diff --git a/pandora_agents/win32/bin/pandora_agent.conf b/pandora_agents/win32/bin/pandora_agent.conf index fd98b3e4f9..34e24590af 100644 --- a/pandora_agents/win32/bin/pandora_agent.conf +++ b/pandora_agents/win32/bin/pandora_agent.conf @@ -1,6 +1,6 @@ # Base config file for Pandora FMS Windows Agent # (c) 2006-2014 Artica Soluciones Tecnologicas -# Version 5.1SP3 +# Version 5.1SP3 # This program is Free Software, you can redistribute it and/or modify it # under the terms of the GNU General Public Licence as published by the Free Software @@ -183,94 +183,100 @@ module_end #Antivirus monitoring #This modules checks the antivirus is running on your system, if there is and antivirus #This module gets the last date the signature file was updated and send this date to pandora. -module_begin -module_name Antivirus Last Update -module_type async_string -module_precondition =~ avguard.exe cmd.exe /c tasklist | grep avguard.exe | gawk "{print $1}" -module_exec dir "%ProgramFiles%\Avira\AntiVir Desktop\aevdf.dat" | grep aevdf.dat | gawk "{print $1\" \"$2}" -module_description Last update for Antivirus Signature file -module_end +#module_begin +#module_name Antivirus Last Update +#module_type async_string +#module_precondition =~ avguard.exe cmd.exe /c tasklist | grep avguard.exe | gawk "{print $1}" +#module_exec dir "%ProgramFiles%\Avira\AntiVir Desktop\aevdf.dat" | grep aevdf.dat | gawk "{print $1\" \"$2}" +#module_description Last update for Antivirus Signature file +#module_end + +# Windows inventory module (This information will be displayed only in enterprise version) -# Windows inventory module (This information will be displayed only in enterprise version)^M module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\cpuinfo.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\moboinfo.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\diskdrives.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\cdromdrives.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\videocardinfo.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\ifaces.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\monitors.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\printers.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\raminfo.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\software_installed.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\userslogged.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\productkey.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\productID.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end module_begin -module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\architecture.vbs" +module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\win_cf.vbs" module_crontab * 12-15 * * 1 +module_timeout 50 module_end -module_begin -module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\domain.vbs" -module_crontab * 12-15 * * 1 -module_end - -module_begin -module_plugin cscript.exe //B "%PROGRAMFILES%\Pandora_Agent\util\osversion.vbs" -module_crontab * 12-15 * * 1 -module_end # ---------------------------------------------------------------------------------------------------- # This samples below need to be reconfigured and uncommented. Please read documentation diff --git a/pandora_agents/win32/bin/util/software_installed.vbs b/pandora_agents/win32/bin/util/software_installed.vbs index 4317a06732..967aba2798 100644 --- a/pandora_agents/win32/bin/util/software_installed.vbs +++ b/pandora_agents/win32/bin/util/software_installed.vbs @@ -2,7 +2,8 @@ ' (c) 2015 Sancho Lerena ' (c) 2015 Borja Sanchez ' This plugin extends agent inventory feature. Only enterprise version -' -------------------------------------------------------------------------- +' Warning: If the system has the WMI corrupted, call this script with nowmi argument +' ------------------------------------------------------------------------------------ on error resume next Class ObjectList @@ -31,7 +32,7 @@ Class ObjectList