Issues in syslog.php (master) - Issues in master - librenms/librenms - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2963)

includes/syslog.php (1 issue)

Labels

Bug 1

Severity

Major 1

Tyler Sweet 1

<?php

use LibreNMS\Config;
.
|-- OtherDir
|   |-- Bar.php
|   `-- Foo.php
`-- SomeDir
    `-- Foo.php

function get_cache($host, $value)
{
    global $dev_cache;

    if (! isset($dev_cache[$host][$value])) {
        switch ($value) {
            case 'device_id':
                // Try by hostname
                $ip = inet_pton($host);
                if (inet_ntop($ip) === false) {
                    $dev_cache[$host]['device_id'] = dbFetchCell('SELECT `device_id` FROM devices WHERE `hostname` = ? OR `sysName` = ?', [$host, $host]);
                } else {
                    $dev_cache[$host]['device_id'] = dbFetchCell('SELECT `device_id` FROM devices WHERE `hostname` = ? OR `sysName` = ? OR `ip` = ?', [$host, $host, $ip]);
                }
                // If failed, try by IP
                if (! is_numeric($dev_cache[$host]['device_id'])) {
                    $dev_cache[$host]['device_id'] = dbFetchCell('SELECT `device_id` FROM `ipv4_addresses` AS A, `ports` AS I WHERE A.ipv4_address = ? AND I.port_id = A.port_id', [$host]);
                }
                break;

            case 'os':
                $dev_cache[$host]['os'] = dbFetchCell('SELECT `os` FROM devices WHERE `device_id` = ?', [get_cache($host, 'device_id')]);
                break;

            case 'version':
                $dev_cache[$host]['version'] = dbFetchCell('SELECT `version` FROM devices WHERE `device_id`= ?', [get_cache($host, 'device_id')]);
                break;

            case 'hostname':
                $dev_cache[$host]['hostname'] = dbFetchCell('SELECT `hostname` FROM devices WHERE `device_id` = ?', [get_cache($host, 'device_id')]);
                break;

            default:
                return null;
        }//end switch
    }//end if

    return $dev_cache[$host][$value];
}//end get_cache()

function process_syslog($entry, $update)
{
    global $dev_cache;

    foreach (Config::get('syslog_filter') as $bi) {
        if (strpos($entry['msg'], $bi) !== false) {
            return $entry;
        }
    }

    $entry['host'] = preg_replace('/^::ffff:/', '', $entry['host']);
    $syslog_xlate = Config::get('syslog_xlate');
    if (! empty($syslog_xlate[$entry['host']])) {
        $entry['host'] = $syslog_xlate[$entry['host']];
    }
    $entry['device_id'] = get_cache($entry['host'], 'device_id');
    if ($entry['device_id']) {
        $os = get_cache($entry['host'], 'os');
        $hostname = get_cache($entry['host'], 'hostname');

        if (Config::get('enable_syslog_hooks') && is_array(Config::getOsSetting($os, 'syslog_hook'))) {
            foreach (Config::getOsSetting($os, 'syslog_hook') as $k => $v) {
                $syslogprogmsg = $entry['program'] . ': ' . $entry['msg'];
                if ((isset($v['script'])) && (isset($v['regex'])) && ((preg_match($v['regex'], $syslogprogmsg)))) {
                    shell_exec(escapeshellcmd($v['script']) . ' ' . escapeshellarg($hostname) . ' ' . escapeshellarg($os) . ' ' . escapeshellarg($syslogprogmsg) . ' >/dev/null 2>&1 &');
                }
            }
        }

        if (in_array($os, ['ios', 'iosxe', 'catos'])) {
            // multipart message
            if (strpos($entry['msg'], ':') !== false) {
                $matches = [];
                $timestamp_prefix = '([\*\.]?[A-Z][a-z]{2} \d\d? \d\d:\d\d:\d\d(.\d\d\d)?( [A-Z]{3})?: )?';
                $program_match = '(?<program>%?[A-Za-z\d\-_]+(:[A-Z]* %[A-Z\d\-_]+)?)';
                $message_match = '(?<msg>.*)';
                if (preg_match('/^' . $timestamp_prefix . $program_match . ': ?' . $message_match . '/', $entry['msg'], $matches)) {
                    $entry['program'] = $matches['program'];
                    $entry['msg'] = $matches['msg'];
                }
                unset($matches);
            } else {
                // if this looks like a program (no groups of 2 or more lowercase letters), move it to program
                if (! preg_match('/[(a-z)]{2,}/', $entry['msg'])) {
                    $entry['program'] = $entry['msg'];
                    unset($entry['msg']);
                }
            }
        } elseif ($os == 'linux' and get_cache($entry['host'], 'version') == 'Point') {
            // Cisco WAP200 and similar
            $matches = [];
            if (preg_match('#Log: \[(?P<program>.*)\] - (?P<msg>.*)#', $entry['msg'], $matches)) {
                $entry['msg'] = $matches['msg'];
                $entry['program'] = $matches['program'];
            }

