1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
<?php
if (mt_rand(1, 10) === 1) {
// One year of event log
Database::exec("DELETE FROM eventlog WHERE (UNIX_TIMESTAMP() - 86400 * 365) > dateline");
// Keep at least 20 events or 7 days worth of samples (whichever is more)
$types = Database::simpleQuery("SELECT type, Count(*) AS num, Min(dateline) as oldest
FROM `notification_sample` GROUP BY type");
$cutoff = time() - 86400 * 7;
$maxCutoff = time() - 86400 * 365; // But don't keep anything for more than a year
foreach ($types as $type) {
if ($type['num'] > 20 && $type['oldest'] < $cutoff) {
// This type has more than 30 and the oldest one is older than 7 days
// find out which one takes priority
$thisCutoff = $cutoff;
$find = Database::queryFirst("SELECT dateline FROM notification_sample
WHERE type = :type AND dateline
ORDER BY dateline DESC
LIMIT 29, 1",
['type' => $type['type']]);
// The 30th entry is older than 7 days? Bump the cutoff dateline back to this date,
// so we keep at least 20 entries
if ($find !== false && $find['dateline'] < $thisCutoff) {
$thisCutoff = $find['dateline'];
}
Database::exec("DELETE FROM notification_sample
WHERE type = :type AND dateline < :dateline",
['type' => $type['type'], 'dateline' => max($thisCutoff, $maxCutoff)]);
}
}
}
// Add missing/virtual columns to sample data
$todo = Database::simpleQuery("SELECT sampleid, data FROM notification_sample WHERE extended = 0 LIMIT 10");
foreach ($todo as $sample) {
$data = json_decode($sample['data'], true);
// First, add all the machine columns
if (isset($data['machineuuid'])) {
$row = Database::queryFirst("SELECT " . implode(',', FilterRuleProcessor::MACHINE_COLUMNS)
. " FROM machine WHERE machineuuid = :uuid", ['uuid' => $data['machineuuid']]);
} elseif (isset($data['clientip'])) {
$row = Database::queryFirst("SELECT " . implode(',', FilterRuleProcessor::MACHINE_COLUMNS)
. " FROM machine WHERE clientip = :ip ORDER BY lastseen DESC LIMIT 1", ['ip' => $data['clientip']]);
} else {
$row = false;
}
if ($row !== false) {
$data += $row;
}
// Add virtual statistics columns
if (isset($data['machineuuid']) && Module::isAvailable('statistics')) {
foreach (FilterRuleProcessor::HW_QUERIES as $key => $elem) {
if (isset($data[$key]))
continue; // Already present...
$q = new HardwareQuery($elem[0], $data['machineuuid']);
$q->addColumn($elem[2], $elem[1]);
$res = $q->query();
if ($res !== false) {
$row = $res->fetch();
if ($row !== false && $row[$elem[1]] !== null) {
$data[$key] = $row[$elem[1]];
}
}
}
}
// Finally, update entry
Database::exec("UPDATE notification_sample SET extended = 1, data = :data WHERE sampleid = :id",
['id' => $sample['sampleid'], 'data' => json_encode($data)]);
}
|
