tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-30 01:05:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Move Metaconsole events to tevento.

Browse Source
This commit is contained in:
Ramon Novoa 2022-05-31 12:50:43 +02:00
parent d2dc87f0cc
commit 5ac607c22a
3 changed files with 11 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pandora_server/lib/PandoraFMS/Core.pm
View File

@ -3786,7 +3786,6 @@ sub pandora_event ($$$$$$$$$$;$$$$$$$$$$$$) {
$source, $user_name, $comment, $id_extra, $tags, $source, $user_name, $comment, $id_extra, $tags,
$critical_instructions, $warning_instructions, $unknown_instructions, $custom_data, $critical_instructions, $warning_instructions, $unknown_instructions, $custom_data,
$module_data, $module_status, $server_id) = @_; $module_data, $module_status, $server_id) = @_;
my $event_table = is_metaconsole($pa_config) ? 'tmetaconsole_event' : 'tevento';
my $agent = undef; my $agent = undef;
if (defined($id_agente) && $id_agente != 0) { if (defined($id_agente) && $id_agente != 0) {
@ -3849,7 +3848,7 @@ sub pandora_event ($$$$$$$$$$;$$$$$$$$$$$$) {
# Validate events with the same event id # Validate events with the same event id
if (defined ($id_extra) && $id_extra ne '') { if (defined ($id_extra) && $id_extra ne '') {
logger($pa_config, "Updating events with extended id '$id_extra'.", 10); logger($pa_config, "Updating events with extended id '$id_extra'.", 10);
db_do ($dbh, 'UPDATE ' . $event_table . ' SET estado = 1, ack_utimestamp = ? WHERE estado IN (0,2) AND id_extra=?', $utimestamp, $id_extra); db_do ($dbh, 'UPDATE tevento SET estado = 1, ack_utimestamp = ? WHERE estado IN (0,2) AND id_extra=?', $utimestamp, $id_extra);
} }
my $event_id = undef; my $event_id = undef;
@ -3857,10 +3856,10 @@ sub pandora_event ($$$$$$$$$$;$$$$$$$$$$$$) {
# Create the event # Create the event
logger($pa_config, "Generating event '$evento' for agent ID $id_agente module ID $id_agentmodule.", 10); logger($pa_config, "Generating event '$evento' for agent ID $id_agente module ID $id_agentmodule.", 10);
if (is_metaconsole($pa_config)) { if (is_metaconsole($pa_config)) {
$event_id = db_insert ($dbh, 'id_evento','INSERT INTO ' . $event_table . ' (id_agente, id_grupo, evento, timestamp, estado, utimestamp, event_type, id_agentmodule, id_alert_am, criticity, user_comment, tags, source, id_extra, id_usuario, critical_instructions, warning_instructions, unknown_instructions, ack_utimestamp, server_id, custom_data, data, module_status) $event_id = db_insert ($dbh, 'id_evento','INSERT INTO tevento (id_agente, id_grupo, evento, timestamp, estado, utimestamp, event_type, id_agentmodule, id_alert_am, criticity, user_comment, tags, source, id_extra, id_usuario, critical_instructions, warning_instructions, unknown_instructions, ack_utimestamp, server_id, custom_data, data, module_status)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', $id_agente, $id_grupo, safe_input ($evento), $timestamp, $event_status, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity, $comment, $module_tags, $source, $id_extra, $user_name, $critical_instructions, $warning_instructions, $unknown_instructions, $ack_utimestamp, $server_id, $custom_data, safe_input($module_data), $module_status); VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', $id_agente, $id_grupo, safe_input ($evento), $timestamp, $event_status, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity, $comment, $module_tags, $source, $id_extra, $user_name, $critical_instructions, $warning_instructions, $unknown_instructions, $ack_utimestamp, $server_id, $custom_data, safe_input($module_data), $module_status);
} else { } else {
$event_id = db_insert ($dbh, 'id_evento','INSERT INTO ' . $event_table . ' (id_agente, id_grupo, evento, timestamp, estado, utimestamp, event_type, id_agentmodule, id_alert_am, criticity, user_comment, tags, source, id_extra, id_usuario, critical_instructions, warning_instructions, unknown_instructions, ack_utimestamp, custom_data, data, module_status) $event_id = db_insert ($dbh, 'id_evento','INSERT INTO tevento (id_agente, id_grupo, evento, timestamp, estado, utimestamp, event_type, id_agentmodule, id_alert_am, criticity, user_comment, tags, source, id_extra, id_usuario, critical_instructions, warning_instructions, unknown_instructions, ack_utimestamp, custom_data, data, module_status)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', $id_agente, $id_grupo, safe_input ($evento), $timestamp, $event_status, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity, $comment, $module_tags, $source, $id_extra, $user_name, $critical_instructions, $warning_instructions, $unknown_instructions, $ack_utimestamp, $custom_data, safe_input($module_data), $module_status); VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', $id_agente, $id_grupo, safe_input ($evento), $timestamp, $event_status, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity, $comment, $module_tags, $source, $id_extra, $user_name, $critical_instructions, $warning_instructions, $unknown_instructions, $ack_utimestamp, $custom_data, safe_input($module_data), $module_status);
} }

