tyler.durden/loganalyzer
1
0
Fork 0
mirror of https://github.com/rsyslog/loganalyzer.git synced 2025-09-23 09:58:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added support to show dynamic fields for MongoDB logstream sources.

Browse Source 
This enables Loganalyzer to view data prior written by rsyslog into MongoDB
that came from CEE sources.
This commit is contained in:
Andre Lorbach 2013-02-21 17:32:29 +01:00
parent af9de2a4ec
commit ded6e15d09
6 changed files with 2674 additions and 2587 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/classes/logstream.class.php
View File

@ -473,14 +473,10 @@ abstract class LogStream {
{ {
// Include Filter // Include Filter
if ( $myfilter[FILTER_MODE] & FILTER_MODE_INCLUDE ) if ( $myfilter[FILTER_MODE] & FILTER_MODE_INCLUDE )
{
// Unless REGEX Filter, this has to be done by the Logstream driver
if ( !($myfilter[FILTER_MODE] & FILTER_MODE_SEARCHREGEX) )
{ {
if ( stripos($propertyvalue, $myfilter[FILTER_VALUE]) === false ) if ( stripos($propertyvalue, $myfilter[FILTER_VALUE]) === false )
$bEval = false; $bEval = false;
} }
}
// Exclude Filter // Exclude Filter
else if ( $myfilter[FILTER_MODE] & FILTER_MODE_EXCLUDE ) else if ( $myfilter[FILTER_MODE] & FILTER_MODE_EXCLUDE )
{ {
@ -718,6 +714,23 @@ abstract class LogStream {
return $szFieldName; return $szFieldName;
} }
/*
* Helper function to check a if a fieldname exists in the mapping
*/
public function CheckFieldnameInMapping($szTableType, $szFieldName)
{
global $content, $dbmapping;
foreach( $dbmapping[$szTableType]['DBMAPPINGS'] as $myFieldID => $myDBMapping )
{
if ( $myDBMapping == $szFieldName )
return true; // return found!
}
// Default FALSE!
return false;
}
/* /*
* --- PIRVATE HELPERS! * --- PIRVATE HELPERS!
*/ */

