = $this->GetSeverityBGColor($tmpMyEvent['syslogfacility']); + } + } + // --- + } + + // Work done! + return SUCCESS; + } + + /* + * Helper function to convert a facility string into a facility number + */ + private function GetFacilityDisplayName($nFacility) + { + global $content; + if ( isset($nFacility) && is_numeric($nFacility) ) + { + foreach ( $content['filter_facility_list'] as $myfacility ) + { + // check if valid! + if ( $myfacility['ID'] == $nFacility ) + return $myfacility['DisplayName']; + } + } + + // If we reach this point, facility is not valid + return $content['LN_GEN_UNKNOWN']; + } + + /* + * Helper function to convert a severity string into a severity number + */ + private function GetSeverityDisplayName($nSeverity) + { + global $content; + if ( isset($nSeverity) && is_numeric($nSeverity) ) + { + foreach ( $content['filter_severity_list'] as $myseverity ) + { + // check if valid! + if ( $myseverity['ID'] == $nSeverity ) + return $myseverity['DisplayName']; + } + } + + // If we reach this point, severity is not valid + return $content['LN_GEN_UNKNOWN']; + } + + /* + * Helper function to obtain Severity background color + */ + private function GetSeverityBGColor( $nSeverity ) + { + global $severity_colors; + + if ( isset( $severity_colors[$nSeverity] ) ) + return $severity_colors[$nSeverity]; + else + return $severity_colors[SYSLOG_INFO]; //Default + } + + /* + * Helper function to obtain Severity background color + */ + private function GetFacilityBGColor( $nFacility ) + { + global $facility_colors; + + if ( isset( $facility_colors[$nFacility] ) ) + return $facility_colors[$nFacility]; + else + return $facility_colors[SYSLOG_LOCAL0]; //Default + } + + //--- +} + ?> \ No newline at end of file