From 8ea4e7899a6ec8f3a90b11a9f4440d46448c2694 Mon Sep 17 00:00:00 2001 From: Fish <> Date: Tue, 25 Jan 2005 09:24:34 +0000 Subject: [PATCH] update clf to latest production version --- .gitattributes | 1 + html/config.php | 4 ++ html/equiptype.php | 17 +++++- html/host.php | 14 ++++- html/logwatch.php | 14 +++-- html/processor.php | 1 + html/scripts/php/cleanprocessor.php | 8 ++- html/scripts/php/expire.php | 2 +- html/scripts/php/processlogs.php | 90 +++++++++++++++++++++++++++-- html/scripts/php/runlogwatch.php | 53 +++++++++++++++++ html/scripts/php/weeklyreport.php | 2 +- lib/pix.php | 20 +++++-- log.d/bin/logwatch.pl | 2 +- 13 files changed, 203 insertions(+), 25 deletions(-) create mode 100755 html/scripts/php/runlogwatch.php diff --git a/.gitattributes b/.gitattributes index e652daf..162d4ca 100644 --- a/.gitattributes +++ b/.gitattributes @@ -109,6 +109,7 @@ html/scripts/php/cleanprocessor.php -text html/scripts/php/expire.php -text html/scripts/php/nightlyroguecheck.php -text html/scripts/php/processlogs.php -text +html/scripts/php/runlogwatch.php -text html/scripts/php/vacuumdb.php -text html/scripts/php/vacuumtsyslog.php -text html/scripts/php/weeklyindexrebuild.php -text diff --git a/html/config.php b/html/config.php index 2422fbc..9bfb720 100644 --- a/html/config.php +++ b/html/config.php @@ -1,7 +1,11 @@ Equipment Type
\n"; if ( $subaction != 3 ) { + echo "1. Enter Equipment Type: "; formfield("typedesc","text",3,1,1,40,40,$typedesc); echo "2. Enter Logwatch Command Line: "; - formfield("logwatch","text",3,1,1,40,40,$logwatch); + echo "
"; formsubmit("Save",3,1,0); formfield("subaction","hidden",3,1,0,200,200,$subaction); if ( $typeid != "" ) { formfield("typeid","hidden",3,1,0,200,200,$typeid); } diff --git a/html/host.php b/html/host.php index c9ec701..6630ad2 100644 --- a/html/host.php +++ b/html/host.php @@ -63,12 +63,12 @@ } if ( ( $hostadd ) && ( $host != "" ) ) { - addhost($dbsocket,$host,$syslogexpire,$alertexpire,$typeid,$hostrate); + addhost($dbsocket,$host,$syslogexpire,$alertexpire,$typeid,$hostrate,$dologrep,$revreq); $hostid = stripslashes(pgdatatrim(relatedata($dbsocket,"Syslog_THost","THost_ID","THost_Host='$host'"))); addhostprocess($dbsocket,$hostid); } if ( ( $hostmod ) && ( isset($hostid) ) && ( $host != "" ) ) { - updatehost($dbsocket,$hostid,$host,$syslogexpire,$alertexpire,$typeid,$hostrate); + updatehost($dbsocket,$hostid,$host,$syslogexpire,$alertexpire,$typeid,$hostrate,$dologrep,$revreq); } $PageTitle="Syslog Management Tool"; @@ -79,6 +79,8 @@ $alertexpire=stripslashes(pgdatatrim(relatedata($dbsocket,"Syslog_THost","THost_AlertExpire","THost_ID=$hostid"))); $typeid=stripslashes(pgdatatrim(relatedata($dbsocket,"Syslog_THost","TPremadeType_ID","THost_ID=$hostid"))); $hostrate=stripslashes(pgdatatrim(relatedata($dbsocket,"Syslog_THost","THost_Rate","THost_ID=$hostid"))); + $logrep=stripslashes(pgdatatrim(relatedata($dbsocket, "Syslog_THost", "do_logreport", "THost_ID=$hostid"))); + $logrev=stripslashes(pgdatatrim(relatedata($dbsocket, "Syslog_THost", "log_reviewers", "THost_ID=$hostid"))); if ( $hostid == 0 ) { dbdisconnect($sec_dbsocket); dbdisconnect($dbsocket); @@ -112,6 +114,14 @@ if ( strval($hostid) > 0 ) { echo "Rename Syslogs
\n"; } + echo "Generate LogWatch Reports
\n"; + echo "Reviews Required:"; + formfield("revreq", "text", 2, 1,1,2,2,$logrev); + echo "
"; formsubmit("Save",3,1,0); formreset("Reset",3,1,0); closeform(); diff --git a/html/logwatch.php b/html/logwatch.php index 2775466..ed1e92f 100644 --- a/html/logwatch.php +++ b/html/logwatch.php @@ -93,12 +93,13 @@ if (!isset($view)) { $myear = $myear +1; $tmp2 = $tmp2 - 12; } - $myear2 = $myear; $tmp = $tmp2 + 1; if ($tmp > 12) { $tmp = $tmp - 12; + $myear2 = $myear + 1; + } else { + $myear2 = $myear; } - $sql = "select date_part('day', date) as day, date_part('month', date) as month, log_reviewers, thost_id, tsummary_id from syslog_tsummary lw, syslog_thost h where lw.host = h.thost_host and (date >= '$myear/$tmp2/01' and date < '$myear2/$tmp/01') order by date;"; $SQLQueryResults = pg_exec($dbsocket,$sql) or die(pg_errormessage()."
\n"); @@ -112,18 +113,19 @@ if (!isset($view)) { $sql2 = "select * from syslog_treview where tsummary_id = $tsid"; $SQLQueryResults2 = pg_exec($dbsocket, $sql2) or die(pg_errormessage()."
"); + if ( ( $group >= 2 ) || ( (logincanseehost($dbsocket,$REMOTE_ID,$host)) && $group == 1 ) ) { $myday = $SQLQueryResultsObject->day; $today = date('d', $time); $mnt2 = date('m', time()); if (($tmp2 < $mnt2) || ($today - $myday > 2)) { if (pg_numrows($SQLQueryResults2) < $SQLQueryResultsObject->log_reviewers) { - $var = array("?".echo_datelink($year, $tmp2, $myday), 'highlight-day'); + $var = array("?".echo_datelink($myear, $tmp2, $myday), 'highlight-day'); } else { - $var = array("?".echo_datelink($year, $tmp2, $myday), 'light-day'); + $var = array("?".echo_datelink($myear, $tmp2, $myday), 'light-day'); } } else { - $var = array("?".echo_datelink($year, $tmp2, $myday), 'linked-day'); + $var = array("?".echo_datelink($myear, $tmp2, $myday), 'linked-day'); } $days[$myday] = $var; } @@ -137,7 +139,7 @@ if (!isset($view)) { if (isset($_REQUEST["day"])) { $day = $_REQUEST["day"]; $tmp2 = $month + 1; - $sql = "select date_part('day', date) as day, date_part('month', date) as month, thost_id, thost_host, tsummary_id, log_reviewers from syslog_tsummary lw, syslog_thost h where lw.host = h.thost_host and (date >= '$year/$month/01' and date < '$year/$tmp2/01') order by date;"; + $sql = "select date_part('day', date) as day, date_part('month', date) as month, thost_id, thost_host, tsummary_id, log_reviewers from syslog_tsummary lw, syslog_thost h where lw.host = h.thost_host and (date = '$year/$month/$day') order by date;"; $SQLQueryResults = pg_exec($dbsocket,$sql) or die(pg_errormessage()."
\n"); $SQLNumRows = pg_numrows($SQLQueryResults); diff --git a/html/processor.php b/html/processor.php index 3a66e4e..267becb 100644 --- a/html/processor.php +++ b/html/processor.php @@ -104,6 +104,7 @@ for ( $loop = 0 ; $loop != $SQLNumRows ; $loop++ ) { $SQLQueryResultsObject = pg_fetch_object($SQLQueryResults,$loop) or die(pg_errormessage()."\n"); +echo "host: ".$SQLQueryResultsObject->thost_id."
