From 6dac9039d4693481d842f48ebfd74275df08c0f6 Mon Sep 17 00:00:00 2001 From: Luis Date: Tue, 6 Apr 2021 17:21:56 +0000 Subject: [PATCH] Ent 4475 validar alertas api cli --- pandora_console/include/functions_api.php | 130 ++++++++++++++++++++ pandora_server/util/pandora_manage.pl | 140 ++++++++++++++++++++++ 2 files changed, 270 insertions(+) diff --git a/pandora_console/include/functions_api.php b/pandora_console/include/functions_api.php index d30da4cc4c..5a583231a0 100644 --- a/pandora_console/include/functions_api.php +++ b/pandora_console/include/functions_api.php @@ -6159,6 +6159,136 @@ function api_set_delete_module_template_by_names($id, $id2, $other, $trash1) } +/** + * Validate an alert + * + * @param string $id1 Alert template name (eg. 'Warning condition') + * @param string $trash1 Do nnot use. + * @param array $other [1] id/name agent. + * [2] id/name module + * [3] Use agent/module alias. + * @param string $trash2 Do not use + * @return void + */ +function api_set_validate_alert($id1, $trash1, $other, $trash2) +{ + global $config; + + if (defined('METACONSOLE')) { + return; + } + + if (!check_acl($config['id_user'], 0, 'LW')) { + returnError('forbidden'); + return; + } + + if ($id1 === '') { + returnError( + 'error_validate_alert', + __('Error validating alert. Id_template cannot be left blank.') + ); + return; + } + + if ($other['data'][0] == '') { + returnError( + 'error_validate_alert', + __('Error validating alert. Id_agent cannot be left blank.') + ); + return; + } + + if ($other['data'][1] == '') { + returnError( + 'error_validate_alert', + __('Error validating alert. Id_module cannot be left blank.') + ); + return; + } + + if ($other['data'][2] == 1) { + $use_alias = true; + } + + $values = [ + 'alert_name' => $id1, + 'id_agent' => $other['data'][0], + 'id_agent_module' => $other['data'][1], + ]; + + if ($use_alias === true) { + $id_agents = agents_get_agent_id_by_alias($values['id_agent']); + + foreach ($id_agents as $id) { + $values['id_agent'] = $id['id_agente']; + $values['id_agent_module'] = db_get_value_filter( + 'id_agente_modulo as id_module', + 'tagente_modulo', + [ + 'id_agente' => $values['id_agent'], + 'nombre' => $values['id_agent_module'], + ] + ); + + $id_template = db_get_value_filter( + 'id as id_template', + 'talert_templates', + [ + 'name' => $values['alert_name'], + ] + ); + + // Get alert id. + $id_alert = db_get_value_filter( + 'id as id_alert', + 'talert_template_modules', + [ + 'id_agent_module' => $values['id_agent_module'], + 'id_alert_template' => $id_template, + ] + ); + } + + $result = alerts_validate_alert_agent_module($id_alert); + } else { + $id_template = db_get_value_filter( + 'id as id_template', + 'talert_templates', + [ + 'name' => $values['alert_name'], + ] + ); + + // Get alert id. + $id_alert = db_get_value_filter( + 'id as id_alert', + 'talert_template_modules', + [ + 'id_agent_module' => $values['id_agent_module'], + 'id_alert_template' => $id_template, + ] + ); + + if ($id_alert === false) { + returnError( + 'error_validate_alert', + __('Error validating alert. Specified alert does not exist.') + ); + return; + } + + $result = alerts_validate_alert_agent_module($id_alert); + } + + if ($result) { + returnData('string', ['type' => 'string', 'data' => 'Alert succesfully validated']); + } else { + returnData('string', ['type' => 'string', 'data' => __('Error validating alert')]); + } +} + + /** * Validate all alerts. And return a message with the result of the operation. * diff --git a/pandora_server/util/pandora_manage.pl b/pandora_server/util/pandora_manage.pl index c91166483f..76cc34a673 100755 --- a/pandora_server/util/pandora_manage.pl +++ b/pandora_server/util/pandora_manage.pl @@ -176,6 +176,7 @@ sub help_screen{ help_screen_line('--get_alert_actions_meta', '[ ]', 'get all alert actions in nodes'); help_screen_line('--update_alert_template', " \n\t ", 'Update a field of an alert template'); help_screen_line('--validate_all_alerts', '', 'Validate all the alerts'); + help_screen_line('--validate_alert', ' []', 'Validate alert given angent, module and alert'); help_screen_line('--create_special_day', " ", 'Create special day'); help_screen_line('--delete_special_day', '', 'Delete special day'); help_screen_line('--update_special_day', " ", 'Update a field of a special day'); @@ -4549,6 +4550,86 @@ sub cli_validate_all_alerts() { } } +############################################################################## +# Validate all the alerts +# Related option: --validate_alert +############################################################################## + +sub cli_validate_alert() { + my ($template_name, $agent_id, $module_id, $use_alias) = @ARGV[2..6]; + my $id_agent = ''; + my $id_agentmodule = ''; + + my $result = 0; + + if (defined $use_alias and $use_alias eq 'use_alias') { + my @id_agents = get_agent_ids_from_alias($dbh,$agent_id); + if(!