tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-1435-incluir-macros-en-event-responses' into 'develop' 

Ent 1435 incluir macros en event responses

See merge request artica/pandorafms!1100
This commit is contained in:
vgilc 2017-12-21 09:46:55 +01:00
parent d9b3703aad f021664336
commit 45c642a6a0
4 changed files with 300 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

344
pandora_console/include/functions_events.php
View File

@ -1570,18 +1570,6 @@ function events_check_event_filter_group ($id_filter) {
return false;
}
/**
* Return an array with all the possible macros in event responses
*
* @return array
*/
function events_get_macros() {
return array('_agent_address_' => __('Agent address'),
'_agent_id_' => __('Agent id'),
'_event_id_' => __('Event id'),
'_module_address_' => __('Module Agent address'),);
}
/**
* Get a event filter.
*
@ -1849,50 +1837,153 @@ function events_get_response_target($event_id, $response_id, $server_id, $histor
$event = db_get_row($event_table,'id_evento', $event_id);
$macros = array_keys(events_get_macros());
$target = io_safe_output($event_response['target']);
foreach($macros as $macro) {
$subst = '';
switch($macro) {
case '_agent_address_':
if ($meta) {
$server = metaconsole_get_connection_by_id ($server_id);
metaconsole_connect($server);
}
$subst = agents_get_address($event['id_agente']);
if($meta) {
metaconsole_restore_db_force();
}
break;
case '_agent_id_':
$subst = $event['id_agente'];
break;
case '_event_id_':
$subst = $event['id_evento'];
break;
case '_module_address_':
if($meta) {
$server = metaconsole_get_connection_by_id ($server_id);
metaconsole_connect($server);
}
$module = db_get_row("tagente_modulo",'id_agente_modulo', $event['id_agentmodule']);
if ($module['ip_target'] != false)
$subst = $module['ip_target'];
if($meta) {
metaconsole_restore_db_force();
}
break;
// Substitute each macro
if (strpos($target, '_agent_address_') !== false) {
if ($meta) {
$server = metaconsole_get_connection_by_id ($server_id);
metaconsole_connect($server);
}
$target = str_replace($macro,$subst,$target);
$target = str_replace('_agent_address_', $event['id_agente'], $target);
if($meta) {
metaconsole_restore_db_force();
}
}
if (strpos($target, '_agent_id_') !== false) {
$target = str_replace('_agent_id_', $event['id_agente'], $target);
}
if ((strpos($target, '_module_address_') !== false) ||
(strpos($target, '_module_name_') !== false))
{
if ($event['id_agentmodule'] !== 0) {
if($meta) {
$server = metaconsole_get_connection_by_id ($server_id);
metaconsole_connect($server);
}
$module = db_get_row("tagente_modulo",'id_agente_modulo', $event['id_agentmodule']);
if (empty($module['ip_target'])) $module['ip_target'] = __('N/A');
$target = str_replace('_module_address_', $module['ip_target'], $target);
if (empty($module['nombre'])) $module['nombre'] = __('N/A');
$target = str_replace(
'_module_name_',
io_safe_output($module['nombre']),
$target
);
if($meta) {
metaconsole_restore_db_force();
}
} else {
$target = str_replace('_module_address_', __('N/A'), $target);
$target = str_replace('_module_name_', __('N/A'), $target);
}
}
if (strpos($target, '_event_id_') !== false) {
$target = str_replace('_event_id_', $event['id_evento'], $target);
}
if (strpos($target, '_user_id_') !== false) {
if (!empty($event['id_usuario'])) {
$target = str_replace('_user_id_', $event['id_usuario'], $target);
} else {
$target = str_replace('_user_id_', __('N/A'), $target);
}
}
if (strpos($target, '_group_id_') !== false) {
$target = str_replace('_group_id_', $event['id_grupo'], $target);
}
if (strpos($target, '_group_name_') !== false) {
$target = str_replace(
'_group_name_',
groups_get_name($event['id_grupo'], true),
$target
);
}
if (strpos($target, '_event_utimestamp_') !== false) {
$target = str_replace('_event_utimestamp_', $event['utimestamp'], $target);
}
if (strpos($target, '_event_date_') !== false) {
$target = str_replace(
'_event_date_',
date ($config["date_format"], strtotime($event["timestamp"])),
$target
);
}
if (strpos($target, '_event_text_') !== false) {
$target = str_replace(
'_event_text_',
events_display_name($event['evento']),
$target
);
}
if (strpos($target, '_event_type_') !== false) {
$target = str_replace(
'_event_type_',
events_print_type_description($event['event_type'], true),
$target
);
}
if (strpos($target, '_alert_id_') !== false) {
$target = str_replace(
'_alert_id_',
empty($event['is_alert_am']) ? __('N/A') : $event['is_alert_am'],
$target
);
}
if (strpos($target, '_event_severity_id_') !== false) {
$target = str_replace('_event_severity_id_', $event['criticity'], $target);
}
if (strpos($target, '_event_severity_text_') !== false) {
$target = str_replace(
'_event_severity_text_',
get_priority_name($event['criticity']),
$target
);
}
if (strpos($target, '_module_id_') !== false) {
$target = str_replace('_module_id_', $event['id_agentmodule'], $target);
}
if (strpos($target, '_event_tags_') !== false) {
$target = str_replace('_event_tags_', $event['tags'], $target);
}
if (strpos($target, '_event_extra_id_') !== false) {
if (empty($event['id_extra'])) {
$target = str_replace('_event_extra_id_', __('N/A'), $target);
} else {
$target = str_replace('_event_extra_id_', $event['id_extra'], $target);
}
}
if (strpos($target, '_event_source_') !== false) {
$target = str_replace('_event_source_', $event['source'], $target);
}
if (strpos($target, '_event_instruction_') !== false) {
$target = str_replace(
'_event_instruction_',
events_display_instructions($event['event_type'], $event, false),
$target
);
}
if (strpos($target, '_owner_user_') !== false) {
if (empty($event['owner_user'])) {