End Class class AppClass - dim InstallDate,Caption,Version,Vendor + dim InstallDate,Caption,Version,Vendor end class ' Print the XML structure @@ -43,46 +44,50 @@ Wscript.StdOut.WriteLine "" '------ Checks if an item exists on the main collection function isItemInArray(objeto,coleccion) - for each id in coleccion.List - if (strComp(objeto,coleccion.List(id).caption) = 0) then - isItemInArray=true - exit function - end if - next - isItemInArray=false + for each id in coleccion.List + if (strComp(objeto,coleccion.List(id).caption) = 0) then + isItemInArray=true + exit function + end if + next + isItemInArray=false end function '------ main collection definition dim colObjSW : set colObjSW = new ObjectList strComputer = "." -'------ Retrieve the WMI registers first -Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") -Set colSoftware = objWMIService.ExecQuery ("SELECT installstate,caption,installdate,Version,vendor FROM Win32_Product") +' Disable by arguments WMI queries - corrupted WMI host + +If (not WScript.Arguments(0) = "nowmi") Then + '------ Retrieve the WMI registers first + Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") + Set colSoftware = objWMIService.ExecQuery ("SELECT installstate,caption,installdate,Version,vendor FROM Win32_Product",,48) -'------ Check all -'-- first) add all unique WMI (unique) entries to main collector -'-- second) add all unique REGISTRY items to main collector + '------ Check all + '-- first) add all unique WMI (unique) entries to main collector + '-- second) add all unique REGISTRY items to main collector -for each objSoftware in colSoftware - if ( objSoftware.installstate = 5 ) then - if ( isItemInArray(objSoftware.caption, colObjSW) = false ) then - ' It doesn't exists, added. - With colObjSW.Append(New AppClass) - .caption = objSoftware.caption - .InstallDate = objSoftware.InstallDate - .version = objSoftware.version - .vendor = objSoftware.vendor - End with - ' Add to XML the verified ones - Wscript.StdOut.WriteLine "" - end if - end if -next + for each objSoftware in colSoftware + if ( objSoftware.installstate = 5 ) then + if ( isItemInArray(objSoftware.caption, colObjSW) = false ) then + ' It doesn't exists, added. + With colObjSW.Append(New AppClass) + .caption = objSoftware.caption + .InstallDate = objSoftware.InstallDate + .version = objSoftware.version + .vendor = objSoftware.vendor + End with + ' Add to XML the verified ones + Wscript.StdOut.WriteLine "" + end if + end if + next +End If ' ------ Getting the REGISTRY Const HKLM = &H80000002 'HKEY_LOCAL_MACHINE @@ -123,12 +128,12 @@ For Each strSubkey In arrSubkeys ' foreach registry item, check if exists in the main collector ' it it exists, it doesn't be added. if ( isItemInArray(appname, colObjSW) = false ) then - ' as item doesn't exist, we add it to main collector and to XML - With colObjSW.Append(New AppClass) - .caption = appname - .version = appversion - End with - Wscript.StdOut.WriteLine "" + ' as item doesn't exist, we add it to main collector and to XML + With colObjSW.Append(New AppClass) + .caption = appname + .version = appversion + End with + Wscript.StdOut.WriteLine "" end if end if next diff --git a/pandora_agents/win32/bin/util/win_cf.vbs b/pandora_agents/win32/bin/util/win_cf.vbs new file mode 100644 index 0000000000..08c85b0339 --- /dev/null +++ b/pandora_agents/win32/bin/util/win_cf.vbs @@ -0,0 +1,292 @@ +' Pandora FMS Agent Custom Field Plugin for Microsoft Windows (All platfforms) +' (c) 2015 Borja Sanchez +' This plugin extends agent inventory feature. Only enterprise version +' ------------------------------------------- +' Custom fields information generator +' +' Basic structure: +' +' +' +' +' +' +' +' -------------------------------------------------------------------------- +' Custom Fields: Windows Agent + +' SET CORRECT BASE_DIR!! +Set WshShell = WScript.CreateObject("WScript.Shell") +AGENT_HOME_DIR = wshShell.ExpandEnvironmentStrings("%PROGRAMFILES%") & "\pandora_agent\" + +Function BASE_DIR (subitem) + BASE_DIR = chr(34) & AGENT_HOME_DIR & subitem & chr(34) +End Function + +randomize + +strComputer = "." +Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") + +'--------------------------------------------------------------------- +' Parses the pandora_agent configuration file to extract the +' fields agent_name, parent_agent_name and group +'--------------------------------------------------------------------- +Sub parse_conf_file () + + If WScript.Arguments.Count = 0 Then + pandora_agent_base_path = AGENT_HOME_DIR + Else + pandora_agent_base_path = WScript.Arguments(0) + End If + + Set objFSO = CreateObject("Scripting.FileSystemObject") + + If (Not objFSO.FileExists(pandora_agent_base_path & "pandora_agent.conf" ) ) Then + Exit Sub + End If + + Set objFile = objFSO.OpenTextFile(pandora_agent_base_path & "pandora_agent.conf", 1) + + name_flag = 1 + do until objFile.AtEndOfStream + + '"agent_name", "agent_name" + '"parent", "parent_agent_name" + '"group", "group" + line = objFile.ReadLine + If (Not "#" = Left(line, 1) ) Then + + lc = InStr(4, line," ") + If (lc > 0 ) Then + field = Left(line, lc -1) + value = Mid(line, lc +1, Len(line)) + + Select Case field + Case "agent_name" + If (Not value = "") Then + Wscript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + name_flag = 0 + End If + + Case "parent_agent_name","group" + Wscript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + End Select + End If + End If + loop + + If (name_flag = 1) Then + + Wscript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + Set cols = objWMIService.ExecQuery("SELECT caption FROM Win32_ComputerSystem") + + on error resume next + flag = cols.Count + If (err.number <> 0) Then + flag = true + Else + flag = false + End If + on error goto 0 + + If (NOT flag) Then + For Each data In cols + Wscript.StdOut.WriteLine "" + Next + End If + Wscript.StdOut.WriteLine "" + End If + + objFile.Close + + If objFSO.FileExists(OUT_FILE) Then + objFSO.DeleteFile OUT_FILE + End If + +End Sub + + + +' FILE STARTS +WScript.StdOut.WriteLine "" + +'-------------------------------- +' Custom Field: os_version +'-------------------------------- +Wscript.StdOut.WriteLine "" +Wscript.StdOut.WriteLine "" + +Set cols = objWMIService.ExecQuery("SELECT version from win32_operatingsystem") + +For Each data In cols + Wscript.StdOut.WriteLine "" +Next + +Wscript.StdOut.WriteLine "" +'-------------------------------- + + +'-------------------------------- +' Custom Field: Domain +'-------------------------------- +Wscript.StdOut.WriteLine "" +Wscript.StdOut.WriteLine "" + +Set cols = objWMIService.ExecQuery("SELECT Domain FROM Win32_ComputerSystem") + +For Each data In cols + Wscript.StdOut.WriteLine "" +Next + +Wscript.StdOut.WriteLine "" +'-------------------------------- + + + +'-------------------------------- +' Custom Field: Architecture +'-------------------------------- +Wscript.StdOut.WriteLine "" +Wscript.StdOut.WriteLine "" + +Set cols = objWMIService.ExecQuery("SELECT osarchitecture FROM Win32_OperatingSystem") + +on error resume next +flag = cols.Count +If (err.number <> 0) Then + flag = true +Else + flag = false +End If +on error goto 0 + + +If flag Then + Wscript.StdOut.WriteLine "" +Else + For Each data In cols + If ( NOT IsNull(data.osarchitecture) ) Then + Wscript.StdOut.WriteLine "" + Else + Wscript.StdOut.WriteLine "" + End If + Next +End If + + +Wscript.StdOut.WriteLine "" +'-------------------------------- + + +'-------------------------------- +' Extract info +'-------------------------------- +parse_conf_file +'-------------------------------- + + +'---------------------------------------------------- +' Custom Field: IP, IPv6 AND MAC -> XXX First found. +'---------------------------------------------------- +Set cols = objWMIService.ExecQuery("Select * from Win32_NetworkAdapter " & _ + "Where not PNPDeviceID like 'ROOT%%' " & _ + "and not PNPDeviceID like 'SW%%' " & _ + "and not ServiceName is null " & _ + "and not ServiceName like 