diff --git a/pandora_agents/win32/ChangeLog b/pandora_agents/win32/ChangeLog index cf57e04a6b..0901ee61c6 100644 --- a/pandora_agents/win32/ChangeLog +++ b/pandora_agents/win32/ChangeLog @@ -1,3 +1,16 @@ +2008-07-09 Esteban Sanchez + + * pandora_strutils.[cc,h]: Added strUnicodeToAnsi(). + + * modules/pandora_module_logevent.cc, pandora_windows_service.[cc,h], + windows/pandora_wmi.h: Tabs and blankspace style correction. + + * windows/pandora_wmi.cc: Convert result in getEventList() to ANSI, + which was causing some BADXML errors on server. Tabs and blankspace + style correction. + + * bin/PandoraAgent.exe: Updated to last commit. + 2008-06-11 Esteban Sanchez * bin/PandoraAgent.exe: Updated to commit, fixed an error when diff --git a/pandora_agents/win32/bin/PandoraAgent.exe b/pandora_agents/win32/bin/PandoraAgent.exe index 1400fc8c1d..5c30674126 100755 Binary files a/pandora_agents/win32/bin/PandoraAgent.exe and b/pandora_agents/win32/bin/PandoraAgent.exe differ diff --git a/pandora_agents/win32/modules/pandora_module_logevent.cc b/pandora_agents/win32/modules/pandora_module_logevent.cc index 2160fb2419..b8e80853c5 100755 --- a/pandora_agents/win32/modules/pandora_module_logevent.cc +++ b/pandora_agents/win32/modules/pandora_module_logevent.cc @@ -43,50 +43,50 @@ Pandora_Module_Logevent::Pandora_Module_Logevent (string name, string source, st void Pandora_Module_Logevent::run () { - int interval, module_interval; - string value; - list event_list; - list::iterator event; + int interval, module_interval; + string value; + list event_list; + list::iterator event; Pandora_Agent_Conf::Pandora_Agent_Conf *conf; - SYSTEMTIME system_time; - + SYSTEMTIME system_time; + conf = Pandora_Agent_Conf::getInstance (); - - // Get execution interval - value = conf->getValue ("interval"); - interval = atoi(value.c_str ()); - - module_interval = this->getInterval (); - if (module_interval > 0) { - interval *= module_interval; - } - + + // Get execution interval + value = conf->getValue ("interval"); + interval = atoi(value.c_str ()); + + module_interval = this->getInterval (); + if (module_interval > 0) { + interval *= module_interval; + } + // Run try { - Pandora_Module::run (); - } catch (Interval_Not_Fulfilled e) { - return; - } - - Pandora_Wmi::getEventList (this->source, this->type, this->pattern, interval, event_list); - + Pandora_Module::run (); + } catch (Interval_Not_Fulfilled e) { + return; + } + + Pandora_Wmi::getEventList (this->source, this->type, this->pattern, interval, event_list); + // No data - if (event_list.size () < 1) { - this->setOutput (""); - return; - } - - for(event = event_list.begin (); event != event_list.end(); ++event) { - // No WMI timestamp? - if (event->size () < 26) { - this->setOutput (*event); - continue; - } - - // Get the timestamp - Pandora_Wmi::convertWMIDate(event->substr (0, 26), &system_time); - - // Store the data - this->setOutput (event->substr (26), &system_time); - } + if (event_list.size () < 1) { + this->setOutput (""); + return; + } + + for (event = event_list.begin (); event != event_list.end(); ++event) { + // No WMI timestamp? + if (event->size () < 26) { + this->setOutput (*event); + continue; + } + + // Get the timestamp + Pandora_Wmi::convertWMIDate (event->substr (0, 26), &system_time); + + // Store the data + this->setOutput (event->substr (26), &system_time); + } } diff --git a/pandora_agents/win32/pandora_strutils.cc b/pandora_agents/win32/pandora_strutils.cc index cdabe3f9e7..5967a54d23 100644 --- a/pandora_agents/win32/pandora_strutils.cc +++ b/pandora_agents/win32/pandora_strutils.cc @@ -42,12 +42,12 @@ Pandora_Strutils::trim (const string str) { string