Merge branch 'ent-7288-correlacion-eventos-no-permite-crear-condiciones-complejas' into 'develop'
reviewing correlated alerts See merge request artica/pandorafms!4024
This commit is contained in:
vgilc
commit
3c7fc18abb
|
|
@ -5,6 +5,22 @@ ALTER TABLE `tagent_custom_fields` MODIFY COLUMN `combo_values` TEXT NOT NULL DE
|
|||
ALTER TABLE `treport_content` MODIFY `external_source` MEDIUMTEXT;
|
||||
ALTER TABLE `treport_content_template` MODIFY `external_source` MEDIUMTEXT;
|
||||
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `agent` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `id_usuario` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `id_grupo` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `evento` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `event_type` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `module` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `alert` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `criticity` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `user_comment` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `id_tag` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `name` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `group_recursion` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `log_content` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `log_source` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `log_agent` TEXT;
|
||||
|
||||
UPDATE `talert_commands` SET `fields_descriptions` = '[\"Event name\",\"Event type\",\"Source\",\"Agent name or _agent_\",\"Event severity\",\"ID extra\",\"Tags separated by commas\",\"Comments\",\"\",\"\"]' WHERE `name` = "Monitoring Event";
|
||||
|
||||
UPDATE `tskin` SET `name` = 'Default theme' , `relative_path` = 'pandora.css' WHERE `id` = 1;
|
||||
|
|
|
|||
|
|
@ -628,6 +628,22 @@ ALTER TABLE `tevent_rule` MODIFY COLUMN `event_type` enum('','unknown','alert_fi
|
|||
ALTER TABLE `tevent_rule` MODIFY COLUMN `criticity` int(4) unsigned DEFAULT NULL;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `id_grupo` mediumint(4) DEFAULT NULL;
|
||||
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `agent` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `id_usuario` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `id_grupo` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `evento` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `event_type` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `module` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `alert` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `criticity` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `user_comment` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `id_tag` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `name` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `group_recursion` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `log_content` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `log_source` TEXT;
|
||||
ALTER TABLE `tevent_rule` MODIFY COLUMN `log_agent` TEXT;
|
||||
|
||||
UPDATE `tevent_rule` SET `operator_agent` = "REGEX" WHERE `agent` != '';
|
||||
UPDATE `tevent_rule` SET `operator_id_usuario` = "REGEX" WHERE `id_usuario` != '';
|
||||
UPDATE `tevent_rule` SET `operator_id_grupo` = "REGEX" WHERE `id_grupo` > 0;
|
||||
|
|
|
|||
|
|
@ -1,12 +1,44 @@
|
|||
.rules div {
|
||||
display: inline-block;
|
||||
}
|
||||
|
||||
li#li-buttons-alert-list > div {
|
||||
margin-left: 10px;
|
||||
}
|
||||
|
||||
ul.sample li {
|
||||
padding-bottom: 1em;
|
||||
}
|
||||
ul.sample li:last-child {
|
||||
padding-bottom: 0;
|
||||
}
|
||||
|
||||
#rule-builder .rule-builder-actions li {
|
||||
display: inline;
|
||||
width: auto;
|
||||
}
|
||||
|
||||
li#li-filters_show_action_alerts > label,
|
||||
li#li-buttons-alert-list > label,
|
||||
