tyler.durden/loganalyzer
1
0
Fork 0
mirror of https://github.com/rsyslog/loganalyzer.git synced 2025-09-26 19:29:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
loganalyzer/syslog-index.php
Rainer Gerhards 28303608c7 updating to 1.0 beta version
2005-07-21 12:25:42 +00:00

239 lines
8.2 KiB
PHP
Raw Blame History

<?php
/*#### #### #### #### #### #### #### #### #### ####
phpLogCon - A Web Interface to Log Data.
Copyright (C) 2004 Adiscon GmbH
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
If you have questions about phpLogCon in general, please email info@adiscon.com. To learn more about phpLogCon, please visit
http://www.phplogcon.com.
This Project was intiated and is maintened by Rainer Gerhards <rgerhards@hq.adiscon.com>. See AUTHORS to learn who helped make
it become a reality.
*/#### #### #### #### #### #### #### #### #### ####
include 'include.php';
if( !isset($_POST['sortMethode']) )
$_POST['sortMethode'] = "ASC";
WriteStandardHeader(_MSGShwSlt);
//classes
include _CLASSES . 'eventsnavigation.php';
include _CLASSES . 'eventfilter.php';
// SELECT COUNT(ID) AS occurences, ID, FromHost, Message, SysLogTag FROM SystemEvents WHERE InfoUnitID=1 AND ReceivedAt >= '2004-01-01 00:00:00' AND ReceivedAt <= '2004-10-26 23:59:59' GROUP BY SysLogTag ORDER BY occurences DESC limit 0,20
// SELECT COUNT(ID) AS occurences, SysLogTag FROM SystemEvents WHERE (InfoUnitID = 1) AND (ReceivedAt >= '2004-01-01 00:00:00') AND (ReceivedAt <= '2004-10-26 23:59:59') GROUP BY SysLogTag
// TO-DO: Change "ExampleHost" to "Most Host"
//the splitted sql statement
// Cause MSSQL has proplems with GROUP BY clauses we need to do 2 DataBase-Queries
// the first one gets the occurences on one syslogtag, the syslogtag itself and the host.
// the second one only gets the message!
// Don't try to combine these two queries! MSSQL will give you a headnut! :D
$cmdSQLfirst_part = 'SELECT ';
$cmdSQLmain_part_1 = "COUNT(ID) AS occurences, SysLogTag";
$cmdSQLmain_part_2 = "ID, Message FROM "._DBTABLENAME;
$cmdSQLlast_part_1 = ' WHERE InfoUnitID=1 AND ';
$cmdSQLlast_part_2 = ' WHERE InfoUnitID=1 AND ';
// define the last part of the sql statment, e.g. the where part, ordery by, etc.
$myFilter = New EventFilter;
// Which methode is choosed?
if($_SESSION['show_methode'] == "Host")
{
$myFilter->SetSQLGroup("SysLogTagHost");
$cmdSQLmain_part_1 .= ", FromHost FROM "._DBTABLENAME;
}
else
{
if($_SESSION['tag_order'] == "Host")
$_SESSION['tag_order'] = "SysLogTag";
$myFilter->SetSQLGroup("SysLogTag");
$cmdSQLmain_part_1 .= " FROM "._DBTABLENAME;
}
$cmdSQLlast_part_1 .= $myFilter->GetSQLWherePart(1);
$cmdSQLlast_part_2 .= $myFilter->GetSQLWherePart(1);
// how much data records should be displayed on one page
if($_SESSION['epp'] < 1 || $_SESSION['epp'] > 100)
$myEventsNavigation = new EventsNavigation(20);
else
$myEventsNavigation = new EventsNavigation($_SESSION['epp']);
// show (include) quick filters
include "quick-filter.php";
echo "<br>";
// how much data records match with the filter settings
// if(strtolower(_CON_MODE) == "odbc" && strtolower(_DB_APP) == "mssql")
// $myEventsNavigation->EventCount = odbc_record_count($global_Con, $cmdSQLfirst_part . $cmdSQLmain_part_1 . $cmdSQLlast_part_1);
// else
$myEventsNavigation->SetEventCount($global_Con, $cmdSQLlast_part_1);
$num = $myEventsNavigation->GetEventCount();
$cmdSQLlast_part_1 .= $myFilter->GetSQLGroup();
$cmdSQLlast_part_1 .= $myFilter->GetSysLogTagSQLSort();
// SQL statement to get result with limitation
$res1 = db_exec_limit($global_Con, $cmdSQLfirst_part, $cmdSQLmain_part_1, $cmdSQLlast_part_1, $myEventsNavigation->GetLimitLower(), $myEventsNavigation->GetPageSize(), $myFilter->OrderBy);