"; $cleanid=stripslashes(pgdatatrim($SQLQueryResultsObject->tprocess_id)); $cleanhost=gethost($dbsocket,stripslashes(pgdatatrim($SQLQueryResultsObject->thost_id))); $PurgeQuery = $PurgeQuery . "delete from Syslog_TAlert where Syslog_TAlert.TSyslog_ID=TSyslog.TSyslog_ID and TSyslog.TSyslog_ID > $cleanid and TSyslog.host='$cleanhost' ; "; diff --git a/html/scripts/php/cleanprocessor.php b/html/scripts/php/cleanprocessor.php index 7b9303a..b872d32 100755 --- a/html/scripts/php/cleanprocessor.php +++ b/html/scripts/php/cleanprocessor.php @@ -47,12 +47,14 @@ define("REPORTADDRESS", "justin@dynam.ac"); die(pg_errormessage()."\n"); $cleanid=stripslashes(pgdatatrim($SQLQueryResultsObject->tprocess_id)); $cleanhost=gethost($dbsocket,stripslashes(pgdatatrim($SQLQueryResultsObject->thost_id))); + $PurgeQuery="Begin ; "; $PurgeQuery = $PurgeQuery . "delete from Syslog_TAlert where Syslog_TAlert.TSyslog_ID=TSyslog.TSyslog_ID and TSyslog.TSyslog_ID > $cleanid and TSyslog.host='$cleanhost' ; "; $PurgeQuery = $PurgeQuery . "delete from Syslog_TArchive where TSyslog_ID > $cleanid and host='$cleanhost' ; "; - } - $PurgeQuery = $PurgeQuery . "commit ; "; - $PurgeSQLQueryResults = pg_exec($dbsocket,$PurgeQuery) or + $PurgeQuery = $PurgeQuery . "commit ; "; + $PurgeSQLQueryResults = pg_exec($dbsocket,$PurgeQuery) or die(pg_errormessage()."\n"); + echo "Cleaned $cleanhost\n"; + } } $endtime=time(); if ( ($endtime - $begintime) != 0 ) { diff --git a/html/scripts/php/expire.php b/html/scripts/php/expire.php index 758b569..a5d0898 100755 --- a/html/scripts/php/expire.php +++ b/html/scripts/php/expire.php @@ -127,4 +127,4 @@ dbdisconnect($sec_dbsocket); dbdisconnect($dbsocket); -%> +%> \ No newline at end of file diff --git a/html/scripts/php/processlogs.php b/html/scripts/php/processlogs.php index 7f67b6d..506bd73 100755 --- a/html/scripts/php/processlogs.php +++ b/html/scripts/php/processlogs.php @@ -1,4 +1,4 @@ -#!/opt/bin/php +#!/usr/bin/php <% /*============================================================================= * $Id$ @@ -23,7 +23,7 @@ require_once('../../config.php'); $sec_dbsocket=sec_dbconnect(); - $REMOTE_ID=sec_usernametoid($sec_dbsocket,$REMOTE_USER); + $REMOTE_ID=sec_usernametoid($sec_dbsocket,'msyslog'); $GROUP_ID=sec_groupnametoid($sec_dbsocket,'Syslog msyslog'); if ( ! sec_groupmember($sec_dbsocket,$REMOTE_ID,$GROUP_ID) ) { dbdisconnect($sec_dbsocket); @@ -39,9 +39,75 @@ dbdisconnect($sec_dbsocket); exit; } - + $myflock = fopen($lockfile, "w+"); + if (!flock($myflock, LOCK_EX|LOCK_NB)) { + echo "Locked Processor.\n"; + if ((time() - filemtime($lockfile)) > ($locktime * 60 * 60)) { + mail(WARNINGADDRESS,"SMT WARNING: Locked Processor","SMT Processor: $REMOTE_ID\nThe SMT system processor has been locked for longer than $locktime hours.\nThis could be caused by one of three things:\n1. Regularlary scheduled maintenance is keeping the database busy afterwhich you should not longer see this warning.\n2. The log processor crashed and will require manual fixing. (check if processlogs.php is running, if not delete /tmp/processor.lock\n3. The overall load of the box is too great and may need to be resized.\n\nPlease see the appropriate support documentation to help determine which of these three it is.\n\nSincerely, SMT-Auto Message"); + } + dbdisconnect($dbsocket); + dbdisconnect($sec_dbsocket); + exit; + } if ( ($testmailid = ismailopen($dbsocket,$REMOTE_ID)) ) { echo "Found what appears to be a stale connection.