2008-04-01 Sancho Lerena <slerena@gmail.com>
* bin/pandora_prediction: Fixed several problems with prediction on anomaly detection. Tested and works fine for me. * DB.pm: Fixed problem in combined alerts. Removed some log entries. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@784 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
parent
5d9b702454
commit
1a88c6d931
|
@ -1,3 +1,11 @@
|
|||
2008-04-01 Sancho Lerena <slerena@gmail.com>
|
||||
|
||||
* bin/pandora_prediction: Fixed several problems with
|
||||
prediction on anomaly detection. Tested and works fine for me.
|
||||
|
||||
* DB.pm: Fixed problem in combined alerts. Removed some
|
||||
log entries.
|
||||
|
||||
2008-04-01 Ramon Novoa <rnovoa@artica.es>
|
||||
|
||||
* util/tentacle_serverd: Changed default port and address (now
|
||||
|
|
|
@ -140,7 +140,6 @@ sub pandora_prediction_consumer ($$) {
|
|||
{
|
||||
lock $queue_lock;
|
||||
$data_id_agent_module = shift(@pending_task);
|
||||
print "[CLIENT] Pop out of queue module (pending queue) $data_id_agent_module \n";
|
||||
delete($pending_task_hash{$data_id_agent_module});
|
||||
$current_task_hash{$data_id_agent_module}=1;
|
||||
}
|
||||
|
@ -149,7 +148,6 @@ print "[CLIENT] Pop out of queue module (pending queue) $data_id_agent_module \n
|
|||
eval {
|
||||
# Call network execution process
|
||||
# exec_network_module ( $pa_config, $data_id_agent_module, $dbh);
|
||||
print "[PREDICT-CLIENT] Executing module # $data_id_agent_module \n";
|
||||
exec_prediction_module ($pa_config, $data_id_agent_module, $dbh);
|
||||
};
|
||||
if ($@){
|
||||
|
@ -161,7 +159,6 @@ print "[PREDICT-CLIENT] Executing module # $data_id_agent_module \n";
|
|||
# not been processed, but has been freed from task queue
|
||||
{
|
||||
lock $queue_lock;
|
||||
print "[CLIENT] Removing from queue (current task) module $data_id_agent_module \n";
|
||||
delete($current_task_hash{$data_id_agent_module});
|
||||
}
|
||||
$counter = 0;
|
||||
|
@ -233,15 +230,11 @@ sub pandora_prediction_producer ($) {
|
|||
((tagente_estado.last_execution_try + tagente_estado.current_interval) < UNIX_TIMESTAMP() OR tagente_modulo.flag = 1 )
|
||||
ORDER BY last_execution_try ASC";
|
||||
}
|
||||
# print "[DEBUG] SQL is $query1 \n";
|
||||
$exec_sql1 = $dbh->prepare($query1);
|
||||
$exec_sql1 ->execute;
|
||||
while (@sql_data1 = $exec_sql1->fetchrow_array()) {
|
||||
$data_id_agente_modulo = $sql_data1[0];
|
||||
|
||||
$data_flag = $sql_data1[1];
|
||||
print "[DEBUG] Procesando candidato $data_id_agente_modulo\n";
|
||||
|
||||
# Skip modules already queued
|
||||
if ((!defined($pending_task_hash{$data_id_agente_modulo})) &&
|
||||
(!defined($current_task_hash{$data_id_agente_modulo}))) {
|
||||
|
@ -250,7 +243,6 @@ print "[DEBUG] Procesando candidato $data_id_agente_modulo\n";
|
|||
}
|
||||
# Locking scope, do not remove redundant { }
|
||||
{
|
||||
print "[DEBUG] Metiendo $data_id_agente_modulo en cola \n";
|
||||
lock $queue_lock;
|
||||
push (@pending_task, $data_id_agente_modulo);
|
||||
$pending_task_hash {$data_id_agente_modulo}=1;
|
||||
|
@ -258,7 +250,6 @@ print "[DEBUG] Metiendo $data_id_agente_modulo en cola \n";
|
|||
}
|
||||
}
|
||||
#logger ($pa_config, "Items in Network Pending Queue: ".scalar(@pending_task), 5);
|
||||
print "[DEBUG] Items in Network Pending Queue: ".scalar(@pending_task);
|
||||
$exec_sql1->finish();
|
||||
sleep($pa_config->{"server_threshold"});
|
||||
} # Main loop
|
||||
|
@ -293,7 +284,6 @@ sub exec_prediction_module {
|
|||
$exec_sql = $dbh->prepare($query_sql);
|
||||
$exec_sql ->execute;
|
||||
$target_module = $exec_sql->fetchrow_hashref;