31
src/classes/logstreammongodb.class.php
View File

@ -488,8 +488,25 @@ class LogStreamMongoDB extends LogStream {
$arrProperitesOut[$property] = ''; $arrProperitesOut[$property] = '';
} }
else else
{
$arrProperitesOut[$property] = ''; $arrProperitesOut[$property] = '';
// echo $property . "=" . $this->bufferedRecords[$this->_currentRecordNum][$dbfieldname];
} }
}
// --- Add dynamic fields into record!
foreach( $this->bufferedRecords[$this->_currentRecordNum] as $propName => $propValue)
{
if ( !isset($arrProperitesOut[$propName]) &&
!$this->CheckFieldnameInMapping($szTableType, $propName) &&
(isset($propValue) && strlen($propValue) > 0)
)
{
// Add dynamic Property!
$arrProperitesOut[$propName] = $propValue;
}
}
// ---
// Run optional Message Parsers now // Run optional Message Parsers now
if ( isset($arrProperitesOut[SYSLOG_MESSAGE]) ) if ( isset($arrProperitesOut[SYSLOG_MESSAGE]) )
@ -1572,7 +1589,12 @@ class LogStreamMongoDB extends LogStream {
OutputDebugMessage("LogStreamMongoDB|ReadNextRecordsFromDB: Running FIND ", DEBUG_ULTRADEBUG); OutputDebugMessage("LogStreamMongoDB|ReadNextRecordsFromDB: Running FIND ", DEBUG_ULTRADEBUG);
// Find Data in MongoCollection // Find Data in MongoCollection
$myCursor = $this->_myMongoCollection->find($this->_myMongoQuery, $this->_myMongoFields); $myCursor = $this->_myMongoCollection->find($this->_myMongoQuery)->limit($this->_logStreamConfigObj->RecordsPerQuery)->sort(array("_id" => -1)); // , $this->_myMongoFields);
// echo "<pre>";
// var_dump(iterator_to_array($myCursor));
// echo "</pre>";
} }
catch ( MongoCursorException $e ) catch ( MongoCursorException $e )
{ {
@ -1587,11 +1609,9 @@ class LogStreamMongoDB extends LogStream {
// OutputDebugMessage("LogStreamMongoDB|ReadNextRecordsFromDB: myCursor->info() = <pre>" . var_export($myCursor->info(), true) . "</pre>", DEBUG_ULTRADEBUG); // OutputDebugMessage("LogStreamMongoDB|ReadNextRecordsFromDB: myCursor->info() = <pre>" . var_export($myCursor->info(), true) . "</pre>", DEBUG_ULTRADEBUG);
// Limit records // Limit records
$myCursor->limit( $this->_logStreamConfigObj->RecordsPerQuery ); // $myCursor->limit( $this->_logStreamConfigObj->RecordsPerQuery );
// OutputDebugMessage("Cursor verbose: " . var_export($myCursor->explain(), true), DEBUG_DEBUG); // OutputDebugMessage("Cursor verbose: " . var_export($myCursor->explain(), true), DEBUG_DEBUG);
$myCursor = $myCursor->sort(array("_id" => -1)); // $myCursor = $myCursor->sort(array("_id" => -1));
try try
{ {
@ -1621,6 +1641,7 @@ class LogStreamMongoDB extends LogStream {
// Keys will be converted into lowercase! // Keys will be converted into lowercase!
$this->bufferedRecords[$iBegin] = array_change_key_case( $myRow, CASE_LOWER); $this->bufferedRecords[$iBegin] = array_change_key_case( $myRow, CASE_LOWER);
$iBegin++; $iBegin++;
} }
} }

33
src/details.php
View File

@ -208,7 +208,7 @@ if ( isset($content['Sources'][$currentSourceID]) ) // && $content['uid_current'
else else
$content['fields'][$mycolkey]['cssclass'] = "line2"; $content['fields'][$mycolkey]['cssclass'] = "line2";
if ( $mycolkey == SYSLOG_MESSAGE) if ( $mycolkey == SYSLOG_MESSAGE )
$content['fields'][$mycolkey]['menucssclass'] = "cellmenu1_naked"; $content['fields'][$mycolkey]['menucssclass'] = "cellmenu1_naked";
else else
$content['fields'][$mycolkey]['menucssclass'] = "cellmenu1"; $content['fields'][$mycolkey]['menucssclass'] = "cellmenu1";
@ -301,8 +301,35 @@ if ( isset($content['Sources'][$currentSourceID]) ) // && $content['uid_current'
} }
//print_r ( $content['fields'] ); // --- Now Check for dynamic fields!
//exit; $counter = 0;
foreach($logArray as $mydynkey => $mydynvalue)
{
// Check if field is already in fields array
if ( !isset($content['fields'][$mydynkey]) && isset($mydynvalue) && strlen($mydynvalue) > 0 )
{
$content['dynamicfields'][$mydynkey]['dynfieldkey'] = $mydynkey;
$content['dynamicfields'][$mydynkey]['dynfieldvalue'] = $mydynvalue;
// --- Set CSS Class
if ( $counter % 2 == 0 )
$content['dynamicfields'][$mydynkey]['dyncssclass'] = "line1";
else
$content['dynamicfields'][$mydynkey]['dyncssclass'] = "line2";
// ---
// Increment helpcounter
$counter++;
}
}
// Enable dynamic Fields
if ( isset($content['dynamicfields']) )
$content['dynamicfieldsenabled'] = "true";
// ---
// echo "<pre>";
// var_dump($content['dynamicfields']);
// echo "</pre>";
// Enable pager if the count is above 1 or we don't know the record count! // Enable pager if the count is above 1 or we don't know the record count!
if ( $content['main_recordcount'] > 1 || $content['main_recordcount'] == -1 ) if ( $content['main_recordcount'] > 1 || $content['main_recordcount'] == -1 )

