[Date Prev]   [Date Next] [Thread Prev]   [Thread Next] [Date Index]   [Thread Index]

 

     [snips-users] Alarm and Event browser

I am somewhat uncomfortable with the lack of persistency in syslog
events monitored by SNIPs.  I don't understand how to set up arm/disarm
pairs in syslogmon.  By the time an on-call or NOC person gets
to the alarm, the condition has cleared.  If anyone can clue me in on
how to properly arm/disarm single ended alarm events, plesae let me
know.

In the meantime, I put tojether a cgi that works as an adjunct to
genweb.  It creates a small popup 'alarm' browser that uses the
canned filters and snips applications that I wrote of a week ago.
I donate these mods to the snips users. Vikas - if you wish to include
in the distribution, I expect that you will need to clean up somewhat.
I am a novice to CGI programming, and extremely green at javascript.
This new pair of alarm and event browsers has a reseblance to the 
OpenView look and feel.

The shell archive below patches the snipsweb-confg file ( I would
recommend manually edit'ing), Installs an alarm browser button to
the genweb display, and snips-events.cgi takes care of the two popup
windows for alarm and event browsing.  NB: If you do not declare the
$alarm_cgi in snipsweb-confg, your new button will not show up.

Tim Peiffer		peiffer at umn edu



# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	snipsweb-confg.event.patch
#	genweb.event.patch
#	snips-events.cgi
#
echo x - snipsweb-confg.event.patch
sed 's/^X//' >snipsweb-confg.event.patch <<
'END-of-snipsweb-confg.event.patch'
X29a30,31
X> $menu_cgi = "/cgi-bin/genweb-menu.cgi";
X> $alarm_cgi = "/cgi-bin/snips-events.cgi";
X87a90,98
X> 
X> %watchpat = (
X>         '&namepat=otr|qtr|gtr|gigapop' => 'NL GigaPOP',
X>         '&filepat=nsmon|radiusmon' => 'Nameservice/Authentication',
X>         '&namepat=vpn' => 'VPN Service',
X>         '&namepat=ntc-ww|ATM\.' => 'WireWall Aggregators',
X>         '&filepat=hostmon|syslogmon' => 'Generic Host Monitoring'
X>         ) unless (%watchpat);
X> 
END-of-snipsweb-confg.event.patch
echo x - genweb.event.patch
sed 's/^X//' >genweb.event.patch << 'END-of-genweb.event.patch'
X1,2c1,2
X< #!/usr/local/bin/perl
X< my $versionid = '$Id: genweb.cgi,v 1.3 2002/01/30 05:42:45 vikas Exp
$ ';#
X---
X> #!/usr/bin/perl
X> my $versionid = '$Id: genweb.cgi,v 1.2 2001/09/24 15:25:36 vikas Exp
$ ';#
X113c113
X< 	     $baseurl $webdir $snipsweb_cgi $sound $snipsroot $imageurl
$etcdir
X---
X> 	     $baseurl $webdir $snipsweb_cgi $alarm_cgi $sound $snipsroot
$imageurl $etcdir
X118c118
X< 	     $debug @row_data $cgimode $filter_cgi $gen_cgi_links
X---
X> 	     $debug @row_data $cgimode $filter_cgi $menu_cgi $gen_cgi_links
X167a168
X>   $menu_cgi = "/cgi-bin/genweb-menu.cgi" unless $filter_cgi;
X436a440,475
X>     # this button invokes the genweb-menu.cgi script for canned
filters
X>     if ($menu_cgi ne "")
X>     {
X>       print "  <TD valign=middle>
X>                  <FORM action=\"${menu_cgi}\" method=\"get\">
X> 	         <input type=submit value=\"Menus\">\n";
X>       foreach ( qw(view refresh sound sort maxrows namepat varpat
monpat
X> 		   filepat altprint))
X>       { 
X> 	my $p =$thiscgi->param($_);
X> 	next if !defined($p) || $p eq '' || $p eq 'no';
X> 	print $thiscgi->hidden(-name => $_, -value=>$thiscgi->param($_));
X>       }
X>       print "
X>              <input type=hidden name=noncgiurl
value=\"${baseurl}/${view}.html\">
X>             </FORM></TD>\n";
X>     }
X> 
