From ChekMate Security Group
<?
/*
+-------------------------------------------------------------------------+
| Copyright (C) 2002 Michael Earls |
| |
| This program is free software; you can redistribute it and/or |
| modify it under the terms of the GNU General Public License |
| as published by the Free Software Foundation; either version 2 |
| of the License, or (at your option) any later version. |
| |
| This program is distributed in the hope that it will be useful, |
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| GNU General Public License for more details. |
+-------------------------------------------------------------------------+
| php-syslog-ng: php4 mysql syslog-ng |
+-------------------------------------------------------------------------+
| This code is currently maintained and debugged by Michael Earls, any |
| questions or comments regarding this code should be directed to: |
| - michael@michaelearls.com |
+-------------------------------------------------------------------------+
| - vermeer - http://www.vermeer.org/ |
+-------------------------------------------------------------------------+
*/
?>
<html>
<?
echo "<META HTTP-EQUIV=\"refresh\" content=\"300;URL=$PHP_SELF?offset=$offset&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=$priority&date=$date&limit=$limit\">";
?>
<head>
<title>Network Syslog Search Results</title>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
</head>
<body>
<font face=arial size=2>
<?
include("dbinfo.inc.php");
@ $db = mysql_pconnect("$hostname", "$username", "$password");
if (!$db)
{
echo "Error: Could not connect to database. Please try again later.";
exit;
}
@mysql_select_db( "$dbName") or die( "Unable to select database");
if ($host == "") { $host = "*"; }
if ($date == "") { $date = "*"; }
if ($priority == "") { $priority = "*"; }
if ($limit == "") { $limit = 1000; }
$message = urldecode($message);
include("../syslog/header.inc.php");
?>
<?
// begin script
$starttime = explode(" ",microtime());
mysql_select_db("$dbName");
$where = "";
$query = "select host, priority, msg, date, time from $dbTableName";
if($host!="*")
$where = "host='".$host."' ";
if($priority!="*")
{
if($where!="") $where = $where." and ";
$where = $where." priority='".$priority."' ";
}
if($message!="")
{
if($where!="") $where = $where." and ";
$where = $where." msg LIKE '%".$message."%' ";
}
if($date!="*")
{
if($where !="") $where = $where." and ";
$where = $where." date='".$date."' ";
}
if($where !="") { $query = $query." where ".$where; }
if ($neworder == 1) {
if ($order == 1) {
$order = 0;
} else {
$order = 1;
}
}
if ($order == 1) {
$orderby = "";
} else {
$orderby = "DESC";
}
if($sort !="") {
$query = $query." order by ".$sort." $orderby, date DESC, time DESC";
} else {
$query = $query." order by date $orderby, time DESC";
}
#echo "$query<br>\n";
include("../syslog/category.inc.php");
$result = mysql_query($query);
$num_results = mysql_num_rows($result);
$endtime = explode(" ",microtime());
$starttime['total'] = $starttime['1'].substr($starttime['0'], 1);
$endtime['total'] = $endtime['1'].substr($endtime['0'], 1);
echo "<font color=blue>Query completed in ".round($endtime['total'] - $starttime['total'], 2)." second(s)</font><br>";
if (empty($offset)) {
$offset=1;
}
$offsettemp=$offset-1;
$startoffsetnum = $offset;
$endoffsetnum = $offset + $limit;
if ($endoffsetnum > $num_results) {$endoffsetnum = $num_results;}
$results = mysql_query("$query limit $offsettemp, $limit");
if ($host <> "*") {
$searchstring = "Host = " . $host;
}
if ($priority <> "*") {
if ($searchstring <> "") { $searchstring = $searchstring . "</b> and <b>"; }
$searchstring = $searchstring . "Priority = $priority";
}
if ($date <> "*") {
if ($searchstring <> "") { $searchstring = $searchstring . "</b> and <b>"; }
$searchstring = $searchstring . "Date = $date";
}
if ($message <> "") {
if ($searchstring <> "") { $searchstring = $searchstring . "</b> and <b>"; }
if (strlen($message) > 30) {
