Merge branch 'ent-7413-filtro-log-agent-alertas-correladas-logs-no-funciona-correctamente' into 'develop'

Fix locating agent while correlating logs

See merge request artica/pandorafms!4074

pandora_server/conf/pandora_server.conf.new

@@ -473,6 +473,9 @@ log_window 3600
 # Correlated Alerts, group cache ttl (in seconds). Set to 0 to disable. (PANDORA FMS ENTERPRISE ONLY).
 #event_server_cache_ttl 10
 
+# Log retrieving, items per request. (High values could make elasticsearch crash)
+#elastic_query_size 10
+
 # If set to 1, an alert will not be fired if the last event it generated is in 'in-process' status.
 
 event_inhibit_alerts 0

pandora_server/lib/PandoraFMS/Config.pm

@@ -301,6 +301,7 @@ sub pandora_load_config {
 	$pa_config->{"eventserver"} = 1; # 4.0
 	$pa_config->{"event_window"} = 3600; # 4.0
 	$pa_config->{"log_window"} = 3600; # 7.741
+	$pa_config->{"elastic_query_size"} = 10; # 7.754 Elements per request (ELK)
 	$pa_config->{"event_server_cache_ttl"} = 10; # 7.754
 	$pa_config->{"preload_windows"} = 0; # 7.741
 	$pa_config->{"icmpserver"} = 0; # 4.0
@@ -995,6 +996,9 @@ sub pandora_load_config {
 		elsif ($parametro =~ m/^log_window\s+([0-9]*)/i) {
 			$pa_config->{'log_window'}= clean_blank($1);
 		}
+		elsif ($parametro =~ m/^elastic_query_size\s+([0-9]*)/i) {
+			$pa_config->{'elastic_query_size'}= clean_blank($1);
+		}
 		elsif ($parametro =~ m/^preload_windows\s+([0-9]*)/i) {
 			$pa_config->{'preload_windows'}= clean_blank($1);
 		}

pandora_server/lib/PandoraFMS/Core.pm

@@ -297,7 +297,10 @@ sub locate_agent {
 		# Locate agent first in tmetaconsole_agent
 		return undef if (! defined ($field) || $field eq '');
 
-		my $rs = enterprise_hook('get_metaconsole_agent_from_alias', [$dbh, $field, $relative]);
+		my $rs = enterprise_hook('get_metaconsole_agent_from_id', [$dbh, $field]);
+		return $rs if defined($rs) && (ref($rs)); # defined and not a scalar
+
+		$rs = enterprise_hook('get_metaconsole_agent_from_alias', [$dbh, $field, $relative]);
 		return $rs if defined($rs) && (ref($rs)); # defined and not a scalar
 
 		$rs = enterprise_hook('get_metaconsole_agent_from_addr', [$dbh, $field, $relative]);
@@ -322,7 +325,10 @@ sub get_agent {
 
     return undef if (! defined ($field) || $field eq '');
 
-    my $rs = get_agent_from_alias($dbh, $field, $relative);
+    my $rs = get_agent_from_id($dbh, $field);
+    return $rs if defined($rs) && (ref($rs)); # defined and not a scalar
+
+    $rs = get_agent_from_alias($dbh, $field, $relative);
     return $rs if defined($rs) && (ref($rs)); # defined and not a scalar
 
     $rs = get_agent_from_addr($dbh, $field);
@@ -378,6 +384,17 @@ sub get_agent_from_name ($$;$) {
 	return get_db_single_row ($dbh, 'SELECT * FROM tagente WHERE tagente.nombre = ?', safe_input($name));
 }
 
+##########################################################################
+# Return the agent given the agent id.
+##########################################################################
+sub get_agent_from_id ($$) {
+	my ($dbh, $id) = @_;
+	
+	return undef if (! defined ($id) || $id eq '');
+	
+	return get_db_single_row ($dbh, 'SELECT * FROM tagente WHERE tagente.id_agente = ?', $id);
+}
+
 ##########################################################################
 =head2 C<< pandora_generate_alerts (I<$pa_config> I<$data> I<$status> I<$agent> I<$module> I<$utimestamp> I<$dbh>  I<$timestamp> I<$extra_macros> I<$last_data_value>) >>
 

pandora_server/lib/PandoraFMS/DataServer.pm

@@ -280,6 +280,11 @@ sub process_xml_data ($$$$$) {
 		$timezone_offset = 0;
 	}
 	
+	# If set by server, do not use offset.
+	if ($pa_config->{'use_xml_timestamp'} eq '0') {
+		$timezone_offset = 0;
+	}
+	
 	# Parent Agent Name
 	my $parent_id = 0; # Default value for unknown parent
 	my $parent_agent_name = $data->{'parent_agent_name'};