X>     # this button invokes a popup for alarm monitor
X>     if ($alarm_cgi ne "")
X>     {
X>      print " 
X>         <script language=\"JavaScript\"><!-- 
X>         function win(fileName) { 
X>           snipsfloat =
window.open(\'\',\'snipsalarm\',\'scrollbars=yes,status=no,width=300,height=300\') 
X>            snipsfloat.location.href = fileName; 
X>          } 
X>       //--></script>\n"; 
X> 
X>       print "  <TD valign=middle>
X>                  <FORM action=\"${alarm_cgi}\" method=\"get\">
X> 	         <input type=button value=\"Alarm Browser\"
X> 		  onCLick=\"javascript:win(\'$alarm_cgi\')\">\n";
X>       print "    </FORM></TD>\n";
X>     }
X> 
END-of-genweb.event.patch
echo x - snips-events.cgi
sed 's/^X//' >snips-events.cgi << 'END-of-snips-events.cgi'
X#!/usr/bin/perl
X#
X# AUTHOR:  peiffer at umn edu, June 2002
X#
X#
Xmy $vcid = '$Id:';
X
Xuse vars qw ( $debug $refresh $large_refresh $genweb_cgi
X	      $snipsroot $etcdir $max_table_rows
X	    );
X$snipsroot =  "/usr/local/snips" ;	# SET_THIS
X$etcdir = "$snipsroot/etc";
Xpush (@INC, $etcdir);
X
Xrequire  "snipsperl.conf";
Xrequire  "snipsweb-confg";		# in etcdir
X
Xuse Time::Local;
Xuse CGI;	# also requires Base64.pm
X
Xmy @monitors = qw( etherload hostmon ippingmon nsmon ntpmon portmon 
X		   rpcpingmon trapmon dhcpmon wwmon bgpmon ) ;
Xmy @sortfields = qw(name varname deviceaddr varvalue monitor severe);
X%watchpat = (
X	) unless (%watchpat);
Xmy @watchfields = keys %watchpat;
X
X$debug = 0;	# FIX FIX
X$query = new CGI;
X$debug= $query->param('debug') if $query->param('debug');
Xmy $a=$query->param('Action');
X
X# this script was invoked by external script.
Xprint $query->header(-Refresh=>'$refresh;');
Xprint $query->start_html("SNIPS Event/Alarm Browser");
X&print_form($query);
Xprint $query->end_html;
X
X###
X### Subroutines
X###
X
Xsub print_form {
X  my($query) = @_;
X
X  my($field);
X
X  my(@rawlogs) = &get_logs (3600);     # 1hr 
X  my $idx = 0;
X  my %suffixlist;
X
X  foreach(@watchfields) {      #  Gotta find a less hokey way of
naming.
X     $suffixlist{$_} = $idx++;
X  }
X
X  print "
X     <script language=\"JavaScript\"><!--
X     function win(fileName) {
X       snipsfloat =
window.open(\'\',\'snipsevent\',\'scrollbars=yes,status=no,width=800,height=200\')
X       snipsfloat.location.href = fileName;
X     }
X  //--></script>\n";
X
X  printf "    <TABLE BORDER=1><CAPTION>Alarm Browser</CAPTION>\n";  
X  foreach $field (@watchfields) {
X    print_logs($suffixlist{$field}, $watchpat{$field},
&filter_logs($field, @rawlogs));
X    printf "      <TR>\n";
X    printf "        <TD>\n";
X    $button = sprintf("/snips/gifs/%s.gif",
&get_condition($field,@rawlogs));
X    printf "           <IMG SRC=\"$button\" height=37, width=37>\n";
X    printf "        </TD>\n";
X    printf "        <TD>\n";
X    printf "           <A
HREF=\"javascript:win(\'${baseurl}/snipslog.%s\')\">%s</A>\n",
X      $suffixlist{$field}, $watchpat{$field};
X    printf "        </TD>\n";
X    printf "      </TR>\n";
X  }
X  printf "    </TABLE>\n";
X
X  print $query->endform, "<HR>\n";
X}
X
X#
X# void
X# print_logs (matchspec, caption, list of logs)
X#
X# Create a temporary log entry in the web directory.
X#
Xsub print_logs {
X   my ($suffix, $field, @logs) = @_;
X
X   my $bgcolor;
X   open(LOG, ">${webdir}/snipslog.${suffix}");
X   printf LOG "    <TABLE BORDER=1 BGCOLOR=\"TAN\">";
X   printf LOG "<CAPTION>Event Browser $field </CAPTION>\n";  
X   printf LOG "<TR><TD>Legend:<BR>";
X   printf LOG "DATE [monitor]: DEVICE device address VAR variable
