Changeset 822454f in nscp

Timestamp:

03/20/12 23:34:15 (14 months ago)

Author:

Michael Medin <michael@…>

Branches:

master, 0.4.0, 0.4.1, 0.4.2

Children:

83c2453

Parents:

74e060a

Message:

• Fixed alias/service name for real-time event log filters
• Added smtp/syslog and graphite clients to installer
• Fixed so eventlog wont crash on invalid messages

Files:

• changelog (modified) (1 diff)
• helpers/installers/installer/Product.wxs (modified) (2 diffs)
• helpers/installers/ui/SelectConfigurationDlg.wxs (modified) (1 diff)
• modules/CheckEventLog/CheckEventLog.cpp (modified) (7 diffs)
• modules/CheckEventLog/CheckEventLog.h (modified) (3 diffs)
• modules/CheckEventLog/eventlog_record.hpp (modified) (2 diffs)
• modules/CheckEventLog/filter.hpp (modified) (1 diff)
• version.hpp (modified) (1 diff)
• version.txt (modified) (1 diff)

changelog

@@ -4 +4 @@
  * Fixa dependonservice LanManWorkStation (old win)
  * Fix RtlStringFromGUID problem on NT4
+
+2012-03-20 MickeM
+ * Fixed alias/service name for real-time event log filters
+ * Added smtp/syslog and graphite clients to installer
+ * Fixed so eventlog wont crahs on invalid messages
 
 2012-03-19 MickeM

helpers/installers/installer/Product.wxs

@@ -140 +140 @@
             <Component Id="PythonScript" Guid="8820A304-C696-4393-A72F-$(var.Postfix.GUID)" Win64="$(var.Win64)">
               <File Id="PythonScript" Name="PythonScript.dll" DiskId="1" Source="$(var.Source)/modules/PythonScript.dll" Vital="no" />
+            </Component>
+            <Component Id="ExtraClients" Guid="8820A304-C696-4393-A72F-$(var.Postfix.GUID)" Win64="$(var.Win64)">
+              <File Id="GraphiteClient" Name="GraphiteClient.dll" DiskId="1" Source="$(var.Source)/modules/GraphiteClient.dll" Vital="no" />
+              <File Id="SMTPClient" Name="SMTPClient.dll" DiskId="1" Source="$(var.Source)/modules/SMTPClient.dll" Vital="no" />
+              <File Id="SyslogClient" Name="SyslogClient.dll" DiskId="1" Source="$(var.Source)/modules/SyslogClient.dll" Vital="no" />
             </Component>
             <Component Id="Plugins" Guid="9B490E67-5472-4266-96DC-$(var.Postfix.GUID)" Win64="$(var.Win64)">
@@ -270 +275 @@
           <ComponentRef Id="NSCA" />
         </Feature>
+        <Feature Id="ExtraClientPlugin" Title="Various client plugins" Description="Plugins to connect to various sytems such as syslog, graphite and smtp" Level="1" Absent="disallow">
+          <ComponentRef Id="ExtraClients" />
+        </Feature>
         <Feature Id="NSCPPlugin" Title="NSCP plugin (experimental)" Description="Plugin to submit passive results to an NSCP server" Level="1" Absent="disallow">
           <ComponentRef Id="NSCP" />

helpers/installers/ui/SelectConfigurationDlg.wxs

@@ -19 +19 @@
           <Condition Action="disable"><![CDATA[CONFIGURATION_TYPE <> "ini://${exe-path}/nsclient.ini"]]></Condition>
         </Control>
-        <Control Id="userWriteConfig" Type="CheckBox" X="60"  Y="88" Width="260" Height="20" Property="USER_WRITABLE_CONFIG" Text="Allow Everyone to write config file" CheckBoxValue="1">
+        <Control Id="userWriteConfig" Type="CheckBox" X="60"  Y="88" Width="260" Height="20" Property="USER_WRITABLE_CONFIG" Text="Allow all users to write config file" CheckBoxValue="1">
           <Condition Action="enable">CONFIGURATION_TYPE = "ini://${exe-path}/nsclient.ini" AND INSTALL_SAMPLE_CONFIG</Condition>
           <Condition Action="disable"><![CDATA[CONFIGURATION_TYPE <> "ini://${exe-path}/nsclient.ini" OR NOT INSTALL_SAMPLE_CONFIG]]></Condition>

modules/CheckEventLog/CheckEventLog.cpp

@@ -147 +147 @@
 }
 
-void real_time_thread::process_no_events() {
+void real_time_thread::process_no_events(std::wstring alias) {
   std::wstring response;
-  if (!nscapi::core_helper::submit_simple_message(info.target, info.alias, NSCAPI::returnCRIT, info.ok_msg, info.perf_msg, response)) {
+  if (alias.empty())
+    alias = info.alias;
+  if (!nscapi::core_helper::submit_simple_message(info.target, alias, NSCAPI::returnCRIT, info.ok_msg, info.perf_msg, response)) {
     NSC_LOG_ERROR(_T("Failed to submit evenhtlog result: ") + response);
   }
 }
 