            unset($matches);
        } elseif ($os == 'linux') {
            $matches = [];
            // pam_krb5(sshd:auth): authentication failure; logname=root uid=0 euid=0 tty=ssh ruser= rhost=123.213.132.231
            // pam_krb5[sshd:auth]: authentication failure; logname=root uid=0 euid=0 tty=ssh ruser= rhost=123.213.132.231
            if (empty($entry['program']) and preg_match('#^(?P<program>([^(:]+\([^)]+\)|[^\[:]+\[[^\]]+\])) ?: ?(?P<msg>.*)$#', $entry['msg'], $matches)) {
                $entry['msg'] = $matches['msg'];
                $entry['program'] = $matches['program'];
            } elseif (empty($entry['program']) and ! empty($entry['facility'])) {
                // SYSLOG CONNECTION BROKEN; FD='6', SERVER='AF_INET(123.213.132.231:514)', time_reopen='60'
                // pam_krb5: authentication failure; logname=root uid=0 euid=0 tty=ssh ruser= rhost=123.213.132.231
                // Disabled because broke this:
                // diskio.c: don't know how to handle 10 request
                // elseif($pos = strpos($entry['msg'], ';') or $pos = strpos($entry['msg'], ':')) {
                // $entry['program'] = substr($entry['msg'], 0, $pos);
                // $entry['msg'] = substr($entry['msg'], $pos+1);
                // }
                // fallback, better than nothing...
                $entry['program'] = $entry['facility'];
            }

            unset($matches);
        } elseif ($os == 'procurve') {
            $matches = [];
            if (preg_match('/^(?P<program>[A-Za-z]+): {2}(?P<msg>.*)/', $entry['msg'], $matches)) {
                $entry['msg'] = $matches['msg'] . ' [' . $entry['program'] . ']';
                $entry['program'] = $matches['program'];
            }
            unset($matches);
        } elseif ($os == 'zywall') {
            // Zwwall sends messages without all the fields, so the offset is wrong
            $msg = preg_replace('/" /', '";', stripslashes($entry['program'] . ':' . $entry['msg']));
            $msg = str_getcsv($msg, ';');
            $entry['program'] = null;
            foreach ($msg as $param) {
                [$var, $val] = explode('=', $param);
                if ($var == 'cat') {
                    $entry['program'] = str_replace('"', '', $val);
                }
            }
            $entry['msg'] = join(' ', $msg);
        }//end if

        if (! isset($entry['program'])) {
            $entry['program'] = $entry['msg'];
            unset($entry['msg']);
        }

        $entry['program'] = strtoupper($entry['program']);
        $entry = array_map('trim', $entry);

        if ($update) {
            dbInsert(
                [
                    'device_id' => $entry['device_id'],
                    'program'   => $entry['program'],
                    'facility'  => $entry['facility'],
                    'priority'  => $entry['priority'],
                    'level'     => $entry['level'],
                    'tag'       => $entry['tag'],
                    'msg'       => $entry['msg'],
                    'timestamp' => $entry['timestamp'],
                ],
                'syslog'
            );
        }

        unset($os);
    }//end if

    return $entry;
}//end process_syslog()