$formattedmessage = substr($message, 0, 30) . '...';
} else {
$formattedmessage = $message;
}
$searchstring = $searchstring . "Keywords = $formattedmessage";
}
if ($searchstring == "") { $searchstring = "for <b>All Results</b>"; } else {$searchstring = "where <b>" . $searchstring . "</b>"; }
if ($sort == "") { $sortmsg = "Date and Time"; } else { $sortmsg = ucwords($sort); }
if ($order == 1) { $sortmsg = $sortmsg." in Descending Order"; } else { $sortmsg = $sortmsg." in Ascending Order"; }
$sortmsg = "<b>$sortmsg</b>";
echo "<table width=100% bgcolor=#ffffff><tr><td width=100% bgcolor=#ffffff></td><td nowrap><font face=arial size=2 color=#000000>Search results by Priority: </font></td><td bgcolor=#FAEBD7><font color=black size=2 face=arial><b> <a href=$PHP_SELF?offset=1&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=info&date=$date&limit=$limit><font color=black>Info</font></a> </b></font></td><td bgcolor=#C1FFC1><font color=black size=2 face=arial><b> <a href=$PHP_SELF?offset=1&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=debug&date=$date&limit=$limit><font color=black>Debug</font></a> </b></font></td><td bgcolor=#CAFF70><font color=black size=2 face=arial><b> <a href=$PHP_SELF?offset=1&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=notice&date=$date&limit=$limit><font color=black>Notice</font></a> </b></font></td><td bgcolor=#FFFF00><font color=black size=2 face=arial><b> <a href=$PHP_SELF?offset=1&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=warning&date=$date&limit=$limit><font color=black>Warning</font></a> </b></font></td><td bgcolor=#FFA500><font color=black size=2 face=arial><b> <a href=$PHP_SELF?offset=1&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=err&date=$date&limit=$limit><font color=black>Error</font></a> </b></font></td><td bgcolor=#CC4500><font color=black size=2 face=arial><b> <a href=$PHP_SELF?offset=1&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=crit&date=$date&limit=$limit><font color=black>Critical</font></a> </b></font></td><td bgcolor=#FF0000><font color=black size=2 face=arial><b> <a href=$PHP_SELF?offset=1&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=alert&date=$date&limit=$limit><font color=black>Alert</font></a> </b></font></td></tr></table>";
echo "<table width=100% bgcolor=#3366cc><tr><td><font face=arial size=2 color=white>Searched the logs $searchstring sorted by: $sortmsg.</font></td><td align=right><font face=arial size=2 color=white>Results: <b>$startoffsetnum</b> - <b>$endoffsetnum</b> of <b>$num_results</b>.</font></td></tr></table>";
echo "<div align=center>";
echo "<table border=0 bordercolor=#000000 width=100%>";
echo "<tr bgcolor=#99CCFF>";
echo "<td ALIGN=CENTER><a href=$PHP_SELF?offset=1&host=$host&message=" . urlencode($message) ."&priority=$priority&date=$date&limit=$limit&sort=host&order=$order&neworder=1><b><font size=2 color=#3366cc>Host</b></a></td>";
echo "<td ALIGN=CENTER><a href=$PHP_SELF?offset=1&host=$host&message=" . urlencode($message) ."&priority=$priority&date=$date&limit=$limit&sort=priority&order=$order&neworder=1><b><font size=2 color=#3366cc>Priority</b></a></td>";
echo "<td ALIGN=CENTER><a href=$PHP_SELF?offset=1&host=$host&message=" . urlencode($message) ."&priority=$priority&date=$date&limit=$limit&order=$order&neworder=1><b><font size=2 color=#3366cc>Date</b></a></td>";
echo "<td ALIGN=CENTER><a href=$PHP_SELF?offset=1&host=$host&message=" . urlencode($message) ."&priority=$priority&date=$date&limit=$limit&order=$order&neworder=1><b><font size=2 color=#3366cc>Time</b></a></td>";
echo "<td><a href=$PHP_SELF?offset=1&host=$host&message=" . urlencode($message) ."&priority=$priority&date=$date&limit=$limit&sort=msg&order=$order&neworder=1><b><font size=2 color=#3366cc>Message</b></a></td>";
echo "</tr>";
while ($row = mysql_fetch_array($results))
{
if ($bgcolor == "#FFFFCC") {$bgcolor = "#FFFFFF";} else {$bgcolor = "#FFFFCC";}
echo "<tr bgcolor=$bgcolor>";
