From: Christian Ebner <c.ebner@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [RFC common 1/1] tools: Add specialized `dump_fw_logfile` for `since` and `until` filtering of firewall logs
Date: Thu, 5 Jan 2023 10:18:04 +0100 [thread overview]
Message-ID: <20230105091804.156599-3-c.ebner@proxmox.com> (raw)
In-Reply-To: <20230105091804.156599-1-c.ebner@proxmox.com>
This furhter includes the contents of rotated logfiles if present. All files are scanned in
sequential order, as there is no guarantee that the rotated logs contain only entries for
a single day.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
src/PVE/Tools.pm | 80 ++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 80 insertions(+)
diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm
index cdbee6d..fdbf0e1 100644
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@@ -4,6 +4,7 @@ use strict;
use warnings;
use Date::Format qw(time2str);
+use Date::Parse qw(str2time);
use Digest::MD5;
use Digest::SHA;
use Encode;
@@ -17,6 +18,7 @@ use IO::Handle;
use IO::Pipe;
use IO::Select;
use IO::Socket::IP;
+use IO::Zlib;
use IPC::Open3;
use JSON;
use POSIX qw(EINTR EEXIST EOPNOTSUPP);
@@ -1320,6 +1322,84 @@ sub dump_logfile {
return ($count, $lines);
}
+sub dump_fw_logfile {
+ my ($filename, $start, $limit, $filter, $since, $until) = @_;
+
+ if (!(defined($since) || defined($until))) {
+ # Use previous version without `since` and `until` parameters
+ return dump_logfile($filename, $start, $limit, $filter);
+ }
+
+ my $lines = [];
+ my $count = 0;
+
+ # Take into consideration also rotated logs
+ my ($basename, $logdir, $type) = fileparse($filename);
+ my @files = ();
+
+ opendir(LOGDIR, $logdir) || die "Cannot open $logdir";
+ my $entry;
+ while ($entry = readdir(LOGDIR)) {
+ my $namefilter = $basename."*";
+ next if $entry !~ m/$namefilter/;
+ push @files, $entry;
+ }
+ closedir(LOGDIR);
+ @files = reverse sort @files;
+ print @files,"\n";
+
+ $start = $start // 0;
+ $limit = $limit // 50;
+
+ my $read_until_end = $limit == 0;
+ my $line;
+ my $fh;
+
+ foreach (@files) {
+ my ($base, $path, $type) = fileparse($_, ".gz");
+
+ if ($type eq '.gz') {
+ $fh = IO::Zlib->new($logdir.$_, "r");
+ } else {
+ $fh = IO::File->new($logdir.$_, "r");
+ }
+
+ if (!$fh) {
+ $count++;
+ push @$lines, { n => $count, t => "unable to open file - $!"};
+ return ($count, $lines);
+ }
+
+ while (defined($line = <$fh>)) {
+ next if defined($filter) && $line !~ m/$filter/;
+ if ($since || $until) {
+ my @words = split / /, $line;
+ my $timestamp = str2time($words[3], $words[4]);
+ next if $since && $timestamp < $since;
+ next if $until && $timestamp > $until;
+ }
+ next if $count++ < $start;
+ if (!$read_until_end) {
+ next if $limit <= 0;
+ $limit--;
+ }
+ chomp $line;
+ push @$lines, { n => $count, t => $line};
+ }
+
+ close($fh);
+ }
+
+ # HACK: ExtJS store.guaranteeRange() does not like empty array
+ # so we add a line
+ if (!$count) {
+ $count++;
+ push @$lines, { n => $count, t => "no content"};
+ }
+
+ return ($count, $lines);
+}
+
sub dump_journal {
my ($start, $limit, $since, $until, $service) = @_;
--
2.30.2
next prev parent reply other threads:[~2023-01-05 9:18 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-05 9:18 [pve-devel] [RFC common 0/1] Optional parameters `since` and `until` for firewall log filtering Christian Ebner
2023-01-05 9:18 ` [pve-devel] [RFC firewall] api: Add optional parameters `since` and `until` for timestamp filter Christian Ebner
2023-01-05 13:51 ` Fiona Ebner
2023-01-05 13:59 ` Thomas Lamprecht
2023-01-05 14:27 ` Christian Ebner
2023-01-05 9:18 ` Christian Ebner [this message]
2023-01-05 13:25 ` [pve-devel] [RFC common 1/1] tools: Add specialized `dump_fw_logfile` for `since` and `until` filtering of firewall logs Wolfgang Bumiller
2023-01-05 14:25 ` Christian Ebner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230105091804.156599-3-c.ebner@proxmox.com \
--to=c.ebner@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal