diff --git a/pandora_agents/win32/ChangeLog b/pandora_agents/win32/ChangeLog index 2b55b79275..cf42045428 100644 --- a/pandora_agents/win32/ChangeLog +++ b/pandora_agents/win32/ChangeLog @@ -1,3 +1,13 @@ +2010-04-23 Sancho Lerena + + * bin/pandora_agent.conf: Updated sample conf with some examples of + inventory usage, and agent plugins (commented). + + * bin/util/df.vbs, bin/util/ps.vbs: Added flush in the end of each module + + * bin/util/logevent_log4x.vbs: New agent plugin to parse eventlog and + generate a Log4x format. + 2010-04-23 Ramon Novoa * modules/pandora_module_inventory.cc: Fixed a couple of XML tags. @@ -39,6 +49,7 @@ * Makefile.am: Updated sources. Removed tinyxml and added the plugin module. +>>>>>>> .r2603 2010-04-16 Ramon Novoa * windows/pandora_wmi.cc: fixed getOSVersion. Crashed in Windows 2008 diff --git a/pandora_agents/win32/bin/pandora_agent.conf b/pandora_agents/win32/bin/pandora_agent.conf index 8348674ba1..c13c0859df 100644 --- a/pandora_agents/win32/bin/pandora_agent.conf +++ b/pandora_agents/win32/bin/pandora_agent.conf @@ -1,16 +1,17 @@ # Base config file for Pandora FMS Windows Agent -# (c) 2006-2009 Artica Soluciones Tecnologicas -# Version 3.0 +# (c) 2006-2009 Artica Soluciones Tecnologicas +# version 3.0 -# This program is Free Software, you can redistribute it and/or modify it +# This program is Free Software, you can redistribute it and/or modify it # under the terms of the GNU General Public Licence as published by the Free Software -# Foundation; either version 2 of the Licence or any later version. -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY, without ever the implied warranty of MERCHANTABILITY or FITNESS -# FOR A PARTICULAR PURPOSE. +# Foundation; either version 2 of the Licence or any later version +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY, without ever the implied warranty of MERCHANTABILITY or FITNESS +# FOR A PARTICULAR PURPOSE # Edit this file to change your parameters or/and add your own modules -# Any line with a # character at the first column will be ignored (comment) +# Any line with a # character at the first column will be ignored (comment) + # General Parameters # ================== @@ -24,7 +25,7 @@ temporal "$AgentTemp$" # use directive agent_name (do not use blank spaces, please). # This parameter is CASE SENSITIVE. -#agent_name My_Custom_Agent_name +# agent_name My_Custom_Agent_name # Group assigned for this agent (descriptive, p.e: Servers) #group Servers @@ -58,15 +59,29 @@ server_port 41121 #remote_config 0 # Set XML encoding (ISO-8859-1 by default). -#encoding ISO-8859-1 +#encoding ISO-8859-1 # Enable or disable XML buffer. xml_buffer 0 - # Module Definition # Check online documentation and module library at http://pandorafms.org # ================= + +# Sample of Windows inventory module (ONLY ENTERPRISE)! +#module_begin +#module_name Inventory +#module_interval 7 +#module_type generic_data_string +#module_inventory RAM Patches Software Services NIC +#module_description Inventory +#module_end + +# Example plugin to retrieve last 5 min events in log4x format +# module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\logevent_log4x.vbs" Aplicacion System 300 + +# Example plugin to retrieve drive usage +# module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\df.vbs" # Free space on disk C: module_begin @@ -187,6 +202,3 @@ module_end #process_firefox_stop killall firefox #service_messenger 1 -# Example plugin to retrieve drive usage -# module_plugin cscript.exe //B "C:\Program Files\pandora_agent\util\df.vbs" - diff --git a/pandora_agents/win32/bin/util/df.vbs