LogAnalyzer message parser 소스 코드
<?php
/*
*********************************************************************
* LogAnalyzer - http://loganalyzer.adiscon.com
* ----------------------------------------------------------------- *
* Drupal MSG Parser is used to split Drupal fields if found
* in the msg
* *
* LogAnalyzer is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* LogAnalyzer is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with LogAnalyzer. If not, see <http://www.gnu.org/licenses/>.
*
* A copy of the GPL can be found in the file "COPYING" in this
* distribution.
*********************************************************************
*/
// --- Avoid directly accessing this file!
if ( !defined('IN_PHPLOGCON') )
{
die('Hacking attempt');
exit;
}
// ---
// --- Basic Includes
require_once($gl_root_path . 'classes/enums.class.php');
require_once($gl_root_path . 'classes/msgparser.class.php');
require_once($gl_root_path . 'include/constants_errors.php');
require_once($gl_root_path . 'include/constants_logstream.php');
// ---
class MsgParser_drupal extends MsgParser {
// Public Information properties
public $_ClassName = 'Drupal Format';
public $_ClassDescription = 'This is a parser for a special format which can be created with Drupal.';
public $_ClassRequiredFields = null;
public $_ClassHelpArticle = "http://www.drupal.org";
// Constructor
public function MsgParser_eventlog() {
return; // Nothing
}
/**
* ParseLine
*
* @param arrArguments array in&out: properties of interest. There can be no guarantee the logstream can actually deliver them.
* @return integer Error stat
*/
public function ParseMsg($szMsg, &$arrArguments)
{
global $content, $fields;
//trim the msg first to remove spaces from begin and end
$szMsg = trim($szMsg);
// Sample (Drupal syslog module):
// http://beta2.kinonation.com|1354838305|system|208.57.201.113|http://beta2.kinonation.com/admin/modules/list/confirm|http://beta2.kinonation.com/admin/modules|1||syslog module installed.
// Source:
// %host%|%id%|%module%|%IP%|%URL%|%URL2%|%id2%|%dontknow%|%msg%%$CRLF%
if ( preg_match("/(.*?)\|(.*?)\|(.*?)\|(.*?)\|(.*?)\|(.*?)\|(.*?)\|(.*?)\|(.*?)$/", $szMsg, $out ) )
{
// Copy parsed properties!
$arrArguments[SYSLOG_HOST] = $out[1];
$arrArguments[SYSLOG_PROCESSID] = $out[2];
$arrArguments[SYSLOG_WEBLOG_USERAGENT] = $out[3];
$arrArguments[SYSLOG_WEBLOG_REFERER] = $out[4];
$arrArguments[SYSLOG_WEBLOG_QUERYSTRING] = $out[5];
$arrArguments[SYSLOG_WEBLOG_URL] = $out[6];
$arrArguments[SYSLOG_EVENT_USER] = $out[7];
// $arrArguments[SYSLOG_WEBLOG_PVER] = $out[8];
$arrArguments[SYSLOG_MESSAGE] = $out[9];
if ( $this->_MsgNormalize == 1 )
{
//Init tmp msg
$szTmpMsg = "";
// Create Field Array to prepend into msg! Reverse Order here
$myFields = array( SYSLOG_MESSAGE, SYSLOG_EVENT_USER, SYSLOG_WEBLOG_URL, SYSLOG_WEBLOG_QUERYSTRING, SYSLOG_WEBLOG_REFERER, SYSLOG_WEBLOG_USERAGENT, SYSLOG_PROCESSID, SYSLOG_HOST );
foreach ( $myFields as $myField )
{
// Set Field Caption
if ( isset($fields[$myField]['FieldCaption']) )
$szFieldName = $fields[$myField]['FieldCaption'];
else
$szFieldName = $myField;
// Append Field into msg
$szTmpMsg = $szFieldName . ": '" . $arrArguments[$myField] . "'\n" . $szTmpMsg;
}
// copy finished MSG back!
$arrArguments[SYSLOG_MESSAGE] = $szTmpMsg;
}
}
else
{
// return no match in this case!
return ERROR_MSG_NOMATCH;
}
// If we reached this position, return success!
return SUCCESS;
}
}
?>