#!/bin/bash

# Check if correct number of arguments are passed
if [ "$#" -ne 2 ]; then
    echo "Usage: $0 <start-time> <end-time>"
    echo "Example: $0 '2024-09-28 11:30:00' '2024-09-28 11:40:00'"
    exit 1
fi

START=$1
END=$2

# Debugging output to ensure correct start and end times
echo "START: $START"
echo "END: $END"

# Ensure that START is before END
if [[ $(date -d "$START" +%s) -ge $(date -d "$END" +%s) ]]; then
    echo "Error: START time is greater than or equal to END time."
    exit 1
fi

echo "Collecting logs from $START to $END"

# Temporary file to store logs
TEMP_LOG_FILE=$(mktemp)

# Function to check journalctl logs
get_journalctl_logs() {
    if command -v journalctl &> /dev/null; then
        echo "----- Journalctl Logs -----" >> "$TEMP_LOG_FILE"
        journalctl --since="$START" --until="$END" >> "$TEMP_LOG_FILE"
    else
        echo "journalctl not found, skipping..." >> "$TEMP_LOG_FILE"
    fi
}

# Function to check logs in /var/log
get_var_log_logs() {
    echo "----- /var/log Logs -----" >> "$TEMP_LOG_FILE"
    log_files=(/var/log/syslog /var/log/auth.log /var/log/kern.log /var/log/dmesg)
    
    for log in "${log_files[@]}"; do
        if [[ -f $log ]]; then
            echo "Logs from $log" >> "$TEMP_LOG_FILE"
            awk -v start="$START" -v end="$END" '{
                logtime = $1 " " $2 " " $3
                logtime_epoch = mktime(gensub(/-|:/, " ", "g", logtime))
                start_epoch = mktime(gensub(/-|:/, " ", "g", start))
                end_epoch = mktime(gensub(/-|:/, " ", "g", end))
                if (logtime_epoch >= start_epoch && logtime_epoch <= end_epoch) {
                    print $0
                }
            }' $log >> "$TEMP_LOG_FILE"
        else
            echo "$log not found, skipping..." >> "$TEMP_LOG_FILE"
        fi
    done
}

# Function to check logs of specific services like nginx or apache2
get_service_logs() {
    echo "----- Service Logs (nginx, apache, mysql, etc.) -----" >> "$TEMP_LOG_FILE"
    
    service_logs=(/var/log/nginx/access.log /var/log/nginx/error.log /var/log/apache2/access.log /var/log/mysql/error.log)
    
    for log in "${service_logs[@]}"; do
        if [[ -f $log ]]; then
            echo "Logs from $log" >> "$TEMP_LOG_FILE"
            awk -v start="$START" -v end="$END" '{
                logtime = $1 " " $2
                logtime_epoch = mktime(gensub(/-|:/, " ", "g", logtime))
                start_epoch = mktime(gensub(/-|:/, " ", "g", start))
                end_epoch = mktime(gensub(/-|:/, " ", "g", end))
                if (logtime_epoch >= start_epoch && logtime_epoch <= end_epoch) {
                    print $0
                }
            }' $log >> "$TEMP_LOG_FILE"
        else
            echo "$log not found, skipping..." >> "$TEMP_LOG_FILE"
        fi
    done
}

# Fetch logs
get_journalctl_logs
get_var_log_logs
get_service_logs

# Upload logs to hastebin server
if command -v curl &> /dev/null; then
    RESPONSE=$(curl -s -X POST -H "Content-Type: text/plain" --data-binary "@${TEMP_LOG_FILE}" https://haste.nixc.us/documents)
    if [[ $RESPONSE == *"key"* ]]; then
        KEY=$(echo "$RESPONSE" | jq -r .key)
        echo "Logs uploaded: https://haste.nixc.us/$KEY"
    else
        echo "Failed to upload logs to hastebin server."
    fi
else
    echo "curl not found, unable to upload logs."
fi

# Clean up temporary file
rm "$TEMP_LOG_FILE"