#!/usr/bin/env bash # commands/logs/show.sh FW_EVENTS_LOG="$(ctx::fw_events_log)" WG_EVENTS_LOG="$(ctx::events_log)" function cmd::logs::show::on_load() { command::mixin json_output [section="Output"] help::section "Filters" flag::define --name value "Filter by peer name" label:name section:Filters flag::define --type value "Filter by device type" label:type section:Filters flag::define --since value "Show events since (2h, 7d)" label:time section:Filters flag::define --service value "Filter by service/IP" label:service section:Filters flag::define --event value "Filter wg events" label:type section:Filters flag::define --fw bool "Show firewall drops only" section:Filters flag::define --wg bool "Show WireGuard events only" section:Filters flag::define --merged bool "Show all events interleaved" section:Filters help::section "Output" flag::define --limit value "Max results per source" default:50 type:int min:1 section:Output flag::define --ascending bool "Sort ascending" section:Output flag::define --descending bool "Sort descending" section:Output flag::define --resolved bool "Resolve endpoints" section:Output flag::define --detailed bool "Show per-event detail" section:Output flag::define --raw bool "Skip service resolution" section:Output flag::define --follow bool "Follow live" section:Output flag::exclusive --fw --wg flag::exclusive --ascending --descending } function cmd::logs::show::run() { flag::parse "$@" || return 1 local name; name=$(flag::value --name) local type; type=$(flag::value --type) local limit; limit=$(flag::value --limit) local since; since=$(flag::value --since) local filter_service; filter_service=$(flag::value --service) local filter_event; filter_event=$(flag::value --event) local net_file="" local fw_only=false wg_only=false merged=false local follow=false raw=false resolved=false detailed=false flag::bool --fw && fw_only=true flag::bool --wg && wg_only=true flag::bool --merged && merged=true flag::bool --follow && follow=true flag::bool --raw && raw=true flag::bool --resolved && resolved=true flag::bool --detailed && detailed=true local sort_order="desc" flag::bool --ascending && sort_order="asc" flag::bool --descending && sort_order="desc" local collapse=1 $detailed && collapse=0 if [[ -n "$name" && -n "$type" ]]; then name=$(peers::resolve_and_require "$name" "$type") || return 1 fi local filter_ip="" if [[ -n "$name" ]]; then filter_ip=$(peers::get_ip "$name") [[ -z "$filter_ip" ]] && log::error "Could not find IP for: $name" && return 1 fi $fw_only && $wg_only && fw_only=false && wg_only=false if $follow; then cmd::logs::follow "$filter_ip" "$name" "$type" "$fw_only" "$wg_only" return fi $raw || net_file="$(ctx::net)" local filter_dest_ip="" filter_dest_port="" if [[ -n "$filter_service" ]]; then if [[ "$filter_service" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+(:[0-9]+)?$ ]]; then filter_dest_ip="${filter_service%%:*}" local maybe_port="${filter_service##*:}" [[ "$maybe_port" != "$filter_dest_ip" ]] && filter_dest_port="$maybe_port" else local svc_resolved svc_resolved=$(net::resolve "$filter_service" 2>/dev/null | head -1) if [[ -n "$svc_resolved" ]]; then filter_dest_ip="${svc_resolved%%:*}" local rest="${svc_resolved#*:}" [[ "$rest" != "$filter_dest_ip" ]] && filter_dest_port="${rest%%:*}" else log::error "Service not found: ${filter_service}" return 1 fi fi fi if $merged; then log::section "WireGuard Activity Log" printf "\n" cmd::logs::show_merged "$filter_ip" "$name" "$type" "$limit" "$net_file" "$since" return fi local fw_output="" wg_output="" $wg_only || fw_output=$(cmd::logs::show_fw_events \ "$filter_ip" "$name" "$type" "$limit" "$net_file" \ "$collapse" "$since" "$filter_dest_ip" "$filter_dest_port" "$sort_order" "$resolved") $fw_only || wg_output=$(cmd::logs::show_wg_events \ "$filter_ip" "$name" "$type" "$limit" \ "$collapse" "$since" "$filter_event" "$sort_order" "$resolved") if [[ -z "$(echo "$fw_output" | tr -d '[:space:]')" && \ -z "$(echo "$wg_output" | tr -d '[:space:]')" ]]; then log::wg_warning "No logs found" return 0 fi log::section "WireGuard Activity Log" printf "\n" if [[ -n "$fw_output" && -n "$wg_output" ]]; then printf "%s\n\n" "$fw_output" printf "%s\n" "$wg_output" elif [[ -n "$fw_output" ]]; then printf "%s\n" "$fw_output" else printf "%s\n" "$wg_output" fi }