1
src/include/constants_logstream.php
View File

@ -388,6 +388,7 @@ $dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_SEVERITY] = "syslog_sever";
$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_SYSLOGTAG] = "procid"; // not using syslog_tag because of PID in it $dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_SYSLOGTAG] = "procid"; // not using syslog_tag because of PID in it
$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_PROCESSID] = "pid"; $dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_PROCESSID] = "pid";
$dbmapping['mongodb']['DBMAPPINGS'][MISC_CHECKSUM] = "Checksum"; $dbmapping['mongodb']['DBMAPPINGS'][MISC_CHECKSUM] = "Checksum";
$dbmapping['mongodb']['DBMAPPINGS'][SYSLOG_EVENT_LOGTYPE] = "nteventlogtype";
// Convert all fieldnames to lowercase to avoid problems with case sensitive array keys later // Convert all fieldnames to lowercase to avoid problems with case sensitive array keys later
foreach( $dbmapping as &$myMapping ) foreach( $dbmapping as &$myMapping )

2
src/lang/en/main.php
View File

@ -229,6 +229,8 @@ $content['LN_GEN_AUTH_LDAP_OPTIONS'] = "LDAP Authentication Options";
$content['LN_DETAILS_FORSYSLOGMSG'] = "Details for the syslog messages with id"; $content['LN_DETAILS_FORSYSLOGMSG'] = "Details for the syslog messages with id";
$content['LN_DETAILS_DETAILSFORMSG'] = "Details for message id"; $content['LN_DETAILS_DETAILSFORMSG'] = "Details for message id";
$content['LN_DETAIL_BACKTOLIST'] = "Back to Listview"; $content['LN_DETAIL_BACKTOLIST'] = "Back to Listview";
$content['LN_DETAIL_DYNAMIC_FIELDS'] = "Dynamic fields";
// Login Site // Login Site
$content['LN_LOGIN_DESCRIPTION'] = "Use this form to login into LogAnalyzer. "; $content['LN_LOGIN_DESCRIPTION'] = "Use this form to login into LogAnalyzer. ";

27
src/templates/details.html
View File

@ -76,13 +76,36 @@
<B>{FieldCaption}</B> <B>{FieldCaption}</B>
</td> </td>
<td width="100%" align="{FieldAlign}" class="{cssclass}" {fieldbgcolor} valign="top"> <td width="100%" align="{FieldAlign}" class="{cssclass}" {fieldbgcolor} valign="top">
<B>
</B>
{fieldvalue} {fieldvalue}
</td> </td>
</tr> </tr>
<!-- ENDIF fieldenabled="true" --> <!-- ENDIF fieldenabled="true" -->
<!-- END fields --> <!-- END fields -->
<!-- IF dynamicfieldsenabled="true" -->
<tr>
<td width="200" class="cellmenu1_naked" align="left" nowrap>
<B>{LN_DETAIL_DYNAMIC_FIELDS}</B>
</td>
<td width="100%" align="center" class="line1" valign="top">
<br/>
<table border="0" cellpadding="2" cellspacing="1" bgcolor="#DDDDDD" width="600" class="with_border_alternative">
<!-- BEGIN dynamicfields -->
<tr>
<td align="left" class="cellmenu2">
{dynfieldkey}
</td>
<td align="left" class="{dyncssclass}">
{dynfieldvalue}
</td>
</tr>
<!-- END dynamicfields -->
</table>
<br/>
</td>
</tr>
<!-- ENDIF dynamicfieldsenabled="true" -->
</table> </table>
<!-- ENDIF messageenabled="true" --> <!-- ENDIF messageenabled="true" -->