\n"; + if (0) { + cleanemail($dbsocket,$testmailid); + clearlaunchqueue($dbsocket,$testmailid); + closeopenmail($dbsocket,$testmailid); + exit; + } + $begintime = time(); + $maildate=stripslashes(pgdatatrim(relatedata($dbsocket,"Syslog_TMail","TMail_Date","TMail_ID=$testmailid"))); + $mailtime=stripslashes(pgdatatrim(relatedata($dbsocket,"Syslog_TMail","TMail_Time","TMail_ID=$testmailid"))); + $SQLQuery="select distinct TProcess_ID,Syslog_TProcess.THost_ID from Syslog_TProcess,Syslog_TProcessorProfile where ( ( Syslog_TProcessorProfile.TLogin_ID=$REMOTE_ID ) and ( Syslog_TProcessorProfile.THost_ID=Syslog_TProcessorProfile.THost_ID) )"; + $SQLQueryResults = pg_exec($dbsocket,$SQLQuery) or + die(pg_errormessage()."\n"); + $SQLNumRows = pg_numrows($SQLQueryResults); + echo "Got $SQLNumRows to check\n"; + $PurgeQuery="Begin ; "; + $mcount = 0; + if ( $SQLNumRows ) { + for ( $loop = 0 ; $loop != $SQLNumRows ; $loop++ ) { + $SQLQueryResultsObject = pg_fetch_object($SQLQueryResults,$loop) or + die(pg_errormessage()."\n"); + $cleanid=stripslashes(pgdatatrim($SQLQueryResultsObject->tprocess_id)); + $cleanhost=gethost($dbsocket,stripslashes(pgdatatrim($SQLQueryResultsObject->thost_id))); + $PurgeQuery="Begin ; "; + $PurgeQuery = $PurgeQuery . "delete from Syslog_TAlert where Syslog_TAlert.TSyslog_ID=TSyslog.TSyslog_ID and TSyslog.TSyslog_ID > $cleanid and TSyslog.host='$cleanhost' ; "; + $PurgeQuery = $PurgeQuery . "delete from Syslog_TArchive where TSyslog_ID > $cleanid and host='$cleanhost' ; "; + $PurgeQuery = $PurgeQuery . "commit ; "; + $PurgeSQLQueryResults = pg_exec($dbsocket,$PurgeQuery) or + die(pg_errormessage()."\n"); + $count = pg_affected_rows($PurgeSQLQueryResults); + $mcount = $mcount + $count; + echo "Cleaned $cleanhost of $count records\n"; + } + } + $endtime=time(); + if ( ($endtime - $begintime) != 0 ) { + echo "Data Cleaned in " . ($endtime - $begintime) . " seconds. " . ( $mcount / ($endtime - $begintime) ) . " rows/sec\n"; + } else { + echo "Data loaded in 0 seconds. Cleaned $mcount.\n"; + } + + pg_freeresult($SQLQueryResults) or + die(pg_errormessage() . "\n"); + cleanemail($dbsocket,$testmailid); + clearlaunchqueue($dbsocket,$testmailid); + closeopenmail($dbsocket,$testmailid); + if ( $PurgeSQLQueryResults ) { + echo "SUCCESS!!\n"; + $ok = 1; + pg_freeresult($PurgeSQLQueryResults) or + die(pg_errormessage() . "\n"); + } else { + echo "FAILED!!\n"; + $ok = 2; + pg_freeresult($PurgeSQLQueryResults) or + die(pg_errormessage() . "\n"); + } + $maildate=stripslashes(pgdatatrim(relatedata($dbsocket,"Syslog_TMail","TMail_Date","TMail_ID=$testmailid"))); $mailtime=stripslashes(pgdatatrim(relatedata($dbsocket,"Syslog_TMail","TMail_Time","TMail_ID=$testmailid"))); $testhour=substr($mailtime,0,2); @@ -53,10 +119,17 @@ $mailunixtime=mktime($testhour,$testminute,$testsecond,$testmonth,$testday,$testyear); $currentunixtime=time(); if ( ( $currentunixtime - $mailunixtime ) > 3600 ) { - mail(WARNINGADDRESS,"SMT WARNING: Stale or Overrun Processor","SMT Processor: $REMOTE_ID\nThe SMT system cannot process logs at the moment.\nThis could be caused by one of three things:\n1. Regularlary scheduled maintenance is keeping the database busy afterwhich you should not longer see this warning.\n2. The log processor crashed and will require manual fixing.\n3. The overall load of the box is too great and may need to be resized.\n\nPlease see the appropriate support documentation to help determine which of these three it is.\n\nSincerely, SMT-Auto Message"); + if ($ok = 1) { + mail(WARNINGADDRESS,"SMT WARNING: Stale or Overrun Processor cleaned","SMT Processor: $REMOTE_ID\nThe SMT system ran autorecovery.