21,881
社区成员
发帖
与我相关
我的任务
分享
*Oct 18 09:46:09: %NFPP_IP_GUARD-4-DOS_DETECTED: Host<IP=60.12.174.45,MAC=N/A,port=Gi2/13,VLAN=N/A> was detected.(2010-10-18 9:46:9)
已经保持在数据库里面,结果运行一个查询页面后,显示的结果是只有*Oct 18 09:46:09: %NFPP_IP_GUARD-4-DOS_DETECTED: Host was detected.(2010-10-18 9:46:9)
if (CISCO_TAG_PARSE ) {
$row['msg'] = preg_replace('/\s:/', ':', $row['msg']);
$row['msg'] = preg_replace('/.*(%.*?:.*)/', '$1', $row['msg']);
}
if (CISCO_TAG_PARSE )
{
$row['msg'] = preg_replace('/</', ' ', $row['msg']);
$row['msg'] = preg_replace('/>/', ' ', $row['msg']);
$row['msg'] = preg_replace('/\s:/', ':', $row['msg']);
$row['msg'] = preg_replace('/.*(%.*?:.*)/', '$1', $row['msg']);
}
if (CISCO_TAG_PARSE ) {
$row['msg'] = preg_replace('/\s:/', ':', $row['msg']);
$row['msg'] = preg_replace('/.*(%.*?:.*)/', '$1', $row['msg']);
}
// CDUKES: 2009-06-18 - Added below to allow filtering on individual message pieces
if(defined('MSG_EXPLODE') && MSG_EXPLODE == TRUE) {
$explode_url = "";
$pieces = explode(" ", $row['msg']);
foreach($pieces as $value) {
// had to add rtrim below for cisco messages - when searching, the : was not returning any results
$explode_url .= " <a href=\"".$_SERVER["PHP_SELF"]."?msg1=".urlencode(rtrim($value,":")) . $ParamsGET."\"> ".$value." </a> ";
}
}
<?php
//------------------------------------------------------------------------
// Output the table with the results
// Use an alternating background and color code the priority column
//------------------------------------------------------------------------
if(CEMDB == "ON") {
require_once 'includes/CEMDB.class.php';
$cemdb = new CEMDB($dbLink);
}
$color = "lighter";
$today = date('Y-m-d');
for($i=0; $i < count($result_array); $i++) {
$row = $result_array[$i];
if($color == "darker") {
$color = "lighter";
echo "<tr class=\"$color\" bgcolor=\"".LIGHT_COLOR."\">";
}
else {
$color = "darker";
echo "<tr class=\"$color\" bgcolor=\"".DARK_COLOR."\">";
}
// Checkboxes for export to Excel
echo "<td><input type='checkbox' name='dbid[]' value=".$row['id']."></td>";
// SEQ Field
if(defined('SEQ') && SEQ == TRUE) {
if (!preg_match("/\d+/", $row['seq'])) {
list($id) = split(':', $row['msg']);
if(is_numeric($id)) {
echo "<td>".$id."</td>";
} else {
echo "<td>N/A</td>";
}
} else {
echo "<td>".$row['seq']."</td>";
}
}
echo "<td><a href=\"".$_SERVER["PHP_SELF"]."?excludeHost=0&host[]=".$row['host']."&".$hostParamsGET."\">";
echo $row['host']."</a></td>";
echo "<td class=\"";
switch ($row['priority']) {
case 'debug':
echo 'sev0';
break;
case 'info':
echo 'sev1';
break;
case 'notice':
echo 'sev2';
break;
case 'warning':
echo 'sev3';
break;
case 'err':
echo 'sev4';
break;
case 'crit':
echo 'sev5';
break;
case 'alert':
echo 'sev6';
break;
case 'emerg':
echo 'sev7';
break;
}
echo "\"><a href=\"".$_SERVER['PHP_SELF']."?excludeFacility=0&facility[]=".$row['facility']."&".$facilityParamsGET."\">";
echo $row['facility']."</a></td>\n";
// echo "<td>".$row['fo']."</td>";
if(defined('SQZ_ENABLED') && SQZ_ENABLED == TRUE) {
$pieces = explode(' ', $row['fo']);
echo '<td>';
if ($pieces[0]!=$today) {
echo $pieces[0]." ";
}
echo $pieces[1];
echo "</td>\n";
// echo "<td>".$row['fo']."</td>";
$pieces = explode(' ', $row['lo']);
echo '<td>';
if ($pieces[0]!=$today) {
echo $pieces[0]." ";
}
echo $pieces[1];
echo "</td>\n";
// Counter row follows
echo "<td>".$row['counter']."</td>";