'vwifimp' ") +on error resume next +flag = cols.Count +If (err.number <> 0) Then + flag = true +Else + flag = false +End If +on error goto 0 + + +If (NOT flag) Then + For Each iface In cols + ' return model MACAddress IPAddress + set ifaces_cfg = objWMIService.ExecQuery("Select IPAddress from Win32_NetworkAdapterConfiguration Where Caption='" & iface.caption & "'") + for each iface_cfg in ifaces_cfg + if ( NOT IsNull(iface_cfg.IPAddress) ) then + on error resume next + IP = trim(iface_cfg.IPAddress(0)) + If ( err.number <> 0 ) Then + IP = NULL + End If + MAC = iface.MACAddress + If ( err.number <> 0 ) Then + MAC = NULL + End If + IPv6 = trim(iface_cfg.IPAddress(1)) + If ( err.number <> 0 ) Then + IPv6 = NULL + End If + on error goto 0 + end if + next + Next +End If +If (NOT IsNull(IP)) Then + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" +End If + +If (NOT IsNull(IPv6)) Then + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" +End If + +If (NOT IsNull(MAC)) Then + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" +End If + +'-------------------------------- + + +'-------------------------------- +' Custom Field: Hostname +'-------------------------------- +Wscript.StdOut.WriteLine "" +Wscript.StdOut.WriteLine "" + +Set cols = objWMIService.ExecQuery("SELECT caption FROM Win32_ComputerSystem") + +on error resume next +flag = cols.Count +If (err.number <> 0) Then + flag = true +Else + flag = false +End If +on error goto 0 + +If (NOT flag) Then + For Each data In cols + Wscript.StdOut.WriteLine "" + Next +End If + +Wscript.StdOut.WriteLine "" + + +'-------------------------------- + +WScript.StdOut.WriteLine "" + +' FILE ENDS diff --git a/pandora_agents/win32/bin/util/win_cf_winxp.vbs b/pandora_agents/win32/bin/util/win_cf_winxp.vbs new file mode 100644 index 0000000000..662e14fc88 --- /dev/null +++ b/pandora_agents/win32/bin/util/win_cf_winxp.vbs @@ -0,0 +1,281 @@ +' Pandora FMS Agent Custom Field Plugin for Microsoft Windows Xp +' (c) 2015 Borja Sanchez +' This plugin extends agent inventory feature. Only enterprise version +' ------------------------------------------- +' Custom fields information generator +' +' Basic structure: +' +' +' +' +' +' +' +' -------------------------------------------------------------------------- +' Custom Fields: Windows Agent + +' SET CORRECT BASE_DIR!! +Set WshShell = WScript.CreateObject("WScript.Shell") +AGENT_HOME_DIR = wshShell.ExpandEnvironmentStrings("%PROGRAMFILES%") & "\pandora_agent\" + +Function BASE_DIR (subitem) + BASE_DIR = chr(34) & AGENT_HOME_DIR & subitem & chr(34) +End Function + +randomize + +strComputer = "." +Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") + +'--------------------------------------------------------------------- +' Parses the pandora_agent configuration file to extract the +' fields agent_name, parent_agent_name and group +'--------------------------------------------------------------------- +Sub parse_conf_file () + + If WScript.Arguments.Count = 0 Then + pandora_agent_base_path = AGENT_HOME_DIR + Else + pandora_agent_base_path = WScript.Arguments(0) + End If + + Set objFSO = CreateObject("Scripting.FileSystemObject") + + If (Not objFSO.FileExists(pandora_agent_base_path & "pandora_agent.conf" ) ) Then + Exit Sub + End If + + Set objFile = objFSO.OpenTextFile(pandora_agent_base_path & "pandora_agent.conf", 1) + + name_flag = 1 + do until objFile.AtEndOfStream + + '"agent_name", "agent_name" + '"parent", "parent_agent_name" + '"group", "group" + line = objFile.ReadLine + If (Not "#" = Left(line, 1) ) Then + + lc = InStr(4, line," ") + If (lc > 0 ) Then + field = Left(line, lc -1) + value = Mid(line, lc +1, Len(line)) + + Select Case field + Case "agent_name" + If (Not value = "") Then + Wscript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + name_flag = 0 + End If + + Case "parent_agent_name","group" + Wscript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + End Select + End If + End If + loop + + If (name_flag = 1) Then + + Wscript.StdOut.WriteLine "" + Wscript.StdOut.WriteLine "" + Set cols = objWMIService.ExecQuery("SELECT caption FROM Win32_ComputerSystem") + + on error resume next + flag = cols.Count + If (err.number <> 0) Then + flag = true + Else + flag = false + End If + on error goto 0 + + If (NOT flag) Then + For Each data In cols + Wscript.StdOut.WriteLine "" + Next + End If + Wscript.StdOut.WriteLine "" + End If + + objFile.Close + + If objFSO.FileExists(OUT_FILE) Then + objFSO.DeleteFile OUT_FILE + End If + +End Sub + + + +' FILE STARTS +WScript.StdOut.WriteLine "" + +'-------------------------------- +' Custom Field: os_version +'-------------------------------- +Wscript.StdOut.WriteLine "" +Wscript.StdOut.WriteLine "" + +Set cols = objWMIService.ExecQuery("SELECT version from win32_operatingsystem") + +For Each data In cols + Wscript.StdOut.WriteLine "" +Next + +Wscript.StdOut.WriteLine "" +'-------------------------------- + + +'-------------------------------- +' Custom Field: Domain +'-------------------------------- +Wscript.StdOut.WriteLine "" +Wscript.StdOut.WriteLine "" + +Set cols = objWMIService.ExecQuery("SELECT Domain FROM Win32_ComputerSystem") + +For Each data In cols + Wscript.StdOut.WriteLine "" +Next + +Wscript.StdOut.WriteLine "" +'-------------------------------- + + + +'-------------------------------- +' Custom Field: Architecture +'-------------------------------- +Wscript.StdOut.WriteLine "" +Wscript.StdOut.WriteLine "" + +Set cols = objWMIService.ExecQuery("SELECT osarchitecture FROM Win32_OperatingSystem") + +on error resume next +flag = cols.Count +If (err.number <> 0) Then + flag = true +Else + flag = false +End If +on error goto 0 + + +If flag Then + Wscript.StdOut.WriteLine "" +Else + For Each data In cols + If ( NOT IsNull(data.osarchitecture) ) Then + Wscript.StdOut.WriteLine "" + Else + Wscript.StdOut.WriteLine "" + End If + Next +End If + + +Wscript.StdOut.WriteLine "" +'-------------------------------- + + +'-------------------------------- +' Extract info +'-------------------------------- +parse_conf_file +'-------------------------------- + + +'---------------------------------------------------- +' Custom Field: IP, IPv6 AND MAC -> XXX First found. +'---------------------------------------------------- +Set cols = objWMIService.ExecQuery("Select * from Win32_NetworkAdapter " & _ + "Where not PNPDeviceID like 'ROOT%%' " & _ + "and not PNPDeviceID like 'SW%%' " & _ + "and not ServiceName is null " & _ + "and not ServiceName like 'vwifimp' ") +on error resume next +flag = cols.Count +If (err.number <> 0) Then + flag = true +Else + flag = false +End If +on error goto 0 + + +If (NOT flag) Then + For Each iface In cols + ' return model MACAddress IPAddress + set ifaces_cfg = objWMIService.ExecQuery("Select IPAddress from Win32_NetworkAdapterConfiguration Where Caption='" & iface.caption & "'") + for each iface_cfg in ifaces_cfg + if ( NOT IsNull(iface_cfg.IPAddress) ) then + on error resume next + IP = trim(iface_cfg.IPAddress(0)) + If ( err.number <> 0 ) Then + IP = NULL + End If + MAC = iface.MACAddress + If ( err.number <> 0 ) Then + MAC = NULL + End If + on error goto 0 + end if + next + Next +End If +If (NOT IsNull(IP)) Then + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" +End If + +If (NOT IsNull(MAC)) Then + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" + WScript.StdOut.WriteLine "" +End If + +'-------------------------------- + + +'-------------------------------- +' Custom Field: Hostname +'-------------------------------- +Wscript.StdOut.WriteLine "" +Wscript.StdOut.WriteLine "" + +Set cols = objWMIService.ExecQuery("SELECT caption FROM Win32_ComputerSystem") + +on error resume next +flag = cols.Count +If (err.number <> 0) Then + flag = true +Else + flag = false +End If +on error goto 0 + +If (NOT flag) Then + For Each data In cols + Wscript.StdOut.WriteLine "" + Next +End If + +Wscript.StdOut.WriteLine "" + + +'-------------------------------- + +WScript.StdOut.WriteLine "" + +' FILE ENDS