|
||||
|
||||
# Prediction mode explanation
|
||||
#
|
||||
# 0 is for target type of generic_proc. It compares latest data with current data. Needs to get
|
||||
|
@ -312,7 +302,7 @@ sub exec_prediction_module {
|
|||
} else {
|
||||
$prediction_mode = 1; # data
|
||||
}
|
||||
|
||||
|
||||
# Initialize another global sub variables.
|
||||
my $agent_name = dame_agente_nombre ($pa_config, $agent_module->{'id_agente'}, $dbh);
|
||||
my $module_data = 0; # 0 data for default
|
||||
|
@ -338,13 +328,32 @@ sub exec_prediction_module {
|
|||
my $average = 0;
|
||||
my $temp1 = 0;
|
||||
for ($i=0; $i < 4; $i++){
|
||||
print "DEBUG HASH REF ".$target_module->{'id_agente_modulo'};
|
||||
print "\n";
|
||||
my $first_data;
|
||||
my $last_data;
|
||||
my $average_interval;
|
||||
my $sum_data = 0;
|
||||
|
||||
$temp1 = $week_utimestamp[$i] + $agent_module->{'module_interval'};
|
||||
# Get data for week $i in the past
|
||||
$query_sql = 'SELECT AVG(datos) FROM tagente_datos WHERE id_agente_modulo = '. $target_module->{'id_agente_modulo'}. ' AND utimestamp > '.$week_utimestamp[$i].' AND utimestamp < '.$temp1;
|
||||
print "DEBUG SQL - $query_sql \n";
|
||||
$week_data[$i] = get_db_free_field ($query_sql, $dbh);
|
||||
$average_interval = get_db_free_field ($query_sql, $dbh);
|
||||
|
||||
# Need to get data outside interval because no data.
|
||||
if ($average_interval == 0){
|
||||
$query_sql = 'SELECT datos FROM tagente_datos WHERE id_agente_modulo = '. $target_module->{'id_agente_modulo'}. ' AND utimestamp > '.$week_utimestamp[$i].' LIMIT 1';
|
||||
$last_data = get_db_free_field ($query_sql, $dbh);
|
||||
if ($last_data != 0){
|
||||
$sum_data++;
|
||||
}
|
||||
$query_sql = 'SELECT datos FROM tagente_datos WHERE id_agente_modulo = '. $target_module->{'id_agente_modulo'}. ' AND utimestamp < '.$temp1.' LIMIT 1';
|
||||
$first_data = get_db_free_field ($query_sql, $dbh);
|
||||
if ($first_data != 0){
|
||||
$sum_data++;
|
||||
}
|
||||
$week_data[$i] = (($last_data + $first_data) / $sum_data);
|
||||
} else {
|
||||
$week_data[$i] = $average_interval;
|
||||
}
|
||||
|
||||
# It's possible that one of the week_data[i] values was not valid (NULL)
|
||||
# so recheck it and relay on n=0 for "no data" values set to 0 in result
|
||||
|
@ -357,27 +366,26 @@ print "DEBUG SQL - $query_sql \n";
|
|||
}
|
||||
|
||||
# Real average value
|
||||
print "Value of n is $n \n";
|
||||
if ($n > 0){
|
||||
$average = $average / $n;
|
||||
} else {
|
||||
$average = 0;
|
||||
}
|
||||
|
||||
# Calculate typical deviation
|
||||
my $typical_deviation = 0;
|
||||
for ($i=0; $i< $n; $i++){
|
||||
if ( (is_numeric($week_data[$i])) && ($week_data[$i] > 0) ) {
|
||||
$typical_deviation = $typical_deviation + (($week_data[$i] - $average)**2);
|
||||
}
|
||||
}
|
||||
$typical_deviation = sqrt ($typical_deviation / ($n-1));
|
||||
|
||||
# (PROC) Compare with current data
|
||||
if ($prediction_mode == 0){
|
||||
$query_sql = 'SELECT data FROM tagente_estado WHERE id_agente_modulo = '.$target_module->{'id_agente_modulo'};
|
||||
# Calculate typical deviation
|
||||
my $typical_deviation = 0;
|
||||
for ($i=0; $i< $n; $i++){
|
||||
if ( (is_numeric($week_data[$i])) && ($week_data[$i] > 0) ) {
|
||||
$typical_deviation = $typical_deviation + (($week_data[$i] - $average)**2);
|
||||
}
|
||||
}
|
||||
$typical_deviation = sqrt ($typical_deviation / ($n-1));
|
||||
|
||||
$query_sql = 'SELECT datos FROM tagente_estado WHERE id_agente_modulo = '.$target_module->{'id_agente_modulo'};
|
||||
my $current_value = get_db_free_field ($query_sql, $dbh);
|
||||
if ( ($current_value >= ($average - $typical_deviation)) || ($current_value <= ($average + $typical_deviation)) ){
|
||||
if ( ($current_value > ($average - $typical_deviation)) && ($current_value < ($average + $typical_deviation)) ){
|
||||
$module_data = 1; # OK !!
