From 1fbba70eb1e4b774d25b8f2461bf0828cf08aa97 Mon Sep 17 00:00:00 2001 From: Ramon Novoa Date: Thu, 26 Oct 2023 18:50:27 +0200 Subject: [PATCH] Add configuration options for vulnerability scans. --- pandora_server/lib/PandoraFMS/Config.pm | 3 +++ pandora_server/lib/PandoraFMS/Core.pm | 10 +++++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/pandora_server/lib/PandoraFMS/Config.pm b/pandora_server/lib/PandoraFMS/Config.pm index 33654baa6a..92ea7ac4e7 100644 --- a/pandora_server/lib/PandoraFMS/Config.pm +++ b/pandora_server/lib/PandoraFMS/Config.pm @@ -206,6 +206,9 @@ sub pandora_get_sharedconfig ($$) { # Server identifier $pa_config->{'server_unique_identifier'} = pandora_get_tconfig_token ($dbh, 'server_unique_identifier', ''); + + # Vulnerability scans + $pa_config->{'agent_vulnerabilities'} = pandora_get_tconfig_token ($dbh, 'agent_vulnerabilities', 0); } ########################################################################## diff --git a/pandora_server/lib/PandoraFMS/Core.pm b/pandora_server/lib/PandoraFMS/Core.pm index 8e1b52d34c..7cd108376e 100644 --- a/pandora_server/lib/PandoraFMS/Core.pm +++ b/pandora_server/lib/PandoraFMS/Core.pm @@ -8010,9 +8010,13 @@ sub process_inventory_module_data ($$$$$$$$) { } # Vulnerability scan. - my $vulnerability_data = enterprise_hook('process_inventory_vulnerabilities', [$pa_config, $agent->{'os_version'}, $data, $inventory_module, $dbh]); - if (defined($vulnerability_data) && $vulnerability_data ne '') { - process_inventory_module_data ($pa_config, $vulnerability_data, $server_id, $agent_name, 'Vulnerabilities', $interval, $timestamp, $dbh); + if (($pa_config->{'agent_vulnerabilities'} == 0 && $agent->{'vul_scan_enabled'} == 1) || + ($pa_config->{'agent_vulnerabilities'} == 1 && $agent->{'vul_scan_enabled'} == 1) || + ($pa_config->{'agent_vulnerabilities'} == 1 && $agent->{'vul_scan_enabled'} == 2)) { + my $vulnerability_data = enterprise_hook('process_inventory_vulnerabilities', [$pa_config, $agent->{'os_version'}, $data, $inventory_module, $dbh]); + if (defined($vulnerability_data) && $vulnerability_data ne '') { + process_inventory_module_data ($pa_config, $vulnerability_data, $server_id, $agent_name, 'Vulnerabilities', $interval, $timestamp, $dbh); + } } }