# MClog.ctl:285: Collects System Log Files
# $Id: MClog.ctl,v 1.7 2015/05/29 11:41:06 RDA Exp $
# ARCS: $Header: /home/cvs/cvs/RDA_8/src/scripting/lib/collect/EXPLORER/MClog.ctl,v 1.7 2015/05/29 11:41:06 RDA Exp $
#
# Change History
# 20141103  PRA  Add /var/log/zones content list collection.

=head1 NAME

EXPLORER:MClog - Collects System log Files

=head1 DESCRIPTION

This module collects system log files.

=cut

use Mrc

# Initialization
var $VALIDATE = true
keep $VALIDATE

section begin

var $ERR = '---## Associated Errors'
var $TOC = '%TOC%'
var $TOP = '[[#Top][Back to top]]'
var $WRN = '   * Links point to files that have been collected in their \
                 original format. Opening them directly in your browser can \
                 present risks. To prevent them, access the file outside the \
                 browser or use the link to save them and use an adequate \
                 viewer.'

run EXPLORER:XPLRlib('syslogs')

#------------------------------------------------------------------------------
# XPLR_syslogs section
#------------------------------------------------------------------------------

section XPLR_syslogs

# Validate the execution context
call log_run('Processing LOG sections ...')

=for stopwords Syslogs

=head2 Syslogs

Gathers system log information using the following commands:

=over 2

=item o C</usr/bin/ls -l /var/log/zones> (Oracle Solaris 11 and later)

=back

Also collects the following files:

=over 2

=item o F</etc/logadm.conf>

=item o Log files present in F</etc/syslog.conf>

=item o F</var/log/syslog*>

=back

=cut

# Run report
debug ' Inside LOG collection, gathering system log files'
pretoc '2:Syslogs'

# Determine the collection period
if ${B_INCR_MODE}
{var ($beg,$end) = (${STA.EXPLORER.XPLR.LOG.G_LAST_INCR},time())
 if !?$beg
  var $beg = expr('-',$end,7776000) # 90 * 86400
}
else
 var ($beg,$end) = ()

# Perform the collections
loop $rec (get_zones(false))
{if $loc = defined($nam = $rec->[0])
 {var ($ttl,$pre,$exe) = (concat('From Zone ',$nam),\
                          concat('zones/',$nam),\
                          concat('/usr/sbin/zlogin ',$nam))
  call log_info(concat('syslogs: RUNNING: zone ',$nam),\
                concat(' Inside LOG collection, collecting from zone ',$nam))
 }
 else
  var ($ttl,$pre,$exe) = ('From Global Zone')
 var $top = $rec->[1]

 report concat('log_z_',nvl($nam,'global'))
 title '---+!! ',$ttl
 title $TOC

 # Collect commands
 if expr('>=',get_osv(),11)
  call do_remote($pre,$exe,$top,\
    ['messages/ls_-l_@var@log@zones',\
     ${CMD.LS:'ls'},'-l /var/log/zones',\
     '---+ /var/log/zones'])

 # Collect files
 prefix
 {write '---+ logadm.conf File'
  write $WRN
  write '|*File Path*| *Size*|*Last Modified Date*|'
 }
 call do_collect_rem($pre,$top,['B','messages/logadm.conf','/etc/logadm.conf'])
 if hasOutput(true)
  write $TOP

 # Parse syslog.conf using /usr/ccs/bin/m4 for additional logfiles to collect
 var (@fil,%srt) = ()
 loop $log (grepCommand(concat('/usr/ccs/bin/m4 ',\
                               catCommand($top,'/etc/syslog.conf'),\
                               ' 2>/dev/null'),\
                        '^[^#].*\s(\S+)$','1'))
 {next match($log,'^[^\/]|\/dev|\*|\/var\/adm\/messages|\/var\/log\/syslog|@')
  var $srt{$log} = 1
 }
 loop $log (keys(%srt))
  call push(@fil,\
    ['B',concat('messages/logs/',replace(substr($log,1),'\/','-')),$log])
 prefix
 {write '---+ Log Files from /etc/syslog.conf'
  write $WRN
  write '|*File Path*| *Size*|*Last Modified Date*|'
 }
 call do_collect_rem($pre,$top,@fil)
 if hasOutput(true)
  write $TOP

 # Get syslog files
 var @fil = ()
 loop $fil (get_modified_files($beg,$end,catDir($top,'/var/log'),\
                               '^syslog(\.\d)?$'))
  call push(@fil,['B',concat('messages/',$fil),catFile('/var/log',$fil)])

 prefix
 {write '---+ System Log Files'
  if ?$end
  {write '   * Incremental collection mode activated for :'
   write '      * Period start: ',gmtime('%d-%b-%Y %H:%M:%S',$beg),' UTC'
   write '      * Period end: ',gmtime('%d-%b-%Y %H:%M:%S',$end),' UTC'
  }
  write $WRN
  write '|*File Path*| *Size*|*Last Modified Date*|'
 }
 call do_collect_rem($pre,$top,@fil)
 if hasOutput(true)
  write $TOP

  # Add the report to the table of content
 if isCreated(true)
  toc '3:[[',getFile(),'][rda_report][',$ttl,']]'
}

# Store the new time stamp
if ?$end
 var ${STA.EXPLORER.XPLR.LOG.G_LAST_INCR:'Last incremental collection'} = $end

# Adjust the table of contents
unpretoc

=head2 Zones

=for zone begin syslogs

By default, collects information from the global zone only.

When local zone collections are requested explicitly, collects system log
information from the selected local zones using the following commands:

=over 2

=item o C</usr/bin/ls -l /var/log/zones> (Oracle Solaris 11 and later)

=back

and the following system log files from the selected local zones:

=over 2

=item o F</etc/logadm.conf>

=item o Log files present in F</etc/syslog.conf>

=item o F</var/log/syslog*>

=back

=for zone end

=head1 SEE ALSO

L<EXPLORER:DCxplr|collect::EXPLORER:DCxplr>,
L<EXPLORER:XPLRlib|collect::EXPLORER:XPLRlib>,
L<EXPLORER:XPLRzone|collect::EXPLORER:XPLRzone>

=head1 COPYRIGHT NOTICE

Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved.

=head1 TRADEMARK NOTICE

Oracle and Java are registered trademarks of Oracle and/or its
affiliates. Other names may be trademarks of their respective owners.

=cut