tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2007-01-03 Sancho Lerena <slerena@artica.es> 

* Linux/pandora_agent.conf: Added more tokens to config
	file. Added logfile, temporal and encoding issues.

        * Linux/pandora_agent.sh: Many changes on agent. Solved problems
	with encoding, changed all paths, fixed minor bugs, and some work
	with XML.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@349 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
slerena 2007-01-03 18:47:54 +00:00
parent 35aabfd2b6
commit 109b0c9184
4 changed files with 174 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
pandora_agents/ChangeLog
View File

@ -1,17 +1,27 @@
2007-01-03 Sancho Lerena <slerena@artica.es>
* Linux/pandora_agent.conf: Added more tokens to config
file. Added logfile, temporal and encoding issues.
* Linux/pandora_agent.sh: Many changes on agent. Solved problems
with encoding, changed all paths, fixed minor bugs, and some work
with XML.
2007-01-03 Manuel Arostegui <marostegui@artica.es> 2007-01-03 Manuel Arostegui <marostegui@artica.es>
* linux/pandora_agents.spec: Added dependencies * linux/pandora_agents.spec: Added dependencies
2007-01-02 Manuel Arostegui <marostegui@artica.es> 2007-01-02 Manuel Arostegui <marostegui@artica.es>
* linux/pandora_agents.spec: Added new PATHS for config files and binary * linux/pandora_agents.spec: Added new PATHS for config files and
ones. Fixed perms. Change Summary due to a typo bug. binary ones. Fixed perms. Change Summary due to a typo bug.
2007-01-01 Manuel Arostegui <marostegui@artica.es> 2007-01-01 Manuel Arostegui <marostegui@artica.es>
* linux/pandora_agents.spec: Added to repository. Spec file for pandora * linux/pandora_agents.spec: Added to repository. Spec file for
agents RPM package. Launch scripts are installed under /usr/local/bin/ pandora agents RPM package. Launch scripts are installed under
and configuration files are in /usr/local/etc/pandora /usr/local/bin/ and configuration files are in
/usr/local/etc/pandora
2006-12-05 Sancho Lerena <slerena@artica.es> 2006-12-05 Sancho Lerena <slerena@artica.es>

69
pandora_agents/linux/pandora_agent.conf
View File

