tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-7595-12357-prototipo-event-server-paralelizado-y-con-recuperacion-de-alertas-bingo-card' into 'develop' 

CorrelationServer

See merge request artica/pandorafms!4377
This commit is contained in:
Daniel Rodriguez 2021-10-29 10:07:25 +00:00
parent c903942c7b bf0064d486
commit 3883c99804
21 changed files with 121 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/extensions/agents_modules.php
View File

@ -664,7 +664,7 @@ function mainAgentsModules()
$name = $module;
$modules_by_name[$cont]['name'] = $name;
$modules_by_name[$cont]['id'][] = $key;
$cont ++;
$cont++;
}
}

3
pandora_console/extras/mr/50.sql
View File

@ -124,4 +124,7 @@ INSERT IGNORE INTO `tncm_script` VALUES
INSERT INTO `tncm_template_scripts`(`id_template`, `id_script`) VALUES (1,1),(1,2),(1,3),(1,4),(1,5);
ALTER TABLE `tevent_alert` ADD COLUMN `last_evaluation` bigint(20) NOT NULL default 0;
ALTER TABLE `tevent_alert` ADD COLUMN `pool_occurrences` int unsigned not null default 0;
COMMIT;

2
pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
View File

@ -712,6 +712,8 @@ ALTER TABLE `tevent_alert` MODIFY COLUMN `time_threshold` int(10) NOT NULL defau
ALTER TABLE `tevent_alert` ADD COLUMN `disable_event` tinyint(1) DEFAULT 0;
ALTER TABLE `tevent_alert` ADD COLUMN `id_template_conditions` int(10) unsigned NOT NULL default 0;
ALTER TABLE `tevent_alert` ADD COLUMN `id_template_fields` int(10) unsigned NOT NULL default 0;
ALTER TABLE `tevent_alert` ADD COLUMN `last_evaluation` bigint(20) NOT NULL default 0;
ALTER TABLE `tevent_alert` ADD COLUMN `pool_occurrences` int unsigned not null default 0;
-- -----------------------------------------------------
-- Table `tevent_alert_action`

2
pandora_console/godmode/massive/massive_add_profiles.php
View File

@ -85,7 +85,7 @@ if ($create_profiles) {
);
$return = profile_create_user_profile($user, $profile, $group);
if ($return !== false) {
$n_added ++;
$n_added++;
}
}
}

15
pandora_console/godmode/massive/massive_operations.php
View File

@ -219,7 +219,8 @@ $alertstab = [
'title' => __('Alerts operations'),
'class' => 'invert_filter',
]
).'</a>', 'active' => $tab == 'massive_alerts',
).'</a>',
'active' => $tab == 'massive_alerts',
];
$userstab = [
@ -230,7 +231,8 @@ $userstab = [
'title' => __('Users operations'),
'class' => 'invert_filter',
]
).'</a>', 'active' => $tab == 'massive_users',
).'</a>',
'active' => $tab == 'massive_users',
];
$agentstab = [
@ -241,7 +243,8 @@ $agentstab = [
'title' => __('Agents operations'),
'class' => 'invert_filter',
]
).'</a>', 'active' => $tab == 'massive_agents',
).'</a>',
'active' => $tab == 'massive_agents',
];
$modulestab = [
@ -252,7 +255,8 @@ $agentstab = [
'title' => __('Modules operations'),
'class' => 'invert_filter',
]
).'</a>', 'active' => $tab == 'massive_modules',
).'</a>',
'active' => $tab == 'massive_modules',
];
$pluginstab = [
@ -263,7 +267,8 @@ $agentstab = [
'title' => __('Plugins operations'),
'class' => 'invert_filter',
]
).'</a>', 'active' => $tab == 'massive_plugins',
).'</a>',
'active' => $tab == 'massive_plugins',
];
$policiestab = enterprise_hook('massive_policies_tab');

4
pandora_console/godmode/servers/modificar_server.php
View File

@ -231,8 +231,8 @@ if (isset($_GET['server'])) {
<script language="javascript" type="text/javascript">
$(document).ready (function () {
var id_server = <?php echo $id_server; ?>;
var server_type = <?php echo $row['server_type']; ?>;
var id_server = '<?php echo $id_server; ?>';
var server_type = '<?php echo $row['server_type']; ?>';
$("#check_exec_server img").on("click", function () {
$("#check_exec_server img").attr("src", "images/spinner.gif");

3
pandora_console/godmode/wizards/DiscoveryTaskList.class.php
View File

@ -178,7 +178,8 @@ class DiscoveryTaskList extends HTML
'attributes' => 'class="sub cancel"',
'return' => true,
],
],[
],
[
'class' => 'action-buttons rule-builder-actions',
'arguments' => [
'name' => 'refresh',

2
pandora_console/include/class/CredentialStore.class.php
View File

@ -149,7 +149,7 @@ class CredentialStore extends Wizard
* @param string $ajax_controller Path of ajaxController, is the 'page'
* variable sent in ajax calls.
*
* @return Object
* @return object
*/
public function __construct($ajax_controller)
{

1
pandora_console/include/constants.php
View File

@ -425,6 +425,7 @@ define('SERVER_TYPE_SYSLOG', 18);
define('SERVER_TYPE_AUTOPROVISION', 19);
define('SERVER_TYPE_MIGRATION', 20);
define('SERVER_TYPE_ALERT', 21);
define('SERVER_TYPE_CORRELATION', 22);
define('SERVER_TYPE_NCM', 23);
// REPORTS.

2
pandora_console/include/functions.php
View File

@ -2092,7 +2092,7 @@ function get_snmpwalk(
$snmpwalk = [];
// Check if OID is available.
if (count($output) == 1 && strpos($output[0], "No Such Object available on this agent at this OID") !== false) {
if (count($output) == 1 && strpos($output[0], 'No Such Object available on this agent at this OID') !== false) {
return $snmpwalk;
}

2
pandora_console/include/functions_netflow.php
View File

@ -573,7 +573,7 @@ function netflow_get_data(
while ($pos > 0) {
$number = ($number * 1000);
$pos --;
$pos--;
}
$values['data'][$interval_end][$line['agg']] = $number;

12
pandora_console/include/functions_reporting.php
View File

@ -2702,7 +2702,7 @@ function reporting_agent_module($report, $content)
foreach ($modules as $modul_id) {
$modules_by_name[$cont]['name'] = io_safe_output(modules_get_agentmodule_name($modul_id));
$modules_by_name[$cont]['id'] = $modul_id;
$cont ++;
$cont++;
}
if ($modules_by_name == false || $agents == false) {
@ -14153,31 +14153,31 @@ function reporting_module_histogram_graph($report, $content, $pdf=0)
$array_graph[$data_total]['data'] = AGENT_MODULE_STATUS_NOT_INIT;
// NOT INIT.
$time_not_init = ($time_not_init + ($tend - $tstart));
$data_not_init ++;
$data_not_init++;
} else if ($tacum_data === null) {
$array_graph[$data_total]['data'] = AGENT_MODULE_STATUS_UNKNOWN;
// UNKNOWN.
$time_unknown = ($time_unknown + ($tend - $tstart));
$data_unknown ++;
$data_unknown++;
} else if (( (isset($min_value_critical) || isset($max_value_critical)) && ($modules_is_string === false) && ($sla_check_value_critical == true) )
|| ( isset($max_value_critical) && ($modules_is_string === true) && $string_check_value_critical )
) {
$array_graph[$data_total]['data'] = AGENT_MODULE_STATUS_CRITICAL_BAD;
// CRITICAL.
$time_critical = ($time_critical + ($tend - $tstart));
$data_critical ++;
$data_critical++;
} else if (( (isset($min_value_warning) || isset($max_value_warning)) && ($modules_is_string === false) && ($sla_check_value_warning == true) )
|| ( isset($max_value_warning) && ($modules_is_string === true) && $sla_check_value_warning )
) {
$array_graph[$data_total]['data'] = AGENT_MODULE_STATUS_WARNING;
// WARNING.
$time_warning = ($time_warning + ($tend - $tstart));
$data_warning ++;
$data_warning++;
} else {
$array_graph[$data_total]['data'] = AGENT_MODULE_STATUS_NORMAL;
// OK.
$time_ok = ($time_ok + ($tend - $tstart));
$data_ok ++;
$data_ok++;
}
$array_graph[$data_total]['utimestamp'] = ($tend - $tstart);

13
pandora_console/include/functions_servers.php
View File

@ -696,6 +696,19 @@ function servers_get_info($id_server=-1)
$id_modulo = 2;
break;
case SERVER_TYPE_CORRELATION:
$server['img'] = html_print_image(
'images/lightning_go.png',
true,
[
'title' => __('Correlation server'),
'class' => 'invert_filter',
]
);
$server['type'] = 'correlation';
$id_modulo = 0;
break;
case SERVER_TYPE_ENTERPRISE_ICMP:
$server['img'] = html_print_image(
'images/network.png',

2
pandora_console/pandoradb.sql
View File

@ -3022,6 +3022,8 @@ CREATE TABLE IF NOT EXISTS `tevent_alert` (
`disable_event` tinyint(1) default 0,
`id_template_conditions` int(10) unsigned NOT NULL default 0,
`id_template_fields` int(10) unsigned NOT NULL default 0,
`last_evaluation` bigint(20) NOT NULL default 0,
`pool_occurrences` int unsigned not null default 0,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

8
pandora_server/conf/pandora_server.conf.new
View File

@ -478,6 +478,14 @@ export_threads 1
eventserver 0
# Enable (1) or disable (0) Pandora FMS Correlation Server (PANDORA FMS ENTERPRISE ONLY).
correlationserver 0
# Time in seconds to re-evaluate correlation alerts pool (PANDORA FMS ENTERPRISE ONLY).
correlation_threshold 30
# Correlated alerts, event window in seconds (3600 by default) (PANDORA FMS ENTERPRISE ONLY).
event_window 3600

8
pandora_server/lib/PandoraFMS/Config.pm
View File

@ -305,6 +305,8 @@ sub pandora_load_config {
$pa_config->{"google_maps_description"} = 0;
$pa_config->{'openstreetmaps_description'} = 0;
$pa_config->{"eventserver"} = 1; # 4.0
$pa_config->{"correlationserver"} = 0; # 757
$pa_config->{"correlation_threshold"} = 30; # 757
$pa_config->{"event_window"} = 3600; # 4.0
$pa_config->{"log_window"} = 3600; # 7.741
$pa_config->{"elastic_query_size"} = 10; # 7.754 Elements per request (ELK)
@ -793,6 +795,12 @@ sub pandora_load_config {
elsif ($parametro =~ m/^eventserver\s+([0-9]*)/i) {
$pa_config->{'eventserver'}= clean_blank($1);
}
elsif ($parametro =~ m/^correlationserver\s+([0-9]*)/i) {
$pa_config->{'correlationserver'}= clean_blank($1);
}
elsif ($parametro =~ m/^correlation_threshold\s+([0-9]*)/i) {
$pa_config->{'correlation_threshold'}= clean_blank($1);
}
elsif ($parametro =~ m/^icmpserver\s+([0-9]*)/i) {
$pa_config->{'icmpserver'}= clean_blank($1);
}

