use strict;
##########################################################################
# $Id: dhcpd,v 1.17 2006/10/20 21:12:27 bjorn Exp $
##########################################################################
########################################################
# This was written and is maintained by:
# Kirk Bauer <kirk@kaybee.org>
#
# Please send all comments, suggestions, bug reports,
# etc, to kirk@kaybee.org.
########################################################
my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0;
my %data;
# This filter is very basic... much more could be done with it
while (my $line = <STDIN>) {
chomp $line;
$line =~ s/^\s+//;
$line =~ s/\s+$//;
next unless $line;
if (
# All of these entries are generated at startup unless -q option used :(
# Name of ISC was changed in 2004
($line =~ /^Internet (Systems|Software) Consortium DHCP Server/) or
($line =~ /^Copyright/) or
($line =~ /^All rights reserved/) or
($line =~ /^Please contribute if you find this software useful/) or
($line =~ /^For info, please visit/) or
# Other lines to ignore
($line =~ /^Wrote .* to leases file\./) or
($line =~ /^already acking lease/) or
($line =~ /^dhcpd shutdown .*succeeded/) or
($line =~ /^dhcpd startup .*succeeded/) or
($line =~ /^Sending on/) or
($line =~ /^Dynamic and static leases present for/) or
($line =~ /^from the dynamic address pool for/) or
($line =~ /^BOOTREQUEST/) or
($line =~ /^DHCPACK/) or
($line =~ /^DHCPNAK/) or
($line =~ /^DHCPINFORM/) or
($line =~ /^DHCPDISCOVER/) or
($line =~ /^DHCPREQUEST/) or
($line =~ /^DHCPRELEASE/) or
($line =~ /^pool [0-9a-f]+ /)
) {
# Ignore these lines
} elsif ($line =~ s/Listening on\s+//) {
$data{'DHCP Server Listening On'}{$line}++;
} elsif (
($line =~ /^you want, please write a subnet declaration/) or
($line =~ /^in your dhcpd.conf file for the network segment/) or
($line =~ /^to which interface [a-z\d]+ is attached./) or
($line =~ /^If you did not get this software from ftp.isc.org, please/) or
($line =~ /^get the latest from ftp.isc.org and install that before/) or
($line =~ /^requesting help./) or
($line =~ /^If you did get this software from ftp.isc.org and have not/) or
($line =~ /^yet read the README, please read it before requesting help./) or
($line =~ /^If you intend to request help from the dhcp-server\@isc.org/) or
($line =~ /^mailing list, please read the section on the README about/) or
($line =~ /^help directly to the authors of this software - please/) or
($line =~ /^submitting bug reports and requests for help./) or
($line =~ /^Please do not under any circumstances send requests for/) or
($line =~ /^help directly to the authors of this software - please/) or
($line =~ /^send them to the appropriate mailing list as described in/) or
($line =~ /^the README file./)
) {
# Do nothing
} elsif ($line =~ s/^exiting./DHCP server exiting./) {
$data{'Generic error'}{$line}++;
} elsif ($line =~ /^There's already a DHCP server running./) {
$data{'Generic error'}{$line}++;
} elsif ($line =~ s/^\*\* Ignoring requests on ([a-z\d]+). If this is not what\s*$/Ignoring interface $1/) {
$data{'Config error'}{$line}++;
} elsif ($line =~ s/^No subnet declaration for ([a-z\d]+) ([()\d.]+).\s*$/No subnet declaration for $1 $2/) {
$data{'Config error'}{$line}++;
} elsif ($line =~ s/^DHCPOFFER on ([\d\.]+) to ([a-f\d:]+) via (\S+)\s*$/$1 -> $2 ($3)/) {
if ($Detail >= 5) {
$data{'Addresses Leased'}{$line}++;
}
} elsif ($line =~ s/^DHCPOFFER on ([\d\.]+) to ([a-f\d:]+) \(([a-zA-Z\d_-]+)\) via (\S+)\s*$/$1 -> $2 [$3] ($4)/) {
if ($Detail >= 5) {
$data{'Addresses Leased'}{$line}++;
}
} elsif ($line =~ s/^DHCPOFFER on ([\d\.]+) to ("") \(([a-zA-Z\d_-]+)\) via (\S+)\s*$/$1 -> $2 [$3] ($4)/) {
if ($Detail >= 5) {
$data{'Warnings'}{$line}++;
}
} elsif ($line =~ s/^BOOTREPLY for ([\d\.]+) to ([a-zA-Z\d_-]+) \(([a-f\d:]+)\) via (\S+)\s*$/$1 -> $3 [$2] ($4\/bootp)/) {
if ($Detail >= 5) {
$data{'Addresses Leased'}{$line}++;
}
} elsif ($line =~ s/^added reverse map from ([\d]+).([\d]+).([\d]+).([\d]+).in-addr.arpa. to ([a-zA-Z\d._-]+)\s*$/Add reverse $4.$3.$2.$1 -> $5/) {
if ($Detail >= 7) {
$data{'DNS Mappings'}{$line}++;
}
} elsif ($line =~ s/^removed reverse map on ([\d]+).([\d]+).([\d]+).([\d]+).in-addr.arpa.\s*$/Remove reverse $4.$3.$2.$1/) {
if ($Detail >= 7) {
$data{'DNS Mappings'}{$line}++;
}
} elsif ($line =~ s/^Added new forward map from ([a-zA-Z\d\-_.]+) to ([\d.]+)\s*$/Add forward $1 -> $2/) {
if ($Detail >= 7) {
$data{'DNS Mappings'}{$line}++;
}
} elsif ($line =~ s/^if ([a-zA-Z\d\-_.]+) IN A rrset doesn't exist delete ([a-zA-Z\d\-_.]+) IN TXT "([a-f\d]+)": success.\s*$/Remove forward TXT from $1 (TXT "$3")/) {
if ($Detail >= 7) {
$data{'DNS Mappings'}{$line}++;
}
} elsif ($line =~ s/^if ([a-zA-Z\d\-_.]+) IN TXT "([a-f\d]+)" rrset exists and ([a-zA-Z\d\-_.]+) IN A ([\d.]+) rrset exists delete ([a-zA-Z\d\-_.]+) IN A ([\d.]+): success.\s*$/Remove forward $1 -> $4 (TXT "$2")/) {
if ($Detail >= 7) {
$data{'DNS Mappings'}{$line}++;
}
} elsif ($line =~ /^.* rrset .*/) {
if ($Detail >= 7) {
$data{'DNS Mappings'}{$line}++;
}
} elsif ($line =~ s/^Remove host declaration ([a-zA-Z\d.]+) or remove ([\d.]+)\s*$/Host $2 ($1) has static and dynamic mappings, remove other./) {
if ($Detail >= 3) {
$data{'Warnings'}{$line}++;
}
} else {
$data{'Unknown Entries'}{$line}++;
}
}
if (keys %data) {
foreach my $type (keys %data) {
print "$type:\n";
foreach my $entry (sort {$a cmp $b} keys %{$data{$type}}) {
print " $entry: $data{$type}{$entry} Time(s)\n";
}
print "\n";
}
}
# vi: shiftwidth=3 tabstop=3 syntax=perl et
