From fc7539c88e010f8f278295b84a913fc86b882184 Mon Sep 17 00:00:00 2001 From: arjen Date: Sat, 29 Mar 2003 09:05:22 +0000 Subject: [PATCH] Process logs from sendmail. --- src/gcm_daemon/classes/gnucomo.process_log.php | 135 ++++++++++++++++++++++++- 1 file changed, 130 insertions(+), 5 deletions(-) diff --git a/src/gcm_daemon/classes/gnucomo.process_log.php b/src/gcm_daemon/classes/gnucomo.process_log.php index 32c1d98..c4984d9 100644 --- a/src/gcm_daemon/classes/gnucomo.process_log.php +++ b/src/gcm_daemon/classes/gnucomo.process_log.php @@ -108,6 +108,10 @@ function linux_log () $local_result = linux_daemon(); break; + case "sendmail": + $local_result = linux_daemon_sendmail(); + break; + case "syslog": $local_result = linux_daemon(); break; @@ -125,6 +129,125 @@ function linux_log () } } +function linux_daemon_sendmail() { + + /* This function is able to deal with the logs delivered by MTAs + * the following are currently supported: + * - sendmail + * INPUT : NONE + * GLOBALS : $dbms, $dbms_working + * OUTPUT : "TRUE" for success and "FALSE" for failure. + */ + + global $dbms; + global $dbms_working; + + //Basic processing. + + //Determine the type of records + //When this is sendmail find the beginning by chopping everything into + //little pieces. + $local_log_string = str_replace(" ", " ", $dbms->db_result_row[6]); + $local_logline_array = explode (" ", $local_log_string); + $local_sql_1 = "INSERT INTO log_adv_daemon_email"; //BASIC STATEMENT + $local_sql_2 = "logid, detailed_table, service, internal_messageid "; //FIELDS + $local_sql_3 = "'".$dbms->db_result_row[0]."', 'log_adv_daemon_email', 'sendmail'"; //VALUES + + echo $local_log_line_array[5]; + $local_sql_3 .= ", '".substr (trim($local_logline_array[5]), 0,strlen(trim($local_logline_array[5])) -1)."'"; + $local_len = 0; + $local_id = 0; + + for ($i = 6; $i <= ( count($local_logline_array) - 1); $i++) { + + //Get rid of the nasty comma's at the end + if ( substr($local_logline_array[$i], strlen($local_logline_array[$i])-1, 1) == "," ) { + $local_dummylength = strlen($local_logline_array[$i]) -1; + $local_dummy = substr ($local_logline_array[$i], 0,$local_dummylength ); + $local_logline_array[$i] = trim($local_dummy); + } + + if (substr($local_logline_array[$i],0,1) == '[') { + $local_dummy = trim($local_logline_array[$i]); + $local_sql_2 .= ", source_ip"; + $local_sql_3 .= ", '".substr($local_dummy, 1, strlen($local_dummy)-2)."'"; + } else { + + $local_element = explode("=", $local_logline_array[$i]); + + switch (strtolower($local_element[0])) { + case "from": + $local_sql_2 .= ", from_email"; + $local_sql_3 .= ", '".$local_element[1]."'"; + break; + case "size": + $local_sql_2 .= ", size"; + $local_sql_3 .= ", '".$local_element[1]."'"; + break; + case "delay": + $local_sql_2 .= ", delay"; + $local_sql_3 .= ", '".$local_element[1]."'"; + break; + case "xdelay": + $local_sql_2 .= ", xdelay"; + $local_sql_3 .= ", '".$local_element[1]."'"; + break; + case "mailer": + $local_sql_2 .= ", mailer"; + $local_sql_3 .= ", '".$local_element[1]."'"; + break; + case "dsn": + $local_sql_2 .= ", dsn"; + $local_sql_3 .= ", '".$local_element[1]."'"; + break; + case "msgid": + $local_sql_2 .= ", external_messageid"; + if (substr($local_element[1],0,1) == '<') { + $local_sql_3 .= ", '"; + $local_sql_3 .= substr($local_element[1],1,(strlen($local_element[1])-2)); + $local_sql_3 .= "'"; + } else { + $local_sql_3 .= ", '".$local_element[1]."'"; + } + + //As of this point we only deal with Status + case "stat": + $local_sql_2 .= ", status"; + $local_sql_3 .= ", '".$local_element[1]."'"; + + $local_pos = strrpos (strtolower($local_element[$i]), "stat="); + $local_len = strlen($local_logline_array[$i]) - $local_pos - 6; + $local_sql_2 .= ", status_details"; + $local_sql_3 .= ", '".substr($local_logline_array[$i], $local_pos + 5, $local_len) . "'"; + break; + + case "status": + $local_sql_2 .= ", status"; + $local_sql_3 .= ", '".$local_element[1]."'"; + + $local_pos = strrpos (strtolower($local_logline_array[$i]), "status="); + $local_len = strlen($local_logline_array[$i]) - $local_pos - 8; + $local_sql_2 .= ", status_details"; + $local_sql_3 .= ", '".substr($local_logline_array[$i], $local_pos + 7, $local_len) . "'"; + + break; + default: + if (substr(strtolower($local_element[0]),0,1) == "[") { + $local_sql_2 .= ", destination_ip"; + $local_sql_3 .= ", '". substr($local_element[1], 1, strlen($local_element[1]) - 2)."'"; + } + + } + } + } + + //Now that the data is complete create the SQL-statement + $local_sql = $local_sql_1." (".$local_sql_2.") VALUES (".$local_sql_3.")"; + $dbms_working->query($local_sql); + + RETURN "TRUE"; +} + function linux_kernel_network() { /* This function is able to deal with the output of kernel-network messages @@ -145,12 +268,11 @@ function linux_kernel_network() { $local_sql_3 = "'".$dbms->db_result_row[0]."', 'kernel_network'"; //VALUES $local_len = 0; $local_id = 0; + $lcoal_tos = "F"; for ($i = 4; $i <= ( count($local_logline_array) - 1); $i++) { - //Process each element by exploding this based on the sign: = $local_element = explode("=", $local_logline_array[$i]); switch (strtolower($local_element[0])) { - case "in": $local_sql_2 .= ", device_in"; $local_sql_3 .= ", '".$local_element[1]."'"; @@ -188,8 +310,11 @@ function linux_kernel_network() { break; case "tos": - $local_sql_2 .= ", tos_bit"; - $local_sql_3 .= ", '".$local_element[1]."'"; + if ($local_tos == "F") { + $local_sql_2 .= ", tos_bit"; + $local_sql_3 .= ", '".$local_element[1]."'"; + } + $local_tos = "T"; break; case "prec": @@ -371,7 +496,7 @@ function linux_daemon() { //The word error indicates problems. $pos = strpos($local_log_line, "error"); - $pos2 = strpost($local_log_line, "crash"); //The word crash is also considered to be an error + $pos2 = strpos($local_log_line, "crash"); //The word crash is also considered to be an error if ($pos > 0 or $pos2 > 0) { $local_sql = "INSERT INTO log_adv_daemon (logid, detailed_table, service, event) VALUES "; -- 2.11.0