$target = str_replace('_owner_user_', __('N/A'), $target);
} else {
$target = str_replace('_owner_user_', $event['owner_user'], $target);
}
}
if (strpos($target, '_event_status_') !== false) {
$event_st = events_display_status($event['estado']);
$target = str_replace('_event_status_', $event_st["title"], $target);
}
// Parse the event custom data
if (!empty($event['custom_data'])){
$custom_data = json_decode (base64_decode ($event['custom_data']));
foreach ($custom_data as $key => $value) {
$target = str_replace('_customdata_' . $key . '_', $value, $target);
}
}
return $target;
}
@ -2185,69 +2276,12 @@ function events_page_details ($event, $server = "") {
$table_details->data[] = $data;
}
switch($event['event_type']) {
case 'going_unknown':
$data = array();
$data[0] = __('Instructions');
if ($event["unknown_instructions"] != '') {
$data[1] = str_replace("\n","<br>", io_safe_output($event["unknown_instructions"]));
}
else {
$data[1] = '<i>' . __('N/A') . '</i>';
}
$table_details->data[] = $data;
break;
case 'going_up_warning':
case 'going_down_warning':
$data = array();
$data[0] = __('Instructions');
if ($event["warning_instructions"] != '') {
$data[1] = str_replace("\n","<br>", io_safe_output($event["warning_instructions"]));
}
else {
$data[1] = '<i>' . __('N/A') . '</i>';
}
$table_details->data[] = $data;
break;
case 'going_up_critical':
case 'going_down_critical':
$data = array();
$data[0] = __('Instructions');
if ($event["critical_instructions"] != '') {
$data[1] = str_replace("\n","<br>", io_safe_output($event["critical_instructions"]));
}
else {
$data[1] = '<i>' . __('N/A') . '</i>';
}
$table_details->data[] = $data;
break;
case 'system':
$data = array();
if ($event["critical_instructions"] != '') {
$data[0] = __('Instructions');
$data[1] = str_replace("\n","<br>", io_safe_output($event["critical_instructions"]));
}
else {
if ($event["warning_instructions"] != '') {
$data[0] = __('Instructions');
$data[1] = str_replace("\n","<br>", io_safe_output($event["warning_instructions"]));
}
else {
if ($event["unknown_instructions"] != '') {
$data[0] = __('Instructions');
$data[1] = str_replace("\n","<br>", io_safe_output($event["unknown_instructions"]));
}
else {
$data[0] = __('Instructions');
$data[1] = '<i>' . __('N/A') . '</i>';
}
}
}
$table_details->data[] = $data;
break;
}
$data = array();
$data[0] = __('Instructions');
$data[1] = events_display_instructions ($event['event_type'], $events, true);
$table_details->data[] = $data;
$data = array();
$data[0] = __('Extra id');
if ($event["id_extra"] != '') {
@ -2311,6 +2345,72 @@ function events_page_custom_data ($event) {
return $custom_data;
}
// Get the event name from tevento and display it in console
function events_display_name ($db_name = '') {
return io_safe_output(str_replace ( '&#x0a;' , '<br>' , $db_name));
}
// Get the image and status value of event
function events_display_status ($status) {
switch($status) {
case 0:
return array(
"img" => "images/star.png",
"title" => __('New event')
);
case 1:
return array(
"img" => "images/tick.png",
"title" => __('Event validated')
);
case 2:
return array(
"img" => "images/hourglass.png",
"title" => __('Event in process')
);
}
}
// Get the instruction of an event
// $event_type: Type of event
// $inst: Array with unknown warning and critical instructions
// $italic: Display N/A between italic html marks if instruction is not found
function events_display_instructions ($event_type = '', $inst, $italic = true) {
switch($event_type) {
case 'going_unknown':
if ($inst["unknown_instructions"] != '') {
return str_replace("\n","<br>", io_safe_output($inst["unknown_instructions"]));
}
break;
case 'going_up_warning':
case 'going_down_warning':
if ($inst["warning_instructions"] != '') {
return str_replace("\n","<br>", io_safe_output($inst["warning_instructions"]));
}
break;
case 'going_up_critical':
case 'going_down_critical':
if ($inst["critical_instructions"] != '') {
return str_replace("\n","<br>", io_safe_output($inst["critical_instructions"]));
}
break;
case 'system':
$data = array();
if ($inst["critical_instructions"] != '') {
return str_replace("\n","<br>", io_safe_output($inst["critical_instructions"]));
}
if ($inst["warning_instructions"] != '') {
return str_replace("\n","<br>", io_safe_output($inst["warning_instructions"]));
}
if ($inst["unknown_instructions"] != '') {
return str_replace("\n","<br>", io_safe_output($inst["unknown_instructions"]));
}
break;
}
$na_return = $italic ? '<i>' . __('N/A') . '</i>' : __('N/A');
return $na_return;
}
function events_page_general ($event) {
global $img_sev;
global $config;
@ -2337,8 +2437,7 @@ function events_page_general ($event) {
$data = array();
$data[0] = __('Event name');
$event["evento"] = str_replace ( '&#x0a;' , '<br>' , $event["evento"]);
$data[1] = io_safe_output($event["evento"]);
$data[1] = events_display_name ($event["evento"]);
$table_general->data[] = $data;
$data = array();
@ -2400,24 +2499,11 @@ function events_page_general ($event) {
$table_general->data[] = $data;
// Get Status
switch($event['estado']) {
case 0:
$img_st = "images/star.png";
$title_st = __('New event');
break;
case 1:
$img_st = "images/tick.png";
$title_st = __('Event validated');
break;
case 2:
$img_st = "images/hourglass.png";
$title_st = __('Event in process');
break;
}
$event_st = events_display_status ($event['estado']);
$data = array();
$data[0] = __('Status');
$data[1] = html_print_image($img_st,true).' '.$title_st;
$data[1] = html_print_image($event_st["img"],true).' '.$event_st["title"];
$table_general->data[] = $data;
// If event is validated, show who and when acknowleded it

