Newer
Older
* rkhunter is not installed, so there is no data and no state
*
* no_state, NOT unknown, because "unknown" is shown as state
* inside the GUI. no_state is hidden.
*
* We have to write NO DATA inside the DB, because the GUI
* could not know, if there is any dat, or not...
*/
$state = 'no_state';
$data['output']= '';
}
* Insert the data into the database
*/
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
"'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
/* The new data is written, now we can delete the old one */
$this->_delOldRecords($type, 4);
}
function monitorFail2ban() {
global $app;
global $conf;
/* the id of the server as int */
$server_id = intval($conf["server_id"]);
/** The type of the data */
$type = 'log_fail2ban';
/* This monitoring is only available if fail2ban is installed */
system('which fail2ban-client', $retval); // Debian, Ubuntu, Fedora
if($retval !== 0) system('which fail2ban', $retval); // CentOS
if($retval === 0) {
/* Get the data of the log */
$data = $this->_getLogData($type);
* At this moment, there is no state (maybe later)
*/
$state = 'no_state';
}
else {
/*
* fail2ban is not installed, so there is no data and no state
*
* no_state, NOT unknown, because "unknown" is shown as state
* inside the GUI. no_state is hidden.
*
* We have to write NO DATA inside the DB, because the GUI
* could not know, if there is any dat, or not...
*/
$state = 'no_state';
$data = '';
}
* Insert the data into the database
*/
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
"'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
/* The new data is written, now we can delete the old one */
$this->_delOldRecords($type, 4);
}
function monitorSysLog() {
global $app;
global $conf;
/* the id of the server as int */
$server_id = intval($conf["server_id"]);
/** The type of the data */
$type = 'sys_log';
/*
* is there any warning or error for this server?
$state = 'ok';
$dbData = $app->dbmaster->queryAllRecords("SELECT loglevel FROM sys_log WHERE server_id = " . $server_id . " AND loglevel > 0");
if (is_array($dbData)) {
foreach($dbData as $item) {
if ($item['loglevel'] == 1) $state = $this->_setState($state, 'warning');
if ($item['loglevel'] == 2) $state = $this->_setState($state, 'error');
}
}
/** There is no monitor-data because the data is in the sys_log table */
$data['output']= '';
* Insert the data into the database
*/
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
"'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
/* The new data is written, now we can delete the old one */
$this->_delOldRecords($type, 4);
}
function monitorMailLog() {
global $app;
global $conf;
/* the id of the server as int */
$server_id = intval($conf["server_id"]);
/** The type of the data */
$type = 'log_mail';
/* Get the data of the log */
$data = $this->_getLogData($type);
/*
* actually this info has no state.
* maybe someone knows better...???...
*/
$state = 'no_state';
Insert the data into the database
*/
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
"'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
/* The new data is written, now we can delete the old one */
$this->_delOldRecords($type, 4);
}
function monitorMailWarnLog() {
global $app;
global $conf;
/* the id of the server as int */
$server_id = intval($conf["server_id"]);
/** The type of the data */
$type = 'log_mail_warn';
/* Get the data of the log */
$data = $this->_getLogData($type);
/*
* actually this info has no state.
* maybe someone knows better...???...
*/
$state = 'no_state';
Insert the data into the database
*/
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
"'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
/* The new data is written, now we can delete the old one */
$this->_delOldRecords($type, 4);
}
function monitorMailErrLog() {
global $app;
global $conf;
/* the id of the server as int */
$server_id = intval($conf["server_id"]);
/** The type of the data */
$type = 'log_mail_err';
/* Get the data of the log */
$data = $this->_getLogData($type);
/*
* actually this info has no state.
* maybe someone knows better...???...
*/
$state = 'no_state';
Insert the data into the database
*/
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
"'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
/* The new data is written, now we can delete the old one */
$this->_delOldRecords($type, 4);
function monitorMessagesLog() {
global $app;
global $conf;
/* the id of the server as int */
$server_id = intval($conf["server_id"]);
/** The type of the data */
$type = 'log_messages';
/* Get the data of the log */
$data = $this->_getLogData($type);
* actually this info has no state.
* maybe someone knows better...???...
*/
$state = 'no_state';
Insert the data into the database
*/
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
"'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
/* The new data is written, now we can delete the old one */
$this->_delOldRecords($type, 4);
}
function monitorISPCCronLog() {
global $app;
global $conf;
/* the id of the server as int */
$server_id = intval($conf["server_id"]);
/** The type of the data */
$type = 'log_ispc_cron';
/* Get the data of the log */
$data = $this->_getLogData($type);
/*
* actually this info has no state.
* maybe someone knows better...???...
*/
$state = 'no_state';
Insert the data into the database
*/
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
"'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
/* The new data is written, now we can delete the old one */
$this->_delOldRecords($type, 4);
}
function monitorFreshClamLog() {
global $app;
global $conf;
/* the id of the server as int */
$server_id = intval($conf["server_id"]);
/** The type of the data */
$type = 'log_freshclam';
/* Get the data of the log */
$data = $this->_getLogData($type);
/* Get the data from the LAST log-Entry.
* if there can be found:
* WARNING: Your ClamAV installation is OUTDATED!
* then the clamav is outdated. This is a warning!
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
*/
$state = 'ok';
$tmp = explode("\n", $data);
$lastLog = array();
if ($tmp[sizeof($tmp)-1] == "") {
/* the log ends with an empty line remove this */
array_pop($tmp);
}
if (strpos($tmp[sizeof($tmp)-1], "-------------") !== false) {
/* the log ends with "-----..." remove this */
array_pop($tmp);
}
for ($i = sizeof($tmp) -1; $i > 0; $i--) {
if (strpos($tmp[$i], "---------") === false) {
/* no delimiter found, so add this to the last-log */
$lastLog[] = $tmp[$i];
}
else {
/* delimiter found, so there is no more line left! */
break;
}
}
/*
* Now we have the last log in the array.
* Check if the outdated-string is found...
*/
foreach($lastLog as $line) {
if (strpos(strtolower($line), "outdated") !== false) {
/*
* Outdatet is only info, because if we set this to warning, the server is
* as long in state warning, as there is a new version of ClamAv which takes
* sometimes weeks!
*/
$state = $this->_setState($state, 'info');
}
}
/*
Insert the data into the database
*/
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
"'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
/* The new data is written, now we can delete the old one */
$this->_delOldRecords($type, 4);
}
function monitorClamAvLog() {
global $app;
global $conf;
/* the id of the server as int */
$server_id = intval($conf["server_id"]);
/** The type of the data */
$type = 'log_clamav';
/* Get the data of the log */
$data = $this->_getLogData($type);
// Todo: the state should be calculated.
$state = 'ok';
/*
Insert the data into the database
*/
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
"'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
/* The new data is written, now we can delete the old one */
$this->_delOldRecords($type, 4);
}
function monitorIspConfigLog() {
global $app;
global $conf;
/* the id of the server as int */
$server_id = intval($conf["server_id"]);
/** The type of the data */
$type = 'log_ispconfig';
/* Get the data of the log */
$data = $this->_getLogData($type);
// Todo: the state should be calculated.
$state = 'ok';
/*
Insert the data into the database
*/
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
"'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
/* The new data is written, now we can delete the old one */
$this->_delOldRecords($type, 4);
}
function _getLogData($log) {
$dist = '';
$logfile = '';
if(@is_file('/etc/debian_version')) $dist = 'debian';
if(@is_file('/etc/redhat-release')) $dist = 'redhat';
if(@is_file('/etc/SuSE-release')) $dist = 'suse';
if(@is_file('/etc/gentoo-release')) $dist = 'gentoo';
switch($log) {
case 'log_mail':
if($dist == 'debian') $logfile = '/var/log/mail.log';
if($dist == 'redhat') $logfile = '/var/log/maillog';
if($dist == 'suse') $logfile = '/var/log/mail.info';
if($dist == 'gentoo') $logfile = '/var/log/maillog';
break;
case 'log_mail_warn':
if($dist == 'debian') $logfile = '/var/log/mail.warn';
if($dist == 'redhat') $logfile = '/var/log/maillog';
if($dist == 'suse') $logfile = '/var/log/mail.warn';
if($dist == 'gentoo') $logfile = '/var/log/maillog';
break;
case 'log_mail_err':
if($dist == 'debian') $logfile = '/var/log/mail.err';
if($dist == 'redhat') $logfile = '/var/log/maillog';
if($dist == 'suse') $logfile = '/var/log/mail.err';
if($dist == 'gentoo') $logfile = '/var/log/maillog';
break;
case 'log_messages':
if($dist == 'debian') $logfile = '/var/log/messages';
if($dist == 'redhat') $logfile = '/var/log/messages';
if($dist == 'gentoo') $logfile = '/var/log/messages';
break;