result = str; string::size_type index = result.find_last_not_of (delims); - if(index != string::npos) { + if (index != string::npos) { result.erase (++index); } index = result.find_first_not_of (delims); - if(index != std::string::npos) { + if (index != std::string::npos) { result.erase (0, index); } else { result.erase (); @@ -56,6 +56,41 @@ Pandora_Strutils::trim (const string str) { return result; } +/** + * Convert an unicode string to a ANSI string. + * + * @param s String to convert + * + * @return String converted into ANSI code + */ +LPSTR +Pandora_Strutils::strUnicodeToAnsi (LPCWSTR s) { + if (s == NULL) + return NULL; + + int cw = lstrlenW (s); + if (cw == 0) { + CHAR *psz = new CHAR[1]; + *psz='\0'; + return psz; + } + + int cc = WideCharToMultiByte (CP_ACP,0, s, cw, NULL, 0, NULL, NULL); + if (cc==0) + return NULL; + + CHAR *psz = new CHAR[cc+1]; + cc = WideCharToMultiByte (CP_ACP, 0, s, cw, psz, cc, NULL, NULL); + + if (cc == 0) { + delete[] psz; + return NULL; + } + psz[cc]='\0'; + + return psz; +} + /** * Transform an integer variable into a string. * diff --git a/pandora_agents/win32/pandora_strutils.h b/pandora_agents/win32/pandora_strutils.h index 5ccc0a7fb8..56ea75b1fe 100644 --- a/pandora_agents/win32/pandora_strutils.h +++ b/pandora_agents/win32/pandora_strutils.h @@ -43,6 +43,8 @@ namespace Pandora_Strutils { string trim (const string str); + LPSTR strUnicodeToAnsi (LPCWSTR s); + string inttostr (const int i); string longtostr (const long i); string longtohex (const long i); diff --git a/pandora_agents/win32/pandora_windows_service.cc b/pandora_agents/win32/pandora_windows_service.cc index b99078bd88..361dd07687 100644 --- a/pandora_agents/win32/pandora_windows_service.cc +++ b/pandora_agents/win32/pandora_windows_service.cc @@ -51,16 +51,15 @@ string enabled_values[] = {"enabled", "1", "on", "yes", "si", "sí", "ok", ""}; Pandora_Windows_Service::Pandora_Windows_Service (const char * svc_name, const char * svc_display_name, const char * svc_description) - : Windows_Service (svc_name, svc_display_name, svc_description) { - - this->setInitFunction ((void (Windows_Service::*) ()) + : Windows_Service (svc_name, svc_display_name, svc_description) { + this->setInitFunction ((void (Windows_Service::*) ()) &Pandora_Windows_Service::pandora_init); - this->setRunFunction ((void (Windows_Service::*) ()) + this->setRunFunction ((void (Windows_Service::*) ()) &Pandora_Windows_Service::pandora_run); - execution_number = 0; - this->modules = NULL; - this->conf = NULL; + execution_number = 0; + this->modules = NULL; + this->conf = NULL; this->interval = 60000; this->transfer_interval = this->interval; this->elapsed_transfer_time = 0; @@ -70,60 +69,60 @@ Pandora_Windows_Service::Pandora_Windows_Service (const char * svc_name, * Destroys a Pandora_Windows_Service object. */ Pandora_Windows_Service::~Pandora_Windows_Service () { - if (this->conf != NULL) { - delete this->conf; - } + if (this->conf != NULL) { + delete this->conf; + } - if (this->modules != NULL) { - delete this->modules; - } + if (this->modules != NULL) { + delete this->modules; + } pandoraLog ("Pandora agent stopped"); } bool is_enabled (string value) { - int i = 0; - - if (value == "") { - return false; - } - - while (enabled_values[i] != "") { - if (enabled_values[i] == value) { - return true; - } - i++; - } - return false; + int i = 0; + + if (value == "") { + return false; + } + + while (enabled_values[i] != "") { + if (enabled_values[i] == value) { + return true; + } + i++; + } + return false; } void Pandora_Windows_Service::pandora_init () { - string conf_file, interval, debug, transfer_interval; - - setPandoraDebug (true); - - conf_file = Pandora::getPandoraInstallDir (); - conf_file += "pandora_agent.conf"; - - this->conf = Pandora::Pandora_Agent_Conf::getInstance (); - this->conf->setFile (conf_file); - this->modules = new Pandora_Module_List (conf_file); + string conf_file, interval, debug, transfer_interval; + + setPandoraDebug (true); + + conf_file = Pandora::getPandoraInstallDir (); + conf_file += "pandora_agent.conf"; + + this->conf = Pandora::Pandora_Agent_Conf::getInstance (); + this->conf->setFile (conf_file); + this->modules = new Pandora_Module_List (conf_file); - /* Get the interval value (in seconds) and set it to the service */ - interval = conf->getValue ("interval"); + /* Get the interval value (in seconds) and set it to the service */ + interval = conf->getValue ("interval"); transfer_interval = conf->getValue ("transfer_interval"); debug = conf->getValue ("debug"); - setPandoraDebug (is_enabled (debug)); + setPandoraDebug (is_enabled (debug)); - if (interval != "") { + if (interval != "") { try { /* miliseconds */ this->interval = strtoint (interval) * 1000; } catch (Invalid_Conversion e) { } - } + } if (transfer_interval == "") { this->transfer_interval = this->interval; @@ -136,65 +135,65 @@ Pandora_Windows_Service::pandora_init () { } } - srand ((unsigned) time (0)); - this->setSleepTime (this->interval); - - pandoraLog ("Pandora agent started"); + srand ((unsigned) time (0)); + this->setSleepTime (this->interval); + + pandoraLog ("Pandora agent started"); } TiXmlElement * Pandora_Windows_Service::getXmlHeader () { - TiXmlElement *agent; - SYSTEMTIME st; - char timestamp[20]; - string value; - - agent = new TiXmlElement ("agent_data"); - - value = conf->getValue ("agent_name"); - if (value == "") { - value = Pandora_Windows_Info::getSystemName (); - } - agent->SetAttribute ("agent_name", value); - - agent->SetAttribute ("version", getPandoraAgentVersion ()); - - GetSystemTime(&st); - sprintf (timestamp, "%d-%02d-%02d %02d:%02d:%02d", st.wYear, st.wMonth, st.wDay, - st.wHour, st.wMinute, st.wSecond); + TiXmlElement *agent; + SYSTEMTIME st; + char timestamp[20]; + string value; + + agent = new TiXmlElement ("agent_data"); + + value = conf->getValue ("agent_name"); + if (value == "") { + value = Pandora_Windows_Info::getSystemName (); + } + agent->SetAttribute ("agent_name", value); + + agent->SetAttribute ("version", getPandoraAgentVersion ()); + + GetSystemTime(&st); + sprintf (timestamp, "%d-%02d-%02d %02d:%02d:%02d", st.wYear, st.wMonth, st.wDay, + st.wHour, st.wMinute, st.wSecond); + + agent->SetAttribute ("timestamp", timestamp); - agent->SetAttribute ("timestamp", timestamp); - value = conf->getValue ("interval"); - agent->SetAttribute ("interval", value); + agent->SetAttribute ("interval", value); value = Pandora_Windows_Info::getOSName (); - agent->SetAttribute ("os", value); + agent->SetAttribute ("os", value); value = Pandora_Windows_Info::getOSVersion (); - agent->SetAttribute ("os_version", value); - - return agent; + agent->SetAttribute ("os_version", value); + + return agent; } void Pandora_Windows_Service::copyTentacleDataFile (string host, - string filename) + string filename) { int rc; string var, filepath; string tentacle_cmd; - + var = conf->getValue ("temporal"); if (var[var.length () - 1] != '\\') { var += "\\"; } - filepath = var + filename; - + filepath = var + filename; + /* Build the command to launch the Tentacle client */ tentacle_cmd = "tentacle_client.exe -a " + host; - + var = conf->getValue ("server_port"); if (var != "") { tentacle_cmd += " -p " + var; @@ -216,29 +215,29 @@ Pandora_Windows_Service::copyTentacleDataFile (string host, } tentacle_cmd += " " + filepath; - + /* Copy the file */ pandoraDebug ("Remote copying XML %s on server %s", - filepath.c_str (), host.c_str ()); + filepath.c_str (), host.c_str ()); pandoraDebug ("Command %s", tentacle_cmd.c_str()); - + rc = system (tentacle_cmd.c_str()); switch (rc) { - + /* system() error */ - case -1: - pandoraLog ("Unable to copy %s", filename.c_str ()); - throw Pandora_Exception (); - + case -1: + pandoraLog ("Unable to copy %s", filename.c_str ()); + throw Pandora_Exception (); + /* tentacle_client.exe returned OK */ - case 0: - break; - + case 0: + break; + /* tentacle_client.exe error */ - default: - pandoraDebug ("Tentacle client was unable to copy %s", - filename.c_str ()); - throw Pandora_Exception (); + default: + pandoraDebug ("Tentacle client was unable to copy %s", + filename.c_str ()); + throw Pandora_Exception (); } return; @@ -254,47 +253,47 @@ Pandora_Windows_Service::copyScpDataFile (string host, string pubkey_file, privkey_file; tmp_dir = conf->getValue ("temporal"); - if (tmp_dir[tmp_dir.length () - 1] != '\\') { - tmp_dir += "\\"; - } - filepath = tmp_dir + filename; - - pandoraDebug ("Connecting with %s", host.c_str ()); - - try { - pubkey_file = Pandora::getPandoraInstallDir (); - pubkey_file += "key\\id_dsa.pub"; - privkey_file = Pandora::getPandoraInstallDir (); - privkey_file += "key\\id_dsa"; - - ssh_client.connectWithPublicKey (host.c_str (), 22, "pandora", - pubkey_file, privkey_file, ""); - } catch (SSH::Authentication_Failed e) { - pandoraLog ("Pandora Agent: Authentication Failed " - "when connecting to %s", - host.c_str ()); - throw e; - } catch (Pandora_Exception e) { - pandoraLog ("Pandora Agent: Failed when copying to %s", - host.c_str ()); - throw e; - } - - pandoraDebug ("Remote copying XML %s on server %s at %s%s", - filepath.c_str (), host.c_str (), - remote_path.c_str (), filename.c_str ()); - try { - ssh_client.scpFileFilename (remote_path + filename, - filepath); - } catch (Pandora_Exception e) { - pandoraLog ("Unable to copy at %s%s", remote_path.c_str (), - filename.c_str ()); - ssh_client.disconnect(); + if (tmp_dir[tmp_dir.length () - 1] != '\\') { + tmp_dir += "\\"; + } + filepath = tmp_dir + filename; + pandoraDebug ("Connecting with %s", host.c_str ()); + + try { + pubkey_file = Pandora::getPandoraInstallDir (); + pubkey_file += "key\\id_dsa.pub"; + privkey_file = Pandora::getPandoraInstallDir (); + privkey_file += "key\\id_dsa"; + + ssh_client.connectWithPublicKey (host.c_str (), 22, "pandora", + pubkey_file, privkey_file, ""); + } catch (SSH::Authentication_Failed e) { + pandoraLog ("Pandora Agent: Authentication Failed " + "when connecting to %s", + host.c_str ()); throw e; - } - - ssh_client.disconnect(); + } catch (Pandora_Exception e) { + pandoraLog ("Pandora Agent: Failed when copying to %s", + host.c_str ()); + throw e; + } + + pandoraDebug ("Remote copying XML %s on server %s at %s%s", + filepath.c_str (), host.c_str (), + remote_path.c_str (), filename.c_str ()); + try { + ssh_client.scpFileFilename (remote_path + filename, + filepath); + } catch (Pandora_Exception e) { + pandoraLog ("Unable to copy at %s%s", remote_path.c_str (), + filename.c_str ()); + ssh_client.disconnect(); + + throw e; + } + + ssh_client.disconnect(); } void @@ -305,15 +304,15 @@ Pandora_Windows_Service::copyFtpDataFile (string host, FTP::Pandora_Ftp_Client ftp_client; string filepath; string password; - + filepath = conf->getValue ("temporal"); - if (filepath[filepath.length () - 1] != '\\') { - filepath += "\\"; - } - filepath += filename; + if (filepath[filepath.length () - 1] != '\\') { + filepath += "\\"; + } + filepath += filename; password = conf->getValue ("server_pwd"); - + ftp_client.connect (host, 22, "pandora", @@ -330,16 +329,16 @@ Pandora_Windows_Service::copyFtpDataFile (string host, } catch (FTP::Authentication_Failed e) { pandoraLog ("Pandora Agent: Authentication Failed " "when connecting to %s (%s)", - host.c_str (), ftp_client.getError ().c_str ()); + host.c_str (), ftp_client.getError ().c_str ()); ftp_client.disconnect (); throw e; } catch (FTP::FTP_Exception e) { pandoraLog ("Pandora Agent: Failed when copying to %s (%s)", - host.c_str (), ftp_client.getError ().c_str ()); + host.c_str (), ftp_client.getError ().c_str ()); ftp_client.disconnect (); throw e; } - + ftp_client.disconnect (); } @@ -347,14 +346,14 @@ void Pandora_Windows_Service::copyDataFile (string filename) { string mode, host, remote_path; - + mode = conf->getValue ("transfer_mode"); host = conf->getValue ("server_ip"); remote_path = conf->getValue ("server_path"); - if (remote_path[remote_path.length () - 1] != '/') { - remote_path += "/"; - } - + if (remote_path[remote_path.length () - 1] != '/') { + remote_path += "/"; + } + try { if (mode == "ftp") { copyFtpDataFile (host, remote_path, filename); @@ -367,7 +366,7 @@ Pandora_Windows_Service::copyDataFile (string filename) "Please recheck transfer_mode option " "in configuration file."); } - + pandoraDebug ("Successfuly copied XML file to server."); } catch (Pandora_Exception e) { } @@ -375,7 +374,7 @@ Pandora_Windows_Service::copyDataFile (string filename) void Pandora_Windows_Service::recvTentacleDataFile (string host, - string filename) + string filename) { int rc; string var; @@ -390,7 +389,7 @@ Pandora_Windows_Service::recvTentacleDataFile (string host, /* Build the command to launch the Tentacle client */ tentacle_cmd = "tentacle_client.exe -g -a " + host; - + var = conf->getValue ("server_port"); if (var != "") { tentacle_cmd += " -p " + var; @@ -415,26 +414,26 @@ Pandora_Windows_Service::recvTentacleDataFile (string host, /* Copy the file */ pandoraDebug ("Requesting file %s from server %s", - filename.c_str (), host.c_str ()); + filename.c_str (), host.c_str ()); pandoraDebug ("Command %s", tentacle_cmd.c_str()); - + rc = system (tentacle_cmd.c_str()); switch (rc) { - + /* system() error */ - case -1: - pandoraLog ("Unable to receive file %s", filename.c_str ()); - throw Pandora_Exception (); - + case -1: + pandoraLog ("Unable to receive file %s", filename.c_str ()); + throw Pandora_Exception (); + /* tentacle_client.exe returned OK */ - case 0: - break; - + case 0: + break; + /* tentacle_client.exe error */ - default: - pandoraDebug ("Tentacle client was unable to receive file %s", - filename.c_str ()); - throw Pandora_Exception (); + default: + pandoraDebug ("Tentacle client was unable to receive file %s", + filename.c_str ()); + throw Pandora_Exception (); } return; @@ -443,14 +442,14 @@ Pandora_Windows_Service::recvTentacleDataFile (string host, void Pandora_Windows_Service::recvDataFile (string filename) { string mode, host, remote_path; - + mode = conf->getValue ("transfer_mode"); host = conf->getValue ("server_ip"); remote_path = conf->getValue ("server_path"); if (remote_path[remote_path.length () - 1] != '/') { remote_path += "/"; } - + try { if (mode == "tentacle") { recvTentacleDataFile (host, filename); @@ -468,12 +467,12 @@ void Pandora_Windows_Service::checkConfig () { int i, conf_size; char *conf_str = NULL, *remote_conf_str = NULL, *remote_conf_md5 = NULL; - char agent_md5[33], conf_md5[33], flag; + char agent_md5[33], conf_md5[33], flag; string conf_file, conf_tmp_file, md5_tmp_file, temp_dir, tmp; tmp = conf->getValue ("remote_config"); if (tmp != "1") { - pandoraDebug ("Pandora_Windows_Service::checkConfig: Remote configuration disabled"); + pandoraDebug ("Pandora_Windows_Service::checkConfig: Remote configuration disabled"); return; } @@ -485,33 +484,33 @@ Pandora_Windows_Service::checkConfig () { /* Get base install directory */ conf_file = Pandora::getPandoraInstallDir (); - conf_file += "pandora_agent.conf"; - + conf_file += "pandora_agent.conf"; + /* Get agent name */ tmp = conf->getValue ("agent_name"); if (tmp == "") { tmp = Pandora_Windows_Info::getSystemName (); } - + Pandora_File::md5 (tmp.c_str(), tmp.size(), agent_md5); - /* Calculate md5 hashes */ + /* Calculate md5 hashes */ try { conf_size = Pandora_File::readBinFile (conf_file, &conf_str); Pandora_File::md5 (conf_str, conf_size, conf_md5); } catch (...) { - pandoraDebug ("Pandora_Windows_Service::checkConfig: Error calculating configuration md5"); - if (conf_str != NULL) { - delete[] conf_str; - } + pandoraDebug ("Pandora_Windows_Service::checkConfig: Error calculating configuration md5"); + if (conf_str != NULL) { + delete[] conf_str; + } return; } /* Compose file names from the agent name hash */ - conf_tmp_file = agent_md5; - conf_tmp_file += ".conf"; - md5_tmp_file = agent_md5; - md5_tmp_file += ".md5"; + conf_tmp_file = agent_md5; + conf_tmp_file += ".conf"; + md5_tmp_file = agent_md5; + md5_tmp_file += ".md5"; /* Get md5 file from server */ try { @@ -524,7 +523,7 @@ Pandora_Windows_Service::checkConfig () { Pandora_File::writeBinFile (tmp, conf_str, conf_size); copyDataFile (conf_tmp_file); Pandora_File::removeFile (tmp); - + tmp = temp_dir; tmp += md5_tmp_file; Pandora_File::writeBinFile (tmp, conf_md5, 32); @@ -533,49 +532,49 @@ Pandora_Windows_Service::checkConfig () { } catch (...) { pandoraDebug ("Pandora_Windows_Service::checkConfig: Error uploading configuration to server"); } - + delete[] conf_str; return; } - + delete[] conf_str; conf_str = NULL; - + /* Read remote configuration file md5 */ try { tmp = temp_dir; tmp += md5_tmp_file; if (Pandora_File::readBinFile (tmp, &remote_conf_md5) < 32) { pandoraDebug ("Pandora_Windows_Service::checkConfig: Invalid remote md5", tmp.c_str()); - if (remote_conf_md5 != NULL) { - delete[] remote_conf_md5; - } + if (remote_conf_md5 != NULL) { + delete[] remote_conf_md5; + } return; - } + } Pandora_File::removeFile (tmp); } catch (...) { - pandoraDebug ("Pandora_Windows_Service::checkConfig: Error checking remote configuration md5", tmp.c_str()); + pandoraDebug ("Pandora_Windows_Service::checkConfig: Error checking remote configuration md5", tmp.c_str()); return; } /* Check for configuration changes */ flag = 0; for (i = 0; i < 32; i++) { - if (remote_conf_md5[i] != conf_md5[i]) { - flag = 1; - break; - } + if (remote_conf_md5[i] != conf_md5[i]) { + flag = 1; + break; + } } - + delete[] remote_conf_md5; /* Configuration has not changed */ if (flag == 0) { return; } - + pandoraLog("Pandora_Windows_Service::checkConfig: Configuration has changed"); - + /* Get configuration file from server */ try { recvDataFile (conf_tmp_file); @@ -587,12 +586,12 @@ Pandora_Windows_Service::checkConfig () { Pandora_File::writeBinFile (conf_file, conf_str, conf_size); } catch (...) { pandoraDebug("Pandora_Windows_Service::checkConfig: Error retrieving configuration file from server"); - if (conf_str != NULL) { - delete[] conf_str; - } + if (conf_str != NULL) { + delete[] conf_str; + } return; } - + delete[] conf_str; /* Reload configuration */ @@ -601,59 +600,59 @@ Pandora_Windows_Service::checkConfig () { void Pandora_Windows_Service::pandora_run () { - TiXmlDeclaration *decl; - TiXmlDocument *doc; - TiXmlElement *local_xml, *agent; - string xml_filename, random_integer; + TiXmlDeclaration *decl; + TiXmlDocument *doc; + TiXmlElement *local_xml, *agent; + string xml_filename, random_integer; string tmp_filename, tmp_filepath; - string encoding; - bool saved; - - pandoraDebug ("Run begin"); - - /* Check for configuration changes */ - this->checkConfig (); + string encoding; + bool saved; - execution_number++; + pandoraDebug ("Run begin"); - if (this->modules != NULL) { - this->modules->goFirst (); - - while (! this->modules->isLast ()) { - Pandora_Module *module; - - module = this->modules->getCurrentValue (); - - pandoraDebug ("Run %s", module->getName ().c_str ()); - module->run (); - - this->modules->goNext (); - } - } + /* Check for configuration changes */ + this->checkConfig (); - this->elapsed_transfer_time += interval; + execution_number++; + + if (this->modules != NULL) { + this->modules->goFirst (); + + while (! this->modules->isLast ()) { + Pandora_Module *module; + + module = this->modules->getCurrentValue (); + + pandoraDebug ("Run %s", module->getName ().c_str ()); + module->run (); + + this->modules->goNext (); + } + } + + this->elapsed_transfer_time += interval; if (this->elapsed_transfer_time >= this->transfer_interval) { agent = getXmlHeader (); - + if (this->modules != NULL) { this->modules->goFirst (); - + while (! this->modules->isLast ()) { Pandora_Module *module; - + module = this->modules->getCurrentValue (); - + local_xml = module->getXml (); if (local_xml != NULL) { agent->InsertEndChild (*local_xml); - + delete local_xml; } this->modules->goNext (); } } - + this->elapsed_transfer_time = 0; /* Generate temporal filename */ random_integer = inttostr (rand()); @@ -662,19 +661,19 @@ Pandora_Windows_Service::pandora_run () { tmp_filename = Pandora_Windows_Info::getSystemName (); } tmp_filename += "." + random_integer + ".data"; - + xml_filename = conf->getValue ("temporal"); if (xml_filename[xml_filename.length () - 1] != '\\') { xml_filename += "\\"; } tmp_filepath = xml_filename + tmp_filename; - + /* Copy the XML to temporal file */ encoding = conf->getValue ("encoding"); if (encoding == "") { - encoding = "ISO-8859-1"; - } - + encoding = "ISO-8859-1"; + } + pandoraDebug ("Copying XML on %s", tmp_filepath.c_str ()); decl = new TiXmlDeclaration( "1.0", encoding.c_str(), "" ); doc = new TiXmlDocument (tmp_filepath); @@ -689,20 +688,20 @@ Pandora_Windows_Service::pandora_run () { tmp_filepath.c_str ()); return; } - + /* Only send if debug is not activated */ if (getPandoraDebug () == false) { this->copyDataFile (tmp_filename); - + try { Pandora_File::removeFile (tmp_filepath); } catch (Pandora_File::Delete_Error e) { } } } - + /* Get the interval value (in minutes) */ - pandoraDebug ("Next execution on %d seconds", this->interval / 1000); - - return; + pandoraDebug ("Next execution on %d seconds", this->interval / 1000); + + return; } diff --git a/pandora_agents/win32/pandora_windows_service.h b/pandora_agents/win32/pandora_windows_service.h index e9ea66ada6..e5119c0f2d 100644 --- a/pandora_agents/win32/pandora_windows_service.h +++ b/pandora_agents/win32/pandora_windows_service.h @@ -44,20 +44,20 @@ namespace Pandora { long interval; long elapsed_transfer_time; long transfer_interval; - + TiXmlElement *getXmlHeader (); void copyDataFile (string filename); void copyTentacleDataFile (string host, - string filename); + string filename); void copyScpDataFile (string host, string remote_path, string filename); void copyFtpDataFile (string host, string remote_path, string filename); - void recvDataFile (string filename); + void recvDataFile (string filename); void recvTentacleDataFile (string host, - string filename); + string filename); void checkConfig (); public: void pandora_run