← Back to branch summary

~ubuntu-dev/ubuntu/lucid/zabbix/lucid-201002110857

« back to all changes in this revision

Viewing changes to src/zabbix_agent/eventlog.c

  • Committer: Bazaar Package Importer
  • Author(s): Michael Ablassmeier
  • Date: 2007-07-02 09:06:51 UTC
  • mfrom: (1.1.4 upstream)
  • Revision ID: james.westby@ubuntu.com-20070702090651-8l6fl3fjw9rh6l2u
Tags: 1:1.4.1-2
Add patch from SVN in order to fix Incorrect processing of character '%'
in user parameters and remote commands.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/zabbix_agent/eventlog.c
 
1
/* 
 
2
** ZABBIX
 
3
** Copyright (C) 2000-2005 SIA Zabbix
 
4
**
 
5
** This program is free software; you can redistribute it and/or modify
 
6
** it under the terms of the GNU General Public License as published by
 
7
** the Free Software Foundation; either version 2 of the License, or
 
8
** (at your option) any later version.
 
9
**
 
10
** This program is distributed in the hope that it will be useful,
 
11
** but WITHOUT ANY WARRANTY; without even the implied warranty of
 
12
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 
13
** GNU General Public License for more details.
 
14
**
 
15
** You should have received a copy of the GNU General Public License
 
16
** along with this program; if not, write to the Free Software
 
17
** Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
18
**/
 
19
 
 
20
#include "common.h"
 
21
 
 
22
#include "log.h"
 
23
#include "eventlog.h"
 
24
 
 
25
#if defined (_WINDOWS)
 
26
 
 
27
#define MAX_INSERT_STRS 64
 
28
#define MAX_MSG_LENGTH 1024
 
29
 
 
30
/* open event logger and return number of records */
 
31
static long    zbx_open_eventlog(
 
32
        const char      *source,
 
33
        HANDLE  *eventlog_handle,
 
34
        long    *pNumRecords,
 
35
        long    *pLatestRecord)
 
36
{
 
37
 
 
38
        assert(eventlog_handle);
 
39
        assert(pNumRecords);
 
40
        assert(pLatestRecord);
 
41
 
 
42
        *eventlog_handle = 0;
 
43
        *pNumRecords = 0;
 
44
 
 
45
        *eventlog_handle = OpenEventLog(NULL, source);              /* open log file */
 
46
 
 
47
        if (!*eventlog_handle)  return GetLastError();
 
48
 
 
49
        GetNumberOfEventLogRecords(*eventlog_handle,(unsigned long*)pNumRecords); /* get number of records */
 
50
        GetOldestEventLogRecord(*eventlog_handle,(unsigned long*)pLatestRecord);
 
51
 
 
52
        return(0);
 
53
}
 
54
 
 
55
/* close event logger */
 
56
static long     zbx_close_eventlog(HANDLE eventlog_handle)
 
57
{
 
58
        if (eventlog_handle)  CloseEventLog(eventlog_handle);
 
59
 
 
60
        return(0);
 
61
}
 
62
 
 
63
/* get Nth error from event log. 1 is the first. */
 
64
static long    zbx_get_eventlog_message(
 
65
                const char              *source,
 
66
                HANDLE                  eventlog_handle,
 
67
                long                    which,
 
68
                char                    **out_source,
 
69
                char                    **out_message,
 
70
                unsigned short  *out_severity,
 
71
                unsigned long   *out_timestamp
 
72
                )
 
73
{
 
74
    EVENTLOGRECORD  *pELR = NULL;
 
75
    BYTE            bBuffer[1024];                      /* hold the event log record raw data */
 
76
    DWORD           dwRead, dwNeeded;
 
77
    char            stat_buf[MAX_PATH];
 
78
    char            MsgDll[MAX_PATH];                   /* the name of the message DLL */
 
79
    HKEY            hk = NULL;
 
80
    DWORD           Data;
 
81
    DWORD           Type;
 
82
    HINSTANCE       hLib = NULL;                        /* handle to the messagetable DLL */
 
83
    char            *pCh = NULL, *pFile = NULL, *pNextFile = NULL;
 
84
    char            *aInsertStrs[MAX_INSERT_STRS];      /* array of pointers to insert */
 
85
    long            i;
 
86
    LPTSTR          msgBuf = NULL;                       /* hold text of the error message that we */
 
87
    long            err = 0;
 
88
 
 
89
        assert(out_source);
 
90
        assert(out_message);
 
91
        assert(out_severity);
 
92
        assert(out_timestamp);
 
93
 
 
94
        *out_source             = NULL;
 
95
        *out_message    = NULL;
 
96
        *out_severity   = 0;
 
97
        *out_timestamp  = 0;
 
98
 
 
99
        if (!eventlog_handle)        return(0);
 
100
 
 
101
        if(!ReadEventLog(eventlog_handle,                       /* event-log handle */
 
102
                EVENTLOG_SEEK_READ |                    /* read forward */
 
103
                EVENTLOG_FORWARDS_READ,                 /* sequential read */
 
104
                which,                                  /* which record to read 1 is first */
 
105
                bBuffer,                                /* address of buffer */
 
106
                sizeof(bBuffer),                        /* size of buffer */
 
107
                &dwRead,                                /* count of bytes read */
 
108
                &dwNeeded))                             /* bytes in next record */
 
109
        {
 
110
                return GetLastError();
 
111
        }
 
112
 
 
113
        pELR = (EVENTLOGRECORD*)bBuffer;                    /* point to data */
 
114
 
 
115
        *out_severity   = pELR->EventType;                  /* return event type */
 
116
        *out_timestamp  = pELR->TimeGenerated;                          /* return timestamp */
 
117
 
 
118
        *out_source = strdup((char*)pELR + sizeof(EVENTLOGRECORD));     /* copy source name */
 
119
 
 
120
        err = FAIL;
 
121
 
 
122
        if( source && *source )
 
123
        {
 
124
                /* Get path to message dll */
 
125
                zbx_snprintf(stat_buf, sizeof(stat_buf),
 
126
                        "SYSTEM\\CurrentControlSet\\Services\\EventLog\\%s\\%s",
 
127
                        source,
 
128
                        *out_source
 
129
                        );
 
130
 
 
131
                pFile = NULL;
 
132
 
 
133
                if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, stat_buf, 0, KEY_READ, &hk) == ERROR_SUCCESS)
 
134
                {
 
135
                        pFile = stat_buf; 
 
136
                        Data = sizeof(stat_buf);
 
137
 
 
138
                        err = RegQueryValueEx(
 
139
                                        hk,                                             /* handle of key to query */
 
140
                                        "EventMessageFile",     /* value name             */
 
141
                                        NULL,                   /* must be NULL           */
 
142
                                        &Type,                  /* address of type value  */
 
143
                                        (UCHAR*)pFile,          /* address of value data  */
 
144
                                        &Data);                 /* length of value data   */
 
145
 
 
146
                        RegCloseKey(hk);
 
147
 
 
148
                        if(err != ERROR_SUCCESS)
 
149
                                pFile = NULL;
 
150
                }
 
151
 
 
152
                err = FAIL;
 
153
 
 
154
                while(pFile && FAIL == err)
 
155
                {
 
156
                        pNextFile = strchr(pFile,';');
 
157
                        if(pNextFile)
 
158
                        {
 
159
                                *pNextFile = '\0';
 
160
                                pNextFile++;
 
161
                        }
 
162
 
 
163
                        if (ExpandEnvironmentStrings(pFile, MsgDll, MAX_PATH))
 
164
                        {
 
165
                                hLib = LoadLibraryEx(MsgDll, NULL, LOAD_LIBRARY_AS_DATAFILE);
 
166
                                if(hLib)
 
167
                                {
 
168
                                        /* prepare the array of insert strings for FormatMessage - the
 
169
                                        insert strings are in the log entry. */
 
170
                                        for (
 
171
                                                i = 0,  pCh = (char *)((LPBYTE)pELR + pELR->StringOffset);
 
172
                                                i < pELR->NumStrings && i < MAX_INSERT_STRS; 
 
173
                                                i++,    pCh += strlen(pCh) + 1) /* point to next string */
 
174
                                        {
 
175
                                                aInsertStrs[i] = pCh;
 
176
                                        }
 
177
 
 
178
                                        /* Format the message from the message DLL with the insert strings */
 
179
                                        FormatMessage(
 
180
                                                FORMAT_MESSAGE_FROM_HMODULE |
 
181
                                                FORMAT_MESSAGE_ALLOCATE_BUFFER |
 
182
                                                FORMAT_MESSAGE_ARGUMENT_ARRAY |
 
183
                                                FORMAT_MESSAGE_FROM_SYSTEM,
 
184
                                                hLib,                                                           /* the messagetable DLL handle */
 
185
                                                pELR->EventID,                      /* message ID */
 
186
                                                MAKELANGID(LANG_NEUTRAL, SUBLANG_ENGLISH_US),   /* language ID */
 
187
                                                (LPTSTR) &msgBuf,                   /* address of pointer to buffer for message */
 
188
                                                MAX_MSG_LENGTH,                     /* maximum size of the message buffer */
 
189
                                                aInsertStrs);                       /* array of insert strings for the message */
 
190
 
 
191
                                        if(msgBuf)
 
192
                                        {
 
193
                                                *out_message = strdup(msgBuf);          /* copy message */
 
194
 
 
195
                                                /* Free the buffer that FormatMessage allocated for us. */
 
196
                                                LocalFree((HLOCAL) msgBuf);
 
197
 
 
198
                                                err = SUCCEED;
 
199
                                        }
 
200
                                        FreeLibrary(hLib);
 
201
                                }
 
202
                        }
 
203
                        pFile = pNextFile;
 
204
                }
 
205
        }
 
206
 
 
207
        if(SUCCEED != err)
 
208
        {
 
209
                for (
 
210
                        i = 0,  pCh = (char *)((LPBYTE)pELR + pELR->StringOffset);
 
211
                        i < pELR->NumStrings && i < MAX_INSERT_STRS; 
 
212
                        i++,    pCh += strlen(pCh) + 1) /* point to next string */
 
213
                {
 
214
                        if( 0 == i )
 
215
                                *out_message = zbx_strdcat(*out_message, pCh);
 
216
                        else
 
217
                                *out_message = zbx_strdcatf(*out_message, ",%s", pCh);
 
218
                }
 
219
        }
 
220
        return 0;
 
221
 
 
222
 
223
#endif /* _WINDOWS */
 
224
 
 
225
int process_eventlog(
 
226
        const char              *source,
 
227
        long                    *lastlogsize, 
 
228
        unsigned long   *out_timestamp, 
 
229
        char                    **out_source, 
 
230
        unsigned short  *out_severity,
 
231
        char                    **out_message)
 
232
{
 
233
        int             ret = FAIL;
 
234
        
 
235
#if defined(_WINDOWS)
 
236
        
 
237
        HANDLE  eventlog_handle;
 
238
        long    FirstID;
 
239
        long    LastID;
 
240
        register long    i;
 
241
 
 
242
#endif
 
243
 
 
244
        assert(lastlogsize);
 
245
        assert(out_timestamp);
 
246
        assert(out_source);
 
247
        assert(out_severity);
 
248
        assert(out_message);
 
249
 
 
250
        *out_timestamp  = 0;
 
251
        *out_source             = NULL;
 
252
        *out_severity   = 0;
 
253
        *out_message    = NULL;
 
254
 
 
255
#if defined(_WINDOWS)
 
256
 
 
257
        if (source && source[0] && 0 == zbx_open_eventlog(source,&eventlog_handle,&LastID /* number */, &FirstID /* oldest */))
 
258
        {
 
259
                LastID += FirstID; 
 
260
 
 
261
                if(*lastlogsize > LastID)
 
262
                        *lastlogsize = FirstID;
 
263
                else if((*lastlogsize) >= FirstID)
 
264
                        FirstID = (*lastlogsize)+1;
 
265
                
 
266
                for (i = FirstID; i < LastID && ret == FAIL; i++)
 
267
                {
 
268
                        if( 0 == zbx_get_eventlog_message(
 
269
                                source,
 
270
                                eventlog_handle,
 
271
                                i,
 
272
                                out_source,
 
273
                                out_message,
 
274
                                out_severity,
 
275
                                out_timestamp) )
 
276
                        {
 
277
                                switch(*out_severity)
 
278
                                {
 
279
                                        case EVENTLOG_ERROR_TYPE:               *out_severity = 4;      break;
 
280
                                        case EVENTLOG_AUDIT_FAILURE:    *out_severity = 7;      break;
 
281
                                        case EVENTLOG_AUDIT_SUCCESS:    *out_severity = 8;      break;
 
282
                                        case EVENTLOG_INFORMATION_TYPE: *out_severity = 1;      break;
 
283
                                        case EVENTLOG_WARNING_TYPE:             *out_severity = 2;      break;
 
284
                                }
 
285
 
 
286
                                *lastlogsize = i;
 
287
 
 
288
                                ret = SUCCEED;
 
289
                        }
 
290
                }
 
291
                zbx_close_eventlog(eventlog_handle);
 
292
        }
 
293
 
 
294
#endif /* _WINDOWS */
 
295
        
 
296
        return ret;
 
297
}