diff --git a/src/classes/logstream.class.php b/src/classes/logstream.class.php
index 5d25134..73d2da7 100644
--- a/src/classes/logstream.class.php
+++ b/src/classes/logstream.class.php
@@ -1,1308 +1,1321 @@
-.
- *
- * A copy of the GPL can be found in the file "COPYING" in this
- * distribution.
- *********************************************************************
-*/
-
-// --- Avoid directly accessing this file!
-if ( !defined('IN_PHPLOGCON') )
-{
- die('Hacking attempt');
- exit;
-}
-// ---
-
-// --- Basic Includes
-require_once($gl_root_path . 'classes/enums.class.php');
-require_once($gl_root_path . 'classes/msgparser.class.php');
-require_once($gl_root_path . 'include/constants_errors.php');
-require_once($gl_root_path . 'include/constants_logstream.php');
-// ---
-
-
-abstract class LogStream {
- protected $_readDirection = EnumReadDirection::Forward;
- protected $_sortOrder = EnumSortingOrder::Descending;
- protected $_filters = null;
- protected $_current_uId = -1;
- protected $_logStreamConfigObj = null;
- protected $_arrProperties = null;
- protected $_arrFilterProperties = null; // Helper Array to store all detected properties from Filterstring
-
- /**
- * Open the stream for read access.
- *
- * @param arrProperties string in: properties of interest. There can be no guarantee the logstream can actually deliver them.
- * @return integer Error stat
- */
- public abstract function Open($arrProperties);
-
- /**
- * Close the current stream.
- *
- * @return integer Error stat
- */
- public abstract function Close();
-
- /**
- * Verifies the logstream source
- *
- * @return integer Error stat
- */
- public abstract function Verify();
-
- /**
- * Read the next data from the current stream. If it reads
- * forwards or backwards depends on the current read direction.
- *
- * Example for reading forward:
- * Is the current uID == 4, readDirection set to forwards
- * ReadNext will provide uID 5 or EOS if no more data exist.
- *
- * Exampe for reading backward:
- * Is the current uID == 4, readDirection set to backwards
- * ReadNext will provide uID 3.
- *
- * Hint: If the current stream becomes unavailable an error
- * stated is retuned. A typical case is if a log rotation
- * changed the original data source.
- *
- * @param uID integer out: unique id of the data row
- * @param arrProperitesOut array out: list with properties
- * @return integer Error state
- */
- public abstract function ReadNext(&$uID, &$arrProperitesOut, $bParseMessage = true);
-
- /**
- * Read the data from a specific uID.
- *
- * @param uID integer in: unique id of the data row
- * @param arrProperitesOut array out: list with properties
- * @return integer Error state
- * @see ReadNext()
- */
- public abstract function Read($uID, &$arrProperitesOut);
-
-
- /**
- * Sseek - a strange seek which has a skip capability
- *
- * This method was introduced to enable the upper layer to jump to a specific
- * position within the stream and/or skip some records. Probably this method is used by
- * a pager or to navigate from an overview page to a detailed page.
- *
- * mm: We had some discussion about the name of the this method. Initially we named
- * it Seek. While implementing I got pain in the stomach forced me to start a discussion about
- * the name and the functionality. The outcome is here - a strange seek method. Please do not
- * confuse it with a seek method, it is no seek, it is a strange seek. rger suggested to name
- * it diddledaddle, but I still feel uncomfortable with that name. Probably my imagination is
- * too poor associating any functionality of this method with such a name. So strange seek
- * is much better. It reminds me that is no seek, but a strange seek which does not work like
- * a typical seek like fseek in php but in some way similar. Here is how it works:
- *
- * If you Sseek to EOS for example and then call a NextRead you do not get a EOS return status.
- * Instead you will obtain the last record in the stream. The similarity of Sseek with a seek
- * is when you use Sseek to jump to BOS. After calling a ReadNext will give you the first record
- * in the stream. Here are some samples:
- *
- *
- * Sample:
- * To read the last record of a stream, do a
- * seek(uid_out, EOS, 0)
- * ReadNext
- *
- * For the first record, similarly:
- * seek(uid_out, BOS, 0)
- * ReadNext
- *
- * To skip the next, say, 49 records from the current position, you first need to know the
- * current uid. You may have obtained it by a previous ReadNext call. Then, do
- * seek(uidCURR, UID, 50)
- * ReadNext
- *
- * @param uID integer in/out: is a unique ID from where to start, ignored in all modes except UID.
- * On return, uID contains the uID of the record seeked to. It is undefined if an error occured.
- * If no error ocucrred, the next call to ReadNext() will read the record whom's uID has been returned.
- * @param mode EnumSeek in: how the seek should be performed
- * @param numrecs integer in: number of records to seek from this position. Use 0 to seek to the
- * actual position, a positive value to seek the the record numrecs records forward or a negative
- * value to seek to a position numrecs backward
- * @return integer Error state
- */
- public abstract function Sseek(&$uID, $mode, $numrecs);
-
-
- /**
- * If you are interested in how many messages are in the stream, call this method.
- * But be aware of that some stream can not provide a message count. This is probably
- * because of performance reason or any other. However, if GetMessageCount return -1
- * this does not mean that there is no message in the stream, it is just not countable.
- * If there is no message 0 will be returned.
- *
- * @return integer Amount of messages within the stream. -1 means that no count is available.
- */
- public abstract function GetMessageCount();
-
-
- /**
- * This function returns the first UID for previous PAGE, if availbale! Otherwise will
- * return -1!
- */
- public abstract function GetPreviousPageUID();
-
-
- /**
- * This function returns the first UID for the last PAGE, if availbale! Otherwise will
- * return -1!
- */
- public abstract function GetLastPageUID();
-
-
- /**
- * This function returns the FIRST UID for the FIRST PAGE, if availbale! Otherwise will
- * return -1!
- */
- public abstract function GetFirstPageUID();
-
- /**
- * This function returns the current Page number, if availbale! Otherwise will
- * return -1!
- */
- public abstract function GetCurrentPageNumber();
-
- /**
- * This functions is used by charts/graph generator to obtain data
- *
- * @return integer Error stat
- */
- public abstract function GetCountSortedByField($szFieldId, $nFieldType, $nRecordLimit);
-
- /**
- * This functions is used by reports to consolidate data
- *
- * @return integer Error stat
- */
- public abstract function ConsolidateDataByField($szConsFieldId, $nRecordLimit, $szSortFieldId, $nSortingOrder, $bIncludeLogStreamFields = false, $bIncludeMinMaxDateFields = false);
-
-
- /**
- * This functions is used by reports to consolidate data
- *
- * @return integer Error stat
- */
- public abstract function ConsolidateItemListByField($szConsFieldId, $nRecordLimit, $szSortFieldId, $nSortingOrder);
-
-
- /**
- * Gets a property and checks if the class is able to sort the records
- * by this property.
- *
- * @ Returns either true or false.
- *
- */
- public abstract function IsPropertySortable($myProperty);
-
-
- /**
- * This returns an Array of useful statsdata for this logstream source
- */
- public abstract function GetLogStreamStats();
-
-
- /**
- * This returns just the count of records of the main data source
- */
- public abstract function GetLogStreamTotalRowCount();
-
-
- /**
- * Helper function to cleanup all logdata which is older then the nDateTimeStamp!
- */
- public abstract function CleanupLogdataByDate( $nDateTimeStamp );
-
-
- /*
- * Helper function to set the message checksum, this will be used for database based logstream classes only
- */
- public abstract function SaveMessageChecksum( $arrProperitesIn );
-
-
- /*
- * Helper function to set the checksum for all messages in the current logstream class
- */
- public abstract function UpdateAllMessageChecksum( );
-
-
- /*
- * Helper function for logstream classes to clear filter based stuff
- */
- public abstract function ResetFilters( );
-
-
- /*
- * Helper function for logstream classes to check if all fields are available!
- */
- public abstract function VerifyFields( $arrProperitesIn );
-
-
- /*
- * Helper function for logstream classes to create missing indexes, only applies to database based logstream classes
- */
- public abstract function CreateMissingFields( $arrProperitesIn );
-
-
- /*
- * Helper function for logstream classes to check for data indexes, only applies to database based logstream classes
- */
- public abstract function VerifyIndexes( $arrProperitesIn );
-
-
- /*
- * Helper function for logstream classes to create missing indexes, only applies to database based logstream classes
- */
- public abstract function CreateMissingIndexes( $arrProperitesIn );
-
-
- /*
- * Helper function for logstream classes to check for missing triggers, only applies to database based logstream classes
- */
- public abstract function VerifyChecksumTrigger( $myTriggerProperty );
-
-
- /*
- * Helper function for logstream classes to create missing trigger, only applies to database based logstream classes
- */
- public abstract function CreateMissingTrigger( $myTriggerProperty, $myCheckSumProperty );
-
-
- /*
- * Helper function for logstream classes to create the SQL statement needed to create the trigger, only applies to database based logstream classes
- */
- public abstract function GetCreateMissingTriggerSQL( $myDBTriggerField, $myDBTriggerCheckSumField );
-
- /*
- * Helper function for logstream classes to check if the checksum field is configured correctly
- */
- public abstract function VerifyChecksumField( );
-
-
- /*
- * Helper function for logstream classes to change the checksum field from unsigned INT
- */
- public abstract function ChangeChecksumFieldUnsigned( );
-
-
- /*
- * Helper functino to trigger initialisation of MsgParsers
- */
- public function RunBasicInits()
- {
- $this->_logStreamConfigObj->InitMsgParsers();
- }
-
- /**
- * Set the filter for the current stream.
- *
- * @param filter object in: filter object
- * @return integer Error state
- */
- public function SetFilter($szFilters)
- {
- // prepend default Filters
- if ( strlen($this->_logStreamConfigObj->_defaultfilter) > 0 )
- $finalfilters = $this->_logStreamConfigObj->_defaultfilter . " " . $szFilters;
- else
- $finalfilters = $szFilters;
-
- OutputDebugMessage("LogStream|SetFilter: SetFilter combined = '" . $finalfilters . "'. ", DEBUG_DEBUG);
-
- // Reset Filters first to make sure we do not add multiple filters!
- $this->_filters = null;
-
- // Parse Filters from string
- $this->ParseFilters($finalfilters);
-
- // return success
- return SUCCESS;
- }
-
- /**
- * Append filter definition for the current stream.
- *
- * @param filter object in: filter object
- * @return integer Error state
- */
- public function AppendFilter($szFilters)
- {
- OutputDebugMessage("LogStream|AppendFilter: SetFilter combined = '" . $szFilters . "'. ", DEBUG_DEBUG);
-
- // Parse Filters from string
- $this->ParseFilters($szFilters);
-
- // return success
- return SUCCESS;
- }
-
- /**
- * Remove filters for a specific Fieldtype
- *
- * @param filter object in: FieldID
- * @return integer Error state
- */
- public function RemoveFilters($szFieldID)
- {
- // Removing Filters for this field!
- if ( isset($this->_filters[$szFieldID]) )
- unset($this->_filters[$szFieldID]);
-
- // return success
- return SUCCESS;
- }
-
-
- /**
- * Set the direction the stream should read data.
- *
- * @param enumReadDirectionfilter EnumReadDirection in: The new direction.
- * @return integer Error state
- */
- public function SetReadDirection($enumReadDirection)
- {
- // Set the new read direction!
- $this->_readDirection = $enumReadDirection;
- return SUCCESS;
- }
-
- /**
- * Set the sorting order for the stream
- *
- * @param newSortOrder EnumSortingOrder in: The new sort order.
- * @return integer Error state
- */
- public function SetSortOrder($newSortOrder)
- {
- // Set the new read direction!
- $this->_sortOrder = $newSortOrder;
- return SUCCESS;
- }
-
- /**
- * Implementation of ApplyFilters which can be used by all LogStream Classes!
- * This function performs a check on the filters and actually triggers the
- * syslog parsers as well.
- */
- public function ApplyFilters($myResults, &$arrProperitesOut)
- {
- // IF result was unsuccessfull, return success - nothing we can do here.
- if ( $myResults >= ERROR )
- return SUCCESS;
-
- // Evaluation default is true
- $bFinalEval = true;
-
- // Process all filters
- if ( $this->_filters != null )
- {
- // Loop through set properties
- foreach( $arrProperitesOut as $propertyname => $propertyvalue )
- {
- // TODO: NOT SURE IF THIS WILL WORK ON NUMBERS AND OTHER TYPES RIGHT NOW
- if (
- array_key_exists($propertyname, $this->_filters) &&
- isset($propertyvalue) /* &&
- !(is_string($propertyvalue) && strlen($propertyvalue) <= 0)*/ /* Negative because it only matters if the propvalure is a string*/
- )
- {
-
- // Perform first loop to determine the bEval Default
- foreach( $this->_filters[$propertyname] as $myfilter )
- {
- if (
- ($myfilter[FILTER_TYPE] == FILTER_TYPE_NUMBER) ||
- ($myfilter[FILTER_TYPE] == FILTER_TYPE_STRING && $myfilter[FILTER_MODE] & FILTER_MODE_INCLUDE && $propertyname != SYSLOG_MESSAGE)
- )
- {
- $bEval = false;
- break; // IF found one INCLUDE or NUMERIC filter, the default has to be false!
- }
- else
- $bEval = true;
- }
-
- // Extra var needed for number checks!
- $bIsOrFilter = false; // If enabled we need to check for numbereval later
- $bOrFilter = false;
-
- // Perform second loop through all filters, to perform filtering
- foreach( $this->_filters[$propertyname] as $myfilter )
- {
- switch( $myfilter[FILTER_TYPE] )
- {
- case FILTER_TYPE_STRING:
- // Only filter if value is non zero
- if ( strlen($propertyvalue) > 0 && strlen($myfilter[FILTER_VALUE]) > 0 )
- {
- // If Syslog message, we have AND handling!
- if ( $propertyname == SYSLOG_MESSAGE )
- {
- // Include Filter
- if ( $myfilter[FILTER_MODE] & FILTER_MODE_INCLUDE )
- {
- // Unless REGEX Filter, this has to be done by the Logstream driver
- if ( !($myfilter[FILTER_MODE] & FILTER_MODE_SEARCHREGEX) )
- {
- if ( stripos($propertyvalue, $myfilter[FILTER_VALUE]) === false )
- $bEval = false;
- }
- }
- // Exclude Filter
- else if ( $myfilter[FILTER_MODE] & FILTER_MODE_EXCLUDE )
- {
- if ( stripos($propertyvalue, $myfilter[FILTER_VALUE]) !== false )
- $bEval = false;
- }
- }
- // Otherwise we use OR Handling!
- else
- {
- // Include Filter
- if ( $myfilter[FILTER_MODE] & FILTER_MODE_INCLUDE )
- {
- // Set isOrFilter to true in this case
- $bIsOrFilter = true;
-
- if ( $myfilter[FILTER_MODE] & FILTER_MODE_SEARCHFULL )
- {
- if ( strtolower($propertyvalue) == strtolower($myfilter[FILTER_VALUE]) )
- $bOrFilter = true;
- }
- else
- {
- if ( stripos($propertyvalue, $myfilter[FILTER_VALUE]) !== false )
- $bOrFilter = true;
- }
- }
- // Exclude Filter - handeled with AND filtering!
- else if ( $myfilter[FILTER_MODE] & FILTER_MODE_EXCLUDE )
- {
- if ( $myfilter[FILTER_MODE] & FILTER_MODE_SEARCHFULL )
- {
- if ( strtolower($propertyvalue) == strtolower($myfilter[FILTER_VALUE]) )
- $bEval = false;
- }
- else
- {
- if ( stripos($propertyvalue, $myfilter[FILTER_VALUE]) !== false )
- $bEval = false;
- }
- }
- break;
- }
- }
- else
- {
- // Either filter value or property value was empty!
- // This means we have no match
- $bEval = false;
- }
-
- break;
- case FILTER_TYPE_NUMBER:
- $bIsOrFilter = true; // Default is set to TRUE
- if ( is_numeric($arrProperitesOut[$propertyname]) )
- {
- if ( $myfilter[FILTER_MODE] & FILTER_MODE_INCLUDE )
- {
- if ( $myfilter[FILTER_VALUE] == $arrProperitesOut[$propertyname] )
- $bOrFilter = true;
- else
- $bOrFilter = false;
- }
- else if ( $myfilter[FILTER_MODE] & FILTER_MODE_EXCLUDE )
- {
- if ( $myfilter[FILTER_VALUE] == $arrProperitesOut[$propertyname] )
- $bOrFilter = false;
- else
- $bOrFilter = true;
- }
- }
- else
- {
- // If wanted, we treat this filter as a success!
- if ( GetConfigSetting("TreatNotFoundFiltersAsTrue", 0, CFGLEVEL_USER) == 1 )
- $bOrFilter = true;
- else
- $bOrFilter = false;
- }
- break;
- case FILTER_TYPE_DATE:
- // Get Log TimeStamp
- $nLogTimeStamp = $arrProperitesOut[$propertyname][EVTIME_TIMESTAMP];
- if ( $myfilter[FILTER_DATEMODE] == DATEMODE_LASTX )
- {
- // Get current timestamp
- $nNowTimeStamp = time();
-
- if ( $myfilter[FILTER_VALUE] == DATE_LASTX_HOUR )
- $nLastXTime = 60 * 60; // One Hour!
- else if ( $myfilter[FILTER_VALUE] == DATE_LASTX_12HOURS )
- $nLastXTime = 60 * 60 * 12; // 12 Hours!
- else if ( $myfilter[FILTER_VALUE] == DATE_LASTX_24HOURS )
- $nLastXTime = 60 * 60 * 24; // 24 Hours!
- else if ( $myfilter[FILTER_VALUE] == DATE_LASTX_7DAYS )
- $nLastXTime = 60 * 60 * 24 * 7; // 7 days
- else if ( $myfilter[FILTER_VALUE] == DATE_LASTX_31DAYS )
- $nLastXTime = 60 * 60 * 24 * 31; // 31 days
- else
- // WTF default?
- $nLastXTime = 86400;
-
- // If Nowtime + LastX is higher then the log timestamp, the this logline is to old for us.
- if ( ($nNowTimeStamp - $nLastXTime) > $nLogTimeStamp )
- $bEval = false;
- }
- else if ( $myfilter[FILTER_DATEMODE] == DATEMODE_RANGE_FROM )
- {
- // Get filter timestamp!
- $nFromTimeStamp = GetTimeStampFromTimeString($myfilter[FILTER_VALUE]);
-
- // If logtime is smaller then FromTime, then the Event is outside of our scope!
- if ( $nLogTimeStamp < $nFromTimeStamp )
- $bEval = false;
- }
- else if ( $myfilter[FILTER_DATEMODE] == DATEMODE_RANGE_TO )
- {
- // Get filter timestamp!
-// echo $myfilter[FILTER_VALUE];
- $nToTimeStamp = GetTimeStampFromTimeString($myfilter[FILTER_VALUE]);
-
- // If logtime is smaller then FromTime, then the Event is outside of our scope!
- if ( $nLogTimeStamp > $nToTimeStamp )
- $bEval = false;
- }
- else if ( $myfilter[FILTER_DATEMODE] == DATEMODE_RANGE_DATE )
- {
- // Get filter timestamp!
-// echo $myfilter[FILTER_VALUE];
- $nDateTimeStamp = GetTimeStampFromTimeString($myfilter[FILTER_VALUE]);
-
- // If not on logfile day, the Event is outside of our scope!
- if ( $nLogTimeStamp < $nDateTimeStamp || $nLogTimeStamp > ($nDateTimeStamp+86400) )
- $bEval = false;
- }
- break;
- default:
- // TODO!
- break;
- }
-
- // If was number filter, we apply it the evaluation.
- if ( $bIsOrFilter ) // && $bOrFilter )
- {
- // Fixed binary comparison to | instead of &!
- $bEval |= $bOrFilter;
- //echo "!" . $bOrFilter . "-" . $bEval . "! ";
- }
-// else
-// $bEval &= $bOrFilter;
-
- }
-
- // Combine filters with AND
- $bFinalEval &= $bEval;
- }
-
- }
-
- // Check if evaluation was successfull
- if ( !$bFinalEval )
- {
- // unmatching filter, reset property array
- foreach ( $this->_arrProperties as $property )
- $arrProperitesOut[$property] = '';
-
- // return error!
- return ERROR_FILTER_NOT_MATCH;
- }
-
- // Reached this point means filters did match!
- return SUCCESS;
- }
- else // No filters at all means success!
- return SUCCESS;
- }
-
- /**
- * Helper function to obtain internal Filters Array
- */
- public function ReturnFiltersArray()
- {
- return $this->_filters;
- }
-
- /**
- * Helper function to find a fieldkey by using the SearchField
- */
- public function ReturnFilterKeyBySearchField($szSearchField)
- {
- global $fields;
-
- foreach ($fields as $myField)
- {
- if ( $myField['SearchField'] == $szSearchField )
- return $myField['FieldID'];
- }
-
- return FALSE;
- }
-
-
- /**
- * Helper function to return all fields needed for filters
- * Can be helpful for functions which need to add filtering fields
- */
- public function ReturnFieldsByFilters()
- {
- global $fields;
-
- if ( $this->_filters != null )
- {
- // Return array keys
- $aResult = array_keys($this->_filters);
- return $aResult;
- }
- else // No fields at all!
- return null;
- }
-
- /*
- * Helper function to get the internal Field ID by database field name!
- */
- public function GetFieldIDbyDatabaseMapping($szTableType, $szFieldName)
- {
- global $content, $dbmapping;
-
- foreach( $dbmapping[$szTableType]['DBMAPPINGS'] as $myFieldID => $myDBMapping )
- {
- if ( $myDBMapping == $szFieldName )
- return $myFieldID;
- }
-
- // Default return!
- return $szFieldName;
- }
-
- /*
- * --- PIRVATE HELPERS!
- */
-
- /**
- * Helper function to parse filters into a useful filter array we can work with.
- */
- private function ParseFilters($szFilters)
- {
- global $fields;
-
- if ( isset($szFilters) && strlen($szFilters) > 0 )
- {
-//OLD $tmpEntries = explode(" ", $szFilters);
- // Use RegEx for intelligent splitting
- $szFilterRgx = '/[\s]++(?=(?:(?:[^"]*+"){2})*+[^"]*+$)(?=(?:(?:[^\']*+\'){2})*+[^\']*+$)(?=(?:[^()]*+\([^()]*+\))*+[^()]*+$)/x';
- $tmpEntries = preg_split($szFilterRgx, $szFilters, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE);
-//DEBUG print_r ( $tmpEntries );
-
- foreach($tmpEntries as $myEntry)
- {
- // Continue if empty filter!
- if ( strlen(trim($myEntry)) <= 0 )
- continue;
-
- if (
- ($pos = strpos($myEntry, ":")) !== false
- &&
- ($pos > 0 && substr($myEntry, $pos-1,1) != '\\') /* Only if character before is no backslash! */
- )
- {
- // Split key and value
- $tmpArray = explode(":", $myEntry, 2);
-//print_r ( $tmpArray );
-
- // Continue if empty filter!
- if ( strlen(trim($tmpArray[FILTER_TMP_VALUE])) == 0 )
- continue;
-
- // Check for multiple values!
- if ( strpos($tmpArray[FILTER_TMP_VALUE], ",") )
- {
- // Split by comma and fill tmp Value array
- $tmpValueArray = explode(",", $tmpArray[FILTER_TMP_VALUE]);
- foreach($tmpValueArray as $myValueEntry)
- {
- // Append to temp array
- $tmpValues[] = array( FILTER_TMP_MODE => $this->SetFilterIncludeMode($myValueEntry), FILTER_TMP_VALUE => $myValueEntry );
- }
- }
-
- // Handle filter based
- switch( $tmpArray[FILTER_TMP_KEY] )
- {
- case "facility":
- $tmpKeyName = SYSLOG_FACILITY;
- $tmpFilterType = FILTER_TYPE_NUMBER;
- // --- Extra Check to convert string representations into numbers!
- if ( isset($tmpValues) )
- {
- foreach( $tmpValues as $mykey => $szValue )
- {
- if ( !is_numeric($szValue[FILTER_TMP_VALUE]) )
- {
- $tmpFacilityCode = $this->ConvertFacilityString($szValue[FILTER_TMP_VALUE]);
- if ( $tmpFacilityCode != -1 )
- $tmpValues[$mykey][FILTER_TMP_VALUE] = $tmpFacilityCode;
- }
- }
- }
- else
- {
- // First set Filter Mode
- $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE],$tmpFilterType);
-
- if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
- {
- $tmpFacilityCode = $this->ConvertFacilityString($tmpArray[FILTER_TMP_VALUE]);
- if ( $tmpFacilityCode != -1 )
- $tmpArray[FILTER_TMP_VALUE] = $tmpFacilityCode;
- }
- }
- // ---
- break;
- case "severity":
- $tmpKeyName = SYSLOG_SEVERITY;
- $tmpFilterType = FILTER_TYPE_NUMBER;
- // --- Extra Check to convert string representations into numbers!
- if ( isset($tmpValues) )
- {
- foreach( $tmpValues as $mykey => $szValue )
- {
- if ( !is_numeric($szValue[FILTER_TMP_VALUE]) )
- {
- $tmpFacilityCode = $this->ConvertSeverityString($szValue[FILTER_TMP_VALUE]);
- if ( $tmpFacilityCode != -1 )
- $tmpValues[$mykey][FILTER_TMP_VALUE] = $tmpFacilityCode;
- }
- }
- }
- else
- {
- // First set Filter Mode
- $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
-
- if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
- {
- $tmpFacilityCode = $this->ConvertSeverityString($tmpArray[FILTER_TMP_VALUE]);
- if ( $tmpFacilityCode != -1 )
- $tmpArray[FILTER_TMP_VALUE] = $tmpFacilityCode;
- }
- }
- // ---
- break;
- case "messagetype":
- $tmpKeyName = SYSLOG_MESSAGETYPE;
- $tmpFilterType = FILTER_TYPE_NUMBER;
- // --- Extra Check to convert string representations into numbers!
- if ( isset($tmpValues) )
- {
- foreach( $tmpValues as $mykey => $szValue )
- {
- if ( !is_numeric($szValue[FILTER_TMP_VALUE]) )
- {
- $tmpMsgTypeCode = $this->ConvertMessageTypeString($szValue[FILTER_TMP_VALUE]);
- if ( $tmpMsgTypeCode != -1 )
- $tmpValues[$mykey][FILTER_TMP_VALUE] = $tmpMsgTypeCode;
- }
- }
-
-/* OBSELETE CODE
- foreach( $tmpValues as $mykey => $szValue )
- {
- // First set Filter Mode
- $tmpValues[$mykey][FILTER_TMP_MODE] = $this->SetFilterIncludeMode($szValue);
- }
-*/
- }
- else
- {
- // First set Filter Mode
- $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
-
- if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
- {
- $tmpMsgTypeCode = $this->ConvertMessageTypeString($tmpArray[FILTER_TMP_VALUE]);
- if ( $tmpMsgTypeCode != -1 )
- $tmpArray[FILTER_TMP_VALUE] = $tmpMsgTypeCode;
- }
- }
- // ---
- break;
- /* BEGIN Eventlog based fields */
- case "eventid":
- $tmpKeyName = SYSLOG_EVENT_ID;
- $tmpFilterType = FILTER_TYPE_NUMBER;
- // --- Extra numeric Check
- if ( isset($tmpValues) )
- {
- foreach( $tmpValues as $mykey => $szValue )
- {
- if ( is_numeric($szValue[FILTER_TMP_VALUE]) )
- $tmpValues[$mykey][FILTER_TMP_VALUE] = $szValue[FILTER_TMP_VALUE];
- else
- $tmpValues[$mykey][FILTER_TMP_VALUE] = "";
- }
- }
- else
- {
- // First set Filter Mode
- $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
-
- if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
- $tmpArray[FILTER_TMP_VALUE] = "";
-
- }
- // ---
- break;
- case "eventcategory":
- $tmpKeyName = SYSLOG_EVENT_CATEGORY;
- $tmpFilterType = FILTER_TYPE_NUMBER;
- // --- Extra numeric Check
- if ( isset($tmpValues) )
- {
- foreach( $tmpValues as $mykey => $szValue )
- {
- if ( is_numeric($szValue[FILTER_TMP_VALUE]) )
- $tmpValues[$mykey][FILTER_TMP_VALUE] = $szValue[FILTER_TMP_VALUE];
- else
- $tmpValues[$mykey][FILTER_TMP_VALUE] = "";
- }
- }
- else
- {
- // First set Filter Mode
- $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
-
- if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
- $tmpArray[FILTER_TMP_VALUE] = "";
- }
- // ---
- break;
- case "eventlogtype":
- $tmpKeyName = SYSLOG_EVENT_LOGTYPE;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- case "eventlogsource":
- $tmpKeyName = SYSLOG_EVENT_SOURCE;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- case "eventuser":
- $tmpKeyName = SYSLOG_EVENT_USER;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- /* END Eventlog based fields */
- case "syslogtag":
- $tmpKeyName = SYSLOG_SYSLOGTAG;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- case "source":
- $tmpKeyName = SYSLOG_HOST;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- case "datefrom":
- $tmpKeyName = SYSLOG_DATE;
- $tmpFilterType = FILTER_TYPE_DATE;
- $tmpTimeMode = DATEMODE_RANGE_FROM;
- break;
- case "dateto":
- $tmpKeyName = SYSLOG_DATE;
- $tmpFilterType = FILTER_TYPE_DATE;
- $tmpTimeMode = DATEMODE_RANGE_TO;
- break;
- case "datelastx":
- $tmpKeyName = SYSLOG_DATE;
- $tmpFilterType = FILTER_TYPE_DATE;
- $tmpTimeMode = DATEMODE_LASTX;
- break;
- case "timereported":
- $tmpKeyName = SYSLOG_DATE;
- $tmpFilterType = FILTER_TYPE_DATE;
- $tmpTimeMode = DATEMODE_RANGE_DATE;
- break;
- case "processid":
- $tmpKeyName = SYSLOG_PROCESSID;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- /* BEGIN WebLog based fields */
- case SYSLOG_WEBLOG_USER:
- $tmpKeyName = SYSLOG_WEBLOG_USER;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- case SYSLOG_WEBLOG_METHOD:
- $tmpKeyName = SYSLOG_WEBLOG_METHOD;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- case SYSLOG_WEBLOG_URL:
- $tmpKeyName = SYSLOG_WEBLOG_URL;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
-
- case SYSLOG_WEBLOG_QUERYSTRING:
- $tmpKeyName = SYSLOG_WEBLOG_QUERYSTRING;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- case SYSLOG_WEBLOG_PVER:
- $tmpKeyName = SYSLOG_WEBLOG_PVER;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- case SYSLOG_WEBLOG_STATUS:
- $tmpKeyName = SYSLOG_WEBLOG_STATUS;
- $tmpFilterType = FILTER_TYPE_NUMBER;
- // --- Extra numeric Check
- if ( isset($tmpValues) )
- {
- foreach( $tmpValues as $mykey => $szValue )
- {
- if ( is_numeric($szValue[FILTER_TMP_VALUE]) )
- $tmpValues[$mykey][FILTER_TMP_VALUE] = $szValue[FILTER_TMP_VALUE];
- else
- $tmpValues[$mykey][FILTER_TMP_VALUE] = "";
- }
- }
- else
- {
- // First set Filter Mode
- $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
-
- if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
- $tmpArray[FILTER_TMP_VALUE] = "";
- }
- // ---
- break;
-
- case SYSLOG_WEBLOG_BYTESSEND:
- $tmpKeyName = SYSLOG_WEBLOG_BYTESSEND;
- $tmpFilterType = FILTER_TYPE_NUMBER;
- // --- Extra numeric Check
- if ( isset($tmpValues) )
- {
- foreach( $tmpValues as $mykey => $szValue )
- {
- if ( is_numeric($szValue[FILTER_TMP_VALUE]) )
- $tmpValues[$mykey][FILTER_TMP_VALUE] = $szValue[FILTER_TMP_VALUE];
- else
- $tmpValues[$mykey][FILTER_TMP_VALUE] = "";
- }
- }
- else
- {
- // First set Filter Mode
- $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
-
- if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
- $tmpArray[FILTER_TMP_VALUE] = "";
- }
- // ---
- break;
- case SYSLOG_WEBLOG_REFERER:
- $tmpKeyName = SYSLOG_WEBLOG_REFERER;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- case SYSLOG_WEBLOG_USERAGENT:
- $tmpKeyName = SYSLOG_WEBLOG_USERAGENT;
- $tmpFilterType = FILTER_TYPE_STRING;
- break;
- /* END WebLog based fields */
- default:
- // Custom Field, try to find field!
- $szSearchFilterKey = $tmpArray[FILTER_TMP_KEY];
- foreach ($fields as $aField)
- {
- if ($aField['SearchField'] == $szSearchFilterKey)
- {
- $tmpKeyName = $aField['FieldID'];
- break;
- }
- }
- if ( isset($fields[$tmpKeyName]) && isset($fields[$tmpKeyName]['SearchField']) )
- {
- $tmpFilterType = $fields[$tmpKeyName]['FieldType'];
-
- // Handle numeric fields!
- if ( $tmpFilterType == FILTER_TYPE_NUMBER )
- {
- // --- Extra numeric Check
- if ( isset($tmpValues) )
- {
- foreach( $tmpValues as $mykey => $szValue )
- {
- if ( is_numeric($szValue[FILTER_TMP_VALUE]) )
- $tmpValues[$mykey][FILTER_TMP_VALUE] = $szValue[FILTER_TMP_VALUE];
- else
- $tmpValues[$mykey][FILTER_TMP_VALUE] = "";
- }
- }
- else
- {
- // First set Filter Mode
- $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
-
- if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
- $tmpArray[FILTER_TMP_VALUE] = "";
- }
- // ---
- }
- // Nothing to do actually!
-// else if ( $tmpFilterType == FILTER_TYPE_STRING )
- }
- else
- // Unknown filter
- $tmpFilterType = FILTER_TYPE_UNKNOWN;
- //done!
- }
-
- // Add to detected filter array
- if ( $this->_arrFilterProperties == null || !in_array($tmpKeyName, $this->_arrFilterProperties) )
- $this->_arrFilterProperties[] = $tmpKeyName;
-
- // Ignore if unknown filter!
- if ( $tmpFilterType != FILTER_TYPE_UNKNOWN )
- {
- // --- Set Filter!
- $this->_filters[$tmpKeyName][][FILTER_TYPE] = $tmpFilterType;
- $iNum = count($this->_filters[$tmpKeyName]) - 1;
-
- if ( isset($tmpTimeMode) )
- {
- $this->_filters[$tmpKeyName][$iNum][FILTER_DATEMODE] = $tmpTimeMode;
- $this->_filters[$tmpKeyName][$iNum][FILTER_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE]); // remove FilterMode characters from value
- $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE] = $tmpArray[FILTER_TMP_VALUE];
-//echo $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE];
-//exit;
- }
- else if ( isset($tmpValues) )
- {
-//print_r( $tmpValues );
- foreach( $tmpValues as $szValue )
- {
- // Continue if empty!
- if ( strlen($szValue[FILTER_TMP_VALUE]) == 0 )
- continue;
-
- if ( isset($this->_filters[$tmpKeyName][$iNum][FILTER_VALUE]) )
- {
- // Create new Filter!
- $this->_filters[$tmpKeyName][][FILTER_TYPE] = $tmpFilterType;
- $iNum = count($this->_filters[$tmpKeyName]) - 1;
- }
-
- // Set Filter Mode
- if ( isset($szValue[FILTER_TMP_MODE]) )
- $this->_filters[$tmpKeyName][$iNum][FILTER_MODE] = $szValue[FILTER_TMP_MODE];
- else
- $this->_filters[$tmpKeyName][$iNum][FILTER_MODE] = $this->SetFilterIncludeMode($szValue[FILTER_TMP_VALUE]);
-
- // Set Value
- $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE] = $szValue[FILTER_TMP_VALUE];
- }
- }
- else
- {
- // Set Filter Mode
- if ( isset($tmpArray[FILTER_TMP_MODE]) )
- $this->_filters[$tmpKeyName][$iNum][FILTER_MODE] = $tmpArray[FILTER_TMP_MODE];
- else
- $this->_filters[$tmpKeyName][$iNum][FILTER_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE]);
-
- // Set Filter value!
- $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE] = $tmpArray[FILTER_TMP_VALUE];
- }
-
- // Reverse string prepareation
- $searchArray = array(
- '/(?_filters[$tmpKeyName][$iNum][FILTER_VALUE] = str_replace( '+', ' ', $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE]);
- $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE] = preg_replace( $searchArray, $replaceArray, $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE] );
- // ---
- }
-
- // Unset unused variables
- if ( isset($tmpArray) )
- unset($tmpArray);
- if ( isset($tmpValues) )
- unset($tmpValues);
- if ( isset($tmpTimeMode) )
- unset($tmpTimeMode);
- }
- else
- {
- // No ":", so we treat it as message filter!
- $this->_filters[SYSLOG_MESSAGE][][FILTER_TYPE] = FILTER_TYPE_STRING;
- $iNum = count($this->_filters[SYSLOG_MESSAGE]) - 1;
- $this->_filters[SYSLOG_MESSAGE][$iNum][FILTER_MODE] = $this->SetFilterIncludeMode($myEntry);
-
- // Replace "\:" with ":", so we can filter with it ^^
- if ( strpos($myEntry, ":") !== false )
- $myEntry = str_replace("\\:", ":", $myEntry);
-
- // Check for Begin and Ending Quotes and remove them from the search value!
- $myEntry = preg_replace('/\\"/i', "$1", $myEntry);
-
- // Assign value to filter array
- $this->_filters[SYSLOG_MESSAGE][$iNum][FILTER_VALUE] = $myEntry;
- }
- }
- }
-
- // Debug print
-// print_r ($this->_filters);
- }
-
- /*
- * Helper function needed in SetFilterIncludeMode
- */
- private function SetFilterIncludeMode(&$szValue, $myFilterType = FILTER_TYPE_STRING) // Default = String!
- {
- // Init BIT!
- $myBits = FILTER_MODE_INCLUDE;
-
- // If Filter is Included
- $pos = strpos($szValue, "+");
- if ( $pos !== false && $pos == 0 )
- {
- //trunscate +
- $szValue = substr( $szValue, 1);
- $myBits = FILTER_MODE_INCLUDE;
- }
-
- // If Filter is Excluded
- $pos = strpos($szValue, "-");
- if ( $pos !== false && $pos == 0 )
- {
- //trunscate -
- $szValue = substr( $szValue, 1);
- $myBits = FILTER_MODE_EXCLUDE;
- }
-
- // If Filter is a FULL text match!
- $pos = strpos($szValue, "=");
- if ( $pos !== false && $pos == 0 )
- {
- //trunscate -
- $szValue = substr( $szValue, 1);
-
- // Add BIT if not NUMBER FIELD!
- if ( $myFilterType != FILTER_TYPE_NUMBER )
- $myBits |= FILTER_MODE_SEARCHFULL;
- }
-
- // If Filter is a REGEX match!
- $pos = strpos($szValue, "~");
- if ( $pos !== false && $pos == 0 )
- {
- //trunscate -
- $szValue = substr( $szValue, 1);
- // Add BIT if not NUMBER FIELD!
- if ( $myFilterType != FILTER_TYPE_NUMBER )
- $myBits |= FILTER_MODE_SEARCHREGEX;
- }
- // ---
-
- // return result
- return $myBits;
- }
-
- /*
- * Helper function to convert a facility string into a facility number
- */
- private function ConvertFacilityString($szValue)
- {
- global $content;
-
- foreach ( $content['filter_facility_list'] as $myfacility )
- {
- if ( stripos( $myfacility['DisplayName'], $szValue) !== false )
- return $myfacility['ID'];
- }
-
- // reached here means we failed to convert the facility!
- return -1;
- }
-
- /*
- * Helper function to convert a severity string into a severity number
- */
- private function ConvertSeverityString($szValue)
- {
- global $content;
-
- foreach ( $content['filter_severity_list'] as $myfacility )
- {
- if ( stripos( $myfacility['DisplayName'], $szValue) !== false )
- return $myfacility['ID'];
- }
-
- // reached here means we failed to convert the facility!
- return -1;
- }
-
- /*
- * Helper function to convert a messagetype string into a messagetype number
- */
- private function ConvertMessageTypeString($szValue)
- {
- global $content;
-
- foreach ( $content['filter_messagetype_list'] as $mymsgtype )
- {
- if ( stripos( $mymsgtype['DisplayName'], $szValue) !== false )
- return $mymsgtype['ID'];
- }
-
- // reached here means we failed to convert the facility!
- return -1;
- }
-
-}
+.
+ *
+ * A copy of the GPL can be found in the file "COPYING" in this
+ * distribution.
+ *********************************************************************
+*/
+
+// --- Avoid directly accessing this file!
+if ( !defined('IN_PHPLOGCON') )
+{
+ die('Hacking attempt');
+ exit;
+}
+// ---
+
+// --- Basic Includes
+require_once($gl_root_path . 'classes/enums.class.php');
+require_once($gl_root_path . 'classes/msgparser.class.php');
+require_once($gl_root_path . 'include/constants_errors.php');
+require_once($gl_root_path . 'include/constants_logstream.php');
+// ---
+
+
+abstract class LogStream {
+ protected $_readDirection = EnumReadDirection::Forward;
+ protected $_sortOrder = EnumSortingOrder::Descending;
+ protected $_filters = null;
+ protected $_current_uId = -1;
+ protected $_logStreamConfigObj = null;
+ protected $_arrProperties = null;
+ protected $_arrFilterProperties = null; // Helper Array to store all detected properties from Filterstring
+
+ /**
+ * Open the stream for read access.
+ *
+ * @param arrProperties string in: properties of interest. There can be no guarantee the logstream can actually deliver them.
+ * @return integer Error stat
+ */
+ public abstract function Open($arrProperties);
+
+ /**
+ * Close the current stream.
+ *
+ * @return integer Error stat
+ */
+ public abstract function Close();
+
+ /**
+ * Verifies the logstream source
+ *
+ * @return integer Error stat
+ */
+ public abstract function Verify();
+
+ /**
+ * Read the next data from the current stream. If it reads
+ * forwards or backwards depends on the current read direction.
+ *
+ * Example for reading forward:
+ * Is the current uID == 4, readDirection set to forwards
+ * ReadNext will provide uID 5 or EOS if no more data exist.
+ *
+ * Exampe for reading backward:
+ * Is the current uID == 4, readDirection set to backwards
+ * ReadNext will provide uID 3.
+ *
+ * Hint: If the current stream becomes unavailable an error
+ * stated is retuned. A typical case is if a log rotation
+ * changed the original data source.
+ *
+ * @param uID integer out: unique id of the data row
+ * @param arrProperitesOut array out: list with properties
+ * @return integer Error state
+ */
+ public abstract function ReadNext(&$uID, &$arrProperitesOut, $bParseMessage = true);
+
+ /**
+ * Read the data from a specific uID.
+ *
+ * @param uID integer in: unique id of the data row
+ * @param arrProperitesOut array out: list with properties
+ * @return integer Error state
+ * @see ReadNext()
+ */
+ public abstract function Read($uID, &$arrProperitesOut);
+
+
+ /**
+ * Sseek - a strange seek which has a skip capability
+ *
+ * This method was introduced to enable the upper layer to jump to a specific
+ * position within the stream and/or skip some records. Probably this method is used by
+ * a pager or to navigate from an overview page to a detailed page.
+ *
+ * mm: We had some discussion about the name of the this method. Initially we named
+ * it Seek. While implementing I got pain in the stomach forced me to start a discussion about
+ * the name and the functionality. The outcome is here - a strange seek method. Please do not
+ * confuse it with a seek method, it is no seek, it is a strange seek. rger suggested to name
+ * it diddledaddle, but I still feel uncomfortable with that name. Probably my imagination is
+ * too poor associating any functionality of this method with such a name. So strange seek
+ * is much better. It reminds me that is no seek, but a strange seek which does not work like
+ * a typical seek like fseek in php but in some way similar. Here is how it works:
+ *
+ * If you Sseek to EOS for example and then call a NextRead you do not get a EOS return status.
+ * Instead you will obtain the last record in the stream. The similarity of Sseek with a seek
+ * is when you use Sseek to jump to BOS. After calling a ReadNext will give you the first record
+ * in the stream. Here are some samples:
+ *
+ *
+ * Sample:
+ * To read the last record of a stream, do a
+ * seek(uid_out, EOS, 0)
+ * ReadNext
+ *
+ * For the first record, similarly:
+ * seek(uid_out, BOS, 0)
+ * ReadNext
+ *
+ * To skip the next, say, 49 records from the current position, you first need to know the
+ * current uid. You may have obtained it by a previous ReadNext call. Then, do
+ * seek(uidCURR, UID, 50)
+ * ReadNext
+ *
+ * @param uID integer in/out: is a unique ID from where to start, ignored in all modes except UID.
+ * On return, uID contains the uID of the record seeked to. It is undefined if an error occured.
+ * If no error ocucrred, the next call to ReadNext() will read the record whom's uID has been returned.
+ * @param mode EnumSeek in: how the seek should be performed
+ * @param numrecs integer in: number of records to seek from this position. Use 0 to seek to the
+ * actual position, a positive value to seek the the record numrecs records forward or a negative
+ * value to seek to a position numrecs backward
+ * @return integer Error state
+ */
+ public abstract function Sseek(&$uID, $mode, $numrecs);
+
+
+ /**
+ * If you are interested in how many messages are in the stream, call this method.
+ * But be aware of that some stream can not provide a message count. This is probably
+ * because of performance reason or any other. However, if GetMessageCount return -1
+ * this does not mean that there is no message in the stream, it is just not countable.
+ * If there is no message 0 will be returned.
+ *
+ * @return integer Amount of messages within the stream. -1 means that no count is available.
+ */
+ public abstract function GetMessageCount();
+
+
+ /**
+ * This function returns the first UID for previous PAGE, if availbale! Otherwise will
+ * return -1!
+ */
+ public abstract function GetPreviousPageUID();
+
+
+ /**
+ * This function returns the first UID for the last PAGE, if availbale! Otherwise will
+ * return -1!
+ */
+ public abstract function GetLastPageUID();
+
+
+ /**
+ * This function returns the FIRST UID for the FIRST PAGE, if availbale! Otherwise will
+ * return -1!
+ */
+ public abstract function GetFirstPageUID();
+
+ /**
+ * This function returns the current Page number, if availbale! Otherwise will
+ * return -1!
+ */
+ public abstract function GetCurrentPageNumber();
+
+ /**
+ * This functions is used by charts/graph generator to obtain data
+ *
+ * @return integer Error stat
+ */
+ public abstract function GetCountSortedByField($szFieldId, $nFieldType, $nRecordLimit);
+
+ /**
+ * This functions is used by reports to consolidate data
+ *
+ * @return integer Error stat
+ */
+ public abstract function ConsolidateDataByField($szConsFieldId, $nRecordLimit, $szSortFieldId, $nSortingOrder, $bIncludeLogStreamFields = false, $bIncludeMinMaxDateFields = false);
+
+
+ /**
+ * This functions is used by reports to consolidate data
+ *
+ * @return integer Error stat
+ */
+ public abstract function ConsolidateItemListByField($szConsFieldId, $nRecordLimit, $szSortFieldId, $nSortingOrder);
+
+
+ /**
+ * Gets a property and checks if the class is able to sort the records
+ * by this property.
+ *
+ * @ Returns either true or false.
+ *
+ */
+ public abstract function IsPropertySortable($myProperty);
+
+
+ /**
+ * This returns an Array of useful statsdata for this logstream source
+ */
+ public abstract function GetLogStreamStats();
+
+
+ /**
+ * This returns just the count of records of the main data source
+ */
+ public abstract function GetLogStreamTotalRowCount();
+
+
+ /**
+ * Helper function to cleanup all logdata which is older then the nDateTimeStamp!
+ */
+ public abstract function CleanupLogdataByDate( $nDateTimeStamp );
+
+
+ /*
+ * Helper function to set the message checksum, this will be used for database based logstream classes only
+ */
+ public abstract function SaveMessageChecksum( $arrProperitesIn );
+
+
+ /*
+ * Helper function to set the checksum for all messages in the current logstream class
+ */
+ public abstract function UpdateAllMessageChecksum( );
+
+
+ /*
+ * Helper function for logstream classes to clear filter based stuff
+ */
+ public abstract function ResetFilters( );
+
+
+ /*
+ * Helper function for logstream classes to check if all fields are available!
+ */
+ public abstract function VerifyFields( $arrProperitesIn );
+
+
+ /*
+ * Helper function for logstream classes to create missing indexes, only applies to database based logstream classes
+ */
+ public abstract function CreateMissingFields( $arrProperitesIn );
+
+
+ /*
+ * Helper function for logstream classes to check for data indexes, only applies to database based logstream classes
+ */
+ public abstract function VerifyIndexes( $arrProperitesIn );
+
+
+ /*
+ * Helper function for logstream classes to create missing indexes, only applies to database based logstream classes
+ */
+ public abstract function CreateMissingIndexes( $arrProperitesIn );
+
+
+ /*
+ * Helper function for logstream classes to check for missing triggers, only applies to database based logstream classes
+ */
+ public abstract function VerifyChecksumTrigger( $myTriggerProperty );
+
+
+ /*
+ * Helper function for logstream classes to create missing trigger, only applies to database based logstream classes
+ */
+ public abstract function CreateMissingTrigger( $myTriggerProperty, $myCheckSumProperty );
+
+
+ /*
+ * Helper function for logstream classes to create the SQL statement needed to create the trigger, only applies to database based logstream classes
+ */
+ public abstract function GetCreateMissingTriggerSQL( $myDBTriggerField, $myDBTriggerCheckSumField );
+
+ /*
+ * Helper function for logstream classes to check if the checksum field is configured correctly
+ */
+ public abstract function VerifyChecksumField( );
+
+
+ /*
+ * Helper function for logstream classes to change the checksum field from unsigned INT
+ */
+ public abstract function ChangeChecksumFieldUnsigned( );
+
+
+ /*
+ * Helper functino to trigger initialisation of MsgParsers
+ */
+ public function RunBasicInits()
+ {
+ $this->_logStreamConfigObj->InitMsgParsers();
+ }
+
+ /**
+ * Set the filter for the current stream.
+ *
+ * @param filter object in: filter object
+ * @return integer Error state
+ */
+ public function SetFilter($szFilters)
+ {
+ // prepend default Filters
+ if ( strlen($this->_logStreamConfigObj->_defaultfilter) > 0 )
+ $finalfilters = $this->_logStreamConfigObj->_defaultfilter . " " . $szFilters;
+ else
+ $finalfilters = $szFilters;
+
+ OutputDebugMessage("LogStream|SetFilter: SetFilter combined = '" . $finalfilters . "'. ", DEBUG_DEBUG);
+
+ // Reset Filters first to make sure we do not add multiple filters!
+ $this->_filters = null;
+
+ // Parse Filters from string
+ $this->ParseFilters($finalfilters);
+
+ // return success
+ return SUCCESS;
+ }
+
+ /**
+ * Append filter definition for the current stream.
+ *
+ * @param filter object in: filter object
+ * @return integer Error state
+ */
+ public function AppendFilter($szFilters)
+ {
+ OutputDebugMessage("LogStream|AppendFilter: SetFilter combined = '" . $szFilters . "'. ", DEBUG_DEBUG);
+
+ // Parse Filters from string
+ $this->ParseFilters($szFilters);
+
+ // return success
+ return SUCCESS;
+ }
+
+ /**
+ * Remove filters for a specific Fieldtype
+ *
+ * @param filter object in: FieldID
+ * @return integer Error state
+ */
+ public function RemoveFilters($szFieldID)
+ {
+ // Removing Filters for this field!
+ if ( isset($this->_filters[$szFieldID]) )
+ unset($this->_filters[$szFieldID]);
+
+ // return success
+ return SUCCESS;
+ }
+
+
+ /**
+ * Set the direction the stream should read data.
