2010-04-23 Sancho Lerena <slerena@artica.es>

* bin/pandora_agent.conf: Updated sample conf with some examples of inventory usage, and agent plugins (commented). * bin/util/df.vbs, bin/util/ps.vbs: Added flush in the end of each module * bin/util/logevent_log4x.vbs: New agent plugin to parse eventlog and generate a Log4x format. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@2604 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2010-04-23 16:47:28 +00:00 · 2010-04-23 16:47:28 +00:00 · 2219ed336e
parent a7b159323c
commit 2219ed336e
5 changed files with 132 additions and 16 deletions
--- a/pandora_agents/win32/ChangeLog
+++ b/pandora_agents/win32/ChangeLog
@ -1,3 +1,13 @@
+2010-04-23  Sancho Lerena <slerena@artica.es>
+
+	* bin/pandora_agent.conf: Updated sample conf with some examples of
+	inventory usage, and agent plugins (commented).
+
+	* bin/util/df.vbs, bin/util/ps.vbs: Added flush in the end of each module
+
+	* bin/util/logevent_log4x.vbs: New agent plugin to parse eventlog and
+	generate a Log4x format.
+
 2010-04-23  Ramon Novoa  <rnovoa@artica.es>

 	* modules/pandora_module_inventory.cc: Fixed a couple of XML tags.
@ -39,6 +49,7 @@
 	* Makefile.am: Updated sources. Removed tinyxml and added the plugin
 	  module.

+>>>>>>> .r2603
 2010-04-16  Ramon Novoa  <rnovoa@artica.es>

 	* windows/pandora_wmi.cc: fixed getOSVersion. Crashed in Windows 2008
--- a/pandora_agents/win32/bin/pandora_agent.conf
+++ b/pandora_agents/win32/bin/pandora_agent.conf
@ -1,16 +1,17 @@
 # Base config file for Pandora FMS Windows Agent
 # (c) 2006-2009 Artica Soluciones Tecnologicas 
-# Version 3.0
+# version 3.0

 # This program is Free Software, you can redistribute it and/or modify it
 # under the terms of the GNU General Public Licence as published by the Free Software
-# Foundation; either version 2 of the Licence or any later version.
+# Foundation; either version 2 of the Licence or any later version
 # This program is distributed in the hope that it will be useful, but
 # WITHOUT ANY WARRANTY, without ever the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE.
+# FOR A PARTICULAR PURPOSE

 # Edit this file to change your parameters or/and add your own modules
 # Any line with a # character at the first column will be ignored (comment)
+
 # General Parameters
 # ==================

@ -24,7 +25,7 @@ temporal "$AgentTemp$"
 # use directive agent_name (do not use blank spaces, please).
 # This parameter is CASE SENSITIVE.

-#agent_name My_Custom_Agent_name
+# agent_name My_Custom_Agent_name

 # Group assigned for this agent (descriptive, p.e: Servers)
 #group Servers
@ -63,11 +64,25 @@ server_port 41121
 # Enable or disable XML buffer.
 xml_buffer 0

-
 # Module Definition
 # Check online documentation and module library at http://pandorafms.org
 # =================

+# Sample of Windows inventory module (ONLY ENTERPRISE)!
+#module_begin
+#module_name Inventory
+#module_interval 7
+#module_type generic_data_string
+#module_inventory RAM Patches Software Services NIC
+#module_description Inventory
+#module_end
+
+# Example plugin to retrieve last 5 min events in log4x format
+# module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\logevent_log4x.vbs" Aplicacion System 300
+
+# Example plugin to retrieve drive usage
+# module_plugin cscript.exe //B "%ProgramFiles%\Pandora_Agent\util\df.vbs"
+
 # Free space on disk C:
 module_begin
 module_name FreeDiskC
@ -187,6 +202,3 @@ module_end
 #process_firefox_stop killall firefox
 #service_messenger 1