b/pandora_agents/win32/bin/util/df.vbs index 9c13ee2709..3b22a1baf5 100644 --- a/pandora_agents/win32/bin/util/df.vbs +++ b/pandora_agents/win32/bin/util/df.vbs @@ -26,7 +26,8 @@ For Each objItem in colItems Wscript.StdOut.WriteLine " " Wscript.StdOut.WriteLine " " Wscript.StdOut.WriteLine " " - Wscript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + Wscript.StdOut.flush End If End If Next diff --git a/pandora_agents/win32/bin/util/logevent_log4x.vbs b/pandora_agents/win32/bin/util/logevent_log4x.vbs new file mode 100644 index 0000000000..aeaa3b449d --- /dev/null +++ b/pandora_agents/win32/bin/util/logevent_log4x.vbs @@ -0,0 +1,91 @@ +' -------------------------------------------------------------- +' WMI Log Event Parser for Windows +' Used as Plugin in Pandora FMS Monitoring System +' Written by Sancho Lerena 2010 +' Licensed under BSD Licence +' -------------------------------------------------------------- + +' This plugin uses three parameters: +' +' module_name : Module name to be reported at pandora, p.e: Event_Application +' logfile : Windows event logfile: Application, System, Security... +' interval: Should be the same interval agent has, p.e: 300 (seconds) + +' Code begins here + +' Take args from command line +if (Wscript.Arguments.Count = 0) then + WScript.Quit +end if + +On Error Resume Next +cfg_module_name = Wscript.Arguments(0) +cfg_logfile = Wscript.Arguments(1) +cfg_interval = Wscript.Arguments(2) +strComputer = "." + +MyDate = dateAdd("s", -cfg_interval, Now) ' Latest X seconds + +Set dtmStartDate = CreateObject("WbemScripting.SWbemDateTime") + +DateToCheck = CDate(MyDate) +dtmStartDate.SetVarDate DateToCheck, CONVERT_TO_LOCAL_TIME + +WMI_QUERY = "Select * from Win32_NTLogEvent Where Logfile = '" & cfg_logfile & "' AND TimeWritten >= '" & dtmStartDate & "'" + +' DEBUG +'wscript.StdOut.WriteLine dtmStartDate +'wscript.StdOut.WriteLine WMI_QUERY + +Set objWMIService = GetObject("winmgmts:" _ + & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") +Set colEvents = objWMIService.ExecQuery (WMI_QUERY) + +'The XML files need the have the fields SEVERITY, MESSAGE and +'STACKTRACE. These are the fields that are often used when logging with +'log4j. Just in case, the severity field can have the following values: +'TRACE, DEBUG, INFO, WARN, ERROR, FATAL. The "message" field is just + +For Each objEvent in colEvents + + if (objEvent.Type = "0") then + severity = "FATAL" + end if + + if (objEvent.Type = "1") then + severity = "ERROR" + end if + + if (objEvent.Type = "2") then + severity = "WARN" + end if + + if (objEvent.Type >= "3") then + severity = "INFO" + end if + + stacktrace = "Category: " & objEvent.CategoryString & ", Event Code: " & objEvent.EventCode & ", Source Name: " & objEvent.SourceName & ", LogFile: " & cfg_logfile + + event_message = objEvent.Message + Wscript.StdOut.Write "" + Wscript.StdOut.Write "" + Wscript.StdOut.Write "log4x" + Wscript.StdOut.Write "" & severity & "" + + if (event_message = "") then + Wscript.StdOut.Write "" + else + Wscript.StdOut.Write "" + end if + + if (stacktrace = "") then + Wscript.StdOut.Write "" + else + Wscript.StdOut.Write "" + end if + + Wscript.StdOut.WriteLine "" + Wscript.StdOut.flush +Next + +' Code ends here diff --git a/pandora_agents/win32/bin/util/ps.vbs b/pandora_agents/win32/bin/util/ps.vbs index fcdab35397..9391647234 100644 --- a/pandora_agents/win32/bin/util/ps.vbs +++ b/pandora_agents/win32/bin/util/ps.vbs @@ -29,5 +29,6 @@ For i = 0 To argc - 1 Else Wscript.StdOut.WriteLine " " End If - Wscript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + Wscript.StdOut.flush Next