case 'log_ispc_cron':
if($dist == 'debian') $logfile = '/var/log/ispconfig/cron.log';
if($dist == 'redhat') $logfile = '/var/log/ispconfig/cron.log';
if($dist == 'suse') $logfile = '/var/log/ispconfig/cron.log';
if($dist == 'gentoo') $logfile = '/var/log/cron';
break;
case 'log_freshclam':
if($dist == 'debian') $logfile = '/var/log/clamav/freshclam.log';
if($dist == 'redhat') $logfile = (is_file('/var/log/clamav/freshclam.log') ? '/var/log/clamav/freshclam.log' : '/var/log/freshclam.log');
if($dist == 'suse') $logfile = '';
if($dist == 'gentoo') $logfile = '/var/log/clamav/freshclam.log';
case 'log_clamav':
if($dist == 'debian') $logfile = '/var/log/clamav/clamav.log';
if($dist == 'redhat') $logfile = (is_file('/var/log/clamav/clamd.log') ? '/var/log/clamav/clamd.log' : '/var/log/maillog');
if($dist == 'suse') $logfile = '';
if($dist == 'gentoo') $logfile = '/var/log/clamav/clamd.log';
break;
case 'log_fail2ban':
if($dist == 'debian') $logfile = '/var/log/fail2ban.log';
if($dist == 'redhat') $logfile = '/var/log/fail2ban.log';
if($dist == 'suse') $logfile = '/var/log/fail2ban.log';
if($dist == 'gentoo') $logfile = '/var/log/fail2ban.log';
break;
case 'log_ispconfig':
if($dist == 'debian') $logfile = '/var/log/ispconfig/ispconfig.log';
if($dist == 'redhat') $logfile = '/var/log/ispconfig/ispconfig.log';
if($dist == 'suse') $logfile = '/var/log/ispconfig/ispconfig.log';
if($dist == 'gentoo') $logfile = '/var/log/ispconfig/ispconfig.log';
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
break;
default:
$logfile = '';
break;
}
// Getting the logfile content
if($logfile != '') {
$logfile = escapeshellcmd($logfile);
if(stristr($logfile, ';') or substr($logfile,0,9) != '/var/log/' or stristr($logfile, '..')) {
$log = 'Logfile path error.';
}
else {
$log = '';
if(is_readable($logfile)) {
if($fd = popen("tail -n 100 $logfile", 'r')) {
while (!feof($fd)) {
$log .= fgets($fd, 4096);
$n++;
if($n > 1000) break;
}
fclose($fd);
}
} else {
$log = 'Unable to read '.$logfile;
}
}
}
return $log;
}
function _checkTcp ($host,$port) {
$fp = @fsockopen ($host, $port, $errno, $errstr, 2);
if ($fp) {
fclose($fp);
return true;
} else {
return false;
}
}
function _checkUdp ($host,$port) {
$fp = @fsockopen ('udp://'.$host, $port, $errno, $errstr, 2);
if ($fp) {
fclose($fp);
return true;
} else {
return false;
}
}
function _checkFtp ($host,$port) {
$conn_id = @ftp_connect($host, $port);
if($conn_id) {
@ftp_close($conn_id);
return true;
} else {
return false;
}
}
/*
Deletes Records older than n.
*/
function _delOldRecords($type, $min, $hour=0, $days=0) {
global $app;
$now = time();
$old = $now - ($min * 60) - ($hour * 60 * 60) - ($days * 24 * 60 * 60);
$sql = "DELETE FROM monitor_data " .
"WHERE " .
"type =" . "'" . $app->dbmaster->quote($type) . "' " .
"AND " .
"created < " . $old;
$app->dbmaster->query($sql);
}
/*
* Set the state to the given level (or higher, but not lesser).
* * If the actual state is critical and you call the method with ok,
* then the state is critical.
*
* * If the actual state is critical and you call the method with error,
* then the state is error.
*/
function _setState($oldState, $newState) {
/*
* Calculate the weight of the old state
*/
switch ($oldState) {
case 'no_state': $oldInt = 0;
break;
case 'ok': $oldInt = 1;
break;
case 'unknown': $oldInt = 2;
break;
case 'info': $oldInt = 3;
break;
case 'warning': $oldInt = 4;
break;
case 'critical': $oldInt = 5;
break;
case 'error': $oldInt = 6;
break;
}
/*
* Calculate the weight of the new state
*/
switch ($newState) {
case 'no_state': $newInt = 0 ;
break;
case 'ok': $newInt = 1 ;
break;
case 'unknown': $newInt = 2 ;
break;
case 'info': $newInt = 3 ;
break;
case 'warning': $newInt = 4 ;
break;
case 'critical': $newInt = 5 ;
break;
case 'error': $newInt = 6 ;
break;
}
/*
* Set to the higher level
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
*/
if ($newInt > $oldInt) {
return $newState;
}
else {
return $oldState;
}
}
function _getIntArray($line) {
/** The array of float found */
$res = array();
/* First build a array from the line */
$data = explode(' ', $line);
/* then check if any item is a float */
foreach ($data as $item) {
if ($item . '' == (int)$item . '') {
$res[] = $item;
}
}
return $res;
}
}
?>