-# Example plugin to retrieve drive usage
-# module_plugin cscript.exe //B "C:\Program Files\pandora_agent\util\df.vbs"
-
--- a/pandora_agents/win32/bin/util/df.vbs
+++ b/pandora_agents/win32/bin/util/df.vbs
@ -27,6 +27,7 @@ For Each objItem in colItems
 			Wscript.StdOut.WriteLine "    <description><![CDATA[Drive " & objItem.Name & " free space in MB]]></description>"
 			Wscript.StdOut.WriteLine "    <data><![CDATA[" & Int(objItem.FreeSpace /1048576) & "]]></data>"
 			Wscript.StdOut.WriteLine "</module>"
+            Wscript.StdOut.flush
 		End If
 	End If
 Next
--- a/pandora_agents/win32/bin/util/logevent_log4x.vbs
+++ b/pandora_agents/win32/bin/util/logevent_log4x.vbs
@ -0,0 +1,91 @@
+' --------------------------------------------------------------
+' WMI Log Event Parser for Windows
+' Used as Plugin in Pandora FMS Monitoring System
+' Written by Sancho Lerena <slerena@gmail.com> 2010
+' Licensed under BSD Licence
+' --------------------------------------------------------------
+
+' This plugin uses three parameters:
+'
+' module_name : Module name to be reported at pandora, p.e: Event_Application
+' logfile : Windows event logfile: Application, System, Security...
+' interval: Should be the same interval agent has, p.e: 300 (seconds)
+
+' Code begins here
+
+' Take args from command line
+if (Wscript.Arguments.Count = 0) then
+	WScript.Quit	
+end if
+
+On Error Resume Next
+cfg_module_name = Wscript.Arguments(0)
+cfg_logfile = Wscript.Arguments(1)
+cfg_interval = Wscript.Arguments(2)
+strComputer = "."
+
+MyDate = dateAdd("s", -cfg_interval, Now) ' Latest X seconds
+
+Set dtmStartDate = CreateObject("WbemScripting.SWbemDateTime")
+
+DateToCheck = CDate(MyDate)
+dtmStartDate.SetVarDate DateToCheck, CONVERT_TO_LOCAL_TIME
+
+WMI_QUERY = "Select * from Win32_NTLogEvent Where Logfile = '" & cfg_logfile & "' AND TimeWritten >= '" & dtmStartDate & "'"
+
+' DEBUG
+'wscript.StdOut.WriteLine dtmStartDate
+'wscript.StdOut.WriteLine WMI_QUERY
+
+Set objWMIService = GetObject("winmgmts:" _
+    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
+Set colEvents = objWMIService.ExecQuery (WMI_QUERY) 
+
+'The XML files need the have the fields SEVERITY, MESSAGE and
+'STACKTRACE. These are the fields that are often used when logging with
+'log4j. Just in case, the severity field can have the following values:
+'TRACE, DEBUG, INFO, WARN, ERROR, FATAL. The "message" field is just
+
+For Each objEvent in colEvents
+
+    if (objEvent.Type = "0") then
+		severity = "FATAL"
+	end if
+	
+	if (objEvent.Type = "1") then
+		severity = "ERROR"
+	end if
+	
+	if (objEvent.Type = "2") then
+		severity = "WARN"
+	end if
+	
+	if (objEvent.Type >= "3") then
+		severity = "INFO"
+	end if
+	
+	stacktrace = "Category: " & objEvent.CategoryString & ", Event Code: " & objEvent.EventCode & ", Source Name: " & objEvent.SourceName & ", LogFile: " & cfg_logfile
+
+    event_message = objEvent.Message
+	Wscript.StdOut.Write "<module>"
+	Wscript.StdOut.Write "<name><![CDATA[" & cfg_module_name & "]]></name>"
+	Wscript.StdOut.Write "<type>log4x</type>"
+	Wscript.StdOut.Write "<severity>" & severity & "</severity>"
+
+        if (event_message = "") then
+            Wscript.StdOut.Write "<message></message>"
+        else
+	    Wscript.StdOut.Write "<message><![CDATA[" & event_message & "]]></message>"
+	end if
+
+        if (stacktrace = "") then
+            Wscript.StdOut.Write "<stacktrace></stacktrace>"
+        else
+	    Wscript.StdOut.Write "<stacktrace><![CDATA[" & stacktrace & "]]></stacktrace>"
+	end if
+
+	Wscript.StdOut.WriteLine "</module>"        
+        Wscript.StdOut.flush
+Next
+
+' Code ends here
--- a/pandora_agents/win32/bin/util/ps.vbs
+++ b/pandora_agents/win32/bin/util/ps.vbs
@ -30,4 +30,5 @@ For i = 0 To argc - 1
 		Wscript.StdOut.WriteLine "    <data><![CDATA[" & 0 & "]]></data>"
 	End If
 	Wscript.StdOut.WriteLine "</module>"
+    Wscript.StdOut.flush
 Next