li#li-filters-alert-list > label {
|
||||
width: initial;
|
||||
}
|
||||
|
||||
form#advanced_filters_alert ul li label,
|
||||
form#general_filters_alert ul li label {
|
||||
width: 150px;
|
||||
}
|
||||
|
||||
#rules.flex-row label {
|
||||
flex: 1 1 70px;
|
||||
}
|
||||
|
||||
li#li-from-to-threshold > label:not(:first-child),
|
||||
li#li-time-from-to > label:not(:first-child) {
|
||||
width: initial;
|
||||
margin-right: 15px;
|
||||
}
|
||||
|
||||
#rule-builder .rule-builder-actions li label {
|
||||
width: 0;
|
||||
}
|
||||
|
|
@ -21,10 +53,6 @@ ul.sample {
|
|||
flex: 1 1 300px;
|
||||
}
|
||||
|
||||
#rules.flex-row label {
|
||||
flex: 1 1 70px;
|
||||
}
|
||||
|
||||
#rules.flex-row div {
|
||||
flex: 10 1 200px;
|
||||
}
|
||||
|
|
@ -39,17 +67,6 @@ span.rule-title {
|
|||
width: 100%;
|
||||
}
|
||||
|
||||
li#li-filters_show_action_alerts > label,
|
||||
li#li-buttons-alert-list > label,
|
||||
li#li-filters-alert-list > label {
|
||||
width: initial;
|
||||
}
|
||||
|
||||
form#advanced_filters_alert ul li label,
|
||||
form#general_filters_alert ul li label {
|
||||
width: 150px;
|
||||
}
|
||||
|
||||
form#conditions_filters_alert ul li label:first-child {
|
||||
width: 300px;
|
||||
}
|
||||
|
|
@ -62,17 +79,14 @@ li#li-description textarea {
|
|||
flex: 1 1 auto;
|
||||
}
|
||||
|
||||
li#li-from-to-threshold > label:not(:first-child),
|
||||
li#li-time-from-to > label:not(:first-child) {
|
||||
width: initial;
|
||||
margin-right: 15px;
|
||||
}
|
||||
|
||||
li#li-from-to-threshold > input,
|
||||
li#li-time-from-to > input {
|
||||
margin-right: 15px;
|
||||
}
|
||||
|
||||
.mode_table_firing table.info_table thead tr th img {
|
||||
padding: 10px;
|
||||
vertical-align: middle;
|
||||
}
|
||||
form#advanced_filters_alert textarea {
|
||||
flex: 1 1 auto;
|
||||
height: 5em;
|
||||
|
|
@ -106,19 +120,16 @@ ul.sample {
|
|||
max-width: 50%;
|
||||
flex-grow: 1;
|
||||
justify-content: space-between;
|
||||
min-width: 300px;
|
||||
}
|
||||
ul.sample li {
|
||||
padding-bottom: 1em;
|
||||
}
|
||||
ul.sample li:last-child {
|
||||
padding-bottom: 0;
|
||||
}
|
||||
|
||||
div.target {
|
||||
flex-grow: 1;
|
||||
flex-basis: auto;
|
||||
margin-left: 3em;
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
width: 100%;
|
||||
}
|
||||
div.target.flex {
|
||||
display: block;
|
||||
|
|
@ -140,28 +151,28 @@ div.target.flex {
|
|||
position: relative;
|
||||
top: 25%;
|
||||
display: block;
|
||||
left: 37%;
|
||||
margin: 0 auto;
|
||||
font-size: 3em;
|
||||
color: #aaa;
|
||||
overflow: hidden;
|
||||
width: 6em;
|
||||
background: #fff;
|
||||
text-align: center;
|
||||
z-index: 2;
|
||||
}
|
||||
div#rules.show::after {
|
||||
div#rules::after {
|
||||
content: "Drop Here";
|
||||
position: relative;
|
||||
top: 25%;
|
||||
display: block;
|
||||
left: 37%;
|
||||
margin: 2em auto;
|
||||
font-size: 3em;
|
||||
color: #aaa;
|
||||
overflow: hidden;
|
||||
width: 6em;
|
||||
background: #fff;
|
||||
text-align: center;
|
||||
z-index: 2;
|
||||
}
|
||||
div#rules.cleanup::after {
|
||||
content: none;
|
||||
}
|
||||
|
||||
div#rules.show {
|
||||
box-shadow: 0 0 15px -5px #424242;
|
||||
border: 1px solid #ddd;
|
||||
|
|
@ -185,7 +196,10 @@ div#rules.show {
|
|||
opacity: 0.2;
|
||||
cursor: not-allowed;
|
||||
}
|
||||
|
||||
.field.disabledElements {
|
||||
opacity: 0.2;
|
||||
cursor: not-allowed;
|
||||
}
|
||||
.log {
|
||||
background-color: #638460;
|
||||
}
|
||||
|
|
@ -209,10 +223,6 @@ div#rules.show {
|
|||
background-color: #424242;
|
||||
}
|
||||
|
||||
.rules div {
|
||||
display: inline-block;
|
||||
}
|
||||
|
||||
.inEdit {
|
||||
background-color: #888;
|
||||
}
|
||||
|
|
@ -253,11 +263,6 @@ div#rules.show {
|
|||
font-weight: bolder;
|
||||
}
|
||||
|
||||
.mode_table_firing table.info_table thead tr th img {
|
||||
padding: 10px;
|
||||