1			<?php
2
3			use LibreNMS\Config;
			0 ignored issues – show Bug introduced 2018-11-20 16:36 UTC by Report Bug Copy Issue Report Show Similar Issues like this This use statement conflicts with another class in this namespace, `Config`. Consider defining an alias. Let?s assume that you have a directory layout like this: . \|-- OtherDir \| \|-- Bar.php \| `-- Foo.php `-- SomeDir `-- Foo.php and let?s assume the following content of `Bar.php`: // Bar.php namespace OtherDir; use SomeDir\Foo; // This now conflicts the class OtherDir\Foo If both files `OtherDir/Foo.php` and `SomeDir/Foo.php` are loaded in the same runtime, you will see a PHP error such as the following: PHP Fatal error: Cannot use SomeDir\Foo as Foo because the name is already in use in OtherDir/Foo.php However, as `OtherDir/Foo.php` does not necessarily have to be loaded and the error is only triggered if it is loaded before `OtherDir/Bar.php`, this problem might go unnoticed for a while. In order to prevent this error from surfacing, you must import the namespace with a different alias: // Bar.php namespace OtherDir; use SomeDir\Foo as SomeDirFoo; // There is no conflict anymore. Loading history...
4
5			function get_cache($host, $value)
6			{
7			global $dev_cache;
8
9			if (! isset($dev_cache[$host][$value])) {
10			switch ($value) {
11			case 'device_id':
12			// Try by hostname
13			$ip = inet_pton($host);
14			if (inet_ntop($ip) === false) {
15			$dev_cache[$host]['device_id'] = dbFetchCell('SELECT `device_id` FROM devices WHERE `hostname` = ? OR `sysName` = ?', [$host, $host]);
16			} else {
17			$dev_cache[$host]['device_id'] = dbFetchCell('SELECT `device_id` FROM devices WHERE `hostname` = ? OR `sysName` = ? OR `ip` = ?', [$host, $host, $ip]);
18			}
19			// If failed, try by IP
20			if (! is_numeric($dev_cache[$host]['device_id'])) {
21			$dev_cache[$host]['device_id'] = dbFetchCell('SELECT `device_id` FROM `ipv4_addresses` AS A, `ports` AS I WHERE A.ipv4_address = ? AND I.port_id = A.port_id', [$host]);
22			}
23			break;
24
25			case 'os':
26			$dev_cache[$host]['os'] = dbFetchCell('SELECT `os` FROM devices WHERE `device_id` = ?', [get_cache($host, 'device_id')]);
27			break;
28
29			case 'version':
30			$dev_cache[$host]['version'] = dbFetchCell('SELECT `version` FROM devices WHERE `device_id`= ?', [get_cache($host, 'device_id')]);
31			break;
32
33			case 'hostname':
34			$dev_cache[$host]['hostname'] = dbFetchCell('SELECT `hostname` FROM devices WHERE `device_id` = ?', [get_cache($host, 'device_id')]);
35			break;
36
37			default:
38			return null;
39			}//end switch
40			}//end if
41
42			return $dev_cache[$host][$value];
43			}//end get_cache()
44
45			function process_syslog($entry, $update)
46			{
47			global $dev_cache;
48
49			foreach (Config::get('syslog_filter') as $bi) {
50			if (strpos($entry['msg'], $bi) !== false) {
51			return $entry;
52			}
53			}
54
55			$entry['host'] = preg_replace('/^::ffff:/', '', $entry['host']);
56			$syslog_xlate = Config::get('syslog_xlate');
57			if (! empty($syslog_xlate[$entry['host']])) {
58			$entry['host'] = $syslog_xlate[$entry['host']];
59			}
60			$entry['device_id'] = get_cache($entry['host'], 'device_id');
61			if ($entry['device_id']) {
62			$os = get_cache($entry['host'], 'os');
63			$hostname = get_cache($entry['host'], 'hostname');
64
65			if (Config::get('enable_syslog_hooks') && is_array(Config::getOsSetting($os, 'syslog_hook'))) {
66			foreach (Config::getOsSetting($os, 'syslog_hook') as $k => $v) {
67			$syslogprogmsg = $entry['program'] . ': ' . $entry['msg'];
68			if ((isset($v['script'])) && (isset($v['regex'])) && ((preg_match($v['regex'], $syslogprogmsg)))) {
69			shell_exec(escapeshellcmd($v['script']) . ' ' . escapeshellarg($hostname) . ' ' . escapeshellarg($os) . ' ' . escapeshellarg($syslogprogmsg) . ' >/dev/null 2>&1 &');
70			}
71			}
72			}
73
74			if (in_array($os, ['ios', 'iosxe', 'catos'])) {
75			// multipart message