if($num == 0)
{
// output if no data exit for the search string
echo '<br><b>', _MSGNoData, '</b>';
}
else
{
echo '<table>';
echo '<tr><td align="left">';
echo _MSGEvn, ' ', $myEventsNavigation->GetLimitLower(), ' ', _MSGTo, ' ', $myEventsNavigation->GetLimitUpper(), ' ', _MSGFrm, ' ', $myEventsNavigation->GetEventCount();
echo '</td><td align="right">';
$myEventsNavigation->ShowNavigation();
?>
</td>
</tr>
</table>
<table border="0" cellspacing="0" cellpadding="0" CLASS="EventTable">
<tr CLASS=TDHEADER>
<?php if($_SESSION['show_methode'] == "Host") echo "<td>Example Host</td>";?>
<td>SysLogTag</td>
<td>Occurences</td>
<td>Example Message - Click for full list</td>
</tr>
<?php
//Read out words from phplogcon.ini which shouldn't
//be displayed and replaced by '*'
$file = file('phplogcon.ini');
if($file != FALSE)
{
$numarrayfile = count($file);
for($i = 0; $i < $numarrayfile; $i++)
{
$file[$i] = trim($file[$i]);
if($file[$i] != '#')
{
if($file[$i] == '[phplogcon]')
{
for($j = $i+1; $j < $numarrayfile; $j++)
{
if( stristr($file[$j], 'wordsdontshow=') != FALSE )
{
$words = explode("=", $file[$j]);
$words = explode(",", $words[1]);
}
}
}
}
}
$numarraywords = count($words);
}
$tc = 1;
while($row1 = db_fetch_array($res1))
{
// here we get the message corresponding to a syslogtag!
// for better performance we optimize the query with a TOP(Mssql) or LIMIT(MySql)
$cmdTmpFirst = $cmdSQLfirst_part;
$cmdTmpLast = $cmdSQLlast_part_2;
$cmdSQLlast_part_2 .= " AND SysLogTag LIKE '" . $row1['SysLogTag'] . "'";
if(strtolower(_CON_MODE) == "odbc" && strtolower(_DB_APP) == "mssql")
$cmdSQLfirst_part .= "TOP 1 ";
else
$cmdSQLlast_part_2 .= " LIMIT 0,1";
$res2 = db_exec($global_Con, $cmdSQLfirst_part . $cmdSQLmain_part_2 . $cmdSQLlast_part_2);
$cmdSQLlast_part_2 = $cmdTmpLast;
$cmdSQLfirst_part = $cmdTmpFirst;
$row2 = db_fetch_array($res2);
if($row2['Message'] == "")
$message = _MSGNoMsg;
else
$message = $row2['Message'];
echo '<tr>';
if($_SESSION['show_methode'] == "Host")
echo '<td CLASS=TD' . $tc . '>' . $row1['FromHost'] . '</td>';
echo '<td CLASS=TD' . $tc . '>' . $row1['SysLogTag'] . '</td>';
echo '<td CLASS=TD' . $tc . '>' . $row1['occurences'] . '</td>';
$message = htmlspecialchars($message);
if(isset($_POST['regexp']) && $_POST['regexp'] != "")
{
$_POST['regexp'] = trim($_POST['regexp']);
$messageUp = strtoupper($message);
$regexpUp = strtoupper($_POST['regexp']);
$search_pos = strpos($messageUp, $regexpUp);
if($search_pos !== FALSE)
{
$regexpLng = strlen($_POST['regexp']);
$strCount = substr_count($messageUp, $regexpUp);
$strTmp = $message;
$message = "";
for($i = 0; $i < $strCount; $i++)
{
$messageUp = strtoupper($strTmp);
$search_pos = strpos($messageUp, $regexpUp);
$subStrSt = substr($strTmp, 0 , $search_pos);
$subStrExp = substr($strTmp, $search_pos, $regexpLng);
$subStrEnd = substr($strTmp, ($search_pos + $regexpLng));
$message .= $subStrSt . '<font color="' . $_POST['color'] . '">' . $subStrExp . '</font>';
if($i == ($strCount - 1))
$message .= $subStrEnd;
$strTmp = $subStrEnd;
}
}
}
//Replace the words that had been read out from the ini file
if($file != FALSE)
{
for($i = 0; $i < $numarraywords; $i++)
{
$repstr = '';
$words[$i] = trim($words[$i]);
for($j = 0; $j < strlen($words[$i]); $j++) $repstr .= '*';
if($words[$i] != '')
$message = eregi_replace($words[$i], $repstr, $message);
}
}
echo '<td CLASS=TD', $tc, '><a CLASS="Msg" href="syslog-display.php?slt=' . $row1['SysLogTag'] . '">', $message, '</a></td>'; //message
//for changing colors
if($tc == 1) $tc = 2;
else $tc = 1;
/*
echo "<td>".$row['Priority']."</td>";
*/
echo '</tr>';
}
echo "</table>";
}
WriteFood();
?>
Reference in New Issue View Git Blame Copy Permalink