}
/* END: Switched by BPK to allow filtering based on facility */
/* BEGIN: Added by BPK to hide the date if it's the same as today
echo "<td>".$row['fo']."</td>";
*/
$pieces = explode(' ', $row['fo']);
echo '<td>';
if ($pieces[0]!=$today) {
echo $pieces[0]." ";
}
echo $pieces[1];
echo "</td>\n";
echo '<td>';
$program = htmlspecialchars($row['program']);
if (!empty($program)) {
$pattern = '/^'.addcslashes($program, '.()[]/\\').'/';
$replacement = '<a href="'.$_SERVER['PHP_SELF'].'?excludeProgram=0&program[]='.$program.'&'.$programParamsGET.'">'.$program.'</a>';
$program = preg_replace($pattern, $replacement, $program);
}
if($row['program'] == $id) {
$program = "Syslog";
}
echo $program;
echo "</td>\n";
if (CISCO_TAG_PARSE ) {
$row['msg'] = preg_replace('/\s:/', ':', $row['msg']);
$row['msg'] = preg_replace('/.*(%.*?:.*)/', '$1', $row['msg']);
}
// CDUKES: 2009-06-18 - Added below to allow filtering on individual message pieces
if(defined('MSG_EXPLODE') && MSG_EXPLODE == TRUE) {
$explode_url = "";
$pieces = explode(" ", $row['msg']);
foreach($pieces as $value) {
// had to add rtrim below for cisco messages - when searching, the : was not returning any results
$explode_url .= " <a href=\"".$_SERVER["PHP_SELF"]."?msg1=".urlencode(rtrim($value,":")) . $ParamsGET."\"> ".$value." </a> ";
}
}
// Original message:
// 3852752: DRP/0/0/CPU0:Feb 4 20:12:36.098 EST5: SSHD_[65697]: %SECURITY-SSHD-3-ERR_GENERAL: Failed to get DSA public key
// New message using regex above: .*(%.*?:.*):
// SSHD_[65697]: %SECURITY-SSHD-3-ERR_GENERAL: Failed to get DSA public key
if(CEMDB == "ON") {
$data = $cemdb->lookup($row['msg']);
}
// BPK - this is where the revised version begins
// CDUKES - BETA - FIX THIS
$printed = false;
if (CEMDB == "ON") {
$data = $cemdb->lookup($row['msg']);
if($data !== false) {
$info = "<b>Name:</b>" . $data[0];
$info .= "<br><b>Message:</b> " . $data[1];
$info .= "<br><b>Explanation:</b> " . $data[2];
$info .= "<br><b>Action:</b> " . $data[3];
$info .= "<br><b>Record last updated on:</b> " . $data[4];
$info = str_replace("\n", "", $info);
$info = htmlentities($info);
// CDUKES: 2009-06-18 - Changed below for MSG_EXPLODE mod
?>
<th align="left">
<?php
if(defined('MSG_EXPLODE') && MSG_EXPLODE == TRUE) {
?>
<A href="#" onmouseover="overlib('<TABLE border=1 cellspacing=0 cellpadding=0 width=100%><TR><TD class=tooltip><?php echo $info?></TD></TR></TABLE>');" onmouseout=nd(); name ="spacer" >
<?php
echo "[CEMDB] ";
echo "</A>$explode_url</td></th>\n";
} else {
?>
<A href="#" onmouseover="overlib('<TABLE border=1 cellspacing=0 cellpadding=0 width=100%><TR><TD class=tooltip><?php echo $info?></TD></TR></TABLE>');" onmouseout=nd(); name ="spacer" >
<?php
echo $row['$msg'];
?></A>
</th>
<?php
}
$printed = true;
}
}
// if CEMDB off or row wasn't found, print it
// this will prevent unnecessary popups and allow filtering via a link
if (!$printed) {
$msg = htmlspecialchars($row['msg']);
echo "<td>";
if ($row['count'] > 1) echo '<b>'.$row['count'].' *</b> ';
// CDUKES: 2009-06-18 - Changed below for MSG_EXPLODE mod
// echo "$msg</td>\n";
if(defined('MSG_EXPLODE') && MSG_EXPLODE == TRUE) {
echo "$explode_url</td>\n";
} else {
#$msg = preg_replace('/[\x00-\x1F\x80-\xFF]/', '', $msg); # <-moved filter to db_insert.pl
echo "$msg</td>\n";
}
}
echo "</tr>\n";
}
?>
<?php
echo "</FORM>\n";
echo "</table>\n";