+ *
+ * @param enumReadDirectionfilter EnumReadDirection in: The new direction.
+ * @return integer Error state
+ */
+ public function SetReadDirection($enumReadDirection)
+ {
+ // Set the new read direction!
+ $this->_readDirection = $enumReadDirection;
+ return SUCCESS;
+ }
+
+ /**
+ * Set the sorting order for the stream
+ *
+ * @param newSortOrder EnumSortingOrder in: The new sort order.
+ * @return integer Error state
+ */
+ public function SetSortOrder($newSortOrder)
+ {
+ // Set the new read direction!
+ $this->_sortOrder = $newSortOrder;
+ return SUCCESS;
+ }
+
+ /**
+ * Implementation of ApplyFilters which can be used by all LogStream Classes!
+ * This function performs a check on the filters and actually triggers the
+ * syslog parsers as well.
+ */
+ public function ApplyFilters($myResults, &$arrProperitesOut)
+ {
+ // IF result was unsuccessfull, return success - nothing we can do here.
+ if ( $myResults >= ERROR )
+ return SUCCESS;
+
+ // Evaluation default is true
+ $bFinalEval = true;
+
+ // Process all filters
+ if ( $this->_filters != null )
+ {
+ // Loop through set properties
+ foreach( $arrProperitesOut as $propertyname => $propertyvalue )
+ {
+ // TODO: NOT SURE IF THIS WILL WORK ON NUMBERS AND OTHER TYPES RIGHT NOW
+ if (
+ array_key_exists($propertyname, $this->_filters) &&
+ isset($propertyvalue) /* &&
+ !(is_string($propertyvalue) && strlen($propertyvalue) <= 0)*/ /* Negative because it only matters if the propvalure is a string*/
+ )
+ {
+
+ // Perform first loop to determine the bEval Default
+ foreach( $this->_filters[$propertyname] as $myfilter )
+ {
+ if (
+ ($myfilter[FILTER_TYPE] == FILTER_TYPE_NUMBER) ||
+ ($myfilter[FILTER_TYPE] == FILTER_TYPE_STRING && $myfilter[FILTER_MODE] & FILTER_MODE_INCLUDE && $propertyname != SYSLOG_MESSAGE)
+ )
+ {
+ $bEval = false;
+ break; // IF found one INCLUDE or NUMERIC filter, the default has to be false!
+ }
+ else
+ $bEval = true;
+ }
+
+ // Extra var needed for number checks!
+ $bIsOrFilter = false; // If enabled we need to check for numbereval later
+ $bOrFilter = false;
+
+ // Perform second loop through all filters, to perform filtering
+ foreach( $this->_filters[$propertyname] as $myfilter )
+ {
+ switch( $myfilter[FILTER_TYPE] )
+ {
+ case FILTER_TYPE_STRING:
+ // Only filter if value is non zero
+ if ( strlen($propertyvalue) > 0 && strlen($myfilter[FILTER_VALUE]) > 0 )
+ {
+ // If Syslog message, we have AND handling!
+ if ( $propertyname == SYSLOG_MESSAGE )
+ {
+ // Include Filter
+ if ( $myfilter[FILTER_MODE] & FILTER_MODE_INCLUDE )
+ {
+ if ( stripos($propertyvalue, $myfilter[FILTER_VALUE]) === false )
+ $bEval = false;
+ }
+ // Exclude Filter
+ else if ( $myfilter[FILTER_MODE] & FILTER_MODE_EXCLUDE )
+ {
+ if ( stripos($propertyvalue, $myfilter[FILTER_VALUE]) !== false )
+ $bEval = false;
+ }
+ }
+ // Otherwise we use OR Handling!
+ else
+ {
+ // Include Filter
+ if ( $myfilter[FILTER_MODE] & FILTER_MODE_INCLUDE )
+ {
+ // Set isOrFilter to true in this case
+ $bIsOrFilter = true;
+
+ if ( $myfilter[FILTER_MODE] & FILTER_MODE_SEARCHFULL )
+ {
+ if ( strtolower($propertyvalue) == strtolower($myfilter[FILTER_VALUE]) )
+ $bOrFilter = true;
+ }
+ else
+ {
+ if ( stripos($propertyvalue, $myfilter[FILTER_VALUE]) !== false )
+ $bOrFilter = true;
+ }
+ }
+ // Exclude Filter - handeled with AND filtering!
+ else if ( $myfilter[FILTER_MODE] & FILTER_MODE_EXCLUDE )
+ {
+ if ( $myfilter[FILTER_MODE] & FILTER_MODE_SEARCHFULL )
+ {
+ if ( strtolower($propertyvalue) == strtolower($myfilter[FILTER_VALUE]) )
+ $bEval = false;
+ }
+ else
+ {
+ if ( stripos($propertyvalue, $myfilter[FILTER_VALUE]) !== false )
+ $bEval = false;
+ }
+ }
+ break;
+ }
+ }
+ else
+ {
+ // Either filter value or property value was empty!
+ // This means we have no match
+ $bEval = false;
+ }
+
+ break;
+ case FILTER_TYPE_NUMBER:
+ $bIsOrFilter = true; // Default is set to TRUE
+ if ( is_numeric($arrProperitesOut[$propertyname]) )
+ {
+ if ( $myfilter[FILTER_MODE] & FILTER_MODE_INCLUDE )
+ {
+ if ( $myfilter[FILTER_VALUE] == $arrProperitesOut[$propertyname] )
+ $bOrFilter = true;
+ else
+ $bOrFilter = false;
+ }
+ else if ( $myfilter[FILTER_MODE] & FILTER_MODE_EXCLUDE )
+ {
+ if ( $myfilter[FILTER_VALUE] == $arrProperitesOut[$propertyname] )
+ $bOrFilter = false;
+ else
+ $bOrFilter = true;
+ }
+ }
+ else
+ {
+ // If wanted, we treat this filter as a success!
+ if ( GetConfigSetting("TreatNotFoundFiltersAsTrue", 0, CFGLEVEL_USER) == 1 )
+ $bOrFilter = true;
+ else
+ $bOrFilter = false;
+ }
+ break;
+ case FILTER_TYPE_DATE:
+ // Get Log TimeStamp
+ $nLogTimeStamp = $arrProperitesOut[$propertyname][EVTIME_TIMESTAMP];
+ if ( $myfilter[FILTER_DATEMODE] == DATEMODE_LASTX )
+ {
+ // Get current timestamp
+ $nNowTimeStamp = time();
+
+ if ( $myfilter[FILTER_VALUE] == DATE_LASTX_HOUR )
+ $nLastXTime = 60 * 60; // One Hour!
+ else if ( $myfilter[FILTER_VALUE] == DATE_LASTX_12HOURS )
+ $nLastXTime = 60 * 60 * 12; // 12 Hours!
+ else if ( $myfilter[FILTER_VALUE] == DATE_LASTX_24HOURS )
+ $nLastXTime = 60 * 60 * 24; // 24 Hours!
+ else if ( $myfilter[FILTER_VALUE] == DATE_LASTX_7DAYS )
+ $nLastXTime = 60 * 60 * 24 * 7; // 7 days
+ else if ( $myfilter[FILTER_VALUE] == DATE_LASTX_31DAYS )
+ $nLastXTime = 60 * 60 * 24 * 31; // 31 days
+ else
+ // WTF default?
+ $nLastXTime = 86400;
+
+ // If Nowtime + LastX is higher then the log timestamp, the this logline is to old for us.
+ if ( ($nNowTimeStamp - $nLastXTime) > $nLogTimeStamp )
+ $bEval = false;
+ }
+ else if ( $myfilter[FILTER_DATEMODE] == DATEMODE_RANGE_FROM )
+ {
+ // Get filter timestamp!
+ $nFromTimeStamp = GetTimeStampFromTimeString($myfilter[FILTER_VALUE]);
+
+ // If logtime is smaller then FromTime, then the Event is outside of our scope!
+ if ( $nLogTimeStamp < $nFromTimeStamp )
+ $bEval = false;
+ }
+ else if ( $myfilter[FILTER_DATEMODE] == DATEMODE_RANGE_TO )
+ {
+ // Get filter timestamp!
+// echo $myfilter[FILTER_VALUE];
+ $nToTimeStamp = GetTimeStampFromTimeString($myfilter[FILTER_VALUE]);
+
+ // If logtime is smaller then FromTime, then the Event is outside of our scope!
+ if ( $nLogTimeStamp > $nToTimeStamp )
+ $bEval = false;
+ }
+ else if ( $myfilter[FILTER_DATEMODE] == DATEMODE_RANGE_DATE )
+ {
+ // Get filter timestamp!
+// echo $myfilter[FILTER_VALUE];
+ $nDateTimeStamp = GetTimeStampFromTimeString($myfilter[FILTER_VALUE]);
+
+ // If not on logfile day, the Event is outside of our scope!
+ if ( $nLogTimeStamp < $nDateTimeStamp || $nLogTimeStamp > ($nDateTimeStamp+86400) )
+ $bEval = false;
+ }
+ break;
+ default:
+ // TODO!
+ break;
+ }
+
+ // If was number filter, we apply it the evaluation.
+ if ( $bIsOrFilter ) // && $bOrFilter )
+ {
+ // Fixed binary comparison to | instead of &!
+ $bEval |= $bOrFilter;
+ //echo "!" . $bOrFilter . "-" . $bEval . "! ";
+ }
+// else
+// $bEval &= $bOrFilter;
+
+ }
+
+ // Combine filters with AND
+ $bFinalEval &= $bEval;
+ }
+
+ }
+
+ // Check if evaluation was successfull
+ if ( !$bFinalEval )
+ {
+ // unmatching filter, reset property array
+ foreach ( $this->_arrProperties as $property )
+ $arrProperitesOut[$property] = '';
+
+ // return error!
+ return ERROR_FILTER_NOT_MATCH;
+ }
+
+ // Reached this point means filters did match!
+ return SUCCESS;
+ }
+ else // No filters at all means success!
+ return SUCCESS;
+ }
+
+ /**
+ * Helper function to obtain internal Filters Array
+ */
+ public function ReturnFiltersArray()
+ {
+ return $this->_filters;
+ }
+
+ /**
+ * Helper function to find a fieldkey by using the SearchField
+ */
+ public function ReturnFilterKeyBySearchField($szSearchField)
+ {
+ global $fields;
+
+ foreach ($fields as $myField)
+ {
+ if ( $myField['SearchField'] == $szSearchField )
+ return $myField['FieldID'];
+ }
+
+ return FALSE;
+ }
+
+
+ /**
+ * Helper function to return all fields needed for filters
+ * Can be helpful for functions which need to add filtering fields
+ */
+ public function ReturnFieldsByFilters()
+ {
+ global $fields;
+
+ if ( $this->_filters != null )
+ {
+ // Return array keys
+ $aResult = array_keys($this->_filters);
+ return $aResult;
+ }
+ else // No fields at all!
+ return null;
+ }
+
+ /*
+ * Helper function to get the internal Field ID by database field name!
+ */
+ public function GetFieldIDbyDatabaseMapping($szTableType, $szFieldName)
+ {
+ global $content, $dbmapping;
+
+ foreach( $dbmapping[$szTableType]['DBMAPPINGS'] as $myFieldID => $myDBMapping )
+ {
+ if ( $myDBMapping == $szFieldName )
+ return $myFieldID;
+ }
+
+ // Default return!
+ return $szFieldName;
+ }
+
+ /*
+ * Helper function to check a if a fieldname exists in the mapping
+ */
+ public function CheckFieldnameInMapping($szTableType, $szFieldName)
+ {
+ global $content, $dbmapping;
+
+ foreach( $dbmapping[$szTableType]['DBMAPPINGS'] as $myFieldID => $myDBMapping )
+ {
+ if ( $myDBMapping == $szFieldName )
+ return true; // return found!
+ }
+
+ // Default FALSE!
+ return false;
+ }
+
+ /*
+ * --- PIRVATE HELPERS!
+ */
+
+ /**
+ * Helper function to parse filters into a useful filter array we can work with.
+ */
+ private function ParseFilters($szFilters)
+ {
+ global $fields;
+
+ if ( isset($szFilters) && strlen($szFilters) > 0 )
+ {
+//OLD $tmpEntries = explode(" ", $szFilters);
+ // Use RegEx for intelligent splitting
+ $szFilterRgx = '/[\s]++(?=(?:(?:[^"]*+"){2})*+[^"]*+$)(?=(?:(?:[^\']*+\'){2})*+[^\']*+$)(?=(?:[^()]*+\([^()]*+\))*+[^()]*+$)/x';
+ $tmpEntries = preg_split($szFilterRgx, $szFilters, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE);
+//DEBUG print_r ( $tmpEntries );
+
+ foreach($tmpEntries as $myEntry)
+ {
+ // Continue if empty filter!
+ if ( strlen(trim($myEntry)) <= 0 )
+ continue;
+
+ if (
+ ($pos = strpos($myEntry, ":")) !== false
+ &&
+ ($pos > 0 && substr($myEntry, $pos-1,1) != '\\') /* Only if character before is no backslash! */
+ )
+ {
+ // Split key and value
+ $tmpArray = explode(":", $myEntry, 2);
+//print_r ( $tmpArray );
+
+ // Continue if empty filter!
+ if ( strlen(trim($tmpArray[FILTER_TMP_VALUE])) == 0 )
+ continue;
+
+ // Check for multiple values!
+ if ( strpos($tmpArray[FILTER_TMP_VALUE], ",") )
+ {
+ // Split by comma and fill tmp Value array
+ $tmpValueArray = explode(",", $tmpArray[FILTER_TMP_VALUE]);
+ foreach($tmpValueArray as $myValueEntry)
+ {
+ // Append to temp array
+ $tmpValues[] = array( FILTER_TMP_MODE => $this->SetFilterIncludeMode($myValueEntry), FILTER_TMP_VALUE => $myValueEntry );
+ }
+ }
+
+ // Handle filter based
+ switch( $tmpArray[FILTER_TMP_KEY] )
+ {
+ case "facility":
+ $tmpKeyName = SYSLOG_FACILITY;
+ $tmpFilterType = FILTER_TYPE_NUMBER;
+ // --- Extra Check to convert string representations into numbers!
+ if ( isset($tmpValues) )
+ {
+ foreach( $tmpValues as $mykey => $szValue )
+ {
+ if ( !is_numeric($szValue[FILTER_TMP_VALUE]) )
+ {
+ $tmpFacilityCode = $this->ConvertFacilityString($szValue[FILTER_TMP_VALUE]);
+ if ( $tmpFacilityCode != -1 )
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = $tmpFacilityCode;
+ }
+ }
+ }
+ else
+ {
+ // First set Filter Mode
+ $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE],$tmpFilterType);
+
+ if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
+ {
+ $tmpFacilityCode = $this->ConvertFacilityString($tmpArray[FILTER_TMP_VALUE]);
+ if ( $tmpFacilityCode != -1 )
+ $tmpArray[FILTER_TMP_VALUE] = $tmpFacilityCode;
+ }
+ }
+ // ---
+ break;
+ case "severity":
+ $tmpKeyName = SYSLOG_SEVERITY;
+ $tmpFilterType = FILTER_TYPE_NUMBER;
+ // --- Extra Check to convert string representations into numbers!
+ if ( isset($tmpValues) )
+ {
+ foreach( $tmpValues as $mykey => $szValue )
+ {
+ if ( !is_numeric($szValue[FILTER_TMP_VALUE]) )
+ {
+ $tmpFacilityCode = $this->ConvertSeverityString($szValue[FILTER_TMP_VALUE]);
+ if ( $tmpFacilityCode != -1 )
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = $tmpFacilityCode;
+ }
+ }
+ }
+ else
+ {
+ // First set Filter Mode
+ $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
+
+ if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
+ {
+ $tmpFacilityCode = $this->ConvertSeverityString($tmpArray[FILTER_TMP_VALUE]);
+ if ( $tmpFacilityCode != -1 )
+ $tmpArray[FILTER_TMP_VALUE] = $tmpFacilityCode;
+ }
+ }
+ // ---
+ break;
+ case "messagetype":
+ $tmpKeyName = SYSLOG_MESSAGETYPE;
+ $tmpFilterType = FILTER_TYPE_NUMBER;
+ // --- Extra Check to convert string representations into numbers!
+ if ( isset($tmpValues) )
+ {
+ foreach( $tmpValues as $mykey => $szValue )
+ {
+ if ( !is_numeric($szValue[FILTER_TMP_VALUE]) )
+ {
+ $tmpMsgTypeCode = $this->ConvertMessageTypeString($szValue[FILTER_TMP_VALUE]);
+ if ( $tmpMsgTypeCode != -1 )
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = $tmpMsgTypeCode;
+ }
+ }
+
+/* OBSELETE CODE
+ foreach( $tmpValues as $mykey => $szValue )
+ {
+ // First set Filter Mode
+ $tmpValues[$mykey][FILTER_TMP_MODE] = $this->SetFilterIncludeMode($szValue);
+ }
+*/
+ }
+ else
+ {
+ // First set Filter Mode
+ $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
+
+ if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
+ {
+ $tmpMsgTypeCode = $this->ConvertMessageTypeString($tmpArray[FILTER_TMP_VALUE]);
+ if ( $tmpMsgTypeCode != -1 )
+ $tmpArray[FILTER_TMP_VALUE] = $tmpMsgTypeCode;
+ }
+ }
+ // ---
+ break;
+ /* BEGIN Eventlog based fields */
+ case "eventid":
+ $tmpKeyName = SYSLOG_EVENT_ID;
+ $tmpFilterType = FILTER_TYPE_NUMBER;
+ // --- Extra numeric Check
+ if ( isset($tmpValues) )
+ {
+ foreach( $tmpValues as $mykey => $szValue )
+ {
+ if ( is_numeric($szValue[FILTER_TMP_VALUE]) )
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = $szValue[FILTER_TMP_VALUE];
+ else
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = "";
+ }
+ }
+ else
+ {
+ // First set Filter Mode
+ $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
+
+ if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
+ $tmpArray[FILTER_TMP_VALUE] = "";
+
+ }
+ // ---
+ break;
+ case "eventcategory":
+ $tmpKeyName = SYSLOG_EVENT_CATEGORY;
+ $tmpFilterType = FILTER_TYPE_NUMBER;
+ // --- Extra numeric Check
+ if ( isset($tmpValues) )
+ {
+ foreach( $tmpValues as $mykey => $szValue )
+ {
+ if ( is_numeric($szValue[FILTER_TMP_VALUE]) )
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = $szValue[FILTER_TMP_VALUE];
+ else
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = "";
+ }
+ }
+ else
+ {
+ // First set Filter Mode
+ $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
+
+ if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
+ $tmpArray[FILTER_TMP_VALUE] = "";
+ }
+ // ---
+ break;
+ case "eventlogtype":
+ $tmpKeyName = SYSLOG_EVENT_LOGTYPE;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ case "eventlogsource":
+ $tmpKeyName = SYSLOG_EVENT_SOURCE;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ case "eventuser":
+ $tmpKeyName = SYSLOG_EVENT_USER;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ /* END Eventlog based fields */
+ case "syslogtag":
+ $tmpKeyName = SYSLOG_SYSLOGTAG;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ case "source":
+ $tmpKeyName = SYSLOG_HOST;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ case "datefrom":
+ $tmpKeyName = SYSLOG_DATE;
+ $tmpFilterType = FILTER_TYPE_DATE;
+ $tmpTimeMode = DATEMODE_RANGE_FROM;
+ break;
+ case "dateto":
+ $tmpKeyName = SYSLOG_DATE;
+ $tmpFilterType = FILTER_TYPE_DATE;
+ $tmpTimeMode = DATEMODE_RANGE_TO;
+ break;
+ case "datelastx":
+ $tmpKeyName = SYSLOG_DATE;
+ $tmpFilterType = FILTER_TYPE_DATE;
+ $tmpTimeMode = DATEMODE_LASTX;
+ break;
+ case "timereported":
+ $tmpKeyName = SYSLOG_DATE;
+ $tmpFilterType = FILTER_TYPE_DATE;
+ $tmpTimeMode = DATEMODE_RANGE_DATE;
+ break;
+ case "processid":
+ $tmpKeyName = SYSLOG_PROCESSID;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ /* BEGIN WebLog based fields */
+ case SYSLOG_WEBLOG_USER:
+ $tmpKeyName = SYSLOG_WEBLOG_USER;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ case SYSLOG_WEBLOG_METHOD:
+ $tmpKeyName = SYSLOG_WEBLOG_METHOD;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ case SYSLOG_WEBLOG_URL:
+ $tmpKeyName = SYSLOG_WEBLOG_URL;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+
+ case SYSLOG_WEBLOG_QUERYSTRING:
+ $tmpKeyName = SYSLOG_WEBLOG_QUERYSTRING;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ case SYSLOG_WEBLOG_PVER:
+ $tmpKeyName = SYSLOG_WEBLOG_PVER;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ case SYSLOG_WEBLOG_STATUS:
+ $tmpKeyName = SYSLOG_WEBLOG_STATUS;
+ $tmpFilterType = FILTER_TYPE_NUMBER;
+ // --- Extra numeric Check
+ if ( isset($tmpValues) )
+ {
+ foreach( $tmpValues as $mykey => $szValue )
+ {
+ if ( is_numeric($szValue[FILTER_TMP_VALUE]) )
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = $szValue[FILTER_TMP_VALUE];
+ else
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = "";
+ }
+ }
+ else
+ {
+ // First set Filter Mode
+ $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
+
+ if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
+ $tmpArray[FILTER_TMP_VALUE] = "";
+ }
+ // ---
+ break;
+
+ case SYSLOG_WEBLOG_BYTESSEND:
+ $tmpKeyName = SYSLOG_WEBLOG_BYTESSEND;
+ $tmpFilterType = FILTER_TYPE_NUMBER;
+ // --- Extra numeric Check
+ if ( isset($tmpValues) )
+ {
+ foreach( $tmpValues as $mykey => $szValue )
+ {
+ if ( is_numeric($szValue[FILTER_TMP_VALUE]) )
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = $szValue[FILTER_TMP_VALUE];
+ else
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = "";
+ }
+ }
+ else
+ {
+ // First set Filter Mode
+ $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
+
+ if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
+ $tmpArray[FILTER_TMP_VALUE] = "";
+ }
+ // ---
+ break;
+ case SYSLOG_WEBLOG_REFERER:
+ $tmpKeyName = SYSLOG_WEBLOG_REFERER;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ case SYSLOG_WEBLOG_USERAGENT:
+ $tmpKeyName = SYSLOG_WEBLOG_USERAGENT;
+ $tmpFilterType = FILTER_TYPE_STRING;
+ break;
+ /* END WebLog based fields */
+ default:
+ // Custom Field, try to find field!
+ $szSearchFilterKey = $tmpArray[FILTER_TMP_KEY];
+ foreach ($fields as $aField)
+ {
+ if ($aField['SearchField'] == $szSearchFilterKey)
+ {
+ $tmpKeyName = $aField['FieldID'];
+ break;
+ }
+ }
+ if ( isset($fields[$tmpKeyName]) && isset($fields[$tmpKeyName]['SearchField']) )
+ {
+ $tmpFilterType = $fields[$tmpKeyName]['FieldType'];
+
+ // Handle numeric fields!
+ if ( $tmpFilterType == FILTER_TYPE_NUMBER )
+ {
+ // --- Extra numeric Check
+ if ( isset($tmpValues) )
+ {
+ foreach( $tmpValues as $mykey => $szValue )
+ {
+ if ( is_numeric($szValue[FILTER_TMP_VALUE]) )
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = $szValue[FILTER_TMP_VALUE];
+ else
+ $tmpValues[$mykey][FILTER_TMP_VALUE] = "";
+ }
+ }
+ else
+ {
+ // First set Filter Mode
+ $tmpArray[FILTER_TMP_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE], $tmpFilterType);
+
+ if ( !is_numeric($tmpArray[FILTER_TMP_VALUE]) )
+ $tmpArray[FILTER_TMP_VALUE] = "";
+ }
+ // ---
+ }
+ // Nothing to do actually!
+// else if ( $tmpFilterType == FILTER_TYPE_STRING )
+ }
+ else
+ // Unknown filter
+ $tmpFilterType = FILTER_TYPE_UNKNOWN;
+ //done!
+ }
+
+ // Add to detected filter array
+ if ( $this->_arrFilterProperties == null || !in_array($tmpKeyName, $this->_arrFilterProperties) )
+ $this->_arrFilterProperties[] = $tmpKeyName;
+
+ // Ignore if unknown filter!
+ if ( $tmpFilterType != FILTER_TYPE_UNKNOWN )
+ {
+ // --- Set Filter!
+ $this->_filters[$tmpKeyName][][FILTER_TYPE] = $tmpFilterType;
+ $iNum = count($this->_filters[$tmpKeyName]) - 1;
+
+ if ( isset($tmpTimeMode) )
+ {
+ $this->_filters[$tmpKeyName][$iNum][FILTER_DATEMODE] = $tmpTimeMode;
+ $this->_filters[$tmpKeyName][$iNum][FILTER_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE]); // remove FilterMode characters from value
+ $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE] = $tmpArray[FILTER_TMP_VALUE];
+//echo $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE];
+//exit;
+ }
+ else if ( isset($tmpValues) )
+ {
+//print_r( $tmpValues );
+ foreach( $tmpValues as $szValue )
+ {
+ // Continue if empty!
+ if ( strlen($szValue[FILTER_TMP_VALUE]) == 0 )
+ continue;
+
+ if ( isset($this->_filters[$tmpKeyName][$iNum][FILTER_VALUE]) )
+ {
+ // Create new Filter!
+ $this->_filters[$tmpKeyName][][FILTER_TYPE] = $tmpFilterType;
+ $iNum = count($this->_filters[$tmpKeyName]) - 1;
+ }
+
+ // Set Filter Mode
+ if ( isset($szValue[FILTER_TMP_MODE]) )
+ $this->_filters[$tmpKeyName][$iNum][FILTER_MODE] = $szValue[FILTER_TMP_MODE];
+ else
+ $this->_filters[$tmpKeyName][$iNum][FILTER_MODE] = $this->SetFilterIncludeMode($szValue[FILTER_TMP_VALUE]);
+
+ // Set Value
+ $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE] = $szValue[FILTER_TMP_VALUE];
+ }
+ }
+ else
+ {
+ // Set Filter Mode
+ if ( isset($tmpArray[FILTER_TMP_MODE]) )
+ $this->_filters[$tmpKeyName][$iNum][FILTER_MODE] = $tmpArray[FILTER_TMP_MODE];
+ else
+ $this->_filters[$tmpKeyName][$iNum][FILTER_MODE] = $this->SetFilterIncludeMode($tmpArray[FILTER_TMP_VALUE]);
+
+ // Set Filter value!
