1 /*
2 * logtool - a logfile parsing/monitoring/manipulation utility
3 *
4 * Copyright (C) Y2K (2000) A.L.Lambert
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2, or (at your option)
9 * any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19 */
20
21 #include "includes.h"
22
23 st_event event;
24
25 /* a parsing function to do a string replacement (sorta like sed w/o the extended syntax) */
26
27 /* A function to do string replacement's (a bit like sed) */
lt_strep(char * input,size_t bufsize,char * string,char * newstring)28 char *lt_strep(char *input, size_t bufsize, char *string, char *newstring)
29 {
30 /* Set our local variables */
31 int oldlen, newlen;
32 char *p, *q;
33 /*
34 * Make sure the input contains the string we want to replace
35 * and if not, return the input "as-is"
36 */
37 if((p = strstr(input, string)) == NULL) {
38 return input;
39 }
40 /* set the old/new length variables for the strings */
41 oldlen = strlen(string);
42 newlen = strlen(newstring);
43 /* If the strings too big for buffer size, then quit now */
44 if ((strlen(input) + newlen - oldlen + 1) > bufsize) {
45 return NULL;
46 }
47
48 /*
49 * Memmove and memcpy the string's around so's the new string
50 * exists where the old one used to be.
51 */
52 memmove(q = p+newlen, p+oldlen, strlen(p+oldlen)+1);
53 memcpy(p, newstring, newlen);
54 /* return "input" with the replaced string */
55 return input;
56 }
57
58 /* we make some decisions based on event.source and display accordingly */
lt_do_parse_evtsrc()59 int lt_do_parse_evtsrc() {
60 char tmp[LSIZE];
61 char *ptr;
62 if(cf.sys_ng_host == TRUE && lt_match(event.source, "src@|kern@") != FALSE) {
63 ptr = strstr(event.source, "@") + 1;
64 strcpy(tmp, ptr);
65 strcpy(event.source, tmp);
66 }
67
68 if(cf.hostfmt != HOST_DEFAULT && lt_match(event.source, ".*/[0-9].*") != FALSE) {
69 switch(cf.hostfmt) {
70 case NG_HOST_BOTH:
71 /* do nothing, we've already got em both here */
72 break;
73 case NG_HOST_IP:
74 /* we want just the IP, so... */
75 ptr = strstr(event.source, "/");
76 ++ptr;
77 strcpy(event.source, ptr);
78 break;
79 case NG_HOST_NAME:
80 ptr = strstr(event.source, "/");
81 ptr[0] = '\0';
82 break;
83 default:
84 break;
85 }
86 }
87 return 0;
88 }
89
lt_set_lasts()90 void lt_set_lasts() {
91
92
93 if(event.message[0] != '\0') {
94 strcpy(event.lmessage, event.message);
95 } else {
96 event.lmessage[0] = '\0';
97 }
98
99 if(event.program[0] != '\0') {
100 strcpy(event.lprogram, event.program);
101 } else {
102 event.lprogram[0] = '\0';
103 }
104
105 if(event.source[0] != '\0') {
106 strcpy(event.lsource, event.source);
107 } else {
108 event.lsource[0] = '\0';
109 }
110
111 if(event.raw[0] != '\0') {
112 strcpy(event.lraw, event.raw);
113 }
114
115 }
116
117
lt_parse_multilog()118 void lt_parse_multilog() {
119 time_t ttime;
120 char tmp[LSIZE], tmp2[LSIZE];
121 char *ptr;
122 if(event.raw[0] == '@') {
123 sscanf(event.raw, "%s", tmp);
124 ttime = t64nfrac(tmp);
125 strcpy(tmp2, ctime(&ttime));
126 tmp2[strlen(tmp2) - 1] = '\0';
127 ptr = strstr(tmp2, " ");
128 ++ptr;
129 strcpy(tmp, ptr);
130 ptr = strrchr(tmp, ' ');
131 ptr[0] = '\0';
132
133 /* we're gonna have to fix up event.raw for later processing */