echo "<td ALIGN=CENTER VALIGN=TOP><font size=2>$row[host]</font></td>";
if ($row['priority'] == "info") {
echo "<td ALIGN=CENTER VALIGN=TOP BGCOLOR=#FAEBD7><font size=2>Info</font></td>";
} else if ($row['priority'] == "debug") {
echo "<td ALIGN=CENTER VALIGN=TOP BGCOLOR=#C1FFC1><font size=2>Debug</font></td>";
} else if ($row['priority'] == "notice") {
echo "<td ALIGN=CENTER VALIGN=TOP BGCOLOR=#CAFF70><font size=2>Notice</font></td>";
} else if ($row['priority'] == "warning") {
echo "<td ALIGN=CENTER VALIGN=TOP BGCOLOR=#FFFF00><font size=2>Warning</font></td>";
} else if ($row['priority'] == "err") {
echo "<td ALIGN=CENTER VALIGN=TOP BGCOLOR=#FFA500><font size=2><b>Error</b></font></td>";
} else if ($row['priority'] == "crit") {
echo "<td ALIGN=CENTER VALIGN=TOP BGCOLOR=#CC4500><font size=2><b>Critical</b></font></td>";
} else if ($row['priority'] == "alert") {
echo "<td ALIGN=CENTER VALIGN=TOP BGCOLOR=#FF0000><font size=2><b>Alert</b></font></td>";
} else {
echo "<td ALIGN=CENTER VALIGN=TOP BGCOLOR=#C0C0C0><font size=2>$row[priority]</font></td>";
}
$displaydate = date("y/m/d",strtotime($row['date']));
echo "<td ALIGN=CENTER VALIGN=TOP><font size=2>$displaydate</font></td>";
echo "<td ALIGN=CENTER VALIGN=TOP><font size=2>$row[time]</font></td>";
# echo "<td VALIGN=TOP><font size=2>".htmlspecialchars($row['msg'])."</font></td>";
echo "<td VALIGN=TOP><font size=2>".$row['msg']."</font></td>";
echo "</tr>";
}
echo "</table>";
echo "<hr>";
echo "Result Page: ";
if ($offset!=1) { // bypass PREV link if offset is 0
$firstoffset=0;
print "<a href=\"$PHP_SELF?offset=$firstoffset&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=$priority&date=$date&limit=$limit\"><font color=#000000><< First</font></a> \n";
$prevoffset=$offset-$limit ;
print "<a href=\"$PHP_SELF?offset=$prevoffset&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=$priority&date=$date&limit=$limit\"><font color=#000000>< Previous</font></a> \n";
}
$pages=intval($num_results/$limit);
if ($num_results%$limit) {
$pages++;
}
$page = intval($offset / $limit);
$min = intval($page - 8);
if ($min < 1) { $min = 1; }
$max = intval($page + 10);
if (($max - $min) == $pages) { $max = $max - 1; }
if ($max > $pages) { $max = $pages; }
if ($min > 1) {
print "..... ";
}
#for ($i=1;$i<=$pages;$i++) {
for ($i=$min;$i<=$max;$i++) {
$newoffset=$limit*($i-1)+1;
if ((intval($offset/$limit)+1)==$i )
print "<font color=#800000 face=arial size=3><b>$i</b></font> \n";
else
print "<a href=\"$PHP_SELF?offset=$newoffset&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=$priority&date=$date&limit=$limit\"><font color=#000000>$i</font></a> \n";
}
if ($max < $pages) {
print ".....";
}
if (!(intval($offset/$limit)+1==$pages) && $pages!=1) {
// not last page so give NEXT link
$newoffset=$offset+$limit;
print "   <a href=\"$PHP_SELF?offset=$newoffset&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=$priority&date=$date&limit=$limit\"><font color=#000000>Next ></font></a>\n";
$lastoffset=$limit*($pages-1)+1;
print " <a href=\"$PHP_SELF?offset=$lastoffset&host=$host&sort=$sort&order=$order&message=" . urlencode($message) ."&priority=$priority&date=$date&limit=$limit\"><font color=#000000>Last >></font></a> \n";
}
echo "</div><div align=right><br><br>\n";
$LoggedInUser = $_SERVER['REMOTE_USER'];
$CurrentDate = date('Y/m/d H:i:s',time());
$DateStamp = date('YmdHis',time());
echo "<hr>User <b>$LoggedInUser</b> on <b>$CurrentDate</b><br>\n";
echo "<a href=summary_report.php><font size=1 color=#000000>Daily Summary Report</font></a>";
echo " - <a href=tracking.txt?$DateStamp><font size=1 color=#000000>History</font></a>";
echo " - <a href=usage_summary.php><font size=1 color=#000000>History Summary</font></a>";
echo "<br>\n";
$LogFile = "tracking.txt";
$fp = fopen($LogFile, "a");
$querymsg = strip_tags("Searched the logs $searchstring sorted by: $sortmsg.");
$log = "$CurrentDate - $LoggedInUser - Detailed - $querymsg\n";
fwrite($fp, $log);
fclose($fp);
?>
<br>
<br></div>
</font></body>
</html>