@ -1,24 +1,41 @@
# Fichero de configuracion base de agentes de Pandora FMS
# Base config file for Pandora FMS agents # Base config file for Pandora FMS agents
# Version 1.2 # Version 1.2
# Licensed under GPL license, 2003-2006 Sancho Lerena # Licensed under GPL license v2,
# (c) 2003-2007 Sancho Lerena and others.
# please visit http://pandora.sourceforge.net
# General Parameters # General Parameters
# ================== # ==================
server_ip 192.168.50.100 server_ip 192.168.50.1
server_path /opt/pandora_server/data_in server_path /opt/pandora_server/data_in
server_port 22 temporal /var/spool/pandora/data_out
pandora_path /opt/pandora_agent/ logfile /var/log/pandora_agent.log
temporal /opt/pandora_agent/data_out
# Interval in seconds, 300 by default
interval 300 interval 300
# Debug mode only generate XML, and stop after first execution,
# and does not copy XML to server.
debug 0 debug 0
# By default is activated
checksum 0 checksum 0
#agent_name toher
# By default, agent takes machine name
#agent_name adama
# By default agent try to take default encoding defined in host.
# encoding iso-8859-15
# By default is 22
#server_port 22
# Module Definition # Module Definition
# ================= # =================
# System information
# vmstat syntax depends on linux distro and vmstat command version, please check before use it # vmstat syntax depends on linux distro and vmstat command version, please check before use it
module_begin module_begin
module_name cpu_user module_name cpu_user
@ -67,6 +84,8 @@ module_type generic_data
module_exec ps -A | wc -l module_exec ps -A | wc -l
module_end module_end
# Process information
module_begin module_begin
module_name snort module_name snort
module_type generic_proc module_type generic_proc
@ -85,24 +104,44 @@ module_type generic_proc
module_exec ps -Af | grep sshd | grep -v "grep" | wc -l module_exec ps -Af | grep sshd | grep -v "grep" | wc -l
module_end module_end
# Informational stuff
module_begin module_begin
module_name last_syslog module_name last_syslog
module_type generic_data_string module_type generic_data_string
module_exec tail -1 /var/log/syslog module_exec tail -1 /var/log/syslog
module_description Last line of syslog
module_end module_end
module_begin module_begin
module_name PandoraNet_Mem module_name last_login
module_description Pandora_Network Memory usage module_type generic_data_string
module_type generic_data module_exec last | head -1
module_exec ps aux | grep pandora_network.pl | grep -v grep | awk '{ print $6 }' module_description Last connected to system
module_end
# Networking
module_begin
module_name incoming_pkt
module_type generic_data_inc
module_exec netstat -as | grep "incoming packets delivered" | awk '{ print $1 }'
module_description Incoming packets arriving to system
module_end module_end
module_begin module_begin
module_name PandoraSer_Mem module_name outbound_pkt
module_description Pandora Server memory usage module_type generic_data_inc
module_type generic_data module_exec netstat -as | grep "requests sent out" | awk '{ print $1 }'
module_exec ps aux | grep pandora_server.pl | grep -v grep | awk '{ print $6 }' module_description Outbound Packets sent by system
module_end
module_begin
module_name conn_resets
module_type generic_data_inc
module_exec netstat -as | grep "connections reset due to unexpected SYN" | awk '{ print $1 }'
module_description Resets due to unexpected SYN
module_end module_end

187
pandora_agents/linux/pandora_agent.sh
View File

@ -2,24 +2,20 @@
# ********************************************************************** # **********************************************************************
# Pandora FMS Generic Host Agent # Pandora FMS Generic Host Agent
# GNU/Linux version # GNU/Linux version
# (c) Sancho Lerena 2003-2006, <slerena@artica.es> # (c) 2003-2006 Sancho Lerena <slerena@gmail.com>
# with the help of many people. Please see http://pandora.sourceforge.net # with the help of many people. Please see http://pandora.sourceforge.net
# Este codigo esta licenciado bajo la licencia GPL 2.0. # Este codigo esta licenciado bajo la licencia GPL 2.0.
# This code is licensed under GPL 2.0 license. # This code is licensed under GPL 2.0 license.
# ********************************************************************** # **********************************************************************
AGENT_VERSION=1.2 AGENT_VERSION=1.2.1
AGENT_BUILD=061123 AGENT_BUILD=070103
IFS=$'\n'
# Begin cycle for adquire primary config tokens
TIMESTAMP=`date +"%Y/%m/%d %H:%M:%S"`
if [ -z "$1" ] if [ -z "$1" ]
then then
echo " " echo " "
echo "FATAL ERROR: I need an argument to PANDORA AGENT home path" echo "Fatal error: I need an argument to Pandora FMS Agent config directory"
echo " " echo " "
echo " example: /opt/pandora_ng/pandora_agent.sh /opt/pandora_ng " echo " example: pandora_agent /etc/pandora "
echo " " echo " "
exit -1 exit -1
else else
@ -29,114 +25,140 @@ fi
if [ ! -f $PANDORA_HOME/pandora_agent.conf ] if [ ! -f $PANDORA_HOME/pandora_agent.conf ]
then then
echo " " echo " "
echo "FATAL ERROR: Cannot load pandora_agent.conf" echo "FATAL ERROR: Cannot load $PANDORA_HOME/pandora_agent.conf"
echo " " echo " "
exit -1 exit -1
fi fi
# Default values # Init internal variables
CHECKSUM_MODE=1
DEBUG_MODE=0
CONTADOR=0 CONTADOR=0
EXECUTE=1 EXECUTE=1
MODULE_END=0 MODULE_END=0
SERVER_PORT=22 TIMESTAMP=`date +"%Y/%m/%d %H:%M:%S"`
IFS=$'\n'
echo "$TIMESTAMP - Reading general config parameters from .conf file" >> $PANDORA_HOME/pandora.log # Default values
CHECKSUM_MODE=1
DEBUG_MODE=0
SERVER_PORT=22
INTERVAL=300
ENCODING=`echo $LANG | cut -f 2 -d "."`
if [ -z "$ENCODING" ]
then
ENCODING="iso-8859-1"
fi
NOMBRE_HOST=`/bin/hostname`
OS_NAME=`uname -s`
PANDORA_LOGFILE=/var/log/pandora_agent.log
TEMP=/tmp
# Read config file
for a in `cat $PANDORA_HOME/pandora_agent.conf | grep -v -e "^#" | grep -v -e "^module" ` for a in `cat $PANDORA_HOME/pandora_agent.conf | grep -v -e "^#" | grep -v -e "^module" `
do do
a=`echo $a | tr -s " " " "` a=`echo $a | tr -s " " " "`
# Get general configuration parameters from config file # Get general configuration parameters from config file
if [ ! -z "`echo $a | grep -e '^logfile'`" ]
then
PANDORA_LOGFILE=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Pandora Logfile is $PANDORA_LOGFILE" >> $PANDORA_LOGFILE
fi
if [ ! -z "`echo $a | grep -e '^server_ip'`" ] if [ ! -z "`echo $a | grep -e '^server_ip'`" ]
then then
SERVER_IP=`echo $a | awk '{ print $2 }' ` SERVER_IP=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Server IP Address is $SERVER_IP" >> $PANDORA_HOME/pandora.log echo "$TIMESTAMP - [SETUP] - Server IP Address is $SERVER_IP" >> $PANDORA_LOGFILE
fi fi
if [ ! -z "`echo $a | grep -e '^server_path'`" ] if [ ! -z "`echo $a | grep -e '^server_path'`" ]
then then
SERVER_PATH=`echo $a | awk '{ print $2 }' ` SERVER_PATH=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Server Path is $SERVER_PATH" >> $PANDORA_HOME/pandora.log echo "$TIMESTAMP - [SETUP] - Server Path is $SERVER_PATH" >> $PANDORA_LOGFILE
fi fi
if [ ! -z "`echo $a | grep -e '^temporal'`" ] if [ ! -z "`echo $a | grep -e '^temporal'`" ]
then then
TEMP=`echo $a | awk '{ print $2 }' ` TEMP=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Temporal Path is $TEMP" >> $PANDORA_HOME/pandora.log echo "$TIMESTAMP - [SETUP] - Temporal Path is $TEMP" >> $PANDORA_LOGFILE
fi fi
if [ ! -z "`echo $a | grep -e '^interval'`" ] if [ ! -z "`echo $a | grep -e '^interval'`" ]
then then
INTERVAL=`echo $a | awk '{ print $2 }' ` INTERVAL=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Interval is $INTERVAL seconds" >> $PANDORA_HOME/pandora.log echo "$TIMESTAMP - [SETUP] - Interval is $INTERVAL seconds" >> $PANDORA_LOGFILE
fi fi
if [ ! -z "`echo $a | grep -e '^agent_name'`" ] if [ ! -z "`echo $a | grep -e '^agent_name'`" ]
then then
NOMBRE_HOST=`echo $a | awk '{ print $2 }' ` NOMBRE_HOST=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Agent name is $NOMBRE_HOST " >> $PANDORA_HOME/pandora.log echo "$TIMESTAMP - [SETUP] - Agent name is $NOMBRE_HOST " >> $PANDORA_LOGFILE
fi fi
if [ ! -z "`echo $a | grep -e '^debug'`" ] if [ ! -z "`echo $a | grep -e '^debug'`" ]
then then
DEBUG_MODE=`echo $a | awk '{ print $2 }' ` DEBUG_MODE=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Debug mode is $DEBUG_MODE " >> $PANDORA_HOME/pandora.log echo "$TIMESTAMP - [SETUP] - Debug mode is $DEBUG_MODE " >> $PANDORA_LOGFILE
fi fi
if [ ! -z "`echo $a | grep -e '^checksum'`" ] if [ ! -z "`echo $a | grep -e '^checksum'`" ]
then then
CHECKSUM_MODE=`echo $a | awk '{ print $2 }' ` CHECKSUM_MODE=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Checksum is $CHECKSUM_MODE " >> $PANDORA_HOME/pandora.log echo "$TIMESTAMP - [SETUP] - Checksum is $CHECKSUM_MODE " >> $PANDORA_LOGFILE
fi fi
# Contribution of daggett # Contribution of daggett
if [ ! -z "`echo $a | grep -e '^server_port'`" ] if [ ! -z "`echo $a | grep -e '^server_port'`" ]
then then
SERVER_PORT=`echo $a | awk '{ print $2 }' ` SERVER_PORT=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Server Port is $SERVER_PORT" >> $PANDORA_HOME/pandora.log echo "$TIMESTAMP - [SETUP] - Server Port is $SERVER_PORT" >> $PANDORA_LOGFILE
fi
# Contribution of daggett
if [ ! -z "`echo $a | grep -e '^encoding'`" ]
then
ENCODING=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Encoding is $ENCODING" >> $PANDORA_LOGFILE
fi fi
done done
# MAIN Program loop begin
# Get Linux Distro type and version # Get Linux Distro type and version
# SUSE
if [ -f "/etc/SuSE-release" ] if [ -f "/etc/SuSE-release" ]
then then
OS_VERSION=`cat /etc/SuSE-release | grep VERSION | cut -f 3 -d " "` OS_VERSION=`cat /etc/SuSE-release | grep VERSION | cut -f 3 -d " "`
LINUX_DISTRO=SUSE LINUX_DISTRO=SUSE
else else
if [ -f "/etc/lsb-release" ] if [ -f "/etc/lsb-release" ]
then then
OS_VERSION=`cat /etc/lsb-release | grep DISTRIB_RELEASE | cut -f 2 -d "="` OS_VERSION=`cat /etc/lsb-release | grep DISTRIB_RELEASE | cut -f 2 -d "="`
LINUX_DISTRO=UBUNTU LINUX_DISTRO=UBUNTU
else OS_VERSION="UBUNTU $OS_VERSION"
if [ -f "/etc/debian_version" ] else
then if [ -f "/etc/debian_version" ]
OS_VERSION=`cat /etc/debian_version` then
OS_VERSION="DEBIAN $OS_VERSION" OS_VERSION=`cat /etc/debian_version`
LINUX_DISTRO=DEBIAN OS_VERSION="DEBIAN $OS_VERSION"
else LINUX_DISTRO=DEBIAN
LINUX_DISTRO=GENERIC else
OS_VERSION=`uname -r` if [ -f "/etc/fedora-release" ]
if [ -f "/etc/fedora-release" ]
then then
OS_VERSION=`cat /etc/fedora-release | cut -f 4 -d " "` OS_VERSION=`cat /etc/fedora-release | cut -f 4 -d " "`
OS_VERSION="FEDORA $OS_VERSION" OS_VERSION="FEDORA $OS_VERSION"
LINUX_DISTRO=FEDORA LINUX_DISTRO=FEDORA
fi else
fi LINUX_DISTRO=GENERIC
fi OS_VERSION=`uname -r`
fi
fi
fi
fi fi
# OS Data
OS_NAME=`uname -s`
# Hostname # Script banner at start
if [ -z "$NOMBRE_HOST" ] echo "Pandora FMS Agent $AGENT_VERSION (c) Sancho Lerena, and others 2007"
echo "This program is licensed under GPL Terms. http://pandora.sf.net"
echo " "
if [ "$DEBUG_MODE" == "1" ]
then then
NOMBRE_HOST=`/bin/hostname` echo "Warning: Running in DEBUG mode"
fi fi
# MAIN Program loop begin
while [ "1" == "1" ] while [ "1" == "1" ]
do do
# Deleted debug / error info on each run to avoid giant logs
rm -Rf $PANDORA_LOGFILE.err 2> /dev/null
# Date and time, SERIAL is number of seconds since 1/1/1970, for every packet. # Date and time, SERIAL is number of seconds since 1/1/1970, for every packet.
