1<?php 2/* 3** Zabbix 4** Copyright (C) 2001-2021 Zabbix SIA 5** 6** This program is free software; you can redistribute it and/or modify 7** it under the terms of the GNU General Public License as published by 8** the Free Software Foundation; either version 2 of the License, or 9** (at your option) any later version. 10** 11** This program is distributed in the hope that it will be useful, 12** but WITHOUT ANY WARRANTY; without even the implied warranty of 13** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14** GNU General Public License for more details. 15** 16** You should have received a copy of the GNU General Public License 17** along with this program; if not, write to the Free Software 18** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 19**/ 20 21 22require_once dirname(__FILE__).'/include/config.inc.php'; 23require_once dirname(__FILE__).'/include/audit.inc.php'; 24require_once dirname(__FILE__).'/include/actions.inc.php'; 25require_once dirname(__FILE__).'/include/users.inc.php'; 26 27$page['title'] = _('Audit log'); 28$page['file'] = 'auditlogs.php'; 29$page['scripts'] = ['class.calendar.js', 'gtlc.js']; 30$page['type'] = detect_page_type(PAGE_TYPE_HTML); 31 32require_once dirname(__FILE__).'/include/page_header.php'; 33 34// VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION 35$fields = [ 36 'action' => [T_ZBX_INT, O_OPT, P_SYS, BETWEEN(-1, 6), null], 37 'resourcetype' => [T_ZBX_INT, O_OPT, P_SYS, BETWEEN(-1, 31), null], 38 'filter_rst' => [T_ZBX_STR, O_OPT, P_SYS, null, null], 39 'filter_set' => [T_ZBX_STR, O_OPT, P_SYS, null, null], 40 'alias' => [T_ZBX_STR, O_OPT, P_SYS, null, null], 41 'period' => [T_ZBX_INT, O_OPT, null, null, null], 42 'stime' => [T_ZBX_STR, O_OPT, null, null, null], 43 // ajax 44 'favobj' => [T_ZBX_STR, O_OPT, P_ACT, null, null], 45 'favid' => [T_ZBX_INT, O_OPT, P_ACT, null, null] 46]; 47check_fields($fields); 48 49/* 50 * Ajax 51 */ 52if (isset($_REQUEST['favobj'])) { 53 // saving fixed/dynamic setting to profile 54 if ($_REQUEST['favobj'] == 'timelinefixedperiod') { 55 if (isset($_REQUEST['favid'])) { 56 CProfile::update('web.auditlogs.timelinefixed', $_REQUEST['favid'], PROFILE_TYPE_INT); 57 } 58 } 59} 60if ($page['type'] == PAGE_TYPE_JS || $page['type'] == PAGE_TYPE_HTML_BLOCK) { 61 require_once dirname(__FILE__).'/include/page_footer.php'; 62 exit; 63} 64 65/* 66 * Filter 67 */ 68if (hasRequest('filter_set')) { 69 CProfile::update('web.auditlogs.filter.alias', getRequest('alias', ''), PROFILE_TYPE_STR); 70 CProfile::update('web.auditlogs.filter.action', getRequest('action', -1), PROFILE_TYPE_INT); 71 CProfile::update('web.auditlogs.filter.resourcetype', getRequest('resourcetype', -1), PROFILE_TYPE_INT); 72} 73elseif (hasRequest('filter_rst')) { 74 DBStart(); 75 CProfile::delete('web.auditlogs.filter.alias'); 76 CProfile::delete('web.auditlogs.filter.action'); 77 CProfile::delete('web.auditlogs.filter.resourcetype'); 78 DBend(); 79} 80 81/* 82 * Display 83 */ 84$effectivePeriod = navigation_bar_calc('web.auditlogs.timeline', 0, true); 85$data = [ 86 'stime' => getRequest('stime'), 87 'actions' => [], 88 'action' => CProfile::get('web.auditlogs.filter.action', -1), 89 'resourcetype' => CProfile::get('web.auditlogs.filter.resourcetype', -1), 90 'alias' => CProfile::get('web.auditlogs.filter.alias', '') 91]; 92 93$from = zbxDateToTime($data['stime']); 94$till = $from + $effectivePeriod; 95 96// get audit 97$config = select_config(); 98 99$sqlWhere = []; 100if (!empty($data['alias'])) { 101 $sqlWhere['alias'] = ' AND u.alias='.zbx_dbstr($data['alias']); 102} 103if ($data['action'] > -1) { 104 $sqlWhere['action'] = ' AND a.action='.zbx_dbstr($data['action']); 105} 106if ($data['resourcetype'] > -1) { 107 $sqlWhere['resourcetype'] = ' AND a.resourcetype='.zbx_dbstr($data['resourcetype']); 108} 109$sqlWhere['from'] = ' AND a.clock>'.zbx_dbstr($from); 110$sqlWhere['till'] = ' AND a.clock<'.zbx_dbstr($till); 111 112$sql = 'SELECT a.auditid,a.clock,u.alias,a.ip,a.resourcetype,a.action,a.resourceid,a.resourcename,a.details'. 113 ' FROM auditlog a,users u'. 114 ' WHERE a.userid=u.userid'. 115 implode('', $sqlWhere). 116 ' ORDER BY a.clock DESC'; 117$dbAudit = DBselect($sql, $config['search_limit'] + 1); 118while ($audit = DBfetch($dbAudit)) { 119 switch ($audit['action']) { 120 case AUDIT_ACTION_ADD: 121 $action = _('Added'); 122 break; 123 case AUDIT_ACTION_UPDATE: 124 $action = _('Updated'); 125 break; 126 case AUDIT_ACTION_DELETE: 127 $action = _('Deleted'); 128 break; 129 case AUDIT_ACTION_LOGIN: 130 $action = _('Login'); 131 break; 132 case AUDIT_ACTION_LOGOUT: 133 $action = _('Logout'); 134 break; 135 case AUDIT_ACTION_ENABLE: 136 $action = _('Enabled'); 137 break; 138 case AUDIT_ACTION_DISABLE: 139 $action = _('Disabled'); 140 break; 141 default: 142 $action = _('Unknown action'); 143 } 144 $audit['action'] = $action; 145 $audit['resourcetype'] = audit_resource2str($audit['resourcetype']); 146 147 if (empty($audit['details'])) { 148 $audit['details'] = DBfetchArray(DBselect( 149 'SELECT ad.table_name,ad.field_name,ad.oldvalue,ad.newvalue'. 150 ' FROM auditlog_details ad'. 151 ' WHERE ad.auditid='.zbx_dbstr($audit['auditid']) 152 )); 153 } 154 $data['actions'][$audit['auditid']] = $audit; 155} 156if (!empty($data['actions'])) { 157 order_result($data['actions'], 'clock', ZBX_SORT_DOWN); 158} 159 160// get paging 161$data['paging'] = getPagingLine($data['actions'], ZBX_SORT_UP, new CUrl('auditlogs.php')); 162 163// get timeline 164unset($sqlWhere['from'], $sqlWhere['till']); 165 166$sql = 'SELECT MIN(a.clock) AS clock'. 167 ' FROM auditlog a,users u'. 168 ' WHERE a.userid=u.userid'. 169 implode('', $sqlWhere); 170$firstAudit = DBfetch(DBselect($sql, $config['search_limit'] + 1)); 171 172$data['timeline'] = [ 173 'period' => $effectivePeriod, 174 'starttime' => date(TIMESTAMP_FORMAT, $firstAudit ? $firstAudit['clock'] - 1 : null), 175 'usertime' => isset($_REQUEST['stime']) ? date(TIMESTAMP_FORMAT, zbxDateToTime($data['stime']) + $effectivePeriod) : null 176]; 177 178// render view 179$auditView = new CView('administration.auditlogs.list', $data); 180$auditView->render(); 181$auditView->show(); 182 183require_once dirname(__FILE__).'/include/page_footer.php'; 184