2007-04-03 14:10:23 +00:00
#!/usr/bin/php
< ? php
include ( " config.php " );
include ( " includes/functions.php " );
2008-03-19 19:15:57 +00:00
if ( ! $config [ 'enable_syslog' ]) { echo ( " Syslog support disabled. \n " ); exit (); }
2007-06-24 14:56:47 +00:00
2007-04-03 14:10:23 +00:00
$add = 0 ;
$discard = 0 ;
$total = 0 ;
2008-03-19 19:15:57 +00:00
mysql_query ( " DELETE FROM `syslog` WHERE `msg` LIKE '%last message repeated%' " );
mysql_query ( " DELETE FROM `syslog` WHERE `msg` LIKE '%Connection from UDP: [89.21.224.44]:%' " );
mysql_query ( " DELETE FROM `syslog` WHERE `msg` LIKE '%Connection from UDP: [89.21.224.35]:%' " );
2007-05-20 19:21:35 +00:00
2008-03-19 19:15:57 +00:00
$q = mysql_query ( " SELECT * FROM `syslog` where `processed` = '0' " );
while ( $entry = mysql_fetch_array ( $q )){
2007-04-03 14:10:23 +00:00
2008-03-19 19:15:57 +00:00
unset ( $device_id );
2007-04-03 14:10:23 +00:00
unset ( $maybehost );
unset ( $perhapshost );
2008-03-19 19:15:57 +00:00
$device_id_host = @ mysql_result ( mysql_query ( " SELECT device_id FROM devices WHERE `hostname` = ' " . $entry [ 'host' ] . " ' " ), 0 );
2007-04-03 14:10:23 +00:00
2008-03-19 19:15:57 +00:00
if ( $device_id_host ) {
$device_id = $device_id_host ;
} else {
$device_id_ip = @ mysql_result ( mysql_query ( " SELECT D.device_id as device_id FROM ipaddr AS A, interfaces AS I, devices AS D WHERE A.addr = ' " . $entry [ 'host' ] . " ' AND I.interface_id = A.interface_id AND D.device_id = I.device_id " ), 0 );
if ( $device_id_ip ) {
$device_id = $device_id_ip ;
}
}
2007-04-03 14:10:23 +00:00
2008-03-19 19:15:57 +00:00
if ( $device_id ) {
2007-04-03 14:10:23 +00:00
2008-03-19 19:15:57 +00:00
if ( mysql_result ( mysql_query ( " SELECT `os` FROM `devices` WHERE `device_id` = ' $device_id ' " ), 0 ) == " IOS " ) {
list (, $entry [ msg ]) = split ( " : % " , $entry [ 'msg' ]);
$entry [ 'msg' ] = " % " . $entry [ 'msg' ];
$entry [ 'msg' ] = preg_replace ( " /^%(.+?): \ / " , " \\ 1|| " , $entry [ 'msg' ]);
list ( $entry [ 'program' ], $entry [ 'msg' ]) = explode ( " || " , $entry [ 'msg' ]);
2007-04-03 14:10:23 +00:00
} else {
2008-03-22 18:01:38 +00:00
$program = preg_quote ( $entry [ 'program' ], '/' );
2008-03-19 19:15:57 +00:00
$entry [ 'msg' ] = preg_replace ( " /^ $program : \ / " , " " , $entry [ 'msg' ]);
if ( preg_match ( " /^[a-zA-Z \ /]+ \ [[0-9]+ \ ]:/ " , $entry [ 'msg' ])) {
$entry [ 'msg' ] = preg_replace ( " /^(.+?) \ [[0-9]+ \ ]: \ / " , " \\ 1|| " , $entry [ 'msg' ]);
list ( $entry [ 'program' ], $entry [ 'msg' ]) = explode ( " || " , $entry [ 'msg' ]);
echo ( " fix! -> " . $entry [ 'program' ] . " -> " . $entry [ 'msg' ] . " \n " );
}
2007-04-03 14:10:23 +00:00
}
2008-03-19 19:15:57 +00:00
$x = " UPDATE `syslog` set `device_id` = ' $device_id ', `program` = ' " . $entry [ 'program' ] . " ', `msg` = ' " . mysql_real_escape_string ( $entry [ 'msg' ]) . " ', processed = '1' WHERE `seq` = ' " . $entry [ 'seq' ] . " ' " ;
# echo("$x \n");
2007-04-03 14:10:23 +00:00
mysql_query ( $x );
2008-03-19 19:15:57 +00:00
unset ( $fix );
2007-04-03 14:10:23 +00:00
$add ++ ;
2008-03-19 19:15:57 +00:00
} else {
echo ( " Failed entry from ' " . $entry [ 'host' ] . " ' " );
$x = " DELETE FROM `syslog` where `seq` = ' " . $entry [ 'seq' ] . " ' " ;
mysql_query ( $x );
$discard ++ ;
}
2007-04-03 14:10:23 +00:00
$total ++ ;
}
2007-05-20 19:21:35 +00:00
#echo("$total records processed: $add added to database, $discard discarded");
2008-03-19 19:15:57 +00:00
2007-04-03 14:10:23 +00:00
?>