45
pandora_console/include/help/en/help_response_macros.php
View File

@ -5,27 +5,52 @@
?>Event responses macros</h1>
<p>
The response target (command or URL) accepts macros to custom it.
The response target (command or URL) accepts macros to customize it.
<br><br>
The macros accepted are the following:
The accepted macros are:
<ul>
<li><b>Agent address:</b> _agent_address_</li>
<li><b>Agent id:</b> _agent_id_</li>
<li><b>Event id:</b> _event_id_</li>
<li><b>Agent ID:</b> _agent_id_</li>
<li><b>Event related alert ID:</b> _alert_id_</li>
<li><b>Date on which the event occurred:</b> _event_date_</li>
<li><b>Extra ID:</b> _event_extra_id_</li>
<li><b>Event ID:</b> _event_id_</li>
<li><b>Event instructions:</b> _event_instruction_</li>
<li><b>Event severity ID:</b> _event_severity_id_</li>
<li><b>Event severity (translated by Pandora console):</b> _event_severity_text_</li>
<li><b>Event source:</b> _event_source_</li>
<li><b>Event status (new, validated or event in process):</b> _event_status_</li>
<li><b>Event tags separated by commas:</b> _event_tags_</li>
<li><b>Full text of the event:</b> _event_text_</li>
<li><b>Event type (System, going into Unknown Status...):</b> _event_type_</li>
<li><b>Date on which the event occurred in utimestamp format:</b> _event_utimestamp_</li>
<li><b>Group ID:</b> _group_id_</li>
<li><b>Group name in database:</b> _group_name_</li>
<li><b>Event associated module address:</b> _module_address_</li>
<li><b>Event associated module ID:</b> _module_id_</li>
<li><b>Event associated module name:</b> _module_name_</li>
<li><b>Event owner user:</b> _owner_user_</li>
<li><b>User ID:</b> _user_id_</li>
</ul>
<h4>Custom fields</h4>
Custom event fields are also available in event response macros. They would
have <b>_customdata_*_</b> form where the asterisk (*) would have to be
replaced by the custom field key you want to use.
<h3>Basic use</h3>
In example, to ping the agent associated to the event:
For example, to ping the agent associated with the event:
<br><br>
Configure command like: <i>ping -c 5 _agent_address_</i>
Configure the command as follows: <i>ping -c 5 _agent_address_</i>
<br><br>
If there are configured parameters, is possible use it as macros too.
If there are configured parameters, it is possible to use them as macros, too.
<h3>Parameters macros</h3>
In example, to custom a URL with parameters:
For example, to customize a URL with parameters:
<br><br>
Configure parameters like: <i>User,Section</i>
Configure the parameters as follows: <i>User,Section</i>
<br><br>
And configure the URL like: <i>http://example.com/index.php?user=_User_&amp;section=_Section_</i>
And configure the URL like this: <i>http://example.com/index.php?user=_User_&amp;section=_Section_</i>
</p>