|
||||
} else {
|
||||
$module_data = 0; # Out of predictions
|
||||
|
@ -400,7 +408,7 @@ print "Value of n is $n \n";
|
|||
module_generic_data ($pa_config, \%part, $timestamp, $agent_name, $tipo_modulo, $dbh);
|
||||
}
|
||||
elsif (2 == $agent_module->{'id_tipo_modulo'}) {
|
||||
module_generic_data_inc ($pa_config, \%part, $timestamp, $agent_name, $tipo_modulo, $dbh);
|
||||
module_generic_proc ($pa_config, \%part, $timestamp, $agent_name, $tipo_modulo, $dbh);
|
||||
}
|
||||
else { # Unknown module!, this IS a problem
|
||||
logger ($pa_config, "[FATAL] Prediction Server Problem with unknown module type '$tipo_modulo'", 0);
|
||||
|
|
|
@ -221,7 +221,7 @@ sub pandora_calcula_alerta (%$$$$$$) {
|
|||
# --------------------------------------
|
||||
# Now call to execute_alert to real exec
|
||||
execute_alert ($pa_config, $id_alerta, $campo1, $campo2, $campo3,
|
||||
$nombre_agente, $timestamp, $datos, $comando, $alert_name, $descripcion, 1, $dbh);
|
||||
$nombre_agente, $timestamp, $datos, $comando, $alert_name, $descripcion, 1, $dbh);
|
||||
# --------------------------------------
|
||||
|
||||
# Evaluate compound alerts, since an alert has changed its status.
|
||||
|
@ -233,14 +233,8 @@ $nombre_agente, $timestamp, $datos, $comando, $alert_name, $descripcion, 1, $dbh
|
|||
$internal_counter++;
|
||||
# Now update new value for times_fired & last_fired
|
||||
# if we are below minlimit for triggering this alert
|
||||
logger ($pa_config, "Alarm not fired because is below min limit",6);
|
||||
} else { # Too many alerts fired (upper limit)
|
||||
logger ($pa_config, "Alarm not fired because is above max limit",6);
|
||||
}
|
||||
$dbh->do("UPDATE talerta_agente_modulo SET times_fired = $times_fired, internal_counter = $internal_counter WHERE id_aam = $id_aam");
|
||||
|
||||
# Evaluate compound alerts, since an alert has changed its status.
|
||||
pandora_evaluate_compound_alerts ($pa_config, $timestamp, $id_aam, $nombre_agente, 0, $dbh);
|
||||
}
|
||||
$dbh->do("UPDATE talerta_agente_modulo SET internal_counter = $internal_counter WHERE id_aam = $id_aam");
|
||||
}
|
||||
}
|
||||
else { # This block is executed because actual data is OUTSIDE
|
||||
|
@ -277,11 +271,11 @@ $nombre_agente, $timestamp, $datos, $comando, $alert_name, $descripcion, 1, $dbh
|
|||
# "alert_recovery" and set to 1 (disabled by default)
|
||||
if ($pa_config->{"alert_recovery"} eq "1"){
|
||||
execute_alert ($pa_config, $id_alerta, $campo1,
|
||||
"[RECOVERED ] - ".$campo2, "[ALERT CEASED - RECOVERED] - ".$campo3, $nombre_agente, $timestamp, $datos, $comando,
|
||||
$alert_name, $descripcion, 0, $dbh);
|
||||
"[RECOVERED ] - ".$campo2, "[ALERT CEASED - RECOVERED] - ".$campo3, $nombre_agente, $timestamp, $datos, $comando,
|
||||
$alert_name, $descripcion, 0, $dbh);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
if (($times_fired > 0) || ($internal_counter > 0)){
|
||||
$dbh->do("UPDATE talerta_agente_modulo SET internal_counter = 0, times_fired =0 WHERE id_aam = $id_aam");
|
||||
|
||||
|
@ -488,7 +482,7 @@ sub execute_alert (%$$$$$$$$$$$$) {
|
|||
my $dbh = $_[12];
|
||||
|
||||
# Compound only
|
||||
if ($id_alert == 0){
|
||||
if ($id_alert == 1){
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue