//include("../include/irm.inc"); ///////////// function display_db_table() { $no_hosts = array(); $no_msgs = array(); $addon_tmp_str = array(); $addon_tmp_array = array(); $addon = array(); $conn = mysql_connect("localhost", "syslogfeeder", "fitslikeaglove#syslogfeeder")or die("error connecting mysql database".mysql_error()); $dbname = "syslog"; mysql_select_db($dbname, $conn); $tablename = "logs"; $no_messages = array("User Logoff", "Successful Network Logon", "Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon account", "Logon failure: unknown user name or bad password", "Special privileges assigned to new logon: User Name", "Logon Failure: Reason: Unknown user name or bad password", "Windows Server Update Services: N/A: Connection to database failed. Reason=Login failed for user"); $no_servers = array("websense01"); $no_host_and_msgs = array('westma' => 'Security:'); foreach ($no_servers as $host) { if ($host == $no_servers[0]) { array_push($no_hosts, "host NOT LIKE '$host' "); } else { array_push($no_hosts, "AND host NOT LIKE '$host' "); } }; foreach ($no_messages as $messages) { if ($messages == $no_messages [0]) array_push($no_msgs, "msg NOT LIKE '%$messages%' "); else array_push($no_msgs, "AND msg NOT LIKE '%$messages%' "); }; foreach ($no_host_and_msgs as $host => $message) { array_push($no_hosts, "AND host NOT LIKE '$host' "); array_push($addon_tmp_array, "(SELECT host,level,datetime AS time,msg FROM $tablename WHERE host='$host' AND datetime >= DATE_SUB(NOW(), INTERVAL 12 HOUR) AND msg NOT LIKE '%$message%' AND (level='err' OR level='crit' OR level='kern' OR level='warning') ORDER BY seq DESC LIMIT 500)"); }; # $query_string = "SELECT * FROM $tablename ORDER by seq DESC limit 100"; # $query_string = "SELECT host,level,datetime,msg FROM $tablename WHERE level='err' OR level='crit' OR level='kern' OR level='warning' ORDER BY seq desc limit 100"; $no_hosts = join(" ",$no_hosts); $no_msgs = join(" ",$no_msgs); $addon_str = join(" UNION ", $addon_tmp_array); $query_string = "(SELECT host,level,datetime AS time,msg FROM $tablename WHERE $no_hosts AND $no_msgs AND datetime >= DATE_SUB(NOW(), INTERVAL 12 HOUR) AND (level != 'info' AND level != 'notice') ORDER BY seq DESC LIMIT 500) UNION $addon_str ORDER BY time DESC LIMIT 100"; $result_id = mysql_query($query_string, $conn); $column_count = mysql_num_fields($result_id); print("
$row[$column_num] | \n"); else print("$row[$column_num] | \n"); print("