25
pandora_console/include/help/es/help_response_macros.php
View File

@ -13,9 +13,34 @@ Las macros aceptadas son las siguientes:
<ul>
<li><b>Dirección del agente:</b> _agent_address_</li>
<li><b>Id del agente:</b> _agent_id_</li>
<li><b>Id de la alerta asociada al evento:</b> _alert_id_</li>
<li><b>Fecha en la que se produjo el evento:</b> _event_date_</li>
<li><b>Id extra:</b> _event_extra_id_</li>
<li><b>Id del evento:</b> _event_id_</li>
<li><b>Instrucciones del evento:</b> _event_instruction_</li>
<li><b>Id de la criticidad del evento:</b> _event_severity_id_</li>
<li><b>Gravedad del evento (traducido por la consola de Pandora):</b> _event_severity_text_</li>
<li><b>Procedencia del evento:</b> _event_source_</li>
<li><b>Estado del evento (Nuevo, validado o evento en proceso):</b> _event_status_</li>
<li><b>Etiquetas del evento separadas por comas:</b> _event_tags_</li>
<li><b>Texto completo del evento:</b> _event_text_</li>
<li><b>Tipo del evento (Sistema, Cambiando a estado desconocido...):</b> _event_type_</li>
<li><b>Fecha en la que se produjo el evento en formato utimestamp:</b> _event_utimestamp_</li>
<li><b>Id del grupo:</b> _group_id_</li>
<li><b>Nombre del grupo en base de datos:</b> _group_name_</li>
<li><b>Dirección del módulo asociado al evento:</b> _module_address_</li>
<li><b>Id del módulo asociado al evento:</b> _module_id_</li>
<li><b>Nombre del módulo asociado al evento:</b> _module_name_</li>
<li><b>Usuario propietario del evento:</b> _owner_user_</li>
<li><b>Id del usuario:</b> _user_id_</li>
</ul>
<h4>Campos personalizados</h4>
Los campos personalizados del evento también están disponibles en las macros de
respuestas de eventos. Tendrían la forma de <b>_customdata_*_</b> donde habría
que sustituir el asterisco (*) por la clave del campo personalizado que se desee
utilizar.
<h3>Uso b&aacute;sico</h3>
Por ejemplo, para hacer un ping al agente asociado al evento:
<br><br>

25
pandora_console/include/help/ja/help_response_macros.php
View File

@ -12,9 +12,34 @@
<ul>
<li><b>エージェントアドレス:</b> _agent_address_</li>
<li><b>エージェントID:</b> _agent_id_</li>
<li><b>Event related alert ID:</b> _alert_id_</li>
<li><b>Date on which the event occurred:</b> _event_date_</li>
<li><b>Extra ID:</b> _event_extra_id_</li>
<li><b>イベントID:</b> _event_id_</li>
<li><b>Event instructions:</b> _event_instruction_</li>
<li><b>Event severity ID:</b> _event_severity_id_</li>
<li><b>Event severity (translated by Pandora console):</b> _event_severity_text_</li>
<li><b>Event source:</b> _event_source_</li>
<li><b>Event status (new, validated or event in process):</b> _event_status_</li>
<li><b>Event tags separated by commas:</b> _event_tags_</li>
<li><b>Full text of the event:</b> _event_text_</li>
<li><b>Event type (System, going into Unknown Status...):</b> _event_type_</li>
<li><b>Date on which the event occurred in utimestamp format:</b> _event_utimestamp_</li>
<li><b>Group ID:</b> _group_id_</li>
<li><b>Group name in database:</b> _group_name_</li>
<li><b>Event associated module address:</b> _module_address_</li>
<li><b>Event associated module ID:</b> _module_id_</li>
<li><b>Event associated module name:</b> _module_name_</li>
<li><b>Event owner user:</b> _owner_user_</li>
<li><b>User ID:</b> _user_id_</li>
</ul>
<h4>Custom fields</h4>
Custom event fields are also available in event response macros. They would
have <b>_customdata_*_</b> form where the asterisk (*) would have to be
replaced by the custom field key you want to use.
<h3>基本的な利用方法</h3>
例として、イベントに関連付けしたエージェントへの ping を示します。
<br><br>