+ $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE] = $tmpArray[FILTER_TMP_VALUE];
+ }
+
+ // Reverse string prepareation
+ $searchArray = array(
+ '/(?_filters[$tmpKeyName][$iNum][FILTER_VALUE] = str_replace( '+', ' ', $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE]);
+ $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE] = preg_replace( $searchArray, $replaceArray, $this->_filters[$tmpKeyName][$iNum][FILTER_VALUE] );
+ // ---
+ }
+
+ // Unset unused variables
+ if ( isset($tmpArray) )
+ unset($tmpArray);
+ if ( isset($tmpValues) )
+ unset($tmpValues);
+ if ( isset($tmpTimeMode) )
+ unset($tmpTimeMode);
+ }
+ else
+ {
+ // No ":", so we treat it as message filter!
+ $this->_filters[SYSLOG_MESSAGE][][FILTER_TYPE] = FILTER_TYPE_STRING;
+ $iNum = count($this->_filters[SYSLOG_MESSAGE]) - 1;
+ $this->_filters[SYSLOG_MESSAGE][$iNum][FILTER_MODE] = $this->SetFilterIncludeMode($myEntry);
+
+ // Replace "\:" with ":", so we can filter with it ^^
+ if ( strpos($myEntry, ":") !== false )
+ $myEntry = str_replace("\\:", ":", $myEntry);
+
+ // Check for Begin and Ending Quotes and remove them from the search value!
+ $myEntry = preg_replace('/\\"/i', "$1", $myEntry);
+
+ // Assign value to filter array
+ $this->_filters[SYSLOG_MESSAGE][$iNum][FILTER_VALUE] = $myEntry;
+ }
+ }
+ }
+
+ // Debug print
+// print_r ($this->_filters);
+ }
+
+ /*
+ * Helper function needed in SetFilterIncludeMode
+ */
+ private function SetFilterIncludeMode(&$szValue, $myFilterType = FILTER_TYPE_STRING) // Default = String!
+ {
+ // Init BIT!
+ $myBits = FILTER_MODE_INCLUDE;
+
+ // If Filter is Included
+ $pos = strpos($szValue, "+");
+ if ( $pos !== false && $pos == 0 )
+ {
+ //trunscate +
+ $szValue = substr( $szValue, 1);
+ $myBits = FILTER_MODE_INCLUDE;
+ }
+
+ // If Filter is Excluded
+ $pos = strpos($szValue, "-");
+ if ( $pos !== false && $pos == 0 )
+ {
+ //trunscate -
+ $szValue = substr( $szValue, 1);
+ $myBits = FILTER_MODE_EXCLUDE;
+ }
+
+ // If Filter is a FULL text match!
+ $pos = strpos($szValue, "=");
+ if ( $pos !== false && $pos == 0 )
+ {
+ //trunscate -
+ $szValue = substr( $szValue, 1);
+
+ // Add BIT if not NUMBER FIELD!
+ if ( $myFilterType != FILTER_TYPE_NUMBER )
+ $myBits |= FILTER_MODE_SEARCHFULL;
+ }
+
+ // If Filter is a REGEX match!
+ $pos = strpos($szValue, "~");
+ if ( $pos !== false && $pos == 0 )
+ {
+ //trunscate -
+ $szValue = substr( $szValue, 1);
+ // Add BIT if not NUMBER FIELD!
+ if ( $myFilterType != FILTER_TYPE_NUMBER )
+ $myBits |= FILTER_MODE_SEARCHREGEX;
+ }
+ // ---
+
+ // return result
+ return $myBits;
+ }
+
+ /*
+ * Helper function to convert a facility string into a facility number
+ */
+ private function ConvertFacilityString($szValue)
+ {
+ global $content;
+
+ foreach ( $content['filter_facility_list'] as $myfacility )
+ {
+ if ( stripos( $myfacility['DisplayName'], $szValue) !== false )
+ return $myfacility['ID'];
+ }
+
+ // reached here means we failed to convert the facility!
+ return -1;
+ }
+
+ /*
+ * Helper function to convert a severity string into a severity number
+ */
+ private function ConvertSeverityString($szValue)
+ {
+ global $content;
+
+ foreach ( $content['filter_severity_list'] as $myfacility )
+ {
+ if ( stripos( $myfacility['DisplayName'], $szValue) !== false )
+ return $myfacility['ID'];
+ }
+
+ // reached here means we failed to convert the facility!
+ return -1;
+ }
+
+ /*
+ * Helper function to convert a messagetype string into a messagetype number
+ */
+ private function ConvertMessageTypeString($szValue)
+ {
+ global $content;
+
+ foreach ( $content['filter_messagetype_list'] as $mymsgtype )
+ {
+ if ( stripos( $mymsgtype['DisplayName'], $szValue) !== false )
+ return $mymsgtype['ID'];
+ }
+
+ // reached here means we failed to convert the facility!
+ return -1;
+ }
+
+}
?>
\ No newline at end of file
diff --git a/src/classes/logstreammongodb.class.php b/src/classes/logstreammongodb.class.php
index 26d0dc1..6825661 100644
--- a/src/classes/logstreammongodb.class.php
+++ b/src/classes/logstreammongodb.class.php
@@ -488,8 +488,25 @@ class LogStreamMongoDB extends LogStream {
$arrProperitesOut[$property] = '';
}
else
+ {
$arrProperitesOut[$property] = '';
+// echo $property . "=" . $this->bufferedRecords[$this->_currentRecordNum][$dbfieldname];
+ }
}
+
+ // --- Add dynamic fields into record!
+ foreach( $this->bufferedRecords[$this->_currentRecordNum] as $propName => $propValue)
+ {
+ if ( !isset($arrProperitesOut[$propName]) &&
+ !$this->CheckFieldnameInMapping($szTableType, $propName) &&
+ (isset($propValue) && strlen($propValue) > 0)
+ )
+ {
+ // Add dynamic Property!
+ $arrProperitesOut[$propName] = $propValue;
+ }
+ }
+ // ---
// Run optional Message Parsers now
if ( isset($arrProperitesOut[SYSLOG_MESSAGE]) )
@@ -1572,7 +1589,12 @@ class LogStreamMongoDB extends LogStream {
OutputDebugMessage("LogStreamMongoDB|ReadNextRecordsFromDB: Running FIND ", DEBUG_ULTRADEBUG);
// Find Data in MongoCollection
- $myCursor = $this->_myMongoCollection->find($this->_myMongoQuery, $this->_myMongoFields);
+ $myCursor = $this->_myMongoCollection->find($this->_myMongoQuery)->limit($this->_logStreamConfigObj->RecordsPerQuery)->sort(array("_id" => -1)); // , $this->_myMongoFields);
+
+// echo "
" . GetAndReplaceLangStr( $content['LN_SOURCES_ERROR_EXTRAMSG'], $extraErrorDescription);
+
+ }
+ }
+ else
+ {
+ // This will disable to Main SyslogView and show an error message
+ $content['messageenabled'] = "false";
+
+ // Set error code
+ $content['error_code'] = $ret;
+
+ if ( $ret == ERROR_FILE_NOT_FOUND )
+ $content['detailederror'] = $content['LN_ERROR_FILE_NOT_FOUND'];
+ else if ( $ret == ERROR_FILE_NOT_READABLE )
+ $content['detailederror'] = $content['LN_ERROR_FILE_NOT_READABLE'];
+ else
+ $content['detailederror'] = $content['LN_ERROR_UNKNOWN'];
+ }
+
+ // Close file!
+ $stream->Close();
+}
+// ---
+
+// --- BEGIN CREATE TITLE
+$content['TITLE'] = InitPageTitle();
+
+if ( $content['messageenabled'] == "true" )
+{
+ // Append custom title part!
+ $content['TITLE'] .= " :: Details for '" . $content['uid_current'] . "'";
+}
+else
+{
+ // APpend to title Page title
+ $content['TITLE'] .= " :: Unknown uid";
+}
+// --- END CREATE TITLE
+
+
+// --- Parsen and Output
+InitTemplateParser();
+$page -> parser($content, "details.html");
+$page -> output();
+// ---
+
+
?>
\ No newline at end of file
diff --git a/src/include/constants_logstream.php b/src/include/constants_logstream.php
index db256f3..72d995a 100644
--- a/src/include/constants_logstream.php
+++ b/src/include/constants_logstream.php
@@ -1,406 +1,407 @@
- Stuff which has to be static and predefined *
- * *
- * All directives are explained within this file *
- *
- * Copyright (C) 2008-2010 Adiscon GmbH.
- *
- * This file is part of LogAnalyzer.
- *
- * LogAnalyzer is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * LogAnalyzer is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with LogAnalyzer. If not, see .
- *
- * A copy of the GPL can be found in the file "COPYING" in this
- * distribution.
- *
- * Adiscon LogAnalyzer is also available under a commercial license.
- * For details, contact info@adiscon.com or visit
- * http://loganalyzer.adiscon.com/commercial
- *********************************************************************
-*/
-
-// --- Avoid directly accessing this file!
-if ( !defined('IN_PHPLOGCON') )
-{
- die('Hacking attempt');
- exit;
-}
-// ---
-
-// --- Define properties names of all know fields
-define('SYSLOG_UID', 'uID');
-define('SYSLOG_DATE', 'timereported');
-define('SYSLOG_HOST', 'FROMHOST');
-define('SYSLOG_MESSAGETYPE', 'IUT');
-define('SYSLOG_MESSAGE', 'msg');
-
-// Syslog specific
-define('SYSLOG_FACILITY', 'syslogfacility');
-define('SYSLOG_SEVERITY', 'syslogseverity');
-define('SYSLOG_SYSLOGTAG', 'syslogtag');
-define('SYSLOG_PROCESSID', 'procid');
-
-// EventLog specific
-define('SYSLOG_EVENT_ID', 'id');
-define('SYSLOG_EVENT_LOGTYPE', 'NTEventLogType');
-define('SYSLOG_EVENT_SOURCE', 'sourceproc');
-define('SYSLOG_EVENT_CATEGORY', 'category');
-define('SYSLOG_EVENT_USER', 'user');
-
-// Weblog specific
-define('SYSLOG_WEBLOG_USER', 'http_user');
-define('SYSLOG_WEBLOG_METHOD', 'http_method');
-define('SYSLOG_WEBLOG_URL', 'http_url');
-define('SYSLOG_WEBLOG_QUERYSTRING', 'http_querystring');
-define('SYSLOG_WEBLOG_PVER', 'http_ver');
-define('SYSLOG_WEBLOG_STATUS', 'http_status');
-define('SYSLOG_WEBLOG_BYTESSEND', 'http_bytessend');
-define('SYSLOG_WEBLOG_REFERER', 'http_referer');
-define('SYSLOG_WEBLOG_USERAGENT', 'http_useragent');
-
-// Other fields
-define('MISC_SYSTEMID', 'misc_systenid');
-define('MISC_CHECKSUM', 'misc_checksum');
-// ---
-
-// Define possible FIELD Types
-define('FILTER_TYPE_STRING', 0);
-define('FILTER_TYPE_NUMBER', 1);
-define('FILTER_TYPE_DATE', 2);
-define('FILTER_TYPE_BOOL', 3);
-define('FILTER_TYPE_UNKNOWN', 99);
-
-// Define possible alignments
-define('ALIGN_CENTER', 'center');
-define('ALIGN_LEFT', 'left');
-define('ALIGN_RIGHT', 'right');
-
-// Defines for Report output types
-define('REPORT_OUTPUT_HTML', 'html');
-define('REPORT_OUTPUT_PDF', 'pdf');
-
-// Defines for Report output targets
-define('REPORT_TARGET_STDOUT', 'stdout');
-define('REPORT_TARGET_FILE', 'file');
-define('REPORT_TARGET_EMAIL', 'mail');
-
-// Further helper defines for output targets
-define('REPORT_TARGET_TYPE', 'type');
-define('REPORT_TARGET_FILENAME', 'filename');
-
-// Defines for sorting
-define('SORTING_ORDER_ASC', 'asc');
-define('SORTING_ORDER_DESC', 'desc');
-
-// --- Predefine fields array!
-$fields[SYSLOG_UID]['FieldID'] = SYSLOG_UID;
-$fields[SYSLOG_UID]['FieldDefine'] = 'SYSLOG_UID';
-$fields[SYSLOG_UID]['FieldCaption'] = 'uID';
-$fields[SYSLOG_UID]['FieldType'] = FILTER_TYPE_NUMBER;
-$fields[SYSLOG_UID]['Sortable'] = false;
-$fields[SYSLOG_UID]['DefaultWidth'] = "50";
-$fields[SYSLOG_UID]['FieldAlign'] = "center";
-$fields[SYSLOG_UID]['SearchOnline'] = false;
-$fields[SYSLOG_DATE]['FieldID'] = SYSLOG_DATE;
-$fields[SYSLOG_DATE]['FieldDefine'] = 'SYSLOG_DATE';
-$fields[SYSLOG_DATE]['FieldCaption'] = 'Date';
-$fields[SYSLOG_DATE]['FieldType'] = FILTER_TYPE_DATE;
-$fields[SYSLOG_DATE]['Sortable'] = true;
-$fields[SYSLOG_DATE]['DefaultWidth'] = "115";
-$fields[SYSLOG_DATE]['FieldAlign'] = "center";
-$fields[SYSLOG_DATE]['SearchOnline'] = false;
-$fields[SYSLOG_HOST]['FieldID'] = SYSLOG_HOST;
-$fields[SYSLOG_HOST]['FieldDefine'] = 'SYSLOG_HOST';
-$fields[SYSLOG_HOST]['FieldCaption'] = 'Host';
-$fields[SYSLOG_HOST]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_HOST]['Sortable'] = true;
-$fields[SYSLOG_HOST]['DefaultWidth'] = "80";
-$fields[SYSLOG_HOST]['FieldAlign'] = "left";
-$fields[SYSLOG_HOST]['SearchField'] = "source";
-$fields[SYSLOG_HOST]['SearchOnline'] = false;
-$fields[SYSLOG_MESSAGETYPE]['FieldID'] = SYSLOG_MESSAGETYPE;
-$fields[SYSLOG_MESSAGETYPE]['FieldDefine'] = 'SYSLOG_MESSAGETYPE';
-$fields[SYSLOG_MESSAGETYPE]['FieldCaption'] = 'Messagetype';
-$fields[SYSLOG_MESSAGETYPE]['FieldType'] = FILTER_TYPE_NUMBER;
-$fields[SYSLOG_MESSAGETYPE]['Sortable'] = true;
-$fields[SYSLOG_MESSAGETYPE]['DefaultWidth'] = "90";
-$fields[SYSLOG_MESSAGETYPE]['FieldAlign'] = "center";
-$fields[SYSLOG_MESSAGETYPE]['SearchField'] = "messagetype";
-$fields[SYSLOG_MESSAGETYPE]['SearchOnline'] = false;
-
-// Syslog specific
-$fields[SYSLOG_FACILITY]['FieldID'] = SYSLOG_FACILITY;
-$fields[SYSLOG_FACILITY]['FieldDefine'] = 'SYSLOG_FACILITY';
-$fields[SYSLOG_FACILITY]['FieldCaption'] = 'Facility';
-$fields[SYSLOG_FACILITY]['FieldType'] = FILTER_TYPE_NUMBER;
-$fields[SYSLOG_FACILITY]['Sortable'] = true;
-$fields[SYSLOG_FACILITY]['DefaultWidth'] = "50";
-$fields[SYSLOG_FACILITY]['FieldAlign'] = "center";
-$fields[SYSLOG_FACILITY]['SearchField'] = "facility";
-$fields[SYSLOG_FACILITY]['SearchOnline'] = true;
-$fields[SYSLOG_SEVERITY]['FieldID'] = SYSLOG_SEVERITY;
-$fields[SYSLOG_SEVERITY]['FieldDefine'] = 'SYSLOG_SEVERITY';
-$fields[SYSLOG_SEVERITY]['FieldCaption'] = 'Severity';
-$fields[SYSLOG_SEVERITY]['FieldType'] = FILTER_TYPE_NUMBER;
-$fields[SYSLOG_SEVERITY]['Sortable'] = true;
-$fields[SYSLOG_SEVERITY]['DefaultWidth'] = "50";
-$fields[SYSLOG_SEVERITY]['FieldAlign'] = "center";
-$fields[SYSLOG_SEVERITY]['SearchField'] = "severity";
-$fields[SYSLOG_SEVERITY]['SearchOnline'] = true;
-$fields[SYSLOG_SYSLOGTAG]['FieldID'] = SYSLOG_SYSLOGTAG;
-$fields[SYSLOG_SYSLOGTAG]['FieldDefine'] = 'SYSLOG_SYSLOGTAG';
-$fields[SYSLOG_SYSLOGTAG]['FieldCaption'] = 'Syslogtag';
-$fields[SYSLOG_SYSLOGTAG]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_SYSLOGTAG]['Sortable'] = true;
-$fields[SYSLOG_SYSLOGTAG]['DefaultWidth'] = "85";
-$fields[SYSLOG_SYSLOGTAG]['FieldAlign'] = "left";
-$fields[SYSLOG_SYSLOGTAG]['SearchField'] = "syslogtag";
-$fields[SYSLOG_SYSLOGTAG]['SearchOnline'] = true;
-$fields[SYSLOG_PROCESSID]['FieldID'] = SYSLOG_PROCESSID;
-$fields[SYSLOG_PROCESSID]['FieldDefine'] = 'SYSLOG_PROCESSID';
-$fields[SYSLOG_PROCESSID]['FieldCaption'] = 'ProcessID';
-$fields[SYSLOG_PROCESSID]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_PROCESSID]['Sortable'] = true;
-$fields[SYSLOG_PROCESSID]['DefaultWidth'] = "65";
-$fields[SYSLOG_PROCESSID]['FieldAlign'] = "center";
-$fields[SYSLOG_PROCESSID]['SearchField'] = "processid";
-$fields[SYSLOG_PROCESSID]['SearchOnline'] = false;
-
-// EventLog specific
-$fields[SYSLOG_EVENT_ID]['FieldID'] = SYSLOG_EVENT_ID;
-$fields[SYSLOG_EVENT_ID]['FieldDefine'] = 'SYSLOG_EVENT_ID';
-$fields[SYSLOG_EVENT_ID]['FieldCaption'] = 'Event ID';
-$fields[SYSLOG_EVENT_ID]['FieldType'] = FILTER_TYPE_NUMBER;
-$fields[SYSLOG_EVENT_ID]['Sortable'] = true;
-$fields[SYSLOG_EVENT_ID]['DefaultWidth'] = "65";
-$fields[SYSLOG_EVENT_ID]['FieldAlign'] = "center";
-$fields[SYSLOG_EVENT_ID]['SearchField'] = "eventid";
-$fields[SYSLOG_EVENT_ID]['SearchOnline'] = true;
-$fields[SYSLOG_EVENT_LOGTYPE]['FieldID'] = SYSLOG_EVENT_LOGTYPE;
-$fields[SYSLOG_EVENT_LOGTYPE]['FieldDefine'] = 'SYSLOG_EVENT_LOGTYPE';
-$fields[SYSLOG_EVENT_LOGTYPE]['FieldCaption'] = 'Eventlog Type';
-$fields[SYSLOG_EVENT_LOGTYPE]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_EVENT_LOGTYPE]['Sortable'] = true;
-$fields[SYSLOG_EVENT_LOGTYPE]['DefaultWidth'] = "100";
-$fields[SYSLOG_EVENT_LOGTYPE]['FieldAlign'] = "left";
-$fields[SYSLOG_EVENT_LOGTYPE]['SearchField'] = "eventlogtype";
-$fields[SYSLOG_EVENT_LOGTYPE]['SearchOnline'] = true;
-$fields[SYSLOG_EVENT_SOURCE]['FieldID'] = SYSLOG_EVENT_SOURCE;
-$fields[SYSLOG_EVENT_SOURCE]['FieldDefine'] = 'SYSLOG_EVENT_SOURCE';
-$fields[SYSLOG_EVENT_SOURCE]['FieldCaption'] = 'Event Source';
-$fields[SYSLOG_EVENT_SOURCE]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_EVENT_SOURCE]['Sortable'] = true;
-$fields[SYSLOG_EVENT_SOURCE]['DefaultWidth'] = "100";
-$fields[SYSLOG_EVENT_SOURCE]['FieldAlign'] = "left";
-$fields[SYSLOG_EVENT_SOURCE]['SearchField'] = "eventlogsource";
-$fields[SYSLOG_EVENT_SOURCE]['SearchOnline'] = true;
-$fields[SYSLOG_EVENT_CATEGORY]['FieldID'] = SYSLOG_EVENT_CATEGORY;
-$fields[SYSLOG_EVENT_CATEGORY]['FieldDefine'] = 'SYSLOG_EVENT_CATEGORY';
-$fields[SYSLOG_EVENT_CATEGORY]['FieldCaption'] = 'Event Category';
-$fields[SYSLOG_EVENT_CATEGORY]['FieldType'] = FILTER_TYPE_NUMBER;
-$fields[SYSLOG_EVENT_CATEGORY]['Sortable'] = true;
-$fields[SYSLOG_EVENT_CATEGORY]['DefaultWidth'] = "50";
-$fields[SYSLOG_EVENT_CATEGORY]['FieldAlign'] = "center";
-$fields[SYSLOG_EVENT_CATEGORY]['SearchField'] = "eventcategory";
-$fields[SYSLOG_EVENT_CATEGORY]['SearchOnline'] = false;
-$fields[SYSLOG_EVENT_USER]['FieldID'] = SYSLOG_EVENT_USER;
-$fields[SYSLOG_EVENT_USER]['FieldDefine'] = 'SYSLOG_EVENT_USER';
-$fields[SYSLOG_EVENT_USER]['FieldCaption'] = 'Event User';
-$fields[SYSLOG_EVENT_USER]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_EVENT_USER]['Sortable'] = true;
-$fields[SYSLOG_EVENT_USER]['DefaultWidth'] = "85";
-$fields[SYSLOG_EVENT_USER]['FieldAlign'] = "left";
-$fields[SYSLOG_EVENT_USER]['SearchField'] = "eventuser";
-$fields[SYSLOG_EVENT_USER]['SearchOnline'] = false;
-
-// Weblogfile specific
-$fields[SYSLOG_WEBLOG_USER]['FieldID'] = SYSLOG_WEBLOG_USER;
-$fields[SYSLOG_WEBLOG_USER]['FieldDefine'] = 'SYSLOG_WEBLOG_USER';
-$fields[SYSLOG_WEBLOG_USER]['FieldCaption'] = 'HTTP User';
-$fields[SYSLOG_WEBLOG_USER]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_WEBLOG_USER]['Sortable'] = false;
-$fields[SYSLOG_WEBLOG_USER]['DefaultWidth'] = "75";
-$fields[SYSLOG_WEBLOG_USER]['FieldAlign'] = "left";
-$fields[SYSLOG_WEBLOG_USER]['SearchField'] = SYSLOG_WEBLOG_USER;
-$fields[SYSLOG_WEBLOG_USER]['SearchOnline'] = false;
-$fields[SYSLOG_WEBLOG_METHOD]['FieldID'] = SYSLOG_WEBLOG_METHOD;
-$fields[SYSLOG_WEBLOG_METHOD]['FieldDefine'] = 'SYSLOG_WEBLOG_METHOD';
-$fields[SYSLOG_WEBLOG_METHOD]['FieldCaption'] = 'Method';
-$fields[SYSLOG_WEBLOG_METHOD]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_WEBLOG_METHOD]['Sortable'] = false;
-$fields[SYSLOG_WEBLOG_METHOD]['DefaultWidth'] = "50";
-$fields[SYSLOG_WEBLOG_METHOD]['FieldAlign'] = "center";
-$fields[SYSLOG_WEBLOG_METHOD]['SearchField'] = SYSLOG_WEBLOG_METHOD;
-$fields[SYSLOG_WEBLOG_METHOD]['SearchOnline'] = false;
-$fields[SYSLOG_WEBLOG_URL]['FieldID'] = SYSLOG_WEBLOG_URL;
-$fields[SYSLOG_WEBLOG_URL]['FieldDefine'] = 'SYSLOG_WEBLOG_URL';
-$fields[SYSLOG_WEBLOG_URL]['FieldCaption'] = 'URL';
-$fields[SYSLOG_WEBLOG_URL]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_WEBLOG_URL]['Sortable'] = false;
-$fields[SYSLOG_WEBLOG_URL]['DefaultWidth'] = "200";
-$fields[SYSLOG_WEBLOG_URL]['FieldAlign'] = "left";
-$fields[SYSLOG_WEBLOG_URL]['SearchField'] = SYSLOG_WEBLOG_URL;
-$fields[SYSLOG_WEBLOG_URL]['SearchOnline'] = false;
-$fields[SYSLOG_WEBLOG_QUERYSTRING]['FieldID'] = SYSLOG_WEBLOG_QUERYSTRING;
-$fields[SYSLOG_WEBLOG_QUERYSTRING]['FieldDefine'] = 'SYSLOG_WEBLOG_QUERYSTRING';
-$fields[SYSLOG_WEBLOG_QUERYSTRING]['FieldCaption'] = 'Querystring';
-$fields[SYSLOG_WEBLOG_QUERYSTRING]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_WEBLOG_QUERYSTRING]['Sortable'] = false;
-$fields[SYSLOG_WEBLOG_QUERYSTRING]['DefaultWidth'] = "200";
-$fields[SYSLOG_WEBLOG_QUERYSTRING]['FieldAlign'] = "left";
-$fields[SYSLOG_WEBLOG_QUERYSTRING]['SearchField'] = SYSLOG_WEBLOG_QUERYSTRING;
-$fields[SYSLOG_WEBLOG_QUERYSTRING]['SearchOnline'] = false;
-$fields[SYSLOG_WEBLOG_PVER]['FieldID'] = SYSLOG_WEBLOG_PVER;
-$fields[SYSLOG_WEBLOG_PVER]['FieldDefine'] = 'SYSLOG_WEBLOG_PVER';
-$fields[SYSLOG_WEBLOG_PVER]['FieldCaption'] = 'Version';
-$fields[SYSLOG_WEBLOG_PVER]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_WEBLOG_PVER]['Sortable'] = false;
-$fields[SYSLOG_WEBLOG_PVER]['DefaultWidth'] = "50";
-$fields[SYSLOG_WEBLOG_PVER]['FieldAlign'] = "center";
-$fields[SYSLOG_WEBLOG_PVER]['SearchField'] = SYSLOG_WEBLOG_PVER;
-$fields[SYSLOG_WEBLOG_PVER]['SearchOnline'] = false;
-$fields[SYSLOG_WEBLOG_STATUS]['FieldID'] = SYSLOG_WEBLOG_STATUS;
-$fields[SYSLOG_WEBLOG_STATUS]['FieldDefine'] = 'SYSLOG_WEBLOG_STATUS';
-$fields[SYSLOG_WEBLOG_STATUS]['FieldCaption'] = 'Status';
-$fields[SYSLOG_WEBLOG_STATUS]['FieldType'] = FILTER_TYPE_NUMBER;
-$fields[SYSLOG_WEBLOG_STATUS]['Sortable'] = false;
-$fields[SYSLOG_WEBLOG_STATUS]['DefaultWidth'] = "50";
-$fields[SYSLOG_WEBLOG_STATUS]['FieldAlign'] = "center";
-$fields[SYSLOG_WEBLOG_STATUS]['SearchField'] = SYSLOG_WEBLOG_STATUS;
-$fields[SYSLOG_WEBLOG_STATUS]['SearchOnline'] = false;
-$fields[SYSLOG_WEBLOG_BYTESSEND]['FieldID'] = SYSLOG_WEBLOG_BYTESSEND;
-$fields[SYSLOG_WEBLOG_BYTESSEND]['FieldDefine'] = 'SYSLOG_WEBLOG_BYTESSEND';
-$fields[SYSLOG_WEBLOG_BYTESSEND]['FieldCaption'] = 'Bytes Send';
-$fields[SYSLOG_WEBLOG_BYTESSEND]['FieldType'] = FILTER_TYPE_NUMBER;
-$fields[SYSLOG_WEBLOG_BYTESSEND]['Sortable'] = false;
-$fields[SYSLOG_WEBLOG_BYTESSEND]['DefaultWidth'] = "75";
-$fields[SYSLOG_WEBLOG_BYTESSEND]['FieldAlign'] = "left";
-$fields[SYSLOG_WEBLOG_BYTESSEND]['SearchField'] = SYSLOG_WEBLOG_BYTESSEND;
-$fields[SYSLOG_WEBLOG_BYTESSEND]['SearchOnline'] = false;
-$fields[SYSLOG_WEBLOG_REFERER]['FieldID'] = SYSLOG_WEBLOG_REFERER;
-$fields[SYSLOG_WEBLOG_REFERER]['FieldDefine'] = 'SYSLOG_WEBLOG_REFERER';
-$fields[SYSLOG_WEBLOG_REFERER]['FieldCaption'] = 'Referer';
-$fields[SYSLOG_WEBLOG_REFERER]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_WEBLOG_REFERER]['Sortable'] = false;
-$fields[SYSLOG_WEBLOG_REFERER]['DefaultWidth'] = "200";
-$fields[SYSLOG_WEBLOG_REFERER]['FieldAlign'] = "left";
-$fields[SYSLOG_WEBLOG_REFERER]['SearchField'] = SYSLOG_WEBLOG_REFERER;
-$fields[SYSLOG_WEBLOG_REFERER]['SearchOnline'] = true;
-$fields[SYSLOG_WEBLOG_USERAGENT]['FieldID'] = SYSLOG_WEBLOG_USERAGENT;
-$fields[SYSLOG_WEBLOG_USERAGENT]['FieldDefine'] = 'SYSLOG_WEBLOG_USERAGENT';
-$fields[SYSLOG_WEBLOG_USERAGENT]['FieldCaption'] = 'User Agent';
-$fields[SYSLOG_WEBLOG_USERAGENT]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_WEBLOG_USERAGENT]['Sortable'] = false;
-$fields[SYSLOG_WEBLOG_USERAGENT]['DefaultWidth'] = "100";
-$fields[SYSLOG_WEBLOG_USERAGENT]['FieldAlign'] = "left";
-$fields[SYSLOG_WEBLOG_USERAGENT]['SearchField'] = SYSLOG_WEBLOG_USERAGENT;
-$fields[SYSLOG_WEBLOG_USERAGENT]['SearchOnline'] = true;
-
-// Misc fields
-$fields[MISC_SYSTEMID]['FieldID'] = MISC_SYSTEMID;
-$fields[MISC_SYSTEMID]['FieldDefine'] = 'MISC_SYSTEMID';
-$fields[MISC_SYSTEMID]['FieldCaption'] = 'SystemID';
-$fields[MISC_SYSTEMID]['FieldType'] = FILTER_TYPE_NUMBER;
-$fields[MISC_SYSTEMID]['Sortable'] = false;
-$fields[MISC_SYSTEMID]['DefaultWidth'] = "50";
-$fields[MISC_SYSTEMID]['FieldAlign'] = "center";
-$fields[MISC_SYSTEMID]['SearchField'] = MISC_SYSTEMID;
-$fields[MISC_SYSTEMID]['SearchOnline'] = false;
-$fields[MISC_CHECKSUM]['FieldID'] = MISC_CHECKSUM;
-$fields[MISC_CHECKSUM]['FieldDefine'] = 'MISC_CHECKSUM';
-$fields[MISC_CHECKSUM]['FieldCaption'] = 'Checksum';
-$fields[MISC_CHECKSUM]['FieldType'] = FILTER_TYPE_NUMBER;
-$fields[MISC_CHECKSUM]['Sortable'] = false;
-$fields[MISC_CHECKSUM]['DefaultWidth'] = "50";
-$fields[MISC_CHECKSUM]['FieldAlign'] = "center";
-$fields[MISC_CHECKSUM]['SearchField'] = MISC_CHECKSUM;
-$fields[MISC_CHECKSUM]['SearchOnline'] = false;
-
-// Message is the last element, this order is important for the Detail page for now!