34
pandora_server/lib/PandoraFMS/Core.pm
View File

@ -281,7 +281,31 @@ our @EXPORT = qw(
# Some global variables
our @DayNames = qw(sunday monday tuesday wednesday thursday friday saturday);
our @ServerTypes = qw (dataserver networkserver snmpconsole reconserver pluginserver predictionserver wmiserver exportserver inventoryserver webserver eventserver icmpserver snmpserver satelliteserver transactionalserver mfserver syncserver wuxserver syslogserver provisioningserver migrationserver);
our @ServerTypes = qw (
dataserver
networkserver
snmpconsole
reconserver
pluginserver
predictionserver
wmiserver
exportserver
inventoryserver
webserver
eventserver
icmpserver
snmpserver
satelliteserver
transactionalserver
mfserver
syncserver
wuxserver
syslogserver
provisioningserver
migrationserver
alertserver
correlationserver
);
our @AlertStatus = ('Execute the alert', 'Do not execute the alert', 'Do not execute the alert, but increment its internal counter', 'Cease the alert', 'Recover the alert', 'Reset internal counter');
# Event storm protection (no alerts or events)
@ -639,7 +663,7 @@ sub pandora_evaluate_alert ($$$$$$$;$$$$) {
]
);
return $status unless (defined ($rc) && $rc == 1);
return $status unless !PandoraFMS::Tools::is_empty($rc) && $rc == 1;
}
# Check min and max alert limits
@ -709,7 +733,7 @@ sub pandora_process_alert ($$$$$$$$;$$) {
# Generate an event
if ($table eq 'tevent_alert') {
pandora_event ($pa_config, "Alert ceased (" .
pandora_event ($pa_config, "Correlated alert ceased (" .
safe_output($alert->{'name'}) . ")", 0, 0, $alert->{'priority'}, $id,
(defined ($alert->{'id_agent_module'}) ? $alert->{'id_agent_module'} : 0),
"alert_ceased", 0, $dbh, 'monitoring_server', '', '', '', '', $critical_instructions, $warning_instructions, $unknown_instructions);
@ -738,7 +762,7 @@ sub pandora_process_alert ($$$$$$$$;$$) {
if ($pa_config->{'alertserver'} == 1 && defined ($alert->{'id_template_module'})) {
pandora_queue_alert($pa_config, $dbh, $data, $alert, 0, $extra_macros);
} else {
pandora_execute_alert ($pa_config, $data, $agent, $module, $alert, 0, $dbh, $timestamp, 0, $extra_macros);
pandora_execute_alert ($pa_config, $data, $agent, $module, $alert, 0, $dbh, $timestamp, 0, $extra_macros, $is_correlated_alert);
}
return;
}
@ -983,7 +1007,7 @@ sub pandora_execute_alert ($$$$$$$$$;$$) {
$text = "Correlated alert $text";
pandora_event (
$pa_config,
"$text (" . safe_output($alert->{'name'}) . ") " . (defined ($module) ? 'assigned to ('. safe_output($module->{'nombre'}) . ")" : ""),
"$text (" . safe_output($alert->{'name'}) . ") ",
(defined ($agent) ? $agent->{'id_grupo'} : 0),
# id agent.
0,

2
pandora_server/lib/PandoraFMS/DB.pm
View File

@ -917,7 +917,7 @@ sub get_db_value_limit ($$$;@) {
##########################################################################
## Get a single row returned by an SQL query as a hash reference. Returns
## -1 on error.
## hash or undef on error.
##########################################################################
sub get_db_single_row ($$;@) {
my ($dbh, $query, @values) = @_;

9
pandora_server/lib/PandoraFMS/Tools.pm
View File

@ -67,6 +67,7 @@ our @EXPORT = qw(
INVENTORYSERVER
WEBSERVER
EVENTSERVER
CORRELATIONSERVER
ICMPSERVER
SNMPSERVER
SATELLITESERVER
@ -192,6 +193,7 @@ use constant SYSLOGSERVER => 18;
use constant PROVISIONINGSERVER => 19;
use constant MIGRATIONSERVER => 20;
use constant ALERTSERVER => 21;
use constant CORRELATIONSERVER => 22;
use constant NCMSERVER => 23;
# Module status
@ -780,12 +782,12 @@ sub md5check {
sub logger ($$;$) {
my ($pa_config, $message, $level) = @_;
# Clean any string and ready to be printed in screen/file
$message = safe_output ($message);
$level = 1 unless defined ($level);
return if (!defined ($pa_config->{'verbosity'}) || $level > $pa_config->{'verbosity'});
# Clean any string and ready to be printed in screen/file
$message = safe_output ($message);
if (!defined($pa_config->{'log_file'})) {
print strftime ("%Y-%m-%d %H:%M:%S", localtime()) . " [V". $level ."] " . $message . "\n";
return;
@ -2524,6 +2526,7 @@ sub get_server_name {
return "PROVISIONINGSERVER" if ($server_type eq PROVISIONINGSERVER);
return "MIGRATIONSERVER" if ($server_type eq MIGRATIONSERVER);
return "ALERTSERVER" if ($server_type eq ALERTSERVER);
return "CORRELATIONSERVER" if ($server_type eq CORRELATIONSERVER);
return "UNKNOWN";
}