TIMESTAMP=`date +"%Y/%m/%d %H:%M:%S"` TIMESTAMP=`date +"%Y/%m/%d %H:%M:%S"`
@ -149,11 +171,9 @@ do
PANDORA_FILES="$TEMP/$NOMBRE_HOST.$SERIAL.*" PANDORA_FILES="$TEMP/$NOMBRE_HOST.$SERIAL.*"
# Makes data packet # Makes data packet
echo "<agent_data os_name='$OS_NAME' os_version='$OS_VERSION' interval='$INTERVAL' version='$AGENT_VERSION' timestamp='$TIMESTAMP' agent_name='$NOMBRE_HOST'>" > $DATA echo "<?xml version=\"1.0\" encoding=\"$ENCODING\"?> " > $DATA
if [ "$DEBUG_MODE" == "1" ] echo "<agent_data os_name='$OS_NAME' os_version='$OS_VERSION' interval='$INTERVAL' version='$AGENT_VERSION' timestamp='$TIMESTAMP' agent_name='$NOMBRE_HOST'>" >> $DATA
then
echo "$TIMESTAMP - Reading module adquisition data from .conf file" >> $PANDORA_HOME/pandora.log
fi
for a in `cat $PANDORA_HOME/pandora_agent.conf | grep -v -e "^#" | grep -e "^module" ` for a in `cat $PANDORA_HOME/pandora_agent.conf | grep -v -e "^#" | grep -e "^module" `
do do
a=`echo $a | tr -s " " " "` a=`echo $a | tr -s " " " "`
@ -166,7 +186,7 @@ do
res=`eval $execution` res=`eval $execution`
if [ -z "$flux_string" ] if [ -z "$flux_string" ]
then then
res=`eval expr $res 2> /dev/null` res=`eval expr $res 2> $PANDORA_LOGFILE.err`
fi fi
echo "<data><![CDATA[$res]]></data>" >> $DATA2 echo "<data><![CDATA[$res]]></data>" >> $DATA2
fi fi
@ -175,7 +195,7 @@ do
if [ ! -z "`echo $a | grep -e '^module_name'`" ] if [ ! -z "`echo $a | grep -e '^module_name'`" ]
then then
name=`echo $a | cut -c 13- ` name=`echo $a | cut -c 13- `
echo "<name>$name</name>" >> $DATA2 echo "<name><![CDATA[$name]]></name>" >> $DATA2
fi fi
if [ ! -z "`echo $a | grep -e '^module_begin'`" ] if [ ! -z "`echo $a | grep -e '^module_begin'`" ]
@ -187,19 +207,19 @@ do
if [ ! -z "`echo $a | grep -e '^module_max' `" ] if [ ! -z "`echo $a | grep -e '^module_max' `" ]
then then
max=`echo $a | awk '{ print $2 }' ` max=`echo $a | awk '{ print $2 }' `
echo "<max>$max</max>" >> $DATA2 echo "<max><![CDATA[$max]]></max>" >> $DATA2
fi fi
if [ ! -z "`echo $a | grep -e '^module_min'`" ] if [ ! -z "`echo $a | grep -e '^module_min'`" ]
then then
min=`echo $a | awk '{ print $2 }' ` min=`echo $a | awk '{ print $2 }' `
echo "<min>$min</min>" >> $DATA2 echo "<min><![CDATA[$min]]></min>" >> $DATA2
fi fi
if [ ! -z "`echo $a | grep -e '^module_description'`" ] if [ ! -z "`echo $a | grep -e '^module_description'`" ]
then then
desc=`echo $a | cut -c 20- ` desc=`echo $a | cut -c 20- `
echo "<description>$desc</description>" >> $DATA2 echo "<description><![CDATA[$desc]]></description>" >> $DATA2
fi fi
if [ ! -z "`echo $a | grep -e '^module_end'`" ] if [ ! -z "`echo $a | grep -e '^module_end'`" ]
@ -220,7 +240,7 @@ do
flux_string=0 flux_string=0
unset flux_string unset flux_string
fi fi
echo "<type>$mtype</type>" >> $DATA2 echo "<type><![CDATA[$mtype]]></type>" >> $DATA2
fi fi
if [ ! -z "`echo $a | grep '^module_interval'`" ] if [ ! -z "`echo $a | grep '^module_interval'`" ]
@ -252,43 +272,40 @@ do
fi fi