-$fields[SYSLOG_MESSAGE]['FieldID'] = SYSLOG_MESSAGE;
-$fields[SYSLOG_MESSAGE]['FieldDefine'] = 'SYSLOG_MESSAGE';
-$fields[SYSLOG_MESSAGE]['FieldCaption'] = 'Message';
-$fields[SYSLOG_MESSAGE]['FieldType'] = FILTER_TYPE_STRING;
-$fields[SYSLOG_MESSAGE]['Sortable'] = false;
-$fields[SYSLOG_MESSAGE]['DefaultWidth'] = "100%";
-$fields[SYSLOG_MESSAGE]['FieldAlign'] = "left";
-// $fields[SYSLOG_MESSAGE]['SearchField'] = "";
-$fields[SYSLOG_MESSAGE]['SearchField'] = SYSLOG_MESSAGE;
-$fields[SYSLOG_MESSAGE]['SearchOnline'] = false;
-// ---
-
-// --- Define default Database field mappings!
-$dbmapping['monitorware']['ID'] = "monitorware";
-$dbmapping['monitorware']['DisplayName'] = "MonitorWare";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_UID] = "ID";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_DATE] = "DeviceReportedTime";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_HOST] = "FromHost";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_MESSAGETYPE] = "InfoUnitID";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_MESSAGE] = "Message";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_FACILITY] = "Facility";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_SEVERITY] = "Priority";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_SYSLOGTAG] = "SysLogTag";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_PROCESSID] = "ProcessID";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_EVENT_ID] = "EventID";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_EVENT_LOGTYPE] = "EventLogType";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_EVENT_SOURCE] = "EventSource";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_EVENT_CATEGORY] = "EventCategory";
-$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_EVENT_USER] = "EventUser";
-$dbmapping['monitorware']['DBMAPPINGS'][MISC_SYSTEMID] = "SystemID";
-$dbmapping['monitorware']['DBMAPPINGS'][MISC_CHECKSUM] = "Checksum";
-//$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_PROCESSID] = "ProcessID";
-
-$dbmapping['syslogng']['ID'] = "syslogng";
-$dbmapping['syslogng']['DisplayName'] = "SyslogNG";
-$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_UID] = "seq";
-$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_DATE] = "datetime";
-$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_HOST] = "host";
-$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_MESSAGE] = "msg";
-//NOT POSSIBLE YET $dbmapping['syslogng'][SYSLOG_FACILITY] = "Facility";
-//NOT POSSIBLE YET $dbmapping['syslogng'][SYSLOG_SEVERITY] = "Priority";
-$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_SYSLOGTAG] = "tag";
-$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_PROCESSID] = "program";
-
-$dbmapping['mongodb']['ID'] = "mongodb";
-$dbmapping['mongodb']['DisplayName'] = "MongoDB";
-$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_UID] = "_id";
-$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_DATE] = "time";
-$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_HOST] = "sys";
-$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_MESSAGE] = "msg";
-$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_FACILITY] = "syslog_fac";
-$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_SEVERITY] = "syslog_sever";
-$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_SYSLOGTAG] = "procid"; // not using syslog_tag because of PID in it
-$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_PROCESSID] = "pid";
-$dbmapping['mongodb']['DBMAPPINGS'][MISC_CHECKSUM] = "Checksum";
-
-// Convert all fieldnames to lowercase to avoid problems with case sensitive array keys later
-foreach( $dbmapping as &$myMapping )
-{
- foreach( $myMapping['DBMAPPINGS'] as &$myField )
- $myField = strtolower($myField);
-}
-
-// ---
-
-// EventTime Constants
-define('EVTIME_TIMESTAMP', '0');
-define('EVTIME_TIMEZONE', '1');
-define('EVTIME_MICROSECONDS', '2');
-
+ Stuff which has to be static and predefined *
+ * *
+ * All directives are explained within this file *
+ *
+ * Copyright (C) 2008-2010 Adiscon GmbH.
+ *
+ * This file is part of LogAnalyzer.
+ *
+ * LogAnalyzer is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * LogAnalyzer is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with LogAnalyzer. If not, see .
+ *
+ * A copy of the GPL can be found in the file "COPYING" in this
+ * distribution.
+ *
+ * Adiscon LogAnalyzer is also available under a commercial license.
+ * For details, contact info@adiscon.com or visit
+ * http://loganalyzer.adiscon.com/commercial
+ *********************************************************************
+*/
+
+// --- Avoid directly accessing this file!
+if ( !defined('IN_PHPLOGCON') )
+{
+ die('Hacking attempt');
+ exit;
+}
+// ---
+
+// --- Define properties names of all know fields
+define('SYSLOG_UID', 'uID');
+define('SYSLOG_DATE', 'timereported');
+define('SYSLOG_HOST', 'FROMHOST');
+define('SYSLOG_MESSAGETYPE', 'IUT');
+define('SYSLOG_MESSAGE', 'msg');
+
+// Syslog specific
+define('SYSLOG_FACILITY', 'syslogfacility');
+define('SYSLOG_SEVERITY', 'syslogseverity');
+define('SYSLOG_SYSLOGTAG', 'syslogtag');
+define('SYSLOG_PROCESSID', 'procid');
+
+// EventLog specific
+define('SYSLOG_EVENT_ID', 'id');
+define('SYSLOG_EVENT_LOGTYPE', 'NTEventLogType');
+define('SYSLOG_EVENT_SOURCE', 'sourceproc');
+define('SYSLOG_EVENT_CATEGORY', 'category');
+define('SYSLOG_EVENT_USER', 'user');
+
+// Weblog specific
+define('SYSLOG_WEBLOG_USER', 'http_user');
+define('SYSLOG_WEBLOG_METHOD', 'http_method');
+define('SYSLOG_WEBLOG_URL', 'http_url');
+define('SYSLOG_WEBLOG_QUERYSTRING', 'http_querystring');
+define('SYSLOG_WEBLOG_PVER', 'http_ver');
+define('SYSLOG_WEBLOG_STATUS', 'http_status');
+define('SYSLOG_WEBLOG_BYTESSEND', 'http_bytessend');
+define('SYSLOG_WEBLOG_REFERER', 'http_referer');
+define('SYSLOG_WEBLOG_USERAGENT', 'http_useragent');
+
+// Other fields
+define('MISC_SYSTEMID', 'misc_systenid');
+define('MISC_CHECKSUM', 'misc_checksum');
+// ---
+
+// Define possible FIELD Types
+define('FILTER_TYPE_STRING', 0);
+define('FILTER_TYPE_NUMBER', 1);
+define('FILTER_TYPE_DATE', 2);
+define('FILTER_TYPE_BOOL', 3);
+define('FILTER_TYPE_UNKNOWN', 99);
+
+// Define possible alignments
+define('ALIGN_CENTER', 'center');
+define('ALIGN_LEFT', 'left');
+define('ALIGN_RIGHT', 'right');
+
+// Defines for Report output types
+define('REPORT_OUTPUT_HTML', 'html');
+define('REPORT_OUTPUT_PDF', 'pdf');
+
+// Defines for Report output targets
+define('REPORT_TARGET_STDOUT', 'stdout');
+define('REPORT_TARGET_FILE', 'file');
+define('REPORT_TARGET_EMAIL', 'mail');
+
+// Further helper defines for output targets
+define('REPORT_TARGET_TYPE', 'type');
+define('REPORT_TARGET_FILENAME', 'filename');
+
+// Defines for sorting
+define('SORTING_ORDER_ASC', 'asc');
+define('SORTING_ORDER_DESC', 'desc');
+
+// --- Predefine fields array!
+$fields[SYSLOG_UID]['FieldID'] = SYSLOG_UID;
+$fields[SYSLOG_UID]['FieldDefine'] = 'SYSLOG_UID';
+$fields[SYSLOG_UID]['FieldCaption'] = 'uID';
+$fields[SYSLOG_UID]['FieldType'] = FILTER_TYPE_NUMBER;
+$fields[SYSLOG_UID]['Sortable'] = false;
+$fields[SYSLOG_UID]['DefaultWidth'] = "50";
+$fields[SYSLOG_UID]['FieldAlign'] = "center";
+$fields[SYSLOG_UID]['SearchOnline'] = false;
+$fields[SYSLOG_DATE]['FieldID'] = SYSLOG_DATE;
+$fields[SYSLOG_DATE]['FieldDefine'] = 'SYSLOG_DATE';
+$fields[SYSLOG_DATE]['FieldCaption'] = 'Date';
+$fields[SYSLOG_DATE]['FieldType'] = FILTER_TYPE_DATE;
+$fields[SYSLOG_DATE]['Sortable'] = true;
+$fields[SYSLOG_DATE]['DefaultWidth'] = "115";
+$fields[SYSLOG_DATE]['FieldAlign'] = "center";
+$fields[SYSLOG_DATE]['SearchOnline'] = false;
+$fields[SYSLOG_HOST]['FieldID'] = SYSLOG_HOST;
+$fields[SYSLOG_HOST]['FieldDefine'] = 'SYSLOG_HOST';
+$fields[SYSLOG_HOST]['FieldCaption'] = 'Host';
+$fields[SYSLOG_HOST]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_HOST]['Sortable'] = true;
+$fields[SYSLOG_HOST]['DefaultWidth'] = "80";
+$fields[SYSLOG_HOST]['FieldAlign'] = "left";
+$fields[SYSLOG_HOST]['SearchField'] = "source";
+$fields[SYSLOG_HOST]['SearchOnline'] = false;
+$fields[SYSLOG_MESSAGETYPE]['FieldID'] = SYSLOG_MESSAGETYPE;
+$fields[SYSLOG_MESSAGETYPE]['FieldDefine'] = 'SYSLOG_MESSAGETYPE';
+$fields[SYSLOG_MESSAGETYPE]['FieldCaption'] = 'Messagetype';
+$fields[SYSLOG_MESSAGETYPE]['FieldType'] = FILTER_TYPE_NUMBER;
+$fields[SYSLOG_MESSAGETYPE]['Sortable'] = true;
+$fields[SYSLOG_MESSAGETYPE]['DefaultWidth'] = "90";
+$fields[SYSLOG_MESSAGETYPE]['FieldAlign'] = "center";
+$fields[SYSLOG_MESSAGETYPE]['SearchField'] = "messagetype";
+$fields[SYSLOG_MESSAGETYPE]['SearchOnline'] = false;
+
+// Syslog specific
+$fields[SYSLOG_FACILITY]['FieldID'] = SYSLOG_FACILITY;
+$fields[SYSLOG_FACILITY]['FieldDefine'] = 'SYSLOG_FACILITY';
+$fields[SYSLOG_FACILITY]['FieldCaption'] = 'Facility';
+$fields[SYSLOG_FACILITY]['FieldType'] = FILTER_TYPE_NUMBER;
+$fields[SYSLOG_FACILITY]['Sortable'] = true;
+$fields[SYSLOG_FACILITY]['DefaultWidth'] = "50";
+$fields[SYSLOG_FACILITY]['FieldAlign'] = "center";
+$fields[SYSLOG_FACILITY]['SearchField'] = "facility";
+$fields[SYSLOG_FACILITY]['SearchOnline'] = true;
+$fields[SYSLOG_SEVERITY]['FieldID'] = SYSLOG_SEVERITY;
+$fields[SYSLOG_SEVERITY]['FieldDefine'] = 'SYSLOG_SEVERITY';
+$fields[SYSLOG_SEVERITY]['FieldCaption'] = 'Severity';
+$fields[SYSLOG_SEVERITY]['FieldType'] = FILTER_TYPE_NUMBER;
+$fields[SYSLOG_SEVERITY]['Sortable'] = true;
+$fields[SYSLOG_SEVERITY]['DefaultWidth'] = "50";
+$fields[SYSLOG_SEVERITY]['FieldAlign'] = "center";
+$fields[SYSLOG_SEVERITY]['SearchField'] = "severity";
+$fields[SYSLOG_SEVERITY]['SearchOnline'] = true;
+$fields[SYSLOG_SYSLOGTAG]['FieldID'] = SYSLOG_SYSLOGTAG;
+$fields[SYSLOG_SYSLOGTAG]['FieldDefine'] = 'SYSLOG_SYSLOGTAG';
+$fields[SYSLOG_SYSLOGTAG]['FieldCaption'] = 'Syslogtag';
+$fields[SYSLOG_SYSLOGTAG]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_SYSLOGTAG]['Sortable'] = true;
+$fields[SYSLOG_SYSLOGTAG]['DefaultWidth'] = "85";
+$fields[SYSLOG_SYSLOGTAG]['FieldAlign'] = "left";
+$fields[SYSLOG_SYSLOGTAG]['SearchField'] = "syslogtag";
+$fields[SYSLOG_SYSLOGTAG]['SearchOnline'] = true;
+$fields[SYSLOG_PROCESSID]['FieldID'] = SYSLOG_PROCESSID;
+$fields[SYSLOG_PROCESSID]['FieldDefine'] = 'SYSLOG_PROCESSID';
+$fields[SYSLOG_PROCESSID]['FieldCaption'] = 'ProcessID';
+$fields[SYSLOG_PROCESSID]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_PROCESSID]['Sortable'] = true;
+$fields[SYSLOG_PROCESSID]['DefaultWidth'] = "65";
+$fields[SYSLOG_PROCESSID]['FieldAlign'] = "center";
+$fields[SYSLOG_PROCESSID]['SearchField'] = "processid";
+$fields[SYSLOG_PROCESSID]['SearchOnline'] = false;
+
+// EventLog specific
+$fields[SYSLOG_EVENT_ID]['FieldID'] = SYSLOG_EVENT_ID;
+$fields[SYSLOG_EVENT_ID]['FieldDefine'] = 'SYSLOG_EVENT_ID';
+$fields[SYSLOG_EVENT_ID]['FieldCaption'] = 'Event ID';
+$fields[SYSLOG_EVENT_ID]['FieldType'] = FILTER_TYPE_NUMBER;
+$fields[SYSLOG_EVENT_ID]['Sortable'] = true;
+$fields[SYSLOG_EVENT_ID]['DefaultWidth'] = "65";
+$fields[SYSLOG_EVENT_ID]['FieldAlign'] = "center";
+$fields[SYSLOG_EVENT_ID]['SearchField'] = "eventid";
+$fields[SYSLOG_EVENT_ID]['SearchOnline'] = true;
+$fields[SYSLOG_EVENT_LOGTYPE]['FieldID'] = SYSLOG_EVENT_LOGTYPE;
+$fields[SYSLOG_EVENT_LOGTYPE]['FieldDefine'] = 'SYSLOG_EVENT_LOGTYPE';
+$fields[SYSLOG_EVENT_LOGTYPE]['FieldCaption'] = 'Eventlog Type';
+$fields[SYSLOG_EVENT_LOGTYPE]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_EVENT_LOGTYPE]['Sortable'] = true;
+$fields[SYSLOG_EVENT_LOGTYPE]['DefaultWidth'] = "100";
+$fields[SYSLOG_EVENT_LOGTYPE]['FieldAlign'] = "left";
+$fields[SYSLOG_EVENT_LOGTYPE]['SearchField'] = "eventlogtype";
+$fields[SYSLOG_EVENT_LOGTYPE]['SearchOnline'] = true;
+$fields[SYSLOG_EVENT_SOURCE]['FieldID'] = SYSLOG_EVENT_SOURCE;
+$fields[SYSLOG_EVENT_SOURCE]['FieldDefine'] = 'SYSLOG_EVENT_SOURCE';
+$fields[SYSLOG_EVENT_SOURCE]['FieldCaption'] = 'Event Source';
+$fields[SYSLOG_EVENT_SOURCE]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_EVENT_SOURCE]['Sortable'] = true;
+$fields[SYSLOG_EVENT_SOURCE]['DefaultWidth'] = "100";
+$fields[SYSLOG_EVENT_SOURCE]['FieldAlign'] = "left";
+$fields[SYSLOG_EVENT_SOURCE]['SearchField'] = "eventlogsource";
+$fields[SYSLOG_EVENT_SOURCE]['SearchOnline'] = true;
+$fields[SYSLOG_EVENT_CATEGORY]['FieldID'] = SYSLOG_EVENT_CATEGORY;
+$fields[SYSLOG_EVENT_CATEGORY]['FieldDefine'] = 'SYSLOG_EVENT_CATEGORY';
+$fields[SYSLOG_EVENT_CATEGORY]['FieldCaption'] = 'Event Category';
+$fields[SYSLOG_EVENT_CATEGORY]['FieldType'] = FILTER_TYPE_NUMBER;
+$fields[SYSLOG_EVENT_CATEGORY]['Sortable'] = true;
+$fields[SYSLOG_EVENT_CATEGORY]['DefaultWidth'] = "50";
+$fields[SYSLOG_EVENT_CATEGORY]['FieldAlign'] = "center";
+$fields[SYSLOG_EVENT_CATEGORY]['SearchField'] = "eventcategory";
+$fields[SYSLOG_EVENT_CATEGORY]['SearchOnline'] = false;
+$fields[SYSLOG_EVENT_USER]['FieldID'] = SYSLOG_EVENT_USER;
+$fields[SYSLOG_EVENT_USER]['FieldDefine'] = 'SYSLOG_EVENT_USER';
+$fields[SYSLOG_EVENT_USER]['FieldCaption'] = 'Event User';
+$fields[SYSLOG_EVENT_USER]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_EVENT_USER]['Sortable'] = true;
+$fields[SYSLOG_EVENT_USER]['DefaultWidth'] = "85";
+$fields[SYSLOG_EVENT_USER]['FieldAlign'] = "left";
+$fields[SYSLOG_EVENT_USER]['SearchField'] = "eventuser";
+$fields[SYSLOG_EVENT_USER]['SearchOnline'] = false;
+
+// Weblogfile specific
+$fields[SYSLOG_WEBLOG_USER]['FieldID'] = SYSLOG_WEBLOG_USER;
+$fields[SYSLOG_WEBLOG_USER]['FieldDefine'] = 'SYSLOG_WEBLOG_USER';
+$fields[SYSLOG_WEBLOG_USER]['FieldCaption'] = 'HTTP User';
+$fields[SYSLOG_WEBLOG_USER]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_WEBLOG_USER]['Sortable'] = false;
+$fields[SYSLOG_WEBLOG_USER]['DefaultWidth'] = "75";
+$fields[SYSLOG_WEBLOG_USER]['FieldAlign'] = "left";
+$fields[SYSLOG_WEBLOG_USER]['SearchField'] = SYSLOG_WEBLOG_USER;
+$fields[SYSLOG_WEBLOG_USER]['SearchOnline'] = false;
+$fields[SYSLOG_WEBLOG_METHOD]['FieldID'] = SYSLOG_WEBLOG_METHOD;
+$fields[SYSLOG_WEBLOG_METHOD]['FieldDefine'] = 'SYSLOG_WEBLOG_METHOD';
+$fields[SYSLOG_WEBLOG_METHOD]['FieldCaption'] = 'Method';
+$fields[SYSLOG_WEBLOG_METHOD]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_WEBLOG_METHOD]['Sortable'] = false;
+$fields[SYSLOG_WEBLOG_METHOD]['DefaultWidth'] = "50";
+$fields[SYSLOG_WEBLOG_METHOD]['FieldAlign'] = "center";
+$fields[SYSLOG_WEBLOG_METHOD]['SearchField'] = SYSLOG_WEBLOG_METHOD;
+$fields[SYSLOG_WEBLOG_METHOD]['SearchOnline'] = false;
+$fields[SYSLOG_WEBLOG_URL]['FieldID'] = SYSLOG_WEBLOG_URL;
+$fields[SYSLOG_WEBLOG_URL]['FieldDefine'] = 'SYSLOG_WEBLOG_URL';
+$fields[SYSLOG_WEBLOG_URL]['FieldCaption'] = 'URL';
+$fields[SYSLOG_WEBLOG_URL]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_WEBLOG_URL]['Sortable'] = false;
+$fields[SYSLOG_WEBLOG_URL]['DefaultWidth'] = "200";
+$fields[SYSLOG_WEBLOG_URL]['FieldAlign'] = "left";
+$fields[SYSLOG_WEBLOG_URL]['SearchField'] = SYSLOG_WEBLOG_URL;
+$fields[SYSLOG_WEBLOG_URL]['SearchOnline'] = false;
+$fields[SYSLOG_WEBLOG_QUERYSTRING]['FieldID'] = SYSLOG_WEBLOG_QUERYSTRING;
+$fields[SYSLOG_WEBLOG_QUERYSTRING]['FieldDefine'] = 'SYSLOG_WEBLOG_QUERYSTRING';
+$fields[SYSLOG_WEBLOG_QUERYSTRING]['FieldCaption'] = 'Querystring';
+$fields[SYSLOG_WEBLOG_QUERYSTRING]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_WEBLOG_QUERYSTRING]['Sortable'] = false;
+$fields[SYSLOG_WEBLOG_QUERYSTRING]['DefaultWidth'] = "200";
+$fields[SYSLOG_WEBLOG_QUERYSTRING]['FieldAlign'] = "left";
+$fields[SYSLOG_WEBLOG_QUERYSTRING]['SearchField'] = SYSLOG_WEBLOG_QUERYSTRING;
+$fields[SYSLOG_WEBLOG_QUERYSTRING]['SearchOnline'] = false;
+$fields[SYSLOG_WEBLOG_PVER]['FieldID'] = SYSLOG_WEBLOG_PVER;
+$fields[SYSLOG_WEBLOG_PVER]['FieldDefine'] = 'SYSLOG_WEBLOG_PVER';
+$fields[SYSLOG_WEBLOG_PVER]['FieldCaption'] = 'Version';
+$fields[SYSLOG_WEBLOG_PVER]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_WEBLOG_PVER]['Sortable'] = false;
+$fields[SYSLOG_WEBLOG_PVER]['DefaultWidth'] = "50";
+$fields[SYSLOG_WEBLOG_PVER]['FieldAlign'] = "center";
+$fields[SYSLOG_WEBLOG_PVER]['SearchField'] = SYSLOG_WEBLOG_PVER;
+$fields[SYSLOG_WEBLOG_PVER]['SearchOnline'] = false;
+$fields[SYSLOG_WEBLOG_STATUS]['FieldID'] = SYSLOG_WEBLOG_STATUS;
+$fields[SYSLOG_WEBLOG_STATUS]['FieldDefine'] = 'SYSLOG_WEBLOG_STATUS';
+$fields[SYSLOG_WEBLOG_STATUS]['FieldCaption'] = 'Status';
+$fields[SYSLOG_WEBLOG_STATUS]['FieldType'] = FILTER_TYPE_NUMBER;
+$fields[SYSLOG_WEBLOG_STATUS]['Sortable'] = false;
+$fields[SYSLOG_WEBLOG_STATUS]['DefaultWidth'] = "50";
+$fields[SYSLOG_WEBLOG_STATUS]['FieldAlign'] = "center";
+$fields[SYSLOG_WEBLOG_STATUS]['SearchField'] = SYSLOG_WEBLOG_STATUS;
+$fields[SYSLOG_WEBLOG_STATUS]['SearchOnline'] = false;
+$fields[SYSLOG_WEBLOG_BYTESSEND]['FieldID'] = SYSLOG_WEBLOG_BYTESSEND;
+$fields[SYSLOG_WEBLOG_BYTESSEND]['FieldDefine'] = 'SYSLOG_WEBLOG_BYTESSEND';
+$fields[SYSLOG_WEBLOG_BYTESSEND]['FieldCaption'] = 'Bytes Send';
+$fields[SYSLOG_WEBLOG_BYTESSEND]['FieldType'] = FILTER_TYPE_NUMBER;
+$fields[SYSLOG_WEBLOG_BYTESSEND]['Sortable'] = false;
+$fields[SYSLOG_WEBLOG_BYTESSEND]['DefaultWidth'] = "75";
+$fields[SYSLOG_WEBLOG_BYTESSEND]['FieldAlign'] = "left";
+$fields[SYSLOG_WEBLOG_BYTESSEND]['SearchField'] = SYSLOG_WEBLOG_BYTESSEND;
+$fields[SYSLOG_WEBLOG_BYTESSEND]['SearchOnline'] = false;
+$fields[SYSLOG_WEBLOG_REFERER]['FieldID'] = SYSLOG_WEBLOG_REFERER;
+$fields[SYSLOG_WEBLOG_REFERER]['FieldDefine'] = 'SYSLOG_WEBLOG_REFERER';
+$fields[SYSLOG_WEBLOG_REFERER]['FieldCaption'] = 'Referer';
+$fields[SYSLOG_WEBLOG_REFERER]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_WEBLOG_REFERER]['Sortable'] = false;
+$fields[SYSLOG_WEBLOG_REFERER]['DefaultWidth'] = "200";
+$fields[SYSLOG_WEBLOG_REFERER]['FieldAlign'] = "left";
+$fields[SYSLOG_WEBLOG_REFERER]['SearchField'] = SYSLOG_WEBLOG_REFERER;
+$fields[SYSLOG_WEBLOG_REFERER]['SearchOnline'] = true;
+$fields[SYSLOG_WEBLOG_USERAGENT]['FieldID'] = SYSLOG_WEBLOG_USERAGENT;
+$fields[SYSLOG_WEBLOG_USERAGENT]['FieldDefine'] = 'SYSLOG_WEBLOG_USERAGENT';
+$fields[SYSLOG_WEBLOG_USERAGENT]['FieldCaption'] = 'User Agent';
+$fields[SYSLOG_WEBLOG_USERAGENT]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_WEBLOG_USERAGENT]['Sortable'] = false;
+$fields[SYSLOG_WEBLOG_USERAGENT]['DefaultWidth'] = "100";
+$fields[SYSLOG_WEBLOG_USERAGENT]['FieldAlign'] = "left";
+$fields[SYSLOG_WEBLOG_USERAGENT]['SearchField'] = SYSLOG_WEBLOG_USERAGENT;
+$fields[SYSLOG_WEBLOG_USERAGENT]['SearchOnline'] = true;
+
+// Misc fields
+$fields[MISC_SYSTEMID]['FieldID'] = MISC_SYSTEMID;
+$fields[MISC_SYSTEMID]['FieldDefine'] = 'MISC_SYSTEMID';
+$fields[MISC_SYSTEMID]['FieldCaption'] = 'SystemID';
+$fields[MISC_SYSTEMID]['FieldType'] = FILTER_TYPE_NUMBER;
+$fields[MISC_SYSTEMID]['Sortable'] = false;
+$fields[MISC_SYSTEMID]['DefaultWidth'] = "50";
+$fields[MISC_SYSTEMID]['FieldAlign'] = "center";
+$fields[MISC_SYSTEMID]['SearchField'] = MISC_SYSTEMID;
+$fields[MISC_SYSTEMID]['SearchOnline'] = false;
+$fields[MISC_CHECKSUM]['FieldID'] = MISC_CHECKSUM;
+$fields[MISC_CHECKSUM]['FieldDefine'] = 'MISC_CHECKSUM';
+$fields[MISC_CHECKSUM]['FieldCaption'] = 'Checksum';
+$fields[MISC_CHECKSUM]['FieldType'] = FILTER_TYPE_NUMBER;
+$fields[MISC_CHECKSUM]['Sortable'] = false;
+$fields[MISC_CHECKSUM]['DefaultWidth'] = "50";
+$fields[MISC_CHECKSUM]['FieldAlign'] = "center";
+$fields[MISC_CHECKSUM]['SearchField'] = MISC_CHECKSUM;
+$fields[MISC_CHECKSUM]['SearchOnline'] = false;
+
+// Message is the last element, this order is important for the Detail page for now!
