1 /*
2  *   logtool - a logfile parsing/monitoring/manipulation utility
3  *
4  *   Copyright (C) Y2K (2000) A.L.Lambert
5  *
6  *   This program is free software; you can redistribute it and/or modify
7  *   it under the terms of the GNU General Public License as published by
8  *   the Free Software Foundation; either version 2, or (at your option)
9  *   any later version.
10  *
11  *   This program is distributed in the hope that it will be useful,
12  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *   GNU General Public License for more details.
15  *
16  *   You should have received a copy of the GNU General Public License
17  *   along with this program; if not, write to the Free Software
18  *   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19  */
20 
21 #include "includes.h"
22 
23 st_event event;
24 
25 /* a parsing function to do a string replacement (sorta like sed w/o the extended syntax)	*/
26 
27 /* A function to do string replacement's (a bit like sed) */
lt_strep(char * input,size_t bufsize,char * string,char * newstring)28 char *lt_strep(char *input, size_t bufsize,  char *string, char *newstring)
29 {
30         /* Set our local variables */
31         int oldlen, newlen;
32         char *p, *q;
33         /*
34          *  Make sure the input contains the string we want to replace
35          * and if not, return the input "as-is"
36          */
37         if((p = strstr(input, string)) == NULL) {
38               return input;
39         }
40         /* set the old/new length variables for the strings */
41         oldlen = strlen(string);
42         newlen = strlen(newstring);
43         /* If the strings too big for buffer size, then quit now */
44         if ((strlen(input) + newlen - oldlen + 1) > bufsize) {
45                 return NULL;
46         }
47 
48         /*
49          * Memmove and memcpy the string's around so's the new string
50          * exists where the old one used to be.
51          */
52         memmove(q = p+newlen, p+oldlen, strlen(p+oldlen)+1);
53         memcpy(p, newstring, newlen);
54         /* return "input" with the replaced string */
55         return input;
56 }
57 
58 /* we make some decisions based on event.source and display accordingly	*/
lt_do_parse_evtsrc()59 int lt_do_parse_evtsrc() {
60 	char tmp[LSIZE];
61 	char *ptr;
62 	if(cf.sys_ng_host == TRUE && lt_match(event.source, "src@|kern@") != FALSE) {
63 		ptr = strstr(event.source, "@") + 1;
64 		strcpy(tmp, ptr);
65 		strcpy(event.source, tmp);
66 	}
67 
68 	if(cf.hostfmt != HOST_DEFAULT && lt_match(event.source, ".*/[0-9].*") != FALSE) {
69 		switch(cf.hostfmt) {
70 			case NG_HOST_BOTH:
71 				/* do nothing, we've already got em both here	*/
72 				break;
73 			case NG_HOST_IP:
74 				/* we want just the IP, so...	*/
75 				ptr = strstr(event.source, "/");
76 				++ptr;
77 				strcpy(event.source, ptr);
78 				break;
79 			case NG_HOST_NAME:
80 				ptr = strstr(event.source, "/");
81 				ptr[0] = '\0';
82 				break;
83 			default:
84 				break;
85 		}
86 	}
87 	return 0;
88 }
89 
lt_set_lasts()90 void lt_set_lasts() {
91 
92 
93 	if(event.message[0] != '\0') {
94 		strcpy(event.lmessage, event.message);
95 	} else {
96 		event.lmessage[0] = '\0';
97 	}
98 
99 	if(event.program[0] != '\0') {
100 		strcpy(event.lprogram, event.program);
101 	} else {
102 		event.lprogram[0] = '\0';
103 	}
104 
105 	if(event.source[0] != '\0') {
106 		strcpy(event.lsource, event.source);
107 	} else {
108 		event.lsource[0] = '\0';
109 	}
110 
111 	if(event.raw[0] != '\0') {
112 		strcpy(event.lraw, event.raw);
113 	}
114 
115 }
116 
117 
lt_parse_multilog()118 void lt_parse_multilog() {
119 	time_t ttime;
120 	char tmp[LSIZE], tmp2[LSIZE];
121 	char *ptr;
