From ead604964efa917435c8dba2e936b3b957f8057a Mon Sep 17 00:00:00 2001
From: arjen <arjen>
Date: Sun, 16 Mar 2003 09:42:40 +0000
Subject: [PATCH] Read IRIX system logs.

---
 src/gcm_input/message.cpp | 91 ++++++++++++++++++++++++++++++++++++++++++++---
 src/gcm_input/message.h   | 15 ++++----
 2 files changed, 96 insertions(+), 10 deletions(-)

diff --git a/src/gcm_input/message.cpp b/src/gcm_input/message.cpp
index 96214b5..0e9dca9 100644
--- a/src/gcm_input/message.cpp
+++ b/src/gcm_input/message.cpp
@@ -8,7 +8,7 @@
 ***********************
 **      FILE NAME      : message.cpp
 **      SYSTEM NAME    : Gnucomo - Gnu Computer Monitoring
-**      VERSION NUMBER : $Revision: 1.7 $
+**      VERSION NUMBER : $Revision: 1.8 $
 **
 **  DESCRIPTION      :  Implementation of the message handling classes
 **
@@ -20,13 +20,16 @@
 ********************************
 **      ORIGINAL AUTHOR : Arjen Baart - arjen@andromeda.nl
 **      CREATION DATE   : Sep 16, 2002
-**      LAST UPDATE     : Feb 19, 2003
+**      LAST UPDATE     : Feb 28, 2003
 **      MODIFICATIONS   : 
 **************************************************************************/
 
 /*****************************
    $Log: message.cpp,v $
-   Revision 1.7  2003-02-21 08:08:05  arjen
+   Revision 1.8  2003-03-16 09:42:40  arjen
+   Read IRIX system logs.
+
+   Revision 1.7  2003/02/21 08:08:05  arjen
    Gcm_input also detects packages that are removed from the system.
    Determining the version number of a package in a RPM
    list is improved. Only the last one or two parts of the string that
@@ -54,7 +57,7 @@
 
 *****************************/
 
-static const char *RCSID = "$Id: message.cpp,v 1.7 2003-02-21 08:08:05 arjen Exp $";
+static const char *RCSID = "$Id: message.cpp,v 1.8 2003-03-16 09:42:40 arjen Exp $";
 
 #include <algorithm>
 #include "message.h"
@@ -126,6 +129,7 @@ static const String mail_date_re("[[:alpha:]]{3}, [ 123]?[0-9] [[:alpha:]]{3} [0
 static const String unix_date_re("[[:alpha:]]{3} [[:alpha:]]{3} [ 123][0-9] [0-9]{2}:[0-9]{2}:[0-9]{2} [0-9]{4}");
 
 static const regex re_syslog(syslog_date_re + " [[:alnum:]]+ [[:alpha:]]+.*:.+");
+static const regex re_syslog_irix(syslog_date_re + " [0-7][A-T]:[[:alnum:]]+ [[:alpha:]]+.*:.+");
 static const regex re_PGP("-----BEGIN PGP MESSAGE-----");
 static const regex re_dump("^ *DUMP: Date of this level");
 static const regex re_accesslog("(GET|POST) .+ HTTP");
@@ -211,6 +215,15 @@ double client_message::classify(String host, UTC arriv, String serv)
             std::cout << "Syslog detected.\n";
          }
       }
+      else if (line == re_syslog_irix)
+      {
+         certainty = 1.0;
+         classification = SYSLOG_IRIX;
+         if (verbose)
+         {
+            std::cout << "IRIX Syslog detected.\n";
+         }
+      }
       else if (line == re_PGP)
       {
          certainty = 1.0;
@@ -376,6 +389,9 @@ int client_message::enter()
       case SYSLOG:
             check = &re_syslog;
             break;
+      case SYSLOG_IRIX:
+            check = &re_syslog_irix;
+            break;
       case ACCESSLOG:
             check = &re_accesslog;
             break;
@@ -466,6 +482,73 @@ int client_message::enter()
             }
             break;
 