-void real_time_thread::process_record(const EventLogRecord &record) {
+void real_time_thread::process_record(std::wstring alias, const EventLogRecord &record) {
   std::wstring response;
   std::wstring message = record.render(true, info.syntax, DATE_FORMAT, info.dwLang);
-  if (!nscapi::core_helper::submit_simple_message(info.target, info.alias, NSCAPI::returnCRIT, message, info.perf_msg, response)) {
+  if (alias.empty())
+    alias = info.alias;
+  if (!nscapi::core_helper::submit_simple_message(info.target, alias, NSCAPI::returnCRIT, message, info.perf_msg, response)) {
     NSC_LOG_ERROR(_T("Failed to submit evenhtlog result: ") + response);
   }
@@ -199 +203 @@
 
   std::list<eventlog_filter::filter_engine> filters;
-  BOOST_FOREACH(std::wstring filter, filters_) {
+  BOOST_FOREACH(const filter_container &filter, filters_) {
     eventlog_filter::filter_argument fargs = eventlog_filter::factories::create_argument(info.syntax, DATE_FORMAT);
-    fargs->filter = filter;
-    fargs->debug = true;
+    fargs->filter = filter.filter;
+    fargs->debug = debug_;
+    fargs->alias = filter.alias;
     eventlog_filter::filter_engine engine = eventlog_filter::factories::create_engine(fargs);
 
     if (!engine) {
-      NSC_LOG_ERROR_STD(_T("Invalid filter: ") + filter);
+      NSC_LOG_ERROR_STD(_T("Invalid filter: ") + filter.filter);
       continue;
     }
 
     if (!engine->boot()) {
-      NSC_LOG_ERROR_STD(_T("Error booting filter: ") + filter);
+      NSC_LOG_ERROR_STD(_T("Error booting filter: ") + filter.filter);
       continue;
     }
@@ -253 +258 @@
     DWORD dwWaitReason = WaitForMultipleObjects(list.size()+1, handles, FALSE, dwWaitTime==0?INFINITE:dwWaitTime);
     if (dwWaitReason == WAIT_TIMEOUT) {
-      process_no_events();
+      BOOST_FOREACH(eventlog_filter::filter_engine engine, filters) {
+        process_no_events(engine->data->alias);
+      }
     } else if (dwWaitReason == WAIT_OBJECT_0) {
       delete [] handles;
@@ -277 +284 @@
         BOOST_FOREACH(eventlog_filter::filter_engine engine, filters) {
           if (engine->match(arg)) {
-            process_record(elr);
+            process_record(engine->data->alias, elr);
             matched = true;
           }
@@ -320 +327 @@
 
 void real_time_thread::add_realtime_filter(std::wstring key, std::wstring query) {
-  if (!key.empty() && query.empty())
-    filters_.push_back(key);
-  else
-    filters_.push_back(query);
+  filter_container c;
+  if (!key.empty() && query.empty()) {
+    c.filter = key;
+    filters_.push_back(c);
+  } else {
+    c.alias = key;
+    c.filter = query;
+    filters_.push_back(c);
+  }
 }
 
@@ -374 +386 @@
 
       (_T("maximum age"), sh::string_fun_key<std::wstring>(boost::bind(&real_time_thread::set_max_age, &thread_, _1), _T("5m")),
-      _T("MAGIMUM AGE"), _T("How long befor reporting \"ok\" (if this is set to off no ok will be reported only errors)"))
+      _T("MAGIMUM AGE"), _T("How long before reporting \"ok\" (if this is set to off no ok will be reported only errors)"))
 
       (_T("filter"), sh::string_fun_key<std::wstring>(boost::bind(&real_time_thread::set_filter, &thread_, _1), _T("")),
@@ -394 +406 @@
       _T("ENABLE ACTIVE MONITORING"), _T("This will store all matches so you can use real-time filters from active monitoring (use CheckEventlogCache)."))
 
+      (_T("ok message"), sh::wstring_key(&thread_.info.ok_msg, _T("eventlog found no records")),
+      _T("OK MESSAGE"), _T("This is the message sent periodically whenever no error is discovered."))
+
+      (_T("alias"), sh::wstring_key(&thread_.info.alias, _T("eventlog")),
+      _T("ALIAS"), _T("The alias to use for this event (in NSCA this constitutes the service name)."))
       ;
 

modules/CheckEventLog/CheckEventLog.h

@@ -37 +37 @@
     std::wstring syntax;
     std::wstring ok_msg;
-    std::wstring perf_msg;
-    bool perf;
+    std::wstring perf_msg; //
+    //bool perf;
     DWORD dwLang;
 
+  };
+
+  struct filter_container {
+    std::wstring filter;
+    std::wstring alias;
   };
 