122 	if(event.raw[0] == '@') {
123 		sscanf(event.raw, "%s", tmp);
124 		ttime = t64nfrac(tmp);
125 		strcpy(tmp2, ctime(&ttime));
126 		tmp2[strlen(tmp2) - 1] = '\0';
127 		ptr = strstr(tmp2, " ");
128 		++ptr;
129 		strcpy(tmp, ptr);
130 		ptr = strrchr(tmp, ' ');
131 		ptr[0] = '\0';
132 
133 		/* we're gonna have to fix up event.raw for later processing	*/
134 		strcpy(tmp2, event.raw);
135 		ptr = strstr(tmp2, " ");
136 		++ptr;
137 		strcpy(event.raw, tmp);
138 		strcat(event.raw, " ");
139 		strcat(event.raw, "local prog: ");
140 		strcat(event.raw, ptr);
141 
142 	}
143 }
144 
145 
lt_do_regexcheck()146 int lt_do_regexcheck() {
147 	int retval = TRUE;
148 
149 	if(reg.include_check == TRUE && lt_match_re(event.raw, reg.include_reg) != TRUE) {
150 		retval = FALSE;
151 	}
152 	if(reg.exclude_check == TRUE && lt_match_re(event.raw, reg.exclude_reg) == TRUE) {
153 		retval = FALSE;
154 	}
155 
156 	return (retval);
157 }
158 
159 /* The function that parses the line.  It's pretty basic at this point,
160  * but in the future, it will do a lot more to the data */
lt_do_parse()161 int lt_do_parse() {
162 
163 	int retval = TRUE;
164 
165 	/* if the event is just a \newline, skip it	*/
166 	if(strcmp(event.raw, "\n") == 0) {
167 		return FALSE;
168 	}
169 
170 	lt_set_lasts();
171 	sscanf(event.raw, "%s %s %s %s %s %[^\n]",
172 			event.month, event.day, event.time, event.source, event.program, event.message);
173 
174 	lt_do_parse_evtsrc();
175 
176 	return (retval);
177 }
178 
lt_set_event_color()179 void lt_set_event_color() {
180 	/* set color == red by default */
181 	if(cf.redbeep == 1 && cf.outfmt == OUTPUT_ANSI) {
182 		strcpy(event.pcolor, "\033!\033r");
183 	} else {
184 	        strcpy(event.pcolor, "\033r");
185 	}
186 
187 	if(reg.yellow_check == TRUE && lt_match_re(event.raw, reg.yellow_reg) != 0) {
188 		strcpy(event.pcolor, "\033y");        /* yellow event color 	*/
189 
190 	} else if(reg.brightyellow_check == TRUE && lt_match_re(event.raw, reg.brightyellow_reg) != 0) {
191 		strcpy(event.pcolor, "\033Y");		/* bright yellow event color	*/
192 
193         } else  if(reg.green_check == TRUE && lt_match_re(event.raw, reg.green_reg) != 0) {
194                 strcpy(event.pcolor, "\033g");         /* green event color 	*/
195 
196         } else  if(reg.brightgreen_check == TRUE && lt_match_re(event.raw, reg.brightgreen_reg) != 0) {
197                 strcpy(event.pcolor, "\033G");         /* bright green event color 	*/
198 
199         } else if(reg.blue_check == TRUE && lt_match_re(event.raw, reg.blue_reg) != 0) {
200 		strcpy(event.pcolor, "\033b");		/* blue event color	*/
201 
202 	} else if(reg.brightblue_check == TRUE && lt_match_re(event.raw, reg.brightblue_reg) != 0) {
203 		strcpy(event.pcolor, "\033B");		/* blue event color	*/
204 
205 	} else if(reg.cyan_check == TRUE && lt_match_re(event.raw, reg.cyan_reg) != 0) {
206 		strcpy(event.pcolor, "\033c");		/* cyan event color	*/
207 
208         } else if(reg.brightcyan_check == TRUE && lt_match_re(event.raw, reg.brightcyan_reg) != 0) {
209 		strcpy(event.pcolor, "\033C");	/* bright cyan event	*/
210 
211         } else if(reg.magenta_check == TRUE && lt_match_re(event.raw, reg.magenta_reg) != 0) {
212 		strcpy(event.pcolor, "\033m");	/* magenta	*/
213 
214 	} else if(reg.brightmagenta_check == TRUE && lt_match_re(event.raw, reg.brightmagenta_reg) != 0) {
215 		strcpy(event.pcolor, "\033M");	/* magenta	*/
216 
217 	} else if(reg.brightred_check == TRUE && lt_match_re(event.raw, reg.brightred_reg) != 0) {
218 		if(cf.redbeep == 1 && cf.outfmt == OUTPUT_ANSI) {
219 			strcpy(event.pcolor, "\033!\033R");	/* bright red	*/
220 		} else {
221 			strcpy(event.pcolor, "\033R");
222 		}
223 
224 	}
225 }
226