+$fields[SYSLOG_MESSAGE]['FieldID'] = SYSLOG_MESSAGE;
+$fields[SYSLOG_MESSAGE]['FieldDefine'] = 'SYSLOG_MESSAGE';
+$fields[SYSLOG_MESSAGE]['FieldCaption'] = 'Message';
+$fields[SYSLOG_MESSAGE]['FieldType'] = FILTER_TYPE_STRING;
+$fields[SYSLOG_MESSAGE]['Sortable'] = false;
+$fields[SYSLOG_MESSAGE]['DefaultWidth'] = "100%";
+$fields[SYSLOG_MESSAGE]['FieldAlign'] = "left";
+// $fields[SYSLOG_MESSAGE]['SearchField'] = "";
+$fields[SYSLOG_MESSAGE]['SearchField'] = SYSLOG_MESSAGE;
+$fields[SYSLOG_MESSAGE]['SearchOnline'] = false;
+// ---
+
+// --- Define default Database field mappings!
+$dbmapping['monitorware']['ID'] = "monitorware";
+$dbmapping['monitorware']['DisplayName'] = "MonitorWare";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_UID] = "ID";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_DATE] = "DeviceReportedTime";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_HOST] = "FromHost";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_MESSAGETYPE] = "InfoUnitID";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_MESSAGE] = "Message";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_FACILITY] = "Facility";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_SEVERITY] = "Priority";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_SYSLOGTAG] = "SysLogTag";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_PROCESSID] = "ProcessID";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_EVENT_ID] = "EventID";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_EVENT_LOGTYPE] = "EventLogType";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_EVENT_SOURCE] = "EventSource";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_EVENT_CATEGORY] = "EventCategory";
+$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_EVENT_USER] = "EventUser";
+$dbmapping['monitorware']['DBMAPPINGS'][MISC_SYSTEMID] = "SystemID";
+$dbmapping['monitorware']['DBMAPPINGS'][MISC_CHECKSUM] = "Checksum";
+//$dbmapping['monitorware']['DBMAPPINGS'][SYSLOG_PROCESSID] = "ProcessID";
+
+$dbmapping['syslogng']['ID'] = "syslogng";
+$dbmapping['syslogng']['DisplayName'] = "SyslogNG";
+$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_UID] = "seq";
+$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_DATE] = "datetime";
+$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_HOST] = "host";
+$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_MESSAGE] = "msg";
+//NOT POSSIBLE YET $dbmapping['syslogng'][SYSLOG_FACILITY] = "Facility";
+//NOT POSSIBLE YET $dbmapping['syslogng'][SYSLOG_SEVERITY] = "Priority";
+$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_SYSLOGTAG] = "tag";
+$dbmapping['syslogng']['DBMAPPINGS'][SYSLOG_PROCESSID] = "program";
+
+$dbmapping['mongodb']['ID'] = "mongodb";
+$dbmapping['mongodb']['DisplayName'] = "MongoDB";
+$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_UID] = "_id";
+$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_DATE] = "time";
+$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_HOST] = "sys";
+$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_MESSAGE] = "msg";
+$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_FACILITY] = "syslog_fac";
+$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_SEVERITY] = "syslog_sever";
+$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_SYSLOGTAG] = "procid"; // not using syslog_tag because of PID in it
+$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_PROCESSID] = "pid";
+$dbmapping['mongodb']['DBMAPPINGS'][MISC_CHECKSUM] = "Checksum";
+$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_EVENT_LOGTYPE] = "nteventlogtype";
+
+// Convert all fieldnames to lowercase to avoid problems with case sensitive array keys later
+foreach( $dbmapping as &$myMapping )
+{
+ foreach( $myMapping['DBMAPPINGS'] as &$myField )
+ $myField = strtolower($myField);
+}
+
+// ---
+
+// EventTime Constants
+define('EVTIME_TIMESTAMP', '0');
+define('EVTIME_TIMEZONE', '1');
+define('EVTIME_MICROSECONDS', '2');
+
?>
\ No newline at end of file
diff --git a/src/lang/en/main.php b/src/lang/en/main.php
index fa5baae..061abc6 100644
--- a/src/lang/en/main.php
+++ b/src/lang/en/main.php
@@ -1,407 +1,409 @@
-.
- *
- * A copy of the GPL can be found in the file "COPYING" in this
- * distribution.
- *********************************************************************
-*/
-global $content;
-
-// Global Stuff
-$content['LN_MAINTITLE'] = "Main LogAnalyzer";
-$content['LN_MAIN_SELECTSTYLE'] = "Select a Style";
-$content['LN_GEN_LANGUAGE'] = "Select Language";
-$content['LN_GEN_SELECTSOURCE'] = "Select Source";
-$content['LN_GEN_MOREPAGES'] = "More than one Page available";
-$content['LN_GEN_FIRSTPAGE'] = "First Page";
-$content['LN_GEN_LASTPAGE'] = "Last Page";
-$content['LN_GEN_NEXTPAGE'] = "Next Page";
-$content['LN_GEN_PREVIOUSPAGE'] = "Previous Page";
-$content['LN_GEN_RECORDCOUNT'] = "Total records found";
-$content['LN_GEN_PAGERSIZE'] = "Records per page";
-$content['LN_GEN_PAGE'] = "Page";
-$content['LN_GEN_PREDEFINEDSEARCHES'] = "Predefined Searches";
-$content['LN_GEN_SOURCE_DISK'] = "Diskfile";
-$content['LN_GEN_SOURCE_DB'] = "MYSQL Native";
-$content['LN_GEN_SOURCE_PDO'] = "Database (PDO)";
-$content['LN_GEN_SOURCE_MONGODB'] = "MongoDB Native";
-$content['LN_GEN_RECORDSPERPAGE'] = "records per page";
-$content['LN_GEN_PRECONFIGURED'] = "Preconfigured";
-$content['LN_GEN_AVAILABLESEARCHES'] = "Available searches";
-$content['LN_GEN_DB_MYSQL'] = "Mysql Server";
-$content['LN_GEN_DB_MSSQL'] = "Microsoft SQL Server";
-$content['LN_GEN_DB_ODBC'] = "ODBC Database Source";
-$content['LN_GEN_DB_PGSQL'] = "PostgreSQL";
-$content['LN_GEN_DB_OCI'] = "Oracle Call Interface";
-$content['LN_GEN_DB_DB2'] = " IBM DB2";
-$content['LN_GEN_DB_FIREBIRD'] = "Firebird/Interbase 6";
-$content['LN_GEN_DB_INFORMIX'] = "IBM Informix Dynamic Server";
-$content['LN_GEN_DB_SQLITE'] = "SQLite 2";
-$content['LN_GEN_SELECTVIEW'] = "Select View";
-$content['LN_GEN_CRITERROR_UNKNOWNTYPE'] = "The source type '%1' is not supported by LogAnalyzer yet. This is a critical error, please fix your configuration.";
-$content['LN_GEN_ERRORRETURNPREV'] = "Click here to return to the previous page.";
-$content['LN_GEN_ERRORDETAILS'] = "Error Details:";
-$content['LN_SOURCES_ERROR_WITHINSOURCE'] = "The source '%1' checking returned with an error: %2";
-$content['LN_SOURCES_ERROR_EXTRAMSG'] = "Extra Error Details: %1";
-$content['LN_ERROR_NORECORDS'] = "No syslog records found";
-$content['LN_ERROR_FILE_NOT_FOUND'] = "Syslog file could not be found";
-$content['LN_ERROR_FILE_NOT_READABLE'] = "Syslog file is not readable, read access may be denied";
-$content['LN_ERROR_UNKNOWN'] = "Unknown or unhandled error occured (Error Code '%1')";
-$content['LN_ERROR_FILE_EOF'] = "End of File reached";
-$content['LN_ERROR_FILE_BOF'] = "Begin of File reeached";
-$content['LN_ERROR_FILE_CANT_CLOSE'] = "Can't close File";
-$content['LN_ERROR_UNDEFINED'] = "Undefined Error";
-$content['LN_ERROR_EOS'] = "End of stream reached";
-$content['LN_ERROR_FILTER_NOT_MATCH'] = "Filter does not match any results";
-$content['LN_ERROR_DB_CONNECTFAILED'] = "Connection to the database server failed";
-$content['LN_ERROR_DB_CANNOTSELECTDB'] = "Could not find the configured database";
-$content['LN_ERROR_DB_QUERYFAILED'] = "Dataquery failed to execute";
-$content['LN_ERROR_DB_NOPROPERTIES'] = "No database properties found";
-$content['LN_ERROR_DB_INVALIDDBMAPPING'] = "Invalid datafield mappings";
-$content['LN_ERROR_DB_INVALIDDBDRIVER'] = "Invalid database driver selected";
-$content['LN_ERROR_DB_TABLENOTFOUND'] = "Could not find the configured table, maybe misspelled or the tablenames are case sensitive";
-$content['LN_ERROR_DB_DBFIELDNOTFOUND'] = "Database Field mapping for at least one field could not be found.";
-$content['LN_GEN_SELECTEXPORT'] = "> Select Exportformat <";
-$content['LN_GEN_EXPORT_CVS'] = "CSV (Comma separated)";
-$content['LN_GEN_EXPORT_XML'] = "XML";
-$content['LN_GEN_EXPORT_PDF'] = "PDF";
-$content['LN_GEN_ERROR_EXPORING'] = "Error exporting data";
-$content['LN_GEN_ERROR_INVALIDEXPORTTYPE'] = "Invalid Export format selected, or other parameters were wrong.";
-$content['LN_GEN_ERROR_SOURCENOTFOUND'] = "The Source with ID '%1' could not be found.";
-$content['LN_GEN_MOREINFORMATION'] = "More Information";
-$content['LN_FOOTER_PAGERENDERED'] = "Page rendered in";
-$content['LN_FOOTER_DBQUERIES'] = "DB queries";
-$content['LN_FOOTER_GZIPENABLED'] = "GZIP enabled";
-$content['LN_FOOTER_SCRIPTTIMEOUT'] = "Script Timeout";
-$content['LN_FOOTER_SECONDS'] = "seconds";
-$content['LN_WARNING_LOGSTREAMTITLE'] = "Logstream Warning";
-$content['LN_WARNING_LOGSTREAMDISK_TIMEOUT'] = "While reading the logstream, the php script timeout forced me to abort at this point.
If you want to avoid this, please increase the LogAnalyzer script timeout in your config.php. If the user system is installed, you can do that in Admin center.";
-$content['LN_ERROR_FILE_NOMORETIME'] = "No more time for processing left";
-$content['LN_WARNING_DBUPGRADE'] = "Database Upgrade required";
-$content['LN_WARNING_DBUPGRADE_TEXT'] = "The current installed database version is '%1'. An update to version '%2' is available.";
-$content['LN_ERROR_REDIRECTABORTED'] = 'Automatic redirect to the page was aborted, as an internal error occured. Please see the error details above and contact our support forums if you need assistance.';
-$content['LN_DEBUGLEVEL'] = "Debug Level";
-$content['LN_DEBUGMESSAGE'] = "Debug Message";
-$content['LN_GEN_REPORT_OUTPUT_HTML'] = "HTML Format";
-$content['LN_GEN_REPORT_OUTPUT_PDF'] = "PDF Format";
-$content['LN_GEN_REPORT_TARGET_STDOUT'] = "Direct Output";
-$content['LN_GEN_REPORT_TARGET_FILE'] = "Save into File";
-$content['LN_GEN_REPORT_TARGET_EMAIL'] = "Send as Email";
-$content['LN_GEN_UNKNOWN'] = "Unknown";
-$content['LN_GEN_AUTH_INTERNAL'] = "Internal authentication";
-$content['LN_GEN_AUTH_LDAP'] = "LDAP Authentication";
-
-// Topmenu Entries
-$content['LN_MENU_SEARCH'] = "Search";
-$content['LN_MENU_SHOWEVENTS'] = "Show Events";
-$content['LN_MENU_HELP'] = "Help";
- $content['LN_MENU_DOC'] = "Documentation";
- $content['LN_MENU_FORUM'] = "Support Forum";
- $content['LN_MENU_WIKI'] = "LogAnalyzer Wiki";
- $content['LN_MENU_PROSERVICES'] = "Professional Services";
-$content['LN_MENU_SEARCHINKB'] = "Search in Knowledge Base";
-$content['LN_MENU_LOGIN'] = "Login";
-$content['LN_MENU_ADMINCENTER'] = "Admin Center";
-$content['LN_MENU_LOGOFF'] = "Logoff";
-$content['LN_MENU_LOGGEDINAS'] = "Logged in as";
-$content['LN_MENU_MAXVIEW'] = "Maximize View";
-$content['LN_MENU_NORMALVIEW'] = "Normalize View";
-$content['LN_MENU_STATISTICS'] = "Statistics";
-$content['LN_MENU_CLICKTOEXPANDMENU'] = "Click the icon to show the menu";
- $content['LN_MENU_REPORTS'] = "Reports";
-
-// Main Index Site
-$content['LN_ERROR_INSTALLFILEREMINDER'] = "Warning! You still have NOT removed the 'install.php' from your LogAnalyzer main directory!";
-$content['LN_TOP_NUM'] = "No.";
-$content['LN_TOP_UID'] = "uID";
-$content['LN_GRID_POPUPDETAILS'] = "Details for Syslogmessage with ID '%1'";
-
-$content['LN_SEARCH_USETHISBLA'] = "Use the form below and your advanced search will appear here";
-$content['LN_SEARCH_FILTER'] = "Search (filter):";
-$content['LN_SEARCH_ADVANCED'] = "Advanced Search";
-$content['LN_SEARCH'] = "Search";
-$content['LN_SEARCH_RESET'] = "Reset search";
-$content['LN_SEARCH_PERFORMADVANCED'] = "Perform Advanced Search";
-$content['LN_VIEW_MESSAGECENTERED'] = "Back to unfiltered view with this message at top";
-$content['LN_VIEW_RELATEDMSG'] = "View related syslog messages";
-$content['LN_VIEW_FILTERFOR'] = "Filter message for ";
-$content['LN_VIEW_SEARCHFOR'] = "Search online for ";
-$content['LN_VIEW_SEARCHFORGOOGLE'] = "Search Google for ";
-$content['LN_GEN_MESSAGEDETAILS'] = "Message Details";
- $content['LN_VIEW_ADDTOFILTER'] = "Add '%1' to filterset";
- $content['LN_VIEW_EXCLUDEFILTER'] = "Exclude '%1' from filterset";
- $content['LN_VIEW_FILTERFORONLY'] = "Filter for '%1' only";
- $content['LN_VIEW_SHOWALLBUT'] = "Show all except '%1'";
- $content['LN_VIEW_VISITLINK'] = "Open Link '%1' in new window";
-
-$content['LN_HIGHLIGHT'] = "Highlight >>";
-$content['LN_HIGHLIGHT_OFF'] = "Highlight <<";
-$content['LN_HIGHLIGHT_WORDS'] = "Highlight words comma separated";
-
-$content['LN_AUTORELOAD'] = "Set auto reload";
-$content['LN_AUTORELOAD_DISABLED'] = "Auto reload disabled";
-$content['LN_AUTORELOAD_PRECONFIGURED'] = "Preconfigured auto reload ";
-$content['LN_AUTORELOAD_SECONDS'] = "seconds";
-$content['LN_AUTORELOAD_MINUTES'] = "minutes";
-
-// Filter Options
-$content['LN_FILTER_DATE'] = "Datetime Range";
-$content['LN_FILTER_DATEMODE'] = "Select mode";
-$content['LN_DATEMODE_ALL'] = "All time";
-$content['LN_DATEMODE_RANGE'] = "Time range";
-$content['LN_DATEMODE_LASTX'] = "Time x since today";
-$content['LN_FILTER_DATEFROM'] = "Date range from";
-$content['LN_FILTER_DATETO'] = "Date range to";
-$content['LN_FILTER_TIMEFROM'] = "Time range from";
-$content['LN_FILTER_TIMETO'] = "Time range to";
-$content['LN_FILTER_DATELASTX'] = "Time since";
-$content['LN_FILTER_ADD2SEARCH'] = "Add to search";
-$content['LN_DATE_LASTX_HOUR'] = "Last hour";
-$content['LN_DATE_LASTX_12HOURS'] = "Last 12 hours";
-$content['LN_DATE_LASTX_24HOURS'] = "Last 24 hours";
-$content['LN_DATE_LASTX_7DAYS'] = "Last 7 days";
-$content['LN_DATE_LASTX_31DAYS'] = "Last 31 days";
-$content['LN_FILTER_FACILITY'] = "Syslog Facility";
-$content['LN_FILTER_SEVERITY'] = "Syslog Severity";
-$content['LN_FILTER_OTHERS'] = "Other Filters";
-$content['LN_FILTER_MESSAGE'] = "Syslog Message";
-$content['LN_FILTER_SYSLOGTAG'] = "Syslogtag";
-$content['LN_FILTER_SOURCE'] = "Source (Hostname)";
-$content['LN_FILTER_MESSAGETYPE'] = "Message Type";
-
-// Install Page
-$content['LN_CFG_DBSERVER'] = "Database Host";
-$content['LN_CFG_DBPORT'] = "Database Port";
-$content['LN_CFG_DBNAME'] = "Database Name";
-$content['LN_CFG_DBPREF'] = "Table prefix";
-$content['LN_CFG_DBUSER'] = "Database User";
-$content['LN_CFG_DBPASSWORD'] = "Database Password";
-$content['LN_CFG_PARAMMISSING'] = "The following parameter were missing: ";
-$content['LN_CFG_SOURCETYPE'] = "Source Type";
-$content['LN_CFG_DISKTYPEOPTIONS'] = "Disk Type Options";
-$content['LN_CFG_LOGLINETYPE'] = "Logline type";
-$content['LN_CFG_SYSLOGFILE'] = "Syslog file";
-$content['LN_CFG_DATABASETYPEOPTIONS'] = "Database Type Options";
-$content['LN_CFG_DBTABLETYPE'] = "Table type";
-$content['LN_CFG_DBSTORAGEENGINE'] = "Database Storage Engine";
-$content['LN_CFG_DBTABLENAME'] = "Database Tablename";
-$content['LN_CFG_NAMEOFTHESOURCE'] = "Name of the Source";
-$content['LN_CFG_FIRSTSYSLOGSOURCE'] = "First Syslog Source";
-$content['LN_CFG_DBROWCOUNTING'] = "Enable Row Counting";
-$content['LN_CFG_VIEW'] = "Select View";
-$content['LN_CFG_DBUSERLOGINREQUIRED'] = "Require user to be logged in";
-$content['LN_CFG_MSGPARSERS'] = "Message Parsers (comma seperated)";
-$content['LN_CFG_NORMALIZEMSG'] = "Normalize Message within Parsers";
-$content['LN_CFG_SKIPUNPARSEABLE'] = "Skip unparseable messages (Only works if msgparsers are configured!)";
-$content['LN_CFG_DBRECORDSPERQUERY'] = "Recordcount for database queries";
-$content['LN_CFG_LDAPServer'] = "LDAP Server Hostname/IP";
-$content['LN_CFG_LDAPPort'] = "LDAP Port, default 389 (636 for SSL)";
-$content['LN_CFG_LDAPBaseDN'] = "Base DN for LDAP Search";
-$content['LN_CFG_LDAPSearchFilter'] = "Basic Search filter";
-$content['LN_CFG_LDAPUidAttribute'] = "LDAP Username attribute";
-$content['LN_CFG_LDAPBindDN'] = "Privilegied user used to LDAP queries";
-$content['LN_CFG_LDAPBindPassword'] = "Password of the privilegied user";
-$content['LN_CFG_LDAPDefaultAdminUser'] = "Default administrative LDAP Username";
-$content['LN_CFG_AUTHTYPE'] = "Authentication method";
-$content['LN_GEN_AUTH_LDAP_OPTIONS'] = "LDAP Authentication Options";
-
-// Details page
-$content['LN_DETAILS_FORSYSLOGMSG'] = "Details for the syslog messages with id";
-$content['LN_DETAILS_DETAILSFORMSG'] = "Details for message id";
-$content['LN_DETAIL_BACKTOLIST'] = "Back to Listview";
-
-// Login Site
-$content['LN_LOGIN_DESCRIPTION'] = "Use this form to login into LogAnalyzer. ";
-$content['LN_LOGIN_TITLE'] = "Login";
-$content['LN_LOGIN_USERNAME'] = "Username";
-$content['LN_LOGIN_PASSWORD'] = "Password";
-$content['LN_LOGIN_SAVEASCOOKIE'] = "Stay logged on";
-$content['LN_LOGIN_ERRWRONGPASSWORD'] = "Wrong username or password!";
-$content['LN_LOGIN_USERPASSMISSING'] = "Username or password not given";
-$content['LN_LOGIN_LDAP_USERNOTFOUND'] = "User '%1' could not be found";
-$content['LN_LOGIN_LDAP_USERCOULDNOTLOGIN'] = "Could not login user '%1', LDAP error: %2";
-$content['LN_LOGIN_LDAP_PASSWORDFAIL'] = "User '%1' could not login with the given password";
-$content['LN_LOGIN_LDAP_SERVERFAILED'] = "Failed to connect to LDAP Server '%1'";
-$content['LN_LOGIN_LDAP_USERBINDFAILED'] = "Could not bind with the Search user DN '%1'";
-
-
-// Install Site
-$content['LN_INSTALL_TITLETOP'] = "Installing LogAnalyzer Version %1 - Step %2";
-$content['LN_INSTALL_TITLE'] = "Installer Step %1";
-$content['LN_INSTALL_ERRORINSTALLED'] = 'LogAnalyzer is already configured!