\nThis could be caused by one of three things:\n1. Regularlary scheduled maintenance is keeping the database busy afterwhich you should not longer see this warning.\n2. The log processor crashed and will require manual fixing.\n3. The overall load of the box is too great and may need to be resized.\n\nPlease see the appropriate support documentation to help determine which of these three it is.\n\nSincerely, SMT-Auto Message"); + } else { + mail(WARNINGADDRESS,"SMT ERROR: Stale or Overrun Processor","SMT Processor: $REMOTE_ID\nThe SMT system cannot process logs at the moment.\nThis could be caused by one of three things:\n1. Regularlary scheduled maintenance is keeping the database busy afterwhich you should not longer see this warning.\n2. The log processor crashed and will require manual fixing.\n3. The overall load of the box is too great and may need to be resized.\n\nPlease see the appropriate support documentation to help determine which of these three it is.\n\nSincerely, SMT-Auto Message"); + } } dbdisconnect($dbsocket); dbdisconnect($sec_dbsocket); + flock($myflock, LOCK_UN); + fclose($myflock); + unlink("/tmp/processor.lock"); exit; } else { echo "No stale data, proceeding.\n"; @@ -182,7 +255,7 @@ ", TSyslog.severity, TSyslog.facility from TSyslog,syslog_thost,Syslog_TProcess,Syslog_TProcessorProfile where ( " . "( TSyslog_ID > Syslog_TProcess.TProcess_ID ) and ( Syslog_TProcess.THost_ID = Syslog_THost.THost_ID ) and " . "( Syslog_THost.THost_Host = TSyslog.host ) and ( Syslog_TProcessorProfile.TLogin_ID=$REMOTE_ID ) and " . - " ( TSyslog.host = Syslog_THost.THost_Host ) and ( Syslog_TProcessorProfile.THost_ID = Syslog_THost.THost_ID ) ) order by host, TSyslog_ID"; + " ( TSyslog.host = Syslog_THost.THost_Host ) and ( Syslog_TProcessorProfile.THost_ID = Syslog_THost.THost_ID ) ) order by host, TSyslog_ID limit $SQLLIMIT"; echo "SQL Query: $SQLQuery
\n"; echo "Grabbing Syslog data..."; @@ -199,7 +272,11 @@ die(pg_errormessage() . "\n"); dbdisconnect($dbsocket); dbdisconnect($sec_dbsocket); + flock($myflock, LOCK_UN); + fclose($myflock); + unlink("/tmp/processor.lock"); exit; + } echo "Done.\n Found $SQLNumRows rows.\n"; @@ -561,4 +638,7 @@ dbdisconnect($dbsocket); dbdisconnect($sec_dbsocket); + flock($myflock, LOCK_UN); + fclose($myflock); + unlink("/tmp/processor.lock"); %> diff --git a/html/scripts/php/runlogwatch.php b/html/scripts/php/runlogwatch.php new file mode 100755 index 0000000..5e1b827 --- /dev/null +++ b/html/scripts/php/runlogwatch.php @@ -0,0 +1,53 @@ +#!/usr/bin/php +<% +/*============================================================================= + * $Id$ + * + * Copyright 2004 Jeremy Guthrie smt@dangermen.com + * + * This is free software; you can redistribute it and/or modify + * it under the terms of version 2 only of the GNU General Public License as + * published by the Free Software Foundation. + * + * It is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * +=============================================================================*/ + + require_once('../../config.php'); + + $sec_dbsocket=sec_dbconnect(); + $REMOTE_ID=sec_usernametoid($sec_dbsocket,'msyslog'); + $GROUP_ID=sec_groupnametoid($sec_dbsocket,'Syslog msyslog'); + if ( ! sec_groupmember($sec_dbsocket,$REMOTE_ID,$GROUP_ID) ) { + dbdisconnect($sec_dbsocket); + exit; + } + $dbsocket= dbconnect(SMACDB,"msyslog",SMACPASS); + set_time_limit(0); + + $SQLQuery="select thost_host from syslog_thost where do_logreport = 1"; + $SQLQueryResults = pg_exec($dbsocket,$SQLQuery) or + die(pg_errormessage()."