+         case SYSLOG_IRIX:
+            log_date = line;
+            log_time = line;
+            if (log_date.Year() < 0 || log_date.Year() > 2500)
+            {
+               //  The year is not in the log file. Assume the year of arrival,
+               //  unless this puts the log entry at a later date than the arrival date.
+               //  This happens e.g. when a log entry from December arrives in Januari.
+
+               log_date = date(log_date.Day(), log_date.Month(), date(arrival).Year());
+               if (log_date > date(arrival))
+               {
+                  log_date = date(log_date.Day(), log_date.Month(), date(arrival).Year() - 1);
+               }
+            }
+
+            if (verbose)
+            {
+               std::cout << "   Log timestamp  = " << log_date << " " << log_time << "\n";
+            }
+            rest = line << 19;
+            i = rest.index(' ');
+            if (rest(0,i) == hostname(0,i))
+            {
+               rest <<= i + 1;
+               if (verbose)
+               {
+                  std::cout << "   Hostname matches.\n";
+                  std::cout << "   rest = " << rest << "\n";
+               }
+               for (i = 0; isalpha(rest[i]) && i < ~rest; i++);
+               if (verbose)
+               {
+                  std::cout << "   Service name = " << rest(0,i) << "\n";
+               }
+
+               /*   Insert a new record into the log table   */
+
+               insertion += "'" + objectid + "',";
+               insertion += "'" + rest(0,i) + "',";
+               insertion += "'" + log_date.format("%Y-%m-%d") + " " + log_time.format() + "',";
+               insertion += "'" + arrival.format("%Y-%m-%d %T") + "',";
+               insertion += "'" + SQL_Escape(line) + "',FALSE";
+               insertion += ")";
+
+               if (testmode)
+               {
+                  std::cout << insertion << "\n";
+               }
+               else
+               {
+                  database.Query(insertion);
+               }
+
+               if (verbose)
+               {
+                  std::cout << "\n\n";
+               }
+
+               nr_lines++;
+            }
+            else
+            {
+               std::cerr << "   Hostname " << rest(0,i) << " does not match.\n";
+            }
+            break;
+
          case ACCESSLOG:
             datestring = line(regex("\\[.+\\]"));
             datestring <<= 1;
diff --git a/src/gcm_input/message.h b/src/gcm_input/message.h
index c4489e3..c3c9ff1 100644
--- a/src/gcm_input/message.h
+++ b/src/gcm_input/message.h
@@ -8,7 +8,7 @@
 ***********************
 **      FILE NAME      : message.h
 **      SYSTEM NAME    : 
-**      VERSION NUMBER : $Revision: 1.4 $
+**      VERSION NUMBER : $Revision: 1.5 $
 **
 **  DESCRIPTION      :  Classes to for handling client messages
 **
@@ -20,13 +20,16 @@
 ********************************
 **      ORIGINAL AUTHOR : Arjen Baart - arjen@andromeda.nl
 **      CREATION DATE   : Sep 16, 2002
-**      LAST UPDATE     : Nov 04, 2002
+**      LAST UPDATE     : Feb 28, 2003
 **      MODIFICATIONS   : 
 **************************************************************************/
 
 /*****************************
    $Log: message.h,v $
-   Revision 1.4  2002-12-06 22:26:28  arjen
+   Revision 1.5  2003-03-16 09:42:40  arjen
+   Read IRIX system logs.
+
+   Revision 1.4  2002/12/06 22:26:28  arjen
    Set the value of log.processed to FALSE when inserting a
    new log entry into the database
    When a syslog entry arrives from last year, gcm_input subtracts one from the
@@ -44,7 +47,7 @@
 
 *****************************/
 
-/* static const char *RCSID = "$Id: message.h,v 1.4 2002-12-06 22:26:28 arjen Exp $"; */
+/* static const char *RCSID = "$Id: message.h,v 1.5 2003-03-16 09:42:40 arjen Exp $"; */
 
 #include <iostream>
 #include <list>
@@ -132,7 +135,7 @@ public:
 //
 //  RELATIONS      :
 //  SEE ALSO       :
-//  LAST MODIFIED  : Nov 04, 2002
+//  LAST MODIFIED  : Feb 28, 2003
 ///////////////////////////////////////////////////////////////////////////
 */
 
@@ -148,7 +151,7 @@ class client_message
    double     certainty;     //  How certain are we about the message
    enum
    {
-      UNKNOWN, SYSLOG, ACCESSLOG, ERRORLOG, RPMLIST
+      UNKNOWN, SYSLOG, SYSLOG_IRIX, ACCESSLOG, ERRORLOG, RPMLIST
    }  classification;
 
 
-- 
2.11.0