If you want to reconfigure LogAnalyzer, either delete the current config.php or replace it with an empty file.
Click here to return to pgpLogCon start page.';
-$content['LN_INSTALL_FILEORDIRNOTWRITEABLE'] = "At least one file or directory (or more) is not writeable, please check the file permissions (chmod 666)!";
-$content['LN_INSTALL_SAMPLECONFIGMISSING'] = "The sample configuration file '%1' is missing. You have not fully uploaded LogAnalyzer.";
-$content['LN_INSTALL_ERRORCONNECTFAILED'] = "Database connect to '%1' failed! Please check Servername, Port, User and Password!";
-$content['LN_INSTALL_ERRORACCESSDENIED'] = "Cannot use the database '%1'! If the database does not exists, create it or check user access permissions!";
-$content['LN_INSTALL_ERRORINVALIDDBFILE'] = "Error, invalid Database definition file (to short!), the file name is '%1'! Please check if the file was correctly uploaded.";
-$content['LN_INSTALL_ERRORINSQLCOMMANDS'] = "Error, invalid Database definition file (no sql statements found!), the file name is '%1'! Please check if the file was not correctly uploaded, or contact the LogAnalyzer forums for assistance!";
-$content['LN_INSTALL_MISSINGUSERNAME'] = "Username needs to be specified";
-$content['LN_INSTALL_PASSWORDNOTMATCH'] = "Either the password does not match or is to short!";
-$content['LN_INSTALL_FAILEDTOOPENSYSLOGFILE'] = "Failed to open the syslog file '%1'! Check if the file exists and LogAnalyzer has sufficient rights to it ";
-$content['LN_INSTALL_FAILEDCREATECFGFILE'] = "Coult not create the configuration file in '%1'! Please verify the file permissions!";
-$content['LN_INSTALL_FAILEDREADINGFILE'] = "Error reading the file '%1'! Please verify if the file exists!";
-$content['LN_INSTALL_ERRORREADINGDBFILE'] = "Error reading the default database definition file in '%1'! Please verify if the file exists!";
-$content['LN_INSTALL_STEP1'] = "Step 1 - Prerequisites";
-$content['LN_INSTALL_STEP2'] = "Step 2 - Verify File Permissions";
-$content['LN_INSTALL_STEP3'] = "Step 3 - Basic Configuration";
-$content['LN_INSTALL_STEP4'] = "Step 4 - Create Tables";
-$content['LN_INSTALL_STEP5'] = "Step 5 - Check SQL Results";
-$content['LN_INSTALL_STEP6'] = "Step 6 - Creating the Main Useraccount";
-$content['LN_INSTALL_STEP7'] = "Step 7 - Create the first source for syslog messages";
-$content['LN_INSTALL_STEP8'] = "Step 8 - Done";
-$content['LN_INSTALL_STEP1_TEXT'] = 'Before you start installing LogAnalyzer, the Installer setup has to check a few things first. You may have to correct some file permissions first.
Click on to start the Test!';
-$content['LN_INSTALL_STEP2_TEXT'] = "The following file permissions have been checked. Verify the results below! You may use the configure.sh script from the contrib folder to set the permissions for you.";
-$content['LN_INSTALL_STEP3_TEXT'] = "In this step, you configure the basic configurations for LogAnalyzer.";
-$content['LN_INSTALL_STEP4_TEXT'] = 'If you reached this step, the database connection has been successfully verified!
The next step will be to create the necessary database tables used by the LogAnalyzer User System. This might take a while! WARNING, if you have an existing LogAnalyzer installation in this database with the same tableprefix, all your data will be OVERWRITTEN! Make sure you are using a fresh database, or you want to overwrite your old LogAnalyzer database.
Click on to start the creation of the tables';
-$content['LN_INSTALL_STEP5_TEXT'] = "Tables have been created. Check the List below for possible Error's";
-$content['LN_INSTALL_STEP6_TEXT'] = "You are now about to create the initial LogAnalyzer User Account. This will be the first administrative user, which will be needed to login into LogAnalyzer and access the Admin Center!";
-$content['LN_INSTALL_STEP8_TEXT'] = 'Congratulations! You have successfully installed LogAnalyzer :)!
Click here to go to your installation.';
-$content['LN_INSTALL_PROGRESS'] = "Install Progress: ";
-$content['LN_INSTALL_FRONTEND'] = "Frontend Options";
-$content['LN_INSTALL_NUMOFSYSLOGS'] = "Number of syslog messages per page";
-$content['LN_INSTALL_MSGCHARLIMIT'] = "Message character limit for the main view";
-$content['LN_INSTALL_STRCHARLIMIT'] = "Character display limit for all string type fields";
-$content['LN_INSTALL_SHOWDETAILPOP'] = "Show message details popup";
-$content['LN_INSTALL_AUTORESOLVIP'] = "Automatically resolved IP Addresses (inline)";
-$content['LN_INSTALL_USERDBOPTIONS'] = "User Database Options";
-$content['LN_INSTALL_ENABLEUSERDB'] = "Enable User Database";
-$content['LN_INSTALL_SUCCESSSTATEMENTS'] = "Successfully executed statements:";
-$content['LN_INSTALL_FAILEDSTATEMENTS'] = "Failed statements:";
-$content['LN_INSTALL_STEP5_TEXT_NEXT'] = "You can now proceed to the next step adding the first LogAnalyzer Admin User!";
-$content['LN_INSTALL_STEP5_TEXT_FAILED'] = "At least one statement failed,see error reasons below";
-$content['LN_INSTALL_ERRORMSG'] = "Error Message";
-$content['LN_INSTALL_SQLSTATEMENT'] = "SQL Statement";
-$content['LN_INSTALL_CREATEUSER'] = "Create User Account";
-$content['LN_INSTALL_PASSWORD'] = "Password";
-$content['LN_INSTALL_PASSWORDREPEAT'] = "Repeat Password";
-$content['LN_INSTALL_SUCCESSCREATED'] = "Successfully created User";
-$content['LN_INSTALL_RECHECK'] = "ReCheck";
-$content['LN_INSTALL_FINISH'] = "Finish!";
-$content['LN_INSTALL_LDAPCONNECTFAILED'] = "Failed to connect to your LDAP Server '%1'.";
-$content['LN_INSTALL_'] = "";
-
-// Converter Site
-$content['LN_CONVERT_TITLE'] = "Configuration Converter Step %1";
-$content['LN_CONVERT_NOTALLOWED'] = "Login";
-$content['LN_CONVERT_ERRORINSTALLED'] = 'LogAnalyzer is not allowed to convert your settings into the user database.
If you want to convert your convert your settings, add the variable following into your config.php: $CFG[\'UserDBConvertAllowed\'] = true;
Click here to return to pgpLogCon start page.';
-$content['LN_CONVERT_STEP1'] = "Step 1 - Informations";
-$content['LN_CONVERT_STEP2'] = "Step 2 - Create Tables";
-$content['LN_CONVERT_STEP3'] = "Step 3 - Check SQL Results";
-$content['LN_CONVERT_STEP4'] = "Step 4 - Creating the Main Useraccount";
-$content['LN_CONVERT_STEP5'] = "Step 5 - Import Settings into UserDB";
-$content['LN_CONVERT_TITLETOP'] = "Converting LogAnalyzer configuration settings - Step ";
-$content['LN_CONVERT_STEP1_TEXT'] = 'This script allows you to import your existing configuration from the config.php file. This includes frontend settings, data sources, custom views and custom searches. Do only perform this conversion if you did install LogAnalyzer without the UserDB System, and decided to enable it now.
ANY EXISTING INSTANCE OF A USERDB WILL BE OVERWRITTEN!
to start the first conversion step!';
-$content['LN_CONVERT_STEP2_TEXT'] = 'The database connection has been successfully verified!
The next step will be to create the necessary database tables for the LogAnalyzer User System. This might take a while! WARNING, if you have an existing LogAnalyzer installation in this database with the same tableprefix, all your data will be OVERWRITTEN! Make sure you are using a fresh database, or you want to overwrite your old LogAnalyzer database.
Click on to start the creation of the tables';
-$content['LN_CONVERT_STEP5_TEXT'] = ' to start the last step of the conversion. In this step, your existing configuration from the config.php will be imported into the database.';
-$content['LN_CONVERT_STEP6'] = "Step 8 - Done";
-$content['LN_CONVERT_STEP6_TEXT'] = 'Congratulations! You have successfully converted your existing LogAnalyzer installation :)!
Important! Don\'t forget to REMOVE THE VARIABLES $CFG[\'UserDBConvertAllowed\'] = true; from your config.php file!
You can click here to get to your LogAnalyzerinstallation.';
-$content['LN_CONVERT_PROCESS'] = "Conversion Progress:";
-$content['LN_CONVERT_ERROR_SOURCEIMPORT'] = "Critical Error while importing the sources into the database, the SourceType '%1' is not supported by this LogAnalyzer Version.";
-
-// Stats Site
- $content['LN_STATS_CHARTTITLE'] = "Top %1 '%2' sorted by messagecount";
- $content['LN_STATS_COUNTBY'] = "Messagecount by '%1'";
- $content['LN_STATS_OTHERS'] = "All Others";
- $content['LN_STATS_TOPRECORDS'] = "Maxrecords: %1";
- $content['LN_STATS_GENERATEDAT'] = "Generated at: %1";
-// $content['LN_STATS_COUNTBYSYSLOGTAG'] = "Messagecount by SyslogTag";
- $content['LN_STATS_GRAPH'] = "Graph";
- $content['LN_GEN_ERROR_INVALIDFIELD'] = "Invalid fieldname";
- $content['LN_GEN_ERROR_MISSINGCHARTFIELD'] = "Missing fieldname";
- $content['LN_GEN_ERROR_INVALIDTYPE'] = "Invalid or unknown chart type.";
- $content['LN_ERROR_CHARTS_NOTCONFIGURED'] = "There are no charts configured at all.";
- $content['LN_CHART_TYPE'] = "Chart type";
- $content['LN_CHART_WIDTH'] = "Chart width";
- $content['LN_CHART_FIELD'] = "Chart field";
- $content['LN_CHART_MAXRECORDS'] = "Top records count";
- $content['LN_CHART_SHOWPERCENT'] = "Show percentage data";
- $content['LN_CHART_TYPE_CAKE'] = "Cake (Pie)";
- $content['LN_CHART_TYPE_BARS_VERTICAL'] = "Bars vertical";
- $content['LN_CHART_TYPE_BARS_HORIZONTAL'] = "Bars horizontal";
- $content['LN_STATS_WARNINGDISPLAY'] = "Generating graphics on large data sources currently is very time consuming. This will be addressed in later versions. If processing takes too long, please simply cancel the request.";
-
-// asktheoracle site
-$content['LN_ORACLE_TITLE'] = "Asking the oracle for '%1'";
-$content['LN_ORACLE_HELP_FOR'] = "These are the links the oracle got for you";
-$content['LN_ORACLE_HELP_TEXT'] = "
You asked the oracle to find more information about the '%1' value '%2'.
-
This pages enables you do a a search over multiple log sources. %3
- The overall idea is to make it easy to find information about a specific subject in all places where it may exist.
-
-
A useful use case may be a hack attempt you see in a web log. Click on the attacker's IP, which brings up this search page here. Now you can both lookup information about the IP range as well as check your other logs (e.g. firewall or mail) if they contain information about the attacker. We hope that this facilitates your analysis process.
-
-";
-$content['LN_ORACLE_HELP_TEXT_EXTERNAL'] = "It also enables you to perform canned searches over some external databases";
-$content['LN_ORACLE_HELP_DETAIL'] = "Link matrix for the '%1' value '%2'";
-$content['LN_ORACLE_SEARCH'] = "Search"; // in '%1' Field";
-$content['LN_ORACLE_SOURCENAME'] = "Source name";
-$content['LN_ORACLE_FIELD'] = "Field";
-$content['LN_ORACLE_ONLINESEARCH'] = "Online Search";
-$content['LN_ORACLE_WHOIS'] = "WHOIS Lookup for '%1' value '%2'";
-
-// Report Strings
-$content['LN_GEN_ERROR_INVALIDOP'] = "Invalid or missing operation type";
-$content['LN_GEN_ERROR_INVALIDREPORTID'] = "Invalid or missing report id";
-$content['LN_GEN_ERROR_MISSINGSAVEDREPORTID'] = "Invalid or missing savedreport id";
-$content['LN_GEN_ERROR_REPORTGENFAILED'] = "Failed generating report '%1' with the following error reason: %2";
-$content['LN_GEN_ERROR_WHILEREPORTGEN'] = "Error occured while generating report";
-$content['LN_GEN_ERROR_REPORT_NODATA'] = "No data found for report generation";
-$content['LN_GEN_ALL_OTHER_EVENTS'] = "All other events";
-$content['LN_REPORT_FOOTER_ENDERED'] = "Report rendered in";
-$content['LN_REPORT_FILTERS'] = "List of used filters";
-$content['LN_REPORT_FILTERTYPE_DATE'] = "Date";
-$content['LN_REPORT_FILTERTYPE_NUMBER'] = "Number";
-$content['LN_REPORT_FILTERTYPE_STRING'] = "String";
-$content['LN_GEN_SUCCESS_WHILEREPORTGEN'] = "Report was successfully generated";
-$content['LN_GEN_ERROR_REPORTFAILEDTOGENERATE'] = "Failed to generate report, error details: %1";
-$content['LN_GEN_SUCCESS_REPORTWASGENERATED_DETAILS'] = "Successfully generated report: %1";
-$content['LN_ERROR_PATH_NOT_ALLOWED'] = "The file is not located in the allowed directories list (By default /var/log is allowed only).";
-$content['LN_ERROR_PATH_NOT_ALLOWED_EXTRA'] = "The file '%1' is not located in one of these directories: '%2'";
-
-$content['LN_CMD_RUNREPORT'] = "Generating saved report '%1'";
-$content['LN_CMD_REPORTIDNOTFOUND'] = "Invalid Report ID '%1'";
-$content['LN_CMD_SAVEDREPORTIDNOTFOUND'] = "Invalid SavedReport ID '%1'";
-$content['LN_CMD_NOREPORTID'] = "Missing Report ID";
-$content['LN_CMD_NOSAVEDREPORTID'] = "Missing SavedReport ID";
-$content['LN_CMD_NOCMDPROMPT'] = "Error, this script can only be run from the command prompt.";
-$content['LN_REPORT_GENERATEDTIME'] = "Report generated at: ";
-
-$content['LN_REPORT_ACTIONS'] = "Run Report Actions";
-$content['LN_REPORTS_CAT'] = "Report Category";
-$content['LN_REPORTS_ID'] = "Report ID";
-$content['LN_REPORTS_NAME'] = "Report Name";
-$content['LN_REPORTS_DESCRIPTION'] = "Report Description";
-$content['LN_REPORTS_HELP'] = "Help";
-$content['LN_REPORTS_HELP_CLICK'] = "Click here for a detailed report description";
-$content['LN_REPORTS_INFO'] = "Show more Information";
-$content['LN_REPORTS_SAVEDREPORTS'] = "Saved reports";
-$content['LN_REPORTS_ADMIN'] = "Administrate Reports";
-$content['LN_REPORTMENU_LIST'] = "List installed Reports";
-$content['LN_REPORTMENU_ONLINELIST'] = "All Available Reports";
-$content['LN_REPORTS_INFORMATION'] = "This page shows a list of installed and available reports including saved report configurations.
- To run a report, click on the buttons right to the Saved Reports.
- Attention! Generating reports can be very time consuming depending on the size of your database.
-";
-$content['LN_REPORTS_CHECKLOGSTREAMSOURCE'] = "Verify Logstream optimization";
-
-
+.
+ *
+ * A copy of the GPL can be found in the file "COPYING" in this
+ * distribution.
+ *********************************************************************
+*/
+global $content;
+
+// Global Stuff
+$content['LN_MAINTITLE'] = "Main LogAnalyzer";
+$content['LN_MAIN_SELECTSTYLE'] = "Select a Style";
+$content['LN_GEN_LANGUAGE'] = "Select Language";
+$content['LN_GEN_SELECTSOURCE'] = "Select Source";
+$content['LN_GEN_MOREPAGES'] = "More than one Page available";
+$content['LN_GEN_FIRSTPAGE'] = "First Page";
+$content['LN_GEN_LASTPAGE'] = "Last Page";
+$content['LN_GEN_NEXTPAGE'] = "Next Page";
+$content['LN_GEN_PREVIOUSPAGE'] = "Previous Page";
+$content['LN_GEN_RECORDCOUNT'] = "Total records found";
+$content['LN_GEN_PAGERSIZE'] = "Records per page";
+$content['LN_GEN_PAGE'] = "Page";
+$content['LN_GEN_PREDEFINEDSEARCHES'] = "Predefined Searches";
+$content['LN_GEN_SOURCE_DISK'] = "Diskfile";
+$content['LN_GEN_SOURCE_DB'] = "MYSQL Native";
+$content['LN_GEN_SOURCE_PDO'] = "Database (PDO)";
+$content['LN_GEN_SOURCE_MONGODB'] = "MongoDB Native";
+$content['LN_GEN_RECORDSPERPAGE'] = "records per page";
+$content['LN_GEN_PRECONFIGURED'] = "Preconfigured";
+$content['LN_GEN_AVAILABLESEARCHES'] = "Available searches";
+$content['LN_GEN_DB_MYSQL'] = "Mysql Server";
+$content['LN_GEN_DB_MSSQL'] = "Microsoft SQL Server";
+$content['LN_GEN_DB_ODBC'] = "ODBC Database Source";
+$content['LN_GEN_DB_PGSQL'] = "PostgreSQL";
+$content['LN_GEN_DB_OCI'] = "Oracle Call Interface";
+$content['LN_GEN_DB_DB2'] = " IBM DB2";
+$content['LN_GEN_DB_FIREBIRD'] = "Firebird/Interbase 6";
+$content['LN_GEN_DB_INFORMIX'] = "IBM Informix Dynamic Server";
+$content['LN_GEN_DB_SQLITE'] = "SQLite 2";
+$content['LN_GEN_SELECTVIEW'] = "Select View";
+$content['LN_GEN_CRITERROR_UNKNOWNTYPE'] = "The source type '%1' is not supported by LogAnalyzer yet. This is a critical error, please fix your configuration.";
+$content['LN_GEN_ERRORRETURNPREV'] = "Click here to return to the previous page.";
+$content['LN_GEN_ERRORDETAILS'] = "Error Details:";
+$content['LN_SOURCES_ERROR_WITHINSOURCE'] = "The source '%1' checking returned with an error: %2";
+$content['LN_SOURCES_ERROR_EXTRAMSG'] = "Extra Error Details: %1";
+$content['LN_ERROR_NORECORDS'] = "No syslog records found";
+$content['LN_ERROR_FILE_NOT_FOUND'] = "Syslog file could not be found";
+$content['LN_ERROR_FILE_NOT_READABLE'] = "Syslog file is not readable, read access may be denied";
+$content['LN_ERROR_UNKNOWN'] = "Unknown or unhandled error occured (Error Code '%1')";
+$content['LN_ERROR_FILE_EOF'] = "End of File reached";
+$content['LN_ERROR_FILE_BOF'] = "Begin of File reeached";
+$content['LN_ERROR_FILE_CANT_CLOSE'] = "Can't close File";
+$content['LN_ERROR_UNDEFINED'] = "Undefined Error";
+$content['LN_ERROR_EOS'] = "End of stream reached";
+$content['LN_ERROR_FILTER_NOT_MATCH'] = "Filter does not match any results";
+$content['LN_ERROR_DB_CONNECTFAILED'] = "Connection to the database server failed";
+$content['LN_ERROR_DB_CANNOTSELECTDB'] = "Could not find the configured database";
+$content['LN_ERROR_DB_QUERYFAILED'] = "Dataquery failed to execute";
+$content['LN_ERROR_DB_NOPROPERTIES'] = "No database properties found";
+$content['LN_ERROR_DB_INVALIDDBMAPPING'] = "Invalid datafield mappings";
+$content['LN_ERROR_DB_INVALIDDBDRIVER'] = "Invalid database driver selected";
+$content['LN_ERROR_DB_TABLENOTFOUND'] = "Could not find the configured table, maybe misspelled or the tablenames are case sensitive";
+$content['LN_ERROR_DB_DBFIELDNOTFOUND'] = "Database Field mapping for at least one field could not be found.";
+$content['LN_GEN_SELECTEXPORT'] = "> Select Exportformat <";
+$content['LN_GEN_EXPORT_CVS'] = "CSV (Comma separated)";
+$content['LN_GEN_EXPORT_XML'] = "XML";
+$content['LN_GEN_EXPORT_PDF'] = "PDF";
+$content['LN_GEN_ERROR_EXPORING'] = "Error exporting data";
+$content['LN_GEN_ERROR_INVALIDEXPORTTYPE'] = "Invalid Export format selected, or other parameters were wrong.";
+$content['LN_GEN_ERROR_SOURCENOTFOUND'] = "The Source with ID '%1' could not be found.";
+$content['LN_GEN_MOREINFORMATION'] = "More Information";
+$content['LN_FOOTER_PAGERENDERED'] = "Page rendered in";
+$content['LN_FOOTER_DBQUERIES'] = "DB queries";
+$content['LN_FOOTER_GZIPENABLED'] = "GZIP enabled";
+$content['LN_FOOTER_SCRIPTTIMEOUT'] = "Script Timeout";
+$content['LN_FOOTER_SECONDS'] = "seconds";
+$content['LN_WARNING_LOGSTREAMTITLE'] = "Logstream Warning";
+$content['LN_WARNING_LOGSTREAMDISK_TIMEOUT'] = "While reading the logstream, the php script timeout forced me to abort at this point.