\n"); + $SQLNumRows = pg_numrows($SQLQueryResults); + if ( $SQLNumRows ) { + for ( $loop = 0 ; $loop != $SQLNumRows ; $loop++ ) { + $SQLQueryResultsObject = pg_fetch_object($SQLQueryResults,$loop) or + die(pg_errormessage()."
\n"); + $host=pgdatatrim($SQLQueryResultsObject->thost_host); + echo "Running Logwatch for $host\n"; + echo system("/etc/log.d/bin/parselog.sh $host yesterday")."\n"; + } + } + pg_freeresult($SQLQueryResults) or + die(pg_errormessage() . "
\n"); + + dbdisconnect($sec_dbsocket); + dbdisconnect($dbsocket); +%> diff --git a/html/scripts/php/weeklyreport.php b/html/scripts/php/weeklyreport.php index bd71e5b..cda25c4 100755 --- a/html/scripts/php/weeklyreport.php +++ b/html/scripts/php/weeklyreport.php @@ -1,6 +1,6 @@ #!/usr/bin/php -q \n"); if ( $SQLQueryResults ) { $Results=1; } @@ -2337,15 +2342,20 @@ function addhost($dbsocket,$host,$syslogexpire,$alertexpire,$typeid,$hostrate) { /* given THost_ID */ /* */ /********************************************************************/ -function updatehost($dbsocket,$hostid,$host,$syslogexpire=0,$alertexpire=0,$typeid,$hostrate) { +function +updatehost($dbsocket,$hostid,$host,$syslogexpire=0,$alertexpire=0,$typeid,$hostrate,$dologrep,$revreq) { $Results=0; $host=fixappostrophe(stripslashes(pgdatatrim($host))); $syslogexpire=fixappostrophe(stripslashes(pgdatatrim($syslogexpire))); $alertexpire=fixappostrophe(stripslashes(pgdatatrim($alertexpire))); $typeid=fixappostrophe(stripslashes(pgdatatrim($typeid))); + if ( $dologrep != 1) { + $dologrep = 0; + $revreq = 0; + } if ( $hostrate < 100 ) { $hostrate = 100; } - $SQLQuery="begin;update Syslog_THost set THost_Host='$host',THost_AlertExpire=$alertexpire,THost_LogExpire=$syslogexpire,TPremadeType_ID=$typeid,THost_Rate=$hostrate where THost_ID=$hostid;commit;"; + $SQLQuery="begin;update Syslog_THost set THost_Host='$host',THost_AlertExpire=$alertexpire,THost_LogExpire=$syslogexpire,TPremadeType_ID=$typeid,THost_Rate=$hostrate,do_logreport=$dologrep,log_reviewers=$revreq where THost_ID=$hostid;commit;"; $SQLQueryResults=pg_exec($dbsocket,$SQLQuery) or die(pg_errormessage()."
\n"); if ( $SQLQueryResults ) { $Results=1; } diff --git a/log.d/bin/logwatch.pl b/log.d/bin/logwatch.pl index b854018..9caedfd 100755 --- a/log.d/bin/logwatch.pl +++ b/log.d/bin/logwatch.pl @@ -472,7 +472,7 @@ if ($Config{'debug'} > 7) { my $TempDir; my $UseMkTemp = $Config{'usemktemp'}; my $MkTemp = $Config{'MkTemp'}; -if ($UseMkTemp and (-x $MkTemp)) { +if ($UseMkTemp and ($MkTemp)) { $TempDir = `$MkTemp -d $Config{'tmpdir'}/logwatch.XXXXXXXX 2>/dev/null`; chomp($TempDir); unless (($? == 0) and $TempDir) {