43
pandora_server/util/pandora_db.pl
View File

@ -168,33 +168,13 @@ sub pandora_purgedb ($$) {
} }
if ($conf->{'_event_purge'} > 0) { if ($conf->{'_event_purge'} > 0) {
my $event_limit = time() - 86400 * $conf->{'_event_purge'}; my $event_limit = time() - 86400 * $conf->{'_event_purge'};
my $events_table = 'tevento';
# If is installed enterprise version and enabled metaconsole, log_message ('PURGE', "Deleting old event data from tevento (More than " . $conf->{'_event_purge'} . " days).", '');
# check the events history copy and set the name of the metaconsole events table
if (defined($conf->{'_enterprise_installed'}) && $conf->{'_enterprise_installed'} eq '1' &&
defined($conf->{'_metaconsole'}) && $conf->{'_metaconsole'} eq '1'){
# If events history is enabled, save the new events (not validated or in process) to history database
if(defined($conf->{'_metaconsole_events_history'}) && $conf->{'_metaconsole_events_history'} eq '1') {
log_message ('PURGE', "Moving old not validated events to history table (More than " . $conf->{'_event_purge'} . " days).");
my @events = get_db_rows ($dbh, 'SELECT * FROM tmetaconsole_event WHERE estado = 0 AND utimestamp < ?', $event_limit);
foreach my $event (@events) {
db_process_insert($dbh, 'id_evento', 'tmetaconsole_event_history', $event);
db_do($dbh, "DELETE FROM tmetaconsole_event WHERE id_evento =".$event->{'id_evento'});
}
}
$events_table = 'tmetaconsole_event';
}
log_message ('PURGE', "Deleting old event data at $events_table table (More than " . $conf->{'_event_purge'} . " days).", '');
# Delete with buffer to avoid problems with performance # Delete with buffer to avoid problems with performance
my $events_to_delete = get_db_value ($dbh, "SELECT COUNT(*) FROM $events_table WHERE utimestamp < ?", $event_limit); my $events_to_delete = get_db_value ($dbh, "SELECT COUNT(*) FROM tevento WHERE utimestamp < ?", $event_limit);
while($events_to_delete > 0) { while($events_to_delete > 0) {
db_delete_limit($dbh, $events_table, "utimestamp < ?", $BIG_OPERATION_STEP, $event_limit); db_delete_limit($dbh, 'tevento', "utimestamp < ?", $BIG_OPERATION_STEP, $event_limit);
$events_to_delete = $events_to_delete - $BIG_OPERATION_STEP; $events_to_delete = $events_to_delete - $BIG_OPERATION_STEP;
# Mark the progress # Mark the progress
@ -204,23 +184,6 @@ sub pandora_purgedb ($$) {
usleep (10000); usleep (10000);
} }
log_message ('', "\n"); log_message ('', "\n");
if (defined($conf->{'_enterprise_installed'}) && $conf->{'_enterprise_installed'} eq '1' &&
defined($conf->{'_metaconsole'}) && $conf->{'_metaconsole'} eq '1'){
log_message ('PURGE', "Deleting validated events from tmetaconsole_event_history.", '');
$events_to_delete = get_db_value ($dbh, "SELECT COUNT(*) FROM tmetaconsole_event_history WHERE estado = 1");
while($events_to_delete > 0) {
db_delete_limit($dbh, 'tmetaconsole_event_history', 'estado = 1', $BIG_OPERATION_STEP);
$events_to_delete = $events_to_delete - $BIG_OPERATION_STEP;
# Mark the progress
log_message ('', ".");
# Do not overload the MySQL server
usleep (10000);
}
log_message ('', "\n");
}
} }
else { else {
log_message ('PURGE', 'event_purge is set to 0. Old events will not be deleted.'); log_message ('PURGE', 'event_purge is set to 0. Old events will not be deleted.');