measured threshold units LEVEL event_level LOGLEVEL lastevent_level
STATE state\n";
X  printf LOG "</TD></TR>\n";
X   foreach my $log (@logs) {
X    if ($bgcolor eq 'D8D8D8') {
X      $bgcolor = 'FFFFCC';
X    } else {
X      $bgcolor = 'D8D8D8';
X    }
X
X    $log =~ s/Info/<FONT COLOR="GREEN">Info<\/FONT>/g;
X    $log =~ s/Warning/<FONT COLOR="YELLOW">Warning<\/FONT>/g;
X    $log =~ s/Error/<FONT COLOR="BLUE">Error<\/FONT>/g;
X    $log =~ s/Critical/<FONT COLOR="RED">Critical<\/FONT>/g;
X
X    printf LOG "      <TR><TD BGCOLOR=\"$bgcolor\">";
X    printf LOG "<SMALL>$log</SMALL></TD></TR>\n";
X   }
X   printf LOG "    </TABLE>\n";
X   close(LOG);
X}
X#
X# list [green,yellow,blue,red][info,warning,error,critical]
X# get_condition (urlspec, list of logs)
X#
X# return the overall alarm condition code (color) for events 
X# that match the input urlspec
X#
Xsub get_condition {
X
X  my($url,@rawlogs) = @_;
X  my($condition,%cache,$key,$value,%condition);
X
X  foreach $line (&filter_logs($url,@rawlogs)) {
X    my($monitor,$device,$address,$var,$level,$state) = 
X      (split(/\s+/, $line))[5,7,8,10,17,19];
X    $key = join('|', $monitor, $device, $address,$var);
X    $cache{$key} = $level;
X  }
X  foreach $value (values %cache) {
X    $condition{$value} = 1;
X  }
X
X  my($cache_size) = scalar(keys %condition);
X  foreach $key (keys %condition) {
X    print "get_condition(): key $key\n", if ($debug);
X  }
X
X  return 'redsq' if (exists $condition{'Critical'});
X  return 'bluesq' if (exists $condition{'Error'});
X  return 'yellowsq' if (exists $condition{'Warning'});
X  return 'greensq' if (exists $condition{'Info'});
X  return 'empty' if (exists $condition{'Unknown'});
X  return 'greensq' if ($cache_size == 0);
X}
X
X#
X# list
X# filter_logs(urlspec,list of logs)
X#
X# Filter logs based upon SNIPs genweb parameter list.  Empty
X# parameters for filepat, and namepat are assumed to be matched.
X#
Xsub filter_logs {
X  my($url,@rawlogs) = @_;
X
X  my(@retn);
X
X  my($filepat) = ($url =~ /filepat=([^\&]*)/);
X  $filepat = '.*' if ($filepat eq '');
X  my($namepat) = ($url =~ /namepat=([^\&]*)/);
X  $namepat = '.*' if ($namepat eq '');
X  foreach my $line (@rawlogs) {
X    my($monitor,$device,$address,$var,$level,$state) = 
X      (split(/\s+/, $line))[5,7,8,10,17,19];
X    if (($monitor =~ /$filepat/) &&
X	($device =~ /$namepat/)) {
X      push(@retn, $line);
X    }
X  }
X  return(@retn);
X}
X
X#
X# list
X# get_logs(time)
X# 
X# Read and return list of SNIPS logs that are more current than
X# the input time in seconds
X#
Xsub get_logs {
X  my($time) = @_;  
X
X  my @retn;
X  my %MON = ('Jan', 0, 'Feb', 1, 'Mar', 2, 'Apr', 3, 'May', 4, 'Jun',
5,
X	     'Jul', 6, 'Aug', 7, 'Sep', 8, 'Oct', 9, 'Nov', 10, 'Dec', 11);
X  open(LOG, "$snipsroot/logs/info");
X  while(<LOG>) {
X    chomp;
X    my $logline = $_;
X    printf  "new line $logline\n" if ($debug);
X    if (/\S+\s+(\S+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)\s+\[(\S*)\]/)
{
X      my($month,$mday,$hours,$min,$sec,$year,$monitor) = 
X	($1, $2, $3, $4, $5, $6, $7);
X      next if ($monitor eq '');     # some bug in hostmon
X      $mon = $MON{$month};
X      my $logtime = timelocal($sec,$min,$hours,$mday,$mon,$year);
X      next if ((time - $time) > $logtime);
X      printf "get_logs(): pushing $logline\n", if ($debug);
X      push @retn, $_;
X    }
X  }
X  close(LOG);
X
X return(@retn);
X}
END-of-snips-events.cgi
exit


Zyrion Traverse Network Monitoring & Network Management Software