# Call for user-defined script for data adquisition # Call for user-defined script for data adquisition
if [ -f "$PANDORA_HOME/pandora_user.conf" ] if [ -f "$PANDORA_HOME/pandora_user.conf" ]
then then
/bin/bash $PANDORA_HOME/pandora_user.conf >> $DATA /bin/bash $PANDORA_HOME/pandora_user.conf >> $DATA
fi fi
# Finish data packet # Checking MD5
echo "</agent_data>" >> $DATA
if [ "$DEBUG_MODE" == "1" ]
then
echo "$TIMESTAMP - Finish writing XML $DATA" >> $PANDORA_HOME/pandora.log
fi
if [ "$CHECKSUM_MODE" == "1" ] if [ "$CHECKSUM_MODE" == "1" ]
then then
# Calculate Checksum and prepare MD5 file # Calculate Checksum and prepare MD5 file
CHECKSUM_DATA=`/usr/bin/md5sum $DATA` CHECKSUM_DATA=`md5sum $DATA`
echo $CHECKSUM_DATA > $CHECKSUM echo $CHECKSUM_DATA > $CHECKSUM
else else
CHECKSUM_DATA="No valid checksum" CHECKSUM_DATA="No valid checksum"
echo $CHECKSUM_DATA > $CHECKSUM echo $CHECKSUM_DATA > $CHECKSUM
fi fi
# Send packets to server and detele it # Finish data packet
scp -P $SERVER_PORT $PANDORA_FILES pandora@$SERVER_IP:$SERVER_PATH > /dev/null 2> /dev/null echo "</agent_data>" >> $DATA
if [ "$DEBUG_MODE" == "1" ] if [ "$DEBUG_MODE" == "1" ]
then then
echo "$TIMESTAMP - Copying $PANDORA_FILES to $SERVER_IP:$SERVER_PATH" >> $PANDORA_HOME/pandora.log echo "$TIMESTAMP - Finish writing XML $DATA" >> $PANDORA_LOGFILE
else echo "Data file is at $DATA - Exiting now"
# Delete it echo " "
rm -f $PANDORA_FILES> /dev/null 2> /dev/null exit 0
fi fi
# Send packets to server and detele it
scp -P $SERVER_PORT $PANDORA_FILES pandora@$SERVER_IP:$SERVER_PATH > /dev/null 2> $PANDORA_LOGFILE.err
# Delete data
rm -f $PANDORA_FILES> /dev/null 2> $PANDORA_LOGFILE.err
# Go to bed :-) # Go to bed :-)
sleep $INTERVAL sleep $INTERVAL
done done
# This runs forever! # This runs forever!

8
pandora_agents/linux/pandora_agents.spec
View File

@ -21,12 +21,8 @@ AutoReq: 0
Provides: %{name}-%{version} Provides: %{name}-%{version}
%description %description
Pandora agents are based on native languages in every platform: scripts that can be written in any Pandora agents are based on native languages in every platform: scripts that can be written in any language. Its possible to reproduce any agent in any programming language and can be extended without difficulty the existing ones in order to cover aspects not taken into account up to the moment.
language. Its possible to reproduce any agent in any programming language and can be extended These scripts are formed by modules that each one gathers a "chunk" of information. Thus, every agent gathers several "chunks" of information; this one is organized in a data set and stored in a single file, called data file.
without difficulty the existing ones in order to cover aspects not taken into account up to the moment.
These scripts are formed by modules that each one gathers a "chunk" of information. Thus, every agent
gathers several "chunks" of information; this one is organized in a data set and stored in a single file,
called data file.
%prep %prep
#rm -rf $RPM_BUILD_ROOT #rm -rf $RPM_BUILD_ROOT