76			if (strpos($entry['msg'], ':') !== false) {
77			$matches = [];
78			$timestamp_prefix = '([\*\.]?[A-Z][a-z]{2} \d\d? \d\d:\d\d:\d\d(.\d\d\d)?( [A-Z]{3})?: )?';
79			$program_match = '(?<program>%?[A-Za-z\d\-_]+(:[A-Z]* %[A-Z\d\-_]+)?)';
80			$message_match = '(?<msg>.*)';
81			if (preg_match('/^' . $timestamp_prefix . $program_match . ': ?' . $message_match . '/', $entry['msg'], $matches)) {
82			$entry['program'] = $matches['program'];
83			$entry['msg'] = $matches['msg'];
84			}
85			unset($matches);
86			} else {
87			// if this looks like a program (no groups of 2 or more lowercase letters), move it to program
88			if (! preg_match('/[(a-z)]{2,}/', $entry['msg'])) {
89			$entry['program'] = $entry['msg'];
90			unset($entry['msg']);
91			}
92			}
93			} elseif ($os == 'linux' and get_cache($entry['host'], 'version') == 'Point') {
94			// Cisco WAP200 and similar
95			$matches = [];
96			if (preg_match('#Log: \[(?P<program>.)\] - (?P<msg>.)#', $entry['msg'], $matches)) {
97			$entry['msg'] = $matches['msg'];
98			$entry['program'] = $matches['program'];
99			}
100
101			unset($matches);
102			} elseif ($os == 'linux') {
103			$matches = [];
104			// pam_krb5(sshd:auth): authentication failure; logname=root uid=0 euid=0 tty=ssh ruser= rhost=123.213.132.231
105			// pam_krb5[sshd:auth]: authentication failure; logname=root uid=0 euid=0 tty=ssh ruser= rhost=123.213.132.231
106			if (empty($entry['program']) and preg_match('#^(?P<program>([^(:]+\([^)]+\)\|[^\[:]+\[[^\]]+\])) ?: ?(?P<msg>.*)$#', $entry['msg'], $matches)) {
107			$entry['msg'] = $matches['msg'];
108			$entry['program'] = $matches['program'];
109			} elseif (empty($entry['program']) and ! empty($entry['facility'])) {
110			// SYSLOG CONNECTION BROKEN; FD='6', SERVER='AF_INET(123.213.132.231:514)', time_reopen='60'
111			// pam_krb5: authentication failure; logname=root uid=0 euid=0 tty=ssh ruser= rhost=123.213.132.231
112			// Disabled because broke this:
113			// diskio.c: don't know how to handle 10 request
114			// elseif($pos = strpos($entry['msg'], ';') or $pos = strpos($entry['msg'], ':')) {
115			// $entry['program'] = substr($entry['msg'], 0, $pos);
116			// $entry['msg'] = substr($entry['msg'], $pos+1);
117			// }
118			// fallback, better than nothing...
119			$entry['program'] = $entry['facility'];
120			}
121
122			unset($matches);
123			} elseif ($os == 'procurve') {
124			$matches = [];
125			if (preg_match('/^(?P<program>[A-Za-z]+): {2}(?P<msg>.*)/', $entry['msg'], $matches)) {
126			$entry['msg'] = $matches['msg'] . ' [' . $entry['program'] . ']';
127			$entry['program'] = $matches['program'];
128			}
129			unset($matches);
130			} elseif ($os == 'zywall') {
131			// Zwwall sends messages without all the fields, so the offset is wrong
132			$msg = preg_replace('/" /', '";', stripslashes($entry['program'] . ':' . $entry['msg']));
133			$msg = str_getcsv($msg, ';');
134			$entry['program'] = null;
135			foreach ($msg as $param) {
136			[$var, $val] = explode('=', $param);
137			if ($var == 'cat') {
138			$entry['program'] = str_replace('"', '', $val);
139			}
140			}
141			$entry['msg'] = join(' ', $msg);
142			}//end if
143
144			if (! isset($entry['program'])) {
145			$entry['program'] = $entry['msg'];
146			unset($entry['msg']);
147			}
148
149			$entry['program'] = strtoupper($entry['program']);
150			$entry = array_map('trim', $entry);
151
152			if ($update) {
153			dbInsert(
154			[
155			'device_id' => $entry['device_id'],
156			'program' => $entry['program'],
157			'facility' => $entry['facility'],
158			'priority' => $entry['priority'],
159			'level' => $entry['level'],
160			'tag' => $entry['tag'],
161			'msg' => $entry['msg'],
162			'timestamp' => $entry['timestamp'],
163			],
164			'syslog'
165			);
166			}
167
168			unset($os);
169			}//end if
170
171			return $entry;
172			}//end process_syslog()
173

librenms / librenms

Issues (2963)

includes/syslog.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like