##########################################################################
# $Id$
##########################################################################
#
# Logwatch service for postgresql error log
#
# Processes all messages and summarizes them
# Each message is given with a timestamp and RMS
#
########################################################
# (C) 2011 by Dalibo - http://www.dalibo.com/
# written by Gilles Darold.
#
# Heavily based on the mysql script by Jeremias Reith
########################################################
## Covered under the included MIT/X-Consortium License:
##    http://www.opensource.org/licenses/mit-license.php
## All modifications and contributions by other persons to
## this script are assumed to have been donated to the
## Logwatch project and thus assume the above copyright
## and licensing terms.  If you want to make contributions
## under your own copyright or a different license this
## must be explicitly stated in the contribution and the
## Logwatch project reserves the right to not accept such
## contributions.  If you have made significant
## contributions to this script and want to claim
## copyright please contact logwatch-devel@lists.sourceforge.net.
########################################################

use strict;
use Logwatch ':dates';
use Time::Local;
use POSIX qw(strftime);

# Allow timestamp from two different logfile format: syslog and stderr
my $date_format1 = '%Y-%m-%d %H:%M:%S';
my $date_format2 = '%b %e %H:%M:%S';
my $filter1 = TimeFilter($date_format1);
my $filter2 = TimeFilter($date_format2);


# Allow summarization of WARNING and HINT too if wanted
my $detail = exists $ENV{'LOGWATCH_DETAIL_LEVEL'} ? $ENV{'LOGWATCH_DETAIL_LEVEL'} : 0;

# Used to replace the month trigram into the syslog timestamp
my %month2num = ( Jan => 0, Feb => 1, Mar => 2, Apr => 3,
		  May => 4, Jun => 5, Jul => 6, Aug => 7,
		  Sep => 8, Oct => 9, Nov => 10, Dec => 11 );

# Array of the relevant lines in the log file.
# First element: type of event
# Second element: matching regexp ($1 should contain the message)
# Third element: anonymous hash ref (stores message counts)
my @message_categories = (
	['Panics', qr/PANIC: (.*)$/o, {}],
	['Fatals', qr/FATAL: (.*)$/o, {}],
	['Errors', qr/ERROR: (.*)$/o, {}]
);
if ($detail) {
	# Add more log information
	push(@message_categories,
		['Warnings', qr/WARNING: (.*)$/o, {}],
		['Hints', qr/HINT: (.*)$/o, {}]
	);
}

# Set the current year as syslog don't have this information.
my $cur_year = (localtime(time))[5];

# Parse messages from stdin
while(<>) {
    my $line = $_;
    # skipping messages that are not within the requested range
    next unless $line =~ /^($filter1|$filter2)/o;
    my $datetime = $1;
    my $time = '';
    # Date/time format differ following the log_destination (stderr or syslog)
    if ($datetime =~ /(\d{4})-(\d{2})-(\d{2})\s+(\d+):(\d+):(\d+)/) {
	    {
		# timelocal is quite chatty
		local $SIG{'__WARN__'}  = sub {};

		$time = timelocal($6, $5, $4, $3, $2-1, $1-1900);
	    }
    } elsif ($datetime =~ /(\w)\s+(\d+)\s+(\d+):(\d+):(\d+)/) {
	    {
		# timelocal is quite chatty
		local $SIG{'__WARN__'}  = sub {};

		$time = timelocal($5, $4, $3, $2, $month2num{$1}, $cur_year);
	    }
    }

    # Remove character position
    $line =~ s/ at character \d+//;

    foreach my $cur_cat (@message_categories) {
	if($line =~ /$cur_cat->[1]/) {
	    my $msgs = $cur_cat->[2];
	    $msgs->{$1} = {count => '0',
			   first_occurrence => $time,
			   sum => 0, 
			   sqrsum => 0} unless exists $msgs->{$1};
	    $msgs->{$1}->{'count'}++;
	    # summing up timestamps and squares of timestamps
	    # in order to calculate the rms
	    # using first occurrence of message as offset in calculation to 
	    # prevent an integer overflow
	    $msgs->{$1}->{'sum'} += $time - $msgs->{$1}->{'first_occurrence'};
	    $msgs->{$1}->{'sqrsum'} += ($time - $msgs->{$1}->{'first_occurrence'}) ** 2;
	    last;
	}
    }
}


# generating summary
foreach my $cur_cat (@message_categories) {
    # skipping non-requested message types
    next unless keys %{$cur_cat->[2]};
    my ($name, undef, $msgs) = @{$cur_cat};
    print $name, ":\n";
    print '-' x (length($name)+1), "\n";
    my $last_count = 0;

    # sorting messages by count
    my @sorted_msgs = sort { $msgs->{$b}->{'count'} <=> $msgs->{$a}->{'count'} } keys %{$msgs};

    foreach my $msg (@sorted_msgs) {
	# grouping messages by number of occurrence
	print "\n", $msgs->{$msg}->{'count'}, " times:\n" unless $last_count == $msgs->{$msg}->{'count'};   
	my $rms = 0;


	# printing timestamp
        print '[';

	if($msgs->{$msg}->{'count'} > 1) {
	    # calculating rms
	    $rms = int(sqrt(
			   ($msgs->{$msg}->{'count'} * 
			    $msgs->{$msg}->{'sqrsum'} - 
			    $msgs->{$msg}->{'sum'}) / 
			   ($msgs->{$msg}->{'count'} * 
			    ($msgs->{$msg}->{'count'} - 1))));

	    print strftime($date_format1, localtime($msgs->{$msg}->{'first_occurrence'}+int($rms/2)));

	    print ' +/-';
	    
	    # printing rms
	    if($rms > 86400) {
		print int($rms/86400) , ' day(s)';
	    } elsif($rms > 3600) {
		print int($rms/3600) , ' hour(s)';
	    } elsif($rms > 60) {
		print int($rms/60) , ' minute(s)';
	    } else {
		print $rms, ' seconds';
	    }
	} else {
	    # we have got this message a single time
	    print strftime($date_format1, localtime($msgs->{$msg}->{'first_occurrence'}));
	}
	   
	print '] ', $msg, "\n";	
	$last_count = $msgs->{$msg}->{'count'};
    }

    print "\n";
}