Resolving Issue #`103

Allow syslog to use rsyslog new tizezone sensitive timestamps instead of legacy date/time

Author: cigamit

README.md

@@ -29,7 +29,22 @@ Note: You must rename config.php.dist in the syslog plugin directory to config.p
 
 If you are upgrading to 2.0 from a prior install, you must first uninstall syslog and insure both the syslog, syslog_removal, and syslog_incoming tables are removed, and recreated at install time.
 
-In addtion, the rsyslog configuration has changed in 2.0.  So, for example, to configure modern rsyslog for Cacti, you must create a file called cacti.conf in the /etc/rsyslog.d/ directory that includes the following:
+In addtion, the rsyslog configuration has changed in 2.5.  So, for example, to configure modern rsyslog for Cacti, you MUST create a file called cacti.conf in the /etc/rsyslog.d/ directory that includes the following:
+
+	--------------------- start /etc/rsyslog.d/cacti.conf ---------------------
+
+	$ModLoad imudp
+	$UDPServerRun 514
+	$ModLoad ommysql
+
+	$template cacti_syslog,"INSERT INTO syslog_incoming(facility_id, priority_id, program, logtime, host, message) \
+values (%syslogfacility%, %syslogpriority%, '%programname%', '%timegenerated%', '%HOSTNAME%', TRIM('%msg%'))", SQL
+
+	*.* >localhost,my_database,my_user,my_password;cacti_syslog
+
+	--------------------- end /etc/rsyslog.d/cacti.conf ---------------------
+
+This is a change from versions 2.0 to 2.4 and below, which had the following file format:
 
 	--------------------- start /etc/rsyslog.d/cacti.conf ---------------------
 
@@ -44,6 +59,8 @@ In addtion, the rsyslog configuration has changed in 2.0.  So, for example, to c
 
 	--------------------- end /etc/rsyslog.d/cacti.conf ---------------------
 
+If you are upgrading to version 2.5 from an earlier version, make sure that you update this template format and restart rsyslog.  You may loose some syslog data, but doing this in a timely fashion, will minimize data loss.
+
 Ensure you restart rsyslog after these changes are completed.  Other logging servers such as Syslog-NG are also supported with this plugin.  Please see some additional documentation here: [Cacti Documentation Site](https://docs.cacti.net/plugin:syslog.config)
 
 We are using the pure integer values that rsyslog provides to both the priority and facility in this version syslog, which makes the data collection must less costly for the database.  We have also started including the 'program' syslog column for searching and storage and alert generation.
@@ -81,6 +98,7 @@ The sylog plugin has been in development for well over a decade with increasing
 
 * issue#102: Syslog statistics filter problem - select program
 * issue#101: Alert rule SQL Expression not working as expected
+* issue#103: Allow syslog to use rsyslog new tizezone sensitive timestamps instead of legacy date/time
 * issue#100: Fix odd/even classes generation in report
 * issue#99: Re-Alert Cycle (Alert Rules) is wrong in case of 1 minute poller interval
 * issue#96: Syslog filtering does not work with some international characters

config.php.dist

@@ -64,8 +64,7 @@ if (!$use_cacti_db) {
 //$syslog_install_options['id']           = 'syslog';
 
 /* field in the incomming table */
-$syslog_incoming_config['dateField']          = 'date';
-$syslog_incoming_config['timeField']          = 'time';
+$syslog_incoming_config['timeField']          = 'logtime';
 $syslog_incoming_config['priorityField']      = 'priority_id';
 $syslog_incoming_config['facilityField']      = 'facility_id';
 $syslog_incoming_config['hostField']          = 'host_id';