134 strcpy(tmp2, event.raw);
135 ptr = strstr(tmp2, " ");
136 ++ptr;
137 strcpy(event.raw, tmp);
138 strcat(event.raw, " ");
139 strcat(event.raw, "local prog: ");
140 strcat(event.raw, ptr);
141
142 }
143 }
144
145
lt_do_regexcheck()146 int lt_do_regexcheck() {
147 int retval = TRUE;
148
149 if(reg.include_check == TRUE && lt_match_re(event.raw, reg.include_reg) != TRUE) {
150 retval = FALSE;
151 }
152 if(reg.exclude_check == TRUE && lt_match_re(event.raw, reg.exclude_reg) == TRUE) {
153 retval = FALSE;
154 }
155
156 return (retval);
157 }
158
159 /* The function that parses the line. It's pretty basic at this point,
160 * but in the future, it will do a lot more to the data */
lt_do_parse()161 int lt_do_parse() {
162
163 int retval = TRUE;
164
165 /* if the event is just a \newline, skip it */
166 if(strcmp(event.raw, "\n") == 0) {
167 return FALSE;
168 }
169
170 lt_set_lasts();
171 sscanf(event.raw, "%s %s %s %s %s %[^\n]",
172 event.month, event.day, event.time, event.source, event.program, event.message);
173
174 lt_do_parse_evtsrc();
175
176 return (retval);
177 }
178
lt_set_event_color()179 void lt_set_event_color() {
180 /* set color == red by default */
181 if(cf.redbeep == 1 && cf.outfmt == OUTPUT_ANSI) {
182 strcpy(event.pcolor, "\033!\033r");
183 } else {
184 strcpy(event.pcolor, "\033r");
185 }
186
187 if(reg.yellow_check == TRUE && lt_match_re(event.raw, reg.yellow_reg) != 0) {
188 strcpy(event.pcolor, "\033y"); /* yellow event color */
189
190 } else if(reg.brightyellow_check == TRUE && lt_match_re(event.raw, reg.brightyellow_reg) != 0) {
191 strcpy(event.pcolor, "\033Y"); /* bright yellow event color */
192
193 } else if(reg.green_check == TRUE && lt_match_re(event.raw, reg.green_reg) != 0) {
194 strcpy(event.pcolor, "\033g"); /* green event color */
195
196 } else if(reg.brightgreen_check == TRUE && lt_match_re(event.raw, reg.brightgreen_reg) != 0) {
197 strcpy(event.pcolor, "\033G"); /* bright green event color */
198
199 } else if(reg.blue_check == TRUE && lt_match_re(event.raw, reg.blue_reg) != 0) {
200 strcpy(event.pcolor, "\033b"); /* blue event color */
201
202 } else if(reg.brightblue_check == TRUE && lt_match_re(event.raw, reg.brightblue_reg) != 0) {
203 strcpy(event.pcolor, "\033B"); /* blue event color */
204
205 } else if(reg.cyan_check == TRUE && lt_match_re(event.raw, reg.cyan_reg) != 0) {
206 strcpy(event.pcolor, "\033c"); /* cyan event color */
207
208 } else if(reg.brightcyan_check == TRUE && lt_match_re(event.raw, reg.brightcyan_reg) != 0) {
209 strcpy(event.pcolor, "\033C"); /* bright cyan event */
210
211 } else if(reg.magenta_check == TRUE && lt_match_re(event.raw, reg.magenta_reg) != 0) {
212 strcpy(event.pcolor, "\033m"); /* magenta */
213
214 } else if(reg.brightmagenta_check == TRUE && lt_match_re(event.raw, reg.brightmagenta_reg) != 0) {
215 strcpy(event.pcolor, "\033M"); /* magenta */
216
217 } else if(reg.brightred_check == TRUE && lt_match_re(event.raw, reg.brightred_reg) != 0) {
218 if(cf.redbeep == 1 && cf.outfmt == OUTPUT_ANSI) {
219 strcpy(event.pcolor, "\033!\033R"); /* bright red */
220 } else {
221 strcpy(event.pcolor, "\033R");
222 }
223
224 }
225 }
226