#!/bin/sh #---------------------------------------------------------------------------- # /var/install/bin/rsyslogd-tools-logger-analyze rsyslogd logger analyze script # # Copyright (c) 2001-2022 Ansgar Puester # # Creation: 29.12.2014 ap # Last Update: $Id$ # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. #---------------------------------------------------------------------------- # include eislib . /var/install/include/eislib # set variables rsyslogdfile=/etc/config.d/rsyslogd # array for facilities declare -A facil # array for priorities declare -A prio fill_arrays() { facil[auth]='1 1' facil[authpriv]='2 2' facil[cron]='3 3' facil[daemon]='4 4' facil[kern]='5 5' facil[lpr]='6 6' facil[mail]='7 7' facil[mark]='8 8' facil[news]='9 9' facil[syslog]='10 10' facil[user]='11 11' facil[uucp]='12 12' facil[local0]='13 13' facil[local1]='14 14' facil[local2]='15 15' facil[local3]='16 16' facil[local4]='17 17' facil[local5]='18 18' facil[local6]='19 19' facil[local7]='20 20' facil['*']='1 20' prio[debug]='7' prio[info]='6' prio[notice]='5' prio[warning]='4' prio[err]='3' prio[crit]='2' prio[alert]='1' prio[emerg]='0' prio['*']='0 7' prio[none]='0 7' idx=1 while [ "$idx" -le 20 ] do idy=7 while [ "$idy" -ge 0 ] do #echo "Debug: idx/idy=$idx/$idy" #eval 'rule_'${idx}'_'${idy}'_value=''$idx/$idy' eval 'rule_'${idx}'_'${idy}'_value=''#' #idy=`expr $idy - 1` let idy-=1 done #idx=`expr $idx + 1` let idx+=1 done } print_rules() { mecho --info "Result:" echo idx=1 #while [ "$idx" -le 20 ] echo ' debug info notice warning err crit alert emerg' for f in auth authpriv cron daemon kern lpr mail mark news syslog user \ uucp local0 local1 local2 local3 local4 local5 local6 local7 do fp="$f " echo -n "${fp:0:10}" idy=7 #while [ "$idy" -ge 0 ] for p in debug info notice warning err crit alert emerg do #echo "Debug: idx/idy=$idx/$idy" eval act_rule_value='$rule_'${idx}'_'${idy}'_value' #echo "act_rule_value = $act_rule_value" if [ ${#act_rule_value} -le 9 ] then ap="$act_rule_value " else ap="********* " fi echo -n "${ap:0:10}" #idy=`expr $idy - 1` let idy-=1 done echo #idx=`expr $idx + 1` let idx+=1 done echo } mark_rule() { x_from=$1 x_to=$2 y_from=$3 y_to=$4 m=$5 r=$6 #echo "Debug: x_from = $x_from" #echo "Debug: x_to = $x_to" #echo "Debug: y_from = $y_from" #echo "Debug: y_to = $y_to" #echo "Debug: m = $m" #echo "Debug: rule = $r" ix=$x_from while [ "$ix" -le "$x_to" ] do iy=$y_from while [ "$iy" -le "$y_to" ] do eval av='$rule_'${ix}'_'${iy}'_value' if [ "$m" = '+' ] then echo $av | grep "$r#" > /dev/null 2>&1 RC=$? if [ "$RC" = 1 ] then eval 'rule_'${ix}'_'${iy}'_value=''$av$r#' fi true fi if [ "$m" = '-' ] then av=$(echo $av | sed "s|$r#||") eval 'rule_'${ix}'_'${iy}'_value=''$av' true fi #iy=`expr $iy + 1` let iy+=1 done #ix=`expr $ix + 1` let ix+=1 done } #=============================================================================== # main #=============================================================================== # read configuration . $rsyslogdfile fill_arrays mecho --info "rsyslogd logger analyze script" echo idx=1 while [ "$idx" -le "$RSYSLOGD_RULE_N" ] do mecho --info "analyzing rule $idx ..." eval act_rule_activ='$RSYSLOGD_RULE_'${idx}'_ACTIVE' if [ "$act_rule_activ" = 'yes' ] then eval act_selector_n='$RSYSLOGD_RULE_'${idx}'_SELECTOR_N' #echo "Debug: act_selector_n = $act_selector_n" idy=1 while [ "$idy" -le "$act_selector_n" ] do eval act_rule_selector_activ='$RSYSLOGD_RULE_'${idx}'_SELECTOR_'${idy}'_ACTIVE' if [ "$act_rule_selector_activ" = 'yes' ] then eval act_selector='$RSYSLOGD_RULE_'${idx}'_SELECTOR_'${idy}'' #echo "Debug: act_selector(${idx}/${idy}) = $act_selector" act_facility=$(echo "$act_selector" | sed 's/\..*//') #echo "Debug: act_facility = $act_facility" act_priority=$(echo "$act_selector" | sed 's/.*\.//') #echo "Debug: act_priority = $act_priority" act_char_1=${act_priority:0:1} act_char_1to2=${act_priority:0:2} #echo "Debug: act_char_1 = $act_char_1" #echo "Debug: act_char_1to2 = $act_char_1to2" if [ "$act_char_1to2" = '!=' ] then # not this single priority prio_type='ns' act_priority=${act_priority:2} else if [ "$act_char_1" = '!' ] then # not this and higher prio_type='nh' act_priority=${act_priority:1} else if [ "$act_char_1" = '=' ] then # single priority prio_type='s' act_priority=${act_priority:1} else if [ "$act_priority" = '*' ] then # already a list prio_type='l' else if [ "$act_priority" = 'none' ] then # not this single priority # already a list prio_type='nl' else # this and higher prio_type='sh' fi fi fi fi fi facility_list=${facil[$act_facility]} #echo "Debug: facility_list = $facility_list" #echo "Debug: prio_type = $prio_type" priority_list=${prio[$act_priority]} #echo "Debug: priority_list = $priority_list" # create the real prio list case "$prio_type" in l) true prio_action='+' ;; s) true priority_list="$priority_list $priority_list" prio_action='+' ;; sh) true priority_list="0 $priority_list" prio_action='+' ;; ns) true priority_list="$priority_list $priority_list" prio_action='-' ;; nh) true priority_list="0 $priority_list" prio_action='-' ;; nl) true prio_action='-' ;; *) true #echo "Debug: problem" ;; esac #echo "Debug: priority_list = $priority_list" #echo "Debug: prio_action = $prio_action" #echo "Debug: mark_rule $facility_list $priority_list $prio_action $idx" mark_rule $facility_list $priority_list $prio_action $idx fi #idy=`expr $idy + 1` let idy+=1 done fi #idx=`expr $idx + 1` let idx+=1 done print_rules anykey