functions.php

@@ -246,8 +246,7 @@ function syslog_remove_items($table, $uniqueID) {
 					if ($remove['method'] != 'del') {
 						$sql1 = 'INSERT INTO `' . $syslogdb_default . '`.`syslog_removed`
 							(logtime, priority_id, facility_id, program_id, host_id, message)
-							SELECT TIMESTAMP(`' . $syslog_incoming_config['dateField'] . '`, `' . $syslog_incoming_config['timeField']     . '`),
-							priority_id, facility_id, program_id, host_id, message
+							SELECT logtime, priority_id, facility_id, program_id, host_id, message
 							FROM (SELECT si.date, si.time, si.priority_id, si.facility_id, spg.program_id, sh.host_id, si.message
 								FROM `' . $syslogdb_default . '`.`syslog_incoming` AS si
 								INNER JOIN `' . $syslogdb_default . '`.`syslog_facilities` AS sf
@@ -290,8 +289,7 @@ function syslog_remove_items($table, $uniqueID) {
 					if ($remove['method'] != 'del') {
 						$sql1 = 'INSERT INTO `' . $syslogdb_default . '`.`syslog_removed`
 							(logtime, priority_id, facility_id, program_id, host_id, message)
-							SELECT TIMESTAMP(`' . $syslog_incoming_config['dateField'] . '`, `' . $syslog_incoming_config['timeField']     . '`),
-							priority_id, facility_id, program_id, host_id, message
+							SELECT logtime, priority_id, facility_id, program_id, host_id, message
 							FROM (SELECT si.date, si.time, si.priority_id, si.facility_id, spg.program_id, sh.host_id, si.message
 								FROM `' . $syslogdb_default . '`.`syslog_incoming` AS si
 								INNER JOIN `' . $syslogdb_default . '`.`syslog_facilities` AS sf
@@ -334,8 +332,7 @@ function syslog_remove_items($table, $uniqueID) {
 					if ($remove['method'] != 'del') {
 						$sql1 = 'INSERT INTO `' . $syslogdb_default . '`.`syslog_removed`
 							(logtime, priority_id, facility_id, program_id, host_id, message)
-							SELECT TIMESTAMP(`' . $syslog_incoming_config['dateField'] . '`, `' . $syslog_incoming_config['timeField'] . '`),
-							priority_id, facility_id, program_id, host_id, message
+							SELECT logtime, priority_id, facility_id, program_id, host_id, message
 							FROM (SELECT si.date, si.time, si.priority_id, si.facility_id, spg.program_id, sh.host_id, si.message
 								FROM `' . $syslogdb_default . '`.`syslog_incoming` AS si
 								INNER JOIN `' . $syslogdb_default . '`.`syslog_facilities` AS sf
@@ -374,8 +371,7 @@ function syslog_remove_items($table, $uniqueID) {
 					if ($remove['method'] != 'del') {
 						$sql1 = 'INSERT INTO `' . $syslogdb_default . '`.`syslog_removed`
 							(logtime, priority_id, facility_id, program_id, host_id, message)
-							SELECT TIMESTAMP(`' . $syslog_incoming_config['dateField'] . '`, `' . $syslog_incoming_config['timeField'] . '`),
-							priority_id, facility_id, program_id, host_id, message
+							SELECT logtime, priority_id, facility_id, program_id, host_id, message
 							FROM (SELECT si.date, si.time, si.priority_id, si.facility_id, spg.program_id, sh.host_id, si.message
 								FROM `' . $syslogdb_default . '`.`syslog_incoming` AS si
 								INNER JOIN `' . $syslogdb_default . '`.`syslog_facilities` AS sf
@@ -414,8 +410,7 @@ function syslog_remove_items($table, $uniqueID) {
 					if ($remove['method'] != 'del') {
 						$sql1 = 'INSERT INTO `' . $syslogdb_default . '`.`syslog_removed`
 							(logtime, priority_id, facility_id, program_id, host_id, message)
-							SELECT TIMESTAMP(`' . $syslog_incoming_config['dateField'] . '`, `' . $syslog_incoming_config['timeField'] . '`),
-							priority_id, facility_id, program_id, host_id, message
+							SELECT logtime, priority_id, facility_id, program_id, host_id, message
 							FROM (SELECT si.date, si.time, si.priority_id, si.facility_id, spg.program_id, sh.host_id, si.message
 								FROM `' . $syslogdb_default . '`.`syslog_incoming` AS si
 								INNER JOIN `' . $syslogdb_default . '`.`syslog_facilities` AS sf
@@ -454,8 +449,7 @@ function syslog_remove_items($table, $uniqueID) {
 					if ($remove['method'] != 'del') {
 						$sql1 = 'INSERT INTO `' . $syslogdb_default . '`.`syslog_removed`
 							(logtime, priority_id, facility_id, program_id, host_id, message)
-							SELECT TIMESTAMP(`' . $syslog_incoming_config['dateField'] . '`, `' . $syslog_incoming_config['timeField'] . '`),
-							priority_id, facility_id, program_id, host_id, message
+							SELECT logtime, priority_id, facility_id, program_id, host_id, message
 							FROM (SELECT si.date, si.time, si.priority_id, si.facility_id, spg.program_id, sh.host_id, si.message
 								FROM `' . $syslogdb_default . '`.`syslog_incoming` AS si
 								INNER JOIN `' . $syslogdb_default . '`.`syslog_facilities` AS sf

setup.php

@@ -276,6 +276,12 @@ function syslog_check_upgrade() {
 				'default'  => '',
 				'after'    => 'id')
 			);
+
+			if (db_column_exists('syslog_incoming', 'date')) {
+				db_execute("ALTER TABLE syslog_incoming
+					DROP COLUMN date,
+					CHANGE COLUMN `time` logtime timestamp default '0000-00-00';");
+			}
 		}
 
 		$alerts = syslog_db_fetch_assoc('SELECT * FROM syslog_alert WHERE hash IS NULL OR hash = ""');
@@ -441,8 +447,7 @@ function syslog_setup_table_new($options) {
 		facility_id int(10) unsigned default NULL,
 		priority_id int(10) unsigned default NULL,
 		program varchar(40) default NULL,
-		`date` date default NULL,
-		`time` time default NULL,
+		logtime TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00',
 		host varchar(64) default NULL,
 		message varchar(1024) NOT NULL DEFAULT '',
 		seq bigint unsigned NOT NULL auto_increment,

syslog_process.php

@@ -490,9 +490,8 @@
 /* move syslog records to the syslog table */
 syslog_db_execute('INSERT INTO `' . $syslogdb_default . '`.`syslog`
 	(logtime, priority_id, facility_id, program_id, host_id, message)
-	SELECT TIMESTAMP(`' . $syslog_incoming_config['dateField'] . '`, `' . $syslog_incoming_config['timeField']     . '`),
-	priority_id, facility_id, program_id, host_id, message
-	FROM (SELECT date, time, priority_id, facility_id, sp.program_id, sh.host_id, message
+	SELECT logtime, priority_id, facility_id, program_id, host_id, message
+	FROM (SELECT logtime, priority_id, facility_id, sp.program_id, sh.host_id, message
 		FROM syslog_incoming AS si
 		INNER JOIN syslog_hosts AS sh
 		ON sh.host=si.host