30
pandora_server/util/pandora_manage.pl
View File

@ -4415,12 +4415,7 @@ sub cli_get_event_info () {
$csv_separator = '|' unless defined($csv_separator); $csv_separator = '|' unless defined($csv_separator);
my $event_table = "tevento"; my $query = "SELECT * FROM tevento WHERE id_evento=" . $id_event;
if (is_metaconsole($conf) == 1) {
$event_table = "tmetaconsole_event";
}
my $query = "SELECT * FROM " . $event_table . " where id_evento=" . $id_event;
my $header = "Event ID".$csv_separator."Event name".$csv_separator."Agent ID".$csv_separator."User ID".$csv_separator. my $header = "Event ID".$csv_separator."Event name".$csv_separator."Agent ID".$csv_separator."User ID".$csv_separator.
"Group ID".$csv_separator."Status".$csv_separator."Timestamp".$csv_separator."Event type".$csv_separator. "Group ID".$csv_separator."Status".$csv_separator."Timestamp".$csv_separator."Event type".$csv_separator.
@ -6407,12 +6402,7 @@ sub cli_set_event_storm_protection () {
sub pandora_get_event_name($$) { sub pandora_get_event_name($$) {
my ($dbh,$id_event) = @_; my ($dbh,$id_event) = @_;
my $event_table = "tevento"; my $event_name = get_db_value($dbh, 'SELECT evento FROM tevento WHERE id_evento = ?',$id_event);
if (is_metaconsole($conf) == 1) {
$event_table = "tmetaconsole_event";
}
my $event_name = get_db_value($dbh, 'SELECT evento FROM ' . $event_table . ' WHERE id_evento = ?',$id_event);
return defined ($event_name) ? $event_name : -1; return defined ($event_name) ? $event_name : -1;
} }
@ -6423,12 +6413,7 @@ sub pandora_get_event_name($$) {
sub pandora_update_event_from_hash ($$$$) { sub pandora_update_event_from_hash ($$$$) {
my ($parameters, $where_column, $where_value, $dbh) = @_; my ($parameters, $where_column, $where_value, $dbh) = @_;
my $event_table = "tevento"; my $event_id = db_process_update($dbh, 'tevento', $parameters, {$where_column => $where_value});
if (is_metaconsole($conf) == 1) {
$event_table = "tmetaconsole_event";
}
my $event_id = db_process_update($dbh, $event_table, $parameters, {$where_column => $where_value});
return $event_id; return $event_id;
} }
@ -6439,12 +6424,7 @@ sub pandora_update_event_from_hash ($$$$) {
sub pandora_get_event_comment($$) { sub pandora_get_event_comment($$) {
my ($dbh,$id_event) = @_; my ($dbh,$id_event) = @_;
my $event_table = "tevento"; my $event_name = get_db_value($dbh, 'SELECT user_comment FROM tevento WHERE id_evento = ?',$id_event);
if (is_metaconsole($conf) == 1) {
$event_table = "tmetaconsole_event";
}
my $event_name = get_db_value($dbh, 'SELECT user_comment FROM ' . $event_table . ' WHERE id_evento = ?',$id_event);
return defined ($event_name) ? $event_name : -1; return defined ($event_name) ? $event_name : -1;
} }
@ -8721,4 +8701,4 @@ sub pandora_validate_alert_id($$$$) {
); );
return 1; return 1;
} }