vertical-align: middle;
|
||||
}
|
||||
|
||||
#rules select.click-list-elements {
|
||||
border-radius: 0px;
|
||||
background-color: #424242;
|
||||
|
|
|
|||
|
|
@ -2913,18 +2913,18 @@ CREATE TABLE IF NOT EXISTS `tevent_rule` (
|
|||
`order` int(10) unsigned default '0',
|
||||
`window` int(10) NOT NULL default '0',
|
||||
`count` int(4) NOT NULL default '1',
|
||||
`agent` text default '',
|
||||
`id_usuario` varchar(100) NOT NULL default '',
|
||||
`id_grupo` mediumint(4) default NULL,
|
||||
`evento` text NOT NULL default '',
|
||||
`event_type` enum('','unknown','alert_fired','alert_recovered','alert_ceased','alert_manual_validation','recon_host_detected','system','error','new_agent','going_up_warning','going_up_critical','going_down_warning','going_down_normal','going_down_critical','going_up_normal') default '',
|
||||
`module` text default '',
|
||||
`alert` text default '',
|
||||
`criticity` int(4) unsigned default NULL,
|
||||
`user_comment` text NOT NULL,
|
||||
`id_tag` integer(10) unsigned NOT NULL default '0',
|
||||
`name` text default '',
|
||||
`group_recursion` INT(1) unsigned default 0,
|
||||
`agent` text,
|
||||
`id_usuario` text,
|
||||
`id_grupo` text,
|
||||
`evento` text,
|
||||
`event_type` text,
|
||||
`module` text,
|
||||
`alert` text,
|
||||
`criticity` text,
|
||||
`user_comment` text,
|
||||
`id_tag` text,
|
||||
`name` text,
|
||||
`group_recursion` text,
|
||||
`log_content` text,
|
||||
`log_source` text,
|
||||
`log_agent` text,
|
||||
|
|
|
|||
|
|
@ -470,6 +470,9 @@ log_window 3600
|
|||
# Pre-load windows on start with available information. (PANDORA FMS ENTERPRISE ONLY).
|
||||
#preload_windows 0
|
||||
|
||||
# Correlated Alerts, group cache ttl (in seconds). Set to 0 to disable. (PANDORA FMS ENTERPRISE ONLY).
|
||||
#event_server_cache_ttl 10
|
||||
|
||||
# If set to 1, an alert will not be fired if the last event it generated is in 'in-process' status.
|
||||
|
||||
event_inhibit_alerts 0
|
||||
|
|
|
|||
|
|
@ -302,6 +302,7 @@ sub pandora_load_config {
|
|||
$pa_config->{"eventserver"} = 1; # 4.0
|
||||
$pa_config->{"event_window"} = 3600; # 4.0
|
||||
$pa_config->{"log_window"} = 3600; # 7.741
|
||||
$pa_config->{"event_server_cache_ttl"} = 10; # 7.754
|
||||
$pa_config->{"preload_windows"} = 0; # 7.741
|
||||
$pa_config->{"icmpserver"} = 0; # 4.0
|
||||
$pa_config->{"icmp_threads"} = 3; # 4.0
|
||||
|
|
@ -1001,6 +1002,9 @@ sub pandora_load_config {
|
|||
elsif ($parametro =~ m/^preload_windows\s+([0-9]*)/i) {
|
||||
$pa_config->{'preload_windows'}= clean_blank($1);
|
||||
}
|
||||
elsif ($parametro =~ m/^event_server_cache_ttl\s+([0-9]*)/i) {
|
||||
$pa_config->{"event_server_cache_ttl"} = clean_blank($1);
|
||||
}
|
||||
elsif ($parametro =~ m/^snmp_threads\s+([0-9]*)/i) {
|
||||
$pa_config->{'snmp_threads'}= clean_blank($1);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -92,6 +92,7 @@ our @EXPORT = qw(
|
|||
get_priority_name
|
||||
get_server_id
|
||||
get_tag_id
|
||||
get_tag_name
|
||||
get_group_name
|
||||
get_template_id
|
||||
get_template_module_id
|
||||
|
|
@ -276,6 +277,20 @@ sub get_tag_id ($$) {
|
|||
return defined ($rc) ? $rc : -1;
|
||||
}
|
||||
|
||||
########################################################################
|
||||
## Return the name of a tag given its id.
|
||||
########################################################################
|
||||
sub get_tag_name ($$) {
|
||||
my ($dbh, $id) = @_;
|
||||
|
||||
my $rc = get_db_value(
|
||||
$dbh, "SELECT name FROM ttag
|
||||
WHERE id_tag = ?",
|
||||
safe_input($id)
|
||||
);
|
||||
return $rc;
|
||||
}
|
||||
|
||||
########################################################################
|
||||
## Return the first enabled server name found.
|
||||
########################################################################
|
||||
|
|
|
|||
Loading…
Reference in New Issue