If you want to avoid this, please increase the LogAnalyzer script timeout in your config.php. If the user system is installed, you can do that in Admin center.";
+$content['LN_ERROR_FILE_NOMORETIME'] = "No more time for processing left";
+$content['LN_WARNING_DBUPGRADE'] = "Database Upgrade required";
+$content['LN_WARNING_DBUPGRADE_TEXT'] = "The current installed database version is '%1'. An update to version '%2' is available.";
+$content['LN_ERROR_REDIRECTABORTED'] = 'Automatic redirect to the page was aborted, as an internal error occured. Please see the error details above and contact our support forums if you need assistance.';
+$content['LN_DEBUGLEVEL'] = "Debug Level";
+$content['LN_DEBUGMESSAGE'] = "Debug Message";
+$content['LN_GEN_REPORT_OUTPUT_HTML'] = "HTML Format";
+$content['LN_GEN_REPORT_OUTPUT_PDF'] = "PDF Format";
+$content['LN_GEN_REPORT_TARGET_STDOUT'] = "Direct Output";
+$content['LN_GEN_REPORT_TARGET_FILE'] = "Save into File";
+$content['LN_GEN_REPORT_TARGET_EMAIL'] = "Send as Email";
+$content['LN_GEN_UNKNOWN'] = "Unknown";
+$content['LN_GEN_AUTH_INTERNAL'] = "Internal authentication";
+$content['LN_GEN_AUTH_LDAP'] = "LDAP Authentication";
+
+// Topmenu Entries
+$content['LN_MENU_SEARCH'] = "Search";
+$content['LN_MENU_SHOWEVENTS'] = "Show Events";
+$content['LN_MENU_HELP'] = "Help";
+ $content['LN_MENU_DOC'] = "Documentation";
+ $content['LN_MENU_FORUM'] = "Support Forum";
+ $content['LN_MENU_WIKI'] = "LogAnalyzer Wiki";
+ $content['LN_MENU_PROSERVICES'] = "Professional Services";
+$content['LN_MENU_SEARCHINKB'] = "Search in Knowledge Base";
+$content['LN_MENU_LOGIN'] = "Login";
+$content['LN_MENU_ADMINCENTER'] = "Admin Center";
+$content['LN_MENU_LOGOFF'] = "Logoff";
+$content['LN_MENU_LOGGEDINAS'] = "Logged in as";
+$content['LN_MENU_MAXVIEW'] = "Maximize View";
+$content['LN_MENU_NORMALVIEW'] = "Normalize View";
+$content['LN_MENU_STATISTICS'] = "Statistics";
+$content['LN_MENU_CLICKTOEXPANDMENU'] = "Click the icon to show the menu";
+ $content['LN_MENU_REPORTS'] = "Reports";
+
+// Main Index Site
+$content['LN_ERROR_INSTALLFILEREMINDER'] = "Warning! You still have NOT removed the 'install.php' from your LogAnalyzer main directory!";
+$content['LN_TOP_NUM'] = "No.";
+$content['LN_TOP_UID'] = "uID";
+$content['LN_GRID_POPUPDETAILS'] = "Details for Syslogmessage with ID '%1'";
+
+$content['LN_SEARCH_USETHISBLA'] = "Use the form below and your advanced search will appear here";
+$content['LN_SEARCH_FILTER'] = "Search (filter):";
+$content['LN_SEARCH_ADVANCED'] = "Advanced Search";
+$content['LN_SEARCH'] = "Search";
+$content['LN_SEARCH_RESET'] = "Reset search";
+$content['LN_SEARCH_PERFORMADVANCED'] = "Perform Advanced Search";
+$content['LN_VIEW_MESSAGECENTERED'] = "Back to unfiltered view with this message at top";
+$content['LN_VIEW_RELATEDMSG'] = "View related syslog messages";
+$content['LN_VIEW_FILTERFOR'] = "Filter message for ";
+$content['LN_VIEW_SEARCHFOR'] = "Search online for ";
+$content['LN_VIEW_SEARCHFORGOOGLE'] = "Search Google for ";
+$content['LN_GEN_MESSAGEDETAILS'] = "Message Details";
+ $content['LN_VIEW_ADDTOFILTER'] = "Add '%1' to filterset";
+ $content['LN_VIEW_EXCLUDEFILTER'] = "Exclude '%1' from filterset";
+ $content['LN_VIEW_FILTERFORONLY'] = "Filter for '%1' only";
+ $content['LN_VIEW_SHOWALLBUT'] = "Show all except '%1'";
+ $content['LN_VIEW_VISITLINK'] = "Open Link '%1' in new window";
+
+$content['LN_HIGHLIGHT'] = "Highlight >>";
+$content['LN_HIGHLIGHT_OFF'] = "Highlight <<";
+$content['LN_HIGHLIGHT_WORDS'] = "Highlight words comma separated";
+
+$content['LN_AUTORELOAD'] = "Set auto reload";
+$content['LN_AUTORELOAD_DISABLED'] = "Auto reload disabled";
+$content['LN_AUTORELOAD_PRECONFIGURED'] = "Preconfigured auto reload ";
+$content['LN_AUTORELOAD_SECONDS'] = "seconds";
+$content['LN_AUTORELOAD_MINUTES'] = "minutes";
+
+// Filter Options
+$content['LN_FILTER_DATE'] = "Datetime Range";
+$content['LN_FILTER_DATEMODE'] = "Select mode";
+$content['LN_DATEMODE_ALL'] = "All time";
+$content['LN_DATEMODE_RANGE'] = "Time range";
+$content['LN_DATEMODE_LASTX'] = "Time x since today";
+$content['LN_FILTER_DATEFROM'] = "Date range from";
+$content['LN_FILTER_DATETO'] = "Date range to";
+$content['LN_FILTER_TIMEFROM'] = "Time range from";
+$content['LN_FILTER_TIMETO'] = "Time range to";
+$content['LN_FILTER_DATELASTX'] = "Time since";
+$content['LN_FILTER_ADD2SEARCH'] = "Add to search";
+$content['LN_DATE_LASTX_HOUR'] = "Last hour";
+$content['LN_DATE_LASTX_12HOURS'] = "Last 12 hours";
+$content['LN_DATE_LASTX_24HOURS'] = "Last 24 hours";
+$content['LN_DATE_LASTX_7DAYS'] = "Last 7 days";
+$content['LN_DATE_LASTX_31DAYS'] = "Last 31 days";
+$content['LN_FILTER_FACILITY'] = "Syslog Facility";
+$content['LN_FILTER_SEVERITY'] = "Syslog Severity";
+$content['LN_FILTER_OTHERS'] = "Other Filters";
+$content['LN_FILTER_MESSAGE'] = "Syslog Message";
+$content['LN_FILTER_SYSLOGTAG'] = "Syslogtag";
+$content['LN_FILTER_SOURCE'] = "Source (Hostname)";
+$content['LN_FILTER_MESSAGETYPE'] = "Message Type";
+
+// Install Page
+$content['LN_CFG_DBSERVER'] = "Database Host";
+$content['LN_CFG_DBPORT'] = "Database Port";
+$content['LN_CFG_DBNAME'] = "Database Name";
+$content['LN_CFG_DBPREF'] = "Table prefix";
+$content['LN_CFG_DBUSER'] = "Database User";
+$content['LN_CFG_DBPASSWORD'] = "Database Password";
+$content['LN_CFG_PARAMMISSING'] = "The following parameter were missing: ";
+$content['LN_CFG_SOURCETYPE'] = "Source Type";
+$content['LN_CFG_DISKTYPEOPTIONS'] = "Disk Type Options";
+$content['LN_CFG_LOGLINETYPE'] = "Logline type";
+$content['LN_CFG_SYSLOGFILE'] = "Syslog file";
+$content['LN_CFG_DATABASETYPEOPTIONS'] = "Database Type Options";
+$content['LN_CFG_DBTABLETYPE'] = "Table type";
+$content['LN_CFG_DBSTORAGEENGINE'] = "Database Storage Engine";
+$content['LN_CFG_DBTABLENAME'] = "Database Tablename";
+$content['LN_CFG_NAMEOFTHESOURCE'] = "Name of the Source";
+$content['LN_CFG_FIRSTSYSLOGSOURCE'] = "First Syslog Source";
+$content['LN_CFG_DBROWCOUNTING'] = "Enable Row Counting";
+$content['LN_CFG_VIEW'] = "Select View";
+$content['LN_CFG_DBUSERLOGINREQUIRED'] = "Require user to be logged in";
+$content['LN_CFG_MSGPARSERS'] = "Message Parsers (comma seperated)";
+$content['LN_CFG_NORMALIZEMSG'] = "Normalize Message within Parsers";
+$content['LN_CFG_SKIPUNPARSEABLE'] = "Skip unparseable messages (Only works if msgparsers are configured!)";
+$content['LN_CFG_DBRECORDSPERQUERY'] = "Recordcount for database queries";
+$content['LN_CFG_LDAPServer'] = "LDAP Server Hostname/IP";
+$content['LN_CFG_LDAPPort'] = "LDAP Port, default 389 (636 for SSL)";
+$content['LN_CFG_LDAPBaseDN'] = "Base DN for LDAP Search";
+$content['LN_CFG_LDAPSearchFilter'] = "Basic Search filter";
+$content['LN_CFG_LDAPUidAttribute'] = "LDAP Username attribute";
+$content['LN_CFG_LDAPBindDN'] = "Privilegied user used to LDAP queries";
+$content['LN_CFG_LDAPBindPassword'] = "Password of the privilegied user";
+$content['LN_CFG_LDAPDefaultAdminUser'] = "Default administrative LDAP Username";
+$content['LN_CFG_AUTHTYPE'] = "Authentication method";
+$content['LN_GEN_AUTH_LDAP_OPTIONS'] = "LDAP Authentication Options";
+
+// Details page
+$content['LN_DETAILS_FORSYSLOGMSG'] = "Details for the syslog messages with id";
+$content['LN_DETAILS_DETAILSFORMSG'] = "Details for message id";
+$content['LN_DETAIL_BACKTOLIST'] = "Back to Listview";
+$content['LN_DETAIL_DYNAMIC_FIELDS'] = "Dynamic fields";
+
+
+// Login Site
+$content['LN_LOGIN_DESCRIPTION'] = "Use this form to login into LogAnalyzer. ";
+$content['LN_LOGIN_TITLE'] = "Login";
+$content['LN_LOGIN_USERNAME'] = "Username";
+$content['LN_LOGIN_PASSWORD'] = "Password";
+$content['LN_LOGIN_SAVEASCOOKIE'] = "Stay logged on";
+$content['LN_LOGIN_ERRWRONGPASSWORD'] = "Wrong username or password!";
+$content['LN_LOGIN_USERPASSMISSING'] = "Username or password not given";
+$content['LN_LOGIN_LDAP_USERNOTFOUND'] = "User '%1' could not be found";
+$content['LN_LOGIN_LDAP_USERCOULDNOTLOGIN'] = "Could not login user '%1', LDAP error: %2";
+$content['LN_LOGIN_LDAP_PASSWORDFAIL'] = "User '%1' could not login with the given password";
+$content['LN_LOGIN_LDAP_SERVERFAILED'] = "Failed to connect to LDAP Server '%1'";
+$content['LN_LOGIN_LDAP_USERBINDFAILED'] = "Could not bind with the Search user DN '%1'";
+
+
+// Install Site
+$content['LN_INSTALL_TITLETOP'] = "Installing LogAnalyzer Version %1 - Step %2";
+$content['LN_INSTALL_TITLE'] = "Installer Step %1";
+$content['LN_INSTALL_ERRORINSTALLED'] = 'LogAnalyzer is already configured!
If you want to reconfigure LogAnalyzer, either delete the current config.php or replace it with an empty file.
Click here to return to pgpLogCon start page.';
+$content['LN_INSTALL_FILEORDIRNOTWRITEABLE'] = "At least one file or directory (or more) is not writeable, please check the file permissions (chmod 666)!";
+$content['LN_INSTALL_SAMPLECONFIGMISSING'] = "The sample configuration file '%1' is missing. You have not fully uploaded LogAnalyzer.";
+$content['LN_INSTALL_ERRORCONNECTFAILED'] = "Database connect to '%1' failed! Please check Servername, Port, User and Password!";
+$content['LN_INSTALL_ERRORACCESSDENIED'] = "Cannot use the database '%1'! If the database does not exists, create it or check user access permissions!";
+$content['LN_INSTALL_ERRORINVALIDDBFILE'] = "Error, invalid Database definition file (to short!), the file name is '%1'! Please check if the file was correctly uploaded.";
+$content['LN_INSTALL_ERRORINSQLCOMMANDS'] = "Error, invalid Database definition file (no sql statements found!), the file name is '%1'! Please check if the file was not correctly uploaded, or contact the LogAnalyzer forums for assistance!";
+$content['LN_INSTALL_MISSINGUSERNAME'] = "Username needs to be specified";
+$content['LN_INSTALL_PASSWORDNOTMATCH'] = "Either the password does not match or is to short!";
+$content['LN_INSTALL_FAILEDTOOPENSYSLOGFILE'] = "Failed to open the syslog file '%1'! Check if the file exists and LogAnalyzer has sufficient rights to it ";
+$content['LN_INSTALL_FAILEDCREATECFGFILE'] = "Coult not create the configuration file in '%1'! Please verify the file permissions!";
+$content['LN_INSTALL_FAILEDREADINGFILE'] = "Error reading the file '%1'! Please verify if the file exists!";
+$content['LN_INSTALL_ERRORREADINGDBFILE'] = "Error reading the default database definition file in '%1'! Please verify if the file exists!";
+$content['LN_INSTALL_STEP1'] = "Step 1 - Prerequisites";
+$content['LN_INSTALL_STEP2'] = "Step 2 - Verify File Permissions";
+$content['LN_INSTALL_STEP3'] = "Step 3 - Basic Configuration";
+$content['LN_INSTALL_STEP4'] = "Step 4 - Create Tables";
+$content['LN_INSTALL_STEP5'] = "Step 5 - Check SQL Results";
+$content['LN_INSTALL_STEP6'] = "Step 6 - Creating the Main Useraccount";
+$content['LN_INSTALL_STEP7'] = "Step 7 - Create the first source for syslog messages";
+$content['LN_INSTALL_STEP8'] = "Step 8 - Done";
+$content['LN_INSTALL_STEP1_TEXT'] = 'Before you start installing LogAnalyzer, the Installer setup has to check a few things first. You may have to correct some file permissions first.
Click on to start the Test!';
+$content['LN_INSTALL_STEP2_TEXT'] = "The following file permissions have been checked. Verify the results below! You may use the configure.sh script from the contrib folder to set the permissions for you.";
+$content['LN_INSTALL_STEP3_TEXT'] = "In this step, you configure the basic configurations for LogAnalyzer.";
+$content['LN_INSTALL_STEP4_TEXT'] = 'If you reached this step, the database connection has been successfully verified!
The next step will be to create the necessary database tables used by the LogAnalyzer User System. This might take a while! WARNING, if you have an existing LogAnalyzer installation in this database with the same tableprefix, all your data will be OVERWRITTEN! Make sure you are using a fresh database, or you want to overwrite your old LogAnalyzer database.
Click on to start the creation of the tables';
+$content['LN_INSTALL_STEP5_TEXT'] = "Tables have been created. Check the List below for possible Error's";
+$content['LN_INSTALL_STEP6_TEXT'] = "You are now about to create the initial LogAnalyzer User Account. This will be the first administrative user, which will be needed to login into LogAnalyzer and access the Admin Center!";
+$content['LN_INSTALL_STEP8_TEXT'] = 'Congratulations! You have successfully installed LogAnalyzer :)!
Click here to go to your installation.';
+$content['LN_INSTALL_PROGRESS'] = "Install Progress: ";
+$content['LN_INSTALL_FRONTEND'] = "Frontend Options";
+$content['LN_INSTALL_NUMOFSYSLOGS'] = "Number of syslog messages per page";
+$content['LN_INSTALL_MSGCHARLIMIT'] = "Message character limit for the main view";
+$content['LN_INSTALL_STRCHARLIMIT'] = "Character display limit for all string type fields";
+$content['LN_INSTALL_SHOWDETAILPOP'] = "Show message details popup";
+$content['LN_INSTALL_AUTORESOLVIP'] = "Automatically resolved IP Addresses (inline)";
+$content['LN_INSTALL_USERDBOPTIONS'] = "User Database Options";
+$content['LN_INSTALL_ENABLEUSERDB'] = "Enable User Database";
+$content['LN_INSTALL_SUCCESSSTATEMENTS'] = "Successfully executed statements:";
+$content['LN_INSTALL_FAILEDSTATEMENTS'] = "Failed statements:";
+$content['LN_INSTALL_STEP5_TEXT_NEXT'] = "You can now proceed to the next step adding the first LogAnalyzer Admin User!";
+$content['LN_INSTALL_STEP5_TEXT_FAILED'] = "At least one statement failed,see error reasons below";
+$content['LN_INSTALL_ERRORMSG'] = "Error Message";
+$content['LN_INSTALL_SQLSTATEMENT'] = "SQL Statement";
+$content['LN_INSTALL_CREATEUSER'] = "Create User Account";
+$content['LN_INSTALL_PASSWORD'] = "Password";
+$content['LN_INSTALL_PASSWORDREPEAT'] = "Repeat Password";
+$content['LN_INSTALL_SUCCESSCREATED'] = "Successfully created User";
+$content['LN_INSTALL_RECHECK'] = "ReCheck";
+$content['LN_INSTALL_FINISH'] = "Finish!";
+$content['LN_INSTALL_LDAPCONNECTFAILED'] = "Failed to connect to your LDAP Server '%1'.";
+$content['LN_INSTALL_'] = "";
+
+// Converter Site
+$content['LN_CONVERT_TITLE'] = "Configuration Converter Step %1";
+$content['LN_CONVERT_NOTALLOWED'] = "Login";
+$content['LN_CONVERT_ERRORINSTALLED'] = 'LogAnalyzer is not allowed to convert your settings into the user database.
If you want to convert your convert your settings, add the variable following into your config.php: $CFG[\'UserDBConvertAllowed\'] = true;
Click here to return to pgpLogCon start page.';
+$content['LN_CONVERT_STEP1'] = "Step 1 - Informations";
+$content['LN_CONVERT_STEP2'] = "Step 2 - Create Tables";
+$content['LN_CONVERT_STEP3'] = "Step 3 - Check SQL Results";
+$content['LN_CONVERT_STEP4'] = "Step 4 - Creating the Main Useraccount";
+$content['LN_CONVERT_STEP5'] = "Step 5 - Import Settings into UserDB";
+$content['LN_CONVERT_TITLETOP'] = "Converting LogAnalyzer configuration settings - Step ";
+$content['LN_CONVERT_STEP1_TEXT'] = 'This script allows you to import your existing configuration from the config.php file. This includes frontend settings, data sources, custom views and custom searches. Do only perform this conversion if you did install LogAnalyzer without the UserDB System, and decided to enable it now.
ANY EXISTING INSTANCE OF A USERDB WILL BE OVERWRITTEN!
to start the first conversion step!';
+$content['LN_CONVERT_STEP2_TEXT'] = 'The database connection has been successfully verified!
The next step will be to create the necessary database tables for the LogAnalyzer User System. This might take a while! WARNING, if you have an existing LogAnalyzer installation in this database with the same tableprefix, all your data will be OVERWRITTEN! Make sure you are using a fresh database, or you want to overwrite your old LogAnalyzer database.
Click on to start the creation of the tables';
+$content['LN_CONVERT_STEP5_TEXT'] = ' to start the last step of the conversion. In this step, your existing configuration from the config.php will be imported into the database.';
+$content['LN_CONVERT_STEP6'] = "Step 8 - Done";
+$content['LN_CONVERT_STEP6_TEXT'] = 'Congratulations! You have successfully converted your existing LogAnalyzer installation :)!
Important! Don\'t forget to REMOVE THE VARIABLES $CFG[\'UserDBConvertAllowed\'] = true; from your config.php file!
You can click here to get to your LogAnalyzerinstallation.';
+$content['LN_CONVERT_PROCESS'] = "Conversion Progress:";
+$content['LN_CONVERT_ERROR_SOURCEIMPORT'] = "Critical Error while importing the sources into the database, the SourceType '%1' is not supported by this LogAnalyzer Version.";
+
+// Stats Site
+ $content['LN_STATS_CHARTTITLE'] = "Top %1 '%2' sorted by messagecount";
+ $content['LN_STATS_COUNTBY'] = "Messagecount by '%1'";
+ $content['LN_STATS_OTHERS'] = "All Others";
+ $content['LN_STATS_TOPRECORDS'] = "Maxrecords: %1";
+ $content['LN_STATS_GENERATEDAT'] = "Generated at: %1";
+// $content['LN_STATS_COUNTBYSYSLOGTAG'] = "Messagecount by SyslogTag";
+ $content['LN_STATS_GRAPH'] = "Graph";
+ $content['LN_GEN_ERROR_INVALIDFIELD'] = "Invalid fieldname";
+ $content['LN_GEN_ERROR_MISSINGCHARTFIELD'] = "Missing fieldname";
+ $content['LN_GEN_ERROR_INVALIDTYPE'] = "Invalid or unknown chart type.";
+ $content['LN_ERROR_CHARTS_NOTCONFIGURED'] = "There are no charts configured at all.";
+ $content['LN_CHART_TYPE'] = "Chart type";
+ $content['LN_CHART_WIDTH'] = "Chart width";
+ $content['LN_CHART_FIELD'] = "Chart field";
+ $content['LN_CHART_MAXRECORDS'] = "Top records count";
+ $content['LN_CHART_SHOWPERCENT'] = "Show percentage data";
+ $content['LN_CHART_TYPE_CAKE'] = "Cake (Pie)";
+ $content['LN_CHART_TYPE_BARS_VERTICAL'] = "Bars vertical";
+ $content['LN_CHART_TYPE_BARS_HORIZONTAL'] = "Bars horizontal";
+ $content['LN_STATS_WARNINGDISPLAY'] = "Generating graphics on large data sources currently is very time consuming. This will be addressed in later versions. If processing takes too long, please simply cancel the request.";
+
+// asktheoracle site
+$content['LN_ORACLE_TITLE'] = "Asking the oracle for '%1'";
+$content['LN_ORACLE_HELP_FOR'] = "These are the links the oracle got for you";
+$content['LN_ORACLE_HELP_TEXT'] = "
You asked the oracle to find more information about the '%1' value '%2'.
+
This pages enables you do a a search over multiple log sources. %3
+ The overall idea is to make it easy to find information about a specific subject in all places where it may exist.
+
+
A useful use case may be a hack attempt you see in a web log. Click on the attacker's IP, which brings up this search page here. Now you can both lookup information about the IP range as well as check your other logs (e.g. firewall or mail) if they contain information about the attacker. We hope that this facilitates your analysis process.
+
+";
+$content['LN_ORACLE_HELP_TEXT_EXTERNAL'] = "It also enables you to perform canned searches over some external databases";
+$content['LN_ORACLE_HELP_DETAIL'] = "Link matrix for the '%1' value '%2'";
+$content['LN_ORACLE_SEARCH'] = "Search"; // in '%1' Field";
+$content['LN_ORACLE_SOURCENAME'] = "Source name";
+$content['LN_ORACLE_FIELD'] = "Field";
+$content['LN_ORACLE_ONLINESEARCH'] = "Online Search";
+$content['LN_ORACLE_WHOIS'] = "WHOIS Lookup for '%1' value '%2'";
+
+// Report Strings
+$content['LN_GEN_ERROR_INVALIDOP'] = "Invalid or missing operation type";
+$content['LN_GEN_ERROR_INVALIDREPORTID'] = "Invalid or missing report id";
+$content['LN_GEN_ERROR_MISSINGSAVEDREPORTID'] = "Invalid or missing savedreport id";
+$content['LN_GEN_ERROR_REPORTGENFAILED'] = "Failed generating report '%1' with the following error reason: %2";
+$content['LN_GEN_ERROR_WHILEREPORTGEN'] = "Error occured while generating report";
+$content['LN_GEN_ERROR_REPORT_NODATA'] = "No data found for report generation";
+$content['LN_GEN_ALL_OTHER_EVENTS'] = "All other events";
+$content['LN_REPORT_FOOTER_ENDERED'] = "Report rendered in";
+$content['LN_REPORT_FILTERS'] = "List of used filters";
+$content['LN_REPORT_FILTERTYPE_DATE'] = "Date";
+$content['LN_REPORT_FILTERTYPE_NUMBER'] = "Number";
+$content['LN_REPORT_FILTERTYPE_STRING'] = "String";
+$content['LN_GEN_SUCCESS_WHILEREPORTGEN'] = "Report was successfully generated";
+$content['LN_GEN_ERROR_REPORTFAILEDTOGENERATE'] = "Failed to generate report, error details: %1";
+$content['LN_GEN_SUCCESS_REPORTWASGENERATED_DETAILS'] = "Successfully generated report: %1";
+$content['LN_ERROR_PATH_NOT_ALLOWED'] = "The file is not located in the allowed directories list (By default /var/log is allowed only).";
+$content['LN_ERROR_PATH_NOT_ALLOWED_EXTRA'] = "The file '%1' is not located in one of these directories: '%2'";
+
+$content['LN_CMD_RUNREPORT'] = "Generating saved report '%1'";
+$content['LN_CMD_REPORTIDNOTFOUND'] = "Invalid Report ID '%1'";
+$content['LN_CMD_SAVEDREPORTIDNOTFOUND'] = "Invalid SavedReport ID '%1'";
+$content['LN_CMD_NOREPORTID'] = "Missing Report ID";
+$content['LN_CMD_NOSAVEDREPORTID'] = "Missing SavedReport ID";
+$content['LN_CMD_NOCMDPROMPT'] = "Error, this script can only be run from the command prompt.";
+$content['LN_REPORT_GENERATEDTIME'] = "Report generated at: ";
+
+$content['LN_REPORT_ACTIONS'] = "Run Report Actions";
+$content['LN_REPORTS_CAT'] = "Report Category";
+$content['LN_REPORTS_ID'] = "Report ID";
+$content['LN_REPORTS_NAME'] = "Report Name";
+$content['LN_REPORTS_DESCRIPTION'] = "Report Description";
+$content['LN_REPORTS_HELP'] = "Help";
+$content['LN_REPORTS_HELP_CLICK'] = "Click here for a detailed report description";
+$content['LN_REPORTS_INFO'] = "Show more Information";
+$content['LN_REPORTS_SAVEDREPORTS'] = "Saved reports";
+$content['LN_REPORTS_ADMIN'] = "Administrate Reports";
+$content['LN_REPORTMENU_LIST'] = "List installed Reports";
+$content['LN_REPORTMENU_ONLINELIST'] = "All Available Reports";
+$content['LN_REPORTS_INFORMATION'] = "This page shows a list of installed and available reports including saved report configurations.
+ To run a report, click on the buttons right to the Saved Reports.
+ Attention! Generating reports can be very time consuming depending on the size of your database.
+";
+$content['LN_REPORTS_CHECKLOGSTREAMSOURCE'] = "Verify Logstream optimization";
+
+
?>
\ No newline at end of file
diff --git a/src/templates/details.html b/src/templates/details.html
index c1baeea..fcef464 100644
--- a/src/templates/details.html
+++ b/src/templates/details.html
@@ -76,13 +76,36 @@
{FieldCaption}