use strict; ########################################################################## # $Id: dhcpd,v 1.17 2006/10/20 21:12:27 bjorn Exp $ ########################################################################## ######################################################## # This was written and is maintained by: # Kirk Bauer <kirk@kaybee.org> # # Please send all comments, suggestions, bug reports, # etc, to kirk@kaybee.org. ######################################################## my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0; my %data; # This filter is very basic... much more could be done with it while (my $line = <STDIN>) { chomp $line; $line =~ s/^\s+//; $line =~ s/\s+$//; next unless $line; if ( # All of these entries are generated at startup unless -q option used :( # Name of ISC was changed in 2004 ($line =~ /^Internet (Systems|Software) Consortium DHCP Server/) or ($line =~ /^Copyright/) or ($line =~ /^All rights reserved/) or ($line =~ /^Please contribute if you find this software useful/) or ($line =~ /^For info, please visit/) or # Other lines to ignore ($line =~ /^Wrote .* to leases file\./) or ($line =~ /^already acking lease/) or ($line =~ /^dhcpd shutdown .*succeeded/) or ($line =~ /^dhcpd startup .*succeeded/) or ($line =~ /^Sending on/) or ($line =~ /^Dynamic and static leases present for/) or ($line =~ /^from the dynamic address pool for/) or ($line =~ /^BOOTREQUEST/) or ($line =~ /^DHCPACK/) or ($line =~ /^DHCPNAK/) or ($line =~ /^DHCPINFORM/) or ($line =~ /^DHCPDISCOVER/) or ($line =~ /^DHCPREQUEST/) or ($line =~ /^DHCPRELEASE/) or ($line =~ /^pool [0-9a-f]+ /) ) { # Ignore these lines } elsif ($line =~ s/Listening on\s+//) { $data{'DHCP Server Listening On'}{$line}++; } elsif ( ($line =~ /^you want, please write a subnet declaration/) or ($line =~ /^in your dhcpd.conf file for the network segment/) or ($line =~ /^to which interface [a-z\d]+ is attached./) or ($line =~ /^If you did not get this software from ftp.isc.org, please/) or ($line =~ /^get the latest from ftp.isc.org and install that before/) or ($line =~ /^requesting help./) or ($line =~ /^If you did get this software from ftp.isc.org and have not/) or ($line =~ /^yet read the README, please read it before requesting help./) or ($line =~ /^If you intend to request help from the dhcp-server\@isc.org/) or ($line =~ /^mailing list, please read the section on the README about/) or ($line =~ /^help directly to the authors of this software - please/) or ($line =~ /^submitting bug reports and requests for help./) or ($line =~ /^Please do not under any circumstances send requests for/) or ($line =~ /^help directly to the authors of this software - please/) or ($line =~ /^send them to the appropriate mailing list as described in/) or ($line =~ /^the README file./) ) { # Do nothing } elsif ($line =~ s/^exiting./DHCP server exiting./) { $data{'Generic error'}{$line}++; } elsif ($line =~ /^There's already a DHCP server running./) { $data{'Generic error'}{$line}++; } elsif ($line =~ s/^\*\* Ignoring requests on ([a-z\d]+). If this is not what\s*$/Ignoring interface $1/) { $data{'Config error'}{$line}++; } elsif ($line =~ s/^No subnet declaration for ([a-z\d]+) ([()\d.]+).\s*$/No subnet declaration for $1 $2/) { $data{'Config error'}{$line}++; } elsif ($line =~ s/^DHCPOFFER on ([\d\.]+) to ([a-f\d:]+) via (\S+)\s*$/$1 -> $2 ($3)/) { if ($Detail >= 5) { $data{'Addresses Leased'}{$line}++; } } elsif ($line =~ s/^DHCPOFFER on ([\d\.]+) to ([a-f\d:]+) \(([a-zA-Z\d_-]+)\) via (\S+)\s*$/$1 -> $2 [$3] ($4)/) { if ($Detail >= 5) { $data{'Addresses Leased'}{$line}++; } } elsif ($line =~ s/^DHCPOFFER on ([\d\.]+) to ("") \(([a-zA-Z\d_-]+)\) via (\S+)\s*$/$1 -> $2 [$3] ($4)/) { if ($Detail >= 5) { $data{'Warnings'}{$line}++; } } elsif ($line =~ s/^BOOTREPLY for ([\d\.]+) to ([a-zA-Z\d_-]+) \(([a-f\d:]+)\) via (\S+)\s*$/$1 -> $3 [$2] ($4\/bootp)/) { if ($Detail >= 5) { $data{'Addresses Leased'}{$line}++; } } elsif ($line =~ s/^added reverse map from ([\d]+).([\d]+).([\d]+).([\d]+).in-addr.arpa. to ([a-zA-Z\d._-]+)\s*$/Add reverse $4.$3.$2.$1 -> $5/) { if ($Detail >= 7) { $data{'DNS Mappings'}{$line}++; } } elsif ($line =~ s/^removed reverse map on ([\d]+).([\d]+).([\d]+).([\d]+).in-addr.arpa.\s*$/Remove reverse $4.$3.$2.$1/) { if ($Detail >= 7) { $data{'DNS Mappings'}{$line}++; } } elsif ($line =~ s/^Added new forward map from ([a-zA-Z\d\-_.]+) to ([\d.]+)\s*$/Add forward $1 -> $2/) { if ($Detail >= 7) { $data{'DNS Mappings'}{$line}++; } } elsif ($line =~ s/^if ([a-zA-Z\d\-_.]+) IN A rrset doesn't exist delete ([a-zA-Z\d\-_.]+) IN TXT "([a-f\d]+)": success.\s*$/Remove forward TXT from $1 (TXT "$3")/) { if ($Detail >= 7) { $data{'DNS Mappings'}{$line}++; } } elsif ($line =~ s/^if ([a-zA-Z\d\-_.]+) IN TXT "([a-f\d]+)" rrset exists and ([a-zA-Z\d\-_.]+) IN A ([\d.]+) rrset exists delete ([a-zA-Z\d\-_.]+) IN A ([\d.]+): success.\s*$/Remove forward $1 -> $4 (TXT "$2")/) { if ($Detail >= 7) { $data{'DNS Mappings'}{$line}++; } } elsif ($line =~ /^.* rrset .*/) { if ($Detail >= 7) { $data{'DNS Mappings'}{$line}++; } } elsif ($line =~ s/^Remove host declaration ([a-zA-Z\d.]+) or remove ([\d.]+)\s*$/Host $2 ($1) has static and dynamic mappings, remove other./) { if ($Detail >= 3) { $data{'Warnings'}{$line}++; } } else { $data{'Unknown Entries'}{$line}++; } } if (keys %data) { foreach my $type (keys %data) { print "$type:\n"; foreach my $entry (sort {$a cmp $b} keys %{$data{$type}}) { print " $entry: $data{$type}{$entry} Time(s)\n"; } print "\n"; } } # vi: shiftwidth=3 tabstop=3 syntax=perl et