@id_agents) { + print (STDERR "[ERROR] Error: The agent '$agent_id' not exists.\n\n"); + } + + foreach my $id (@id_agents) { + if(defined($agent_id) && $agent_id ne '') { + $id_agent = $id->{'id_agente'}; + exist_check($id_agent,'agent',$agent_id); + + if($module_id ne '') { + $module_id = get_agent_module_id($dbh, $module_id, $id_agent); + if ($module_id eq -1) { + next; + } + } + } + + + my $id_alert_agent_module = ''; + + if(defined($template_name) && $template_name ne '') { + my $id_template = get_template_id($dbh,$template_name); + exist_check($id_template,'template',$template_name); + $id_alert_agent_module = get_template_module_id($dbh,$module_id,$id_template); + exist_check($id_alert_agent_module,'template module',$template_name); + } + + + $result = pandora_validate_alert_id($id_alert_agent_module, $id, $module_id, $template_name); + print_log "[INFO] Validating alert for agent '$id->{'nombre'}'\n\n"; + } + } else { + if(defined($agent_id) && $agent_id ne '') { + my $agent_name = get_agent_name($dbh,$agent_id); + exist_check($agent_id,'agent',$agent_name); + + if($module_id ne '') { + my $module_name = get_module_name($dbh, $module_id); + exist_check($module_id,'module',$module_name); + } + } + + my $id_alert_agent_module = ''; + + if(defined($template_name) && $template_name ne '') { + my $id_template = get_template_id($dbh,$template_name); + exist_check($id_template,'template',$template_name); + $id_alert_agent_module = get_template_module_id($dbh,$module_id,$id_template); + exist_check($id_alert_agent_module,'template module',$template_name); + } + + $result = pandora_validate_alert_id($id_alert_agent_module, $id_agent, $module_id, $template_name); + print_log "[INFO] Validating alert for agent '$agent_id'\n\n"; + } + +if($result == 0) { + print_log "[ERROR] Alert could not be validated\n\n"; + } + else { + print_log "[INFO] Alert succesfully validated\n\n"; +; + } + +} + + ############################################################################## # Validate the alerts of a given policy # Related option: --validate_policy_alerts @@ -7526,6 +7607,10 @@ sub pandora_manage_main ($$$) { param_check($ltotal, 0); cli_validate_all_alerts(); } + elsif ($param eq '--validate_alert') { + param_check($ltotal, 5,4); + cli_validate_alert(); + } elsif ($param eq '--validate_policy_alerts') { param_check($ltotal, 1); cli_validate_policy_alerts(); @@ -8437,4 +8522,59 @@ sub cli_event_in_progress() { ); print "\n$result\n"; +} + +############################################################################## +# Validates an alert given id alert, id module, id angent and template name. +############################################################################## +sub pandora_validate_alert_id($$$$) { + my ($id_alert_agent_module, $agent_id, $id_agent_module, $template_name) = @_; + + + my $group_id = get_agent_group($dbh, $agent_id); + + my $critical_instructions = get_db_value($dbh, 'SELECT critical_instructions from tagente_modulo WHERE id_agente_modulo = ?', $agent_id); + my $warning_instructions = get_db_value($dbh, 'SELECT warning_instructions from tagente_modulo WHERE id_agente_modulo = ?', $agent_id); + my $unknown_instructions = get_db_value($dbh, 'SELECT unknown_instructions from tagente_modulo WHERE id_agente_modulo = ?', $agent_id); + + my $parameters = { + 'times_fired' => 0, + 'internal_counter' => 0, + }; + + my $result = db_process_update($dbh, 'talert_template_modules', $parameters,{'id' => $id_alert_agent_module}); + + return 0 unless $result != 0; + + my $module_name = safe_output(get_db_value($dbh, 'SELECT nombre FROM tagente_modulo WHERE id_agente_modulo = ?', $id_agent_module)); + + + # Update fired alert count on the agent + db_process_update($dbh, 'tagente', {'update_alert_count' => 1}, {'id_agente' => $agent_id}); + + my $event = 'Manual validation of alert '.$template_name.' assigned to '.$module_name.''; + + pandora_event( + $conf, + $event, + $group_id, + $agent_id, + 0, + $id_alert_agent_module, + $id_agent_module, + 'alert_manual_validation', + 1, + $dbh, + 0, + '', + '', + '', + '', + $critical_instructions, + $warning_instructions, + $unknown_instructions, + '' + ); + + return 1; } \ No newline at end of file