@@ -49 +54 @@
   unsigned long long max_age_;
   //std::wstring syntax_;
-  std::list<std::wstring> filters_;
+  std::list<filter_container> filters_;
   boost::shared_ptr<boost::thread> thread_;
   HANDLE stop_event_;
@@ -94 +99 @@
   void thread_proc();
 //  void process_events(eventlog_filter::filter_engine engine, eventlog_wrapper &eventlog);
-  void process_no_events();
-  void process_record(const EventLogRecord &record);
+  void process_no_events(std::wstring alias);
+  void process_record(std::wstring alias, const EventLogRecord &record);
   void debug_miss(const EventLogRecord &record);
 //  void process_event(eventlog_filter::filter_engine engine, const EVENTLOGRECORD* record);

modules/CheckEventLog/eventlog_record.hpp

@@ -188 +188 @@
   };
 
-  boost::tuple<DWORD,std::wstring> wrapped_format(HMODULE hDLL, DWORD dwLang, DWORD id, tchar_array &buffer) const {
+  boost::tuple<DWORD,std::wstring> safe_format(HMODULE hDLL, DWORD dwLang) const {
     LPVOID lpMsgBuf;
     unsigned long dwRet = FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER|FORMAT_MESSAGE_FROM_HMODULE|FORMAT_MESSAGE_ARGUMENT_ARRAY|FORMAT_MESSAGE_IGNORE_INSERTS,hDLL,
-      id,dwLang,(LPTSTR)&lpMsgBuf,0,reinterpret_cast<va_list*>(buffer.get_buffer_unsafe()));
+      pevlr_->EventID,dwLang,(LPTSTR)&lpMsgBuf,0,NULL);
     if (dwRet == 0) {
       return boost::tuple<DWORD,std::wstring>(GetLastError(), _T(""));
     }
-    LocalFree(lpMsgBuf);
-    dwRet = FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER|FORMAT_MESSAGE_FROM_HMODULE|FORMAT_MESSAGE_ARGUMENT_ARRAY,hDLL,
-      id,dwLang,(LPTSTR)&lpMsgBuf,0,reinterpret_cast<va_list*>(buffer.get_buffer_unsafe()));
-    if (dwRet == 0)
-      return boost::make_tuple(GetLastError(), _T(""));
     std::wstring msg = reinterpret_cast<wchar_t*>(lpMsgBuf);
     LocalFree(lpMsgBuf);
+    const TCHAR* p = reinterpret_cast<const TCHAR*>(reinterpret_cast<const BYTE*>(pevlr_) + pevlr_->StringOffset);
+    for (unsigned int i = 0;i<pevlr_->NumStrings;i++) {
+      strEx::replace(msg, _T("%")+strEx::itos(i+1), std::wstring(p));
+      unsigned int len = wcslen(p);
+      p = &(p[len+1]);
+    }
     return boost::make_tuple(0, msg);
   }
   std::wstring render_message(DWORD dwLang = 0) const {
     std::vector<std::wstring> args;
-    const TCHAR* p = reinterpret_cast<const TCHAR*>(reinterpret_cast<const BYTE*>(pevlr_) + pevlr_->StringOffset);
-
-    tchar_array buffer(pevlr_->NumStrings+10);
-    for (unsigned int i = 0;i<pevlr_->NumStrings;i++) {
-      unsigned int len = buffer.set(i, p);
-      p = &(p[len+1]);
-    }
-    for (unsigned int i = pevlr_->NumStrings;i<pevlr_->NumStrings+10;i++) {
-      unsigned int len = buffer.set(i, _T(""));
-    }
     std::wstring ret;
     strEx::splitList dlls = strEx::splitEx(get_dll(), _T(";"));
@@ -229 +220 @@
         if (dwLang == 0)
           dwLang = MAKELANGID(LANG_NEUTRAL,SUBLANG_DEFAULT);
-        boost::tuple<DWORD,std::wstring> formated_data = wrapped_format(hDLL, dwLang, pevlr_->EventID, buffer);
+        boost::tuple<DWORD,std::wstring> formated_data = safe_format(hDLL, dwLang);
         if (formated_data.get<0>() != 0) {
           FreeLibrary(hDLL);

modules/CheckEventLog/filter.hpp

@@ -140 +140 @@
     bool bShowDescriptions;
     unsigned long long now;
+    std::wstring alias;
 
     data_arguments(parent_type::error_type error, std::wstring syntax, std::wstring datesyntax, bool debug = false) : where_filter::argument_interface(error, syntax, datesyntax)

version.hpp

@@ -1 +1 @@
 #ifndef VERSION_HPP
 #define VERSION_HPP
-#define PRODUCTVER     0,4,0,145
-#define STRPRODUCTVER  "0,4,0,145"
-#define STRPRODUCTDATE "2012-03-18"
+#define PRODUCTVER     0,4,0,147
+#define STRPRODUCTVER  "0,4,0,147"
+#define STRPRODUCTDATE "2012-03-20"
 #endif // VERSION_HPP

version.txt

@@ -1 +1 @@
 version=0.4.0
-build=145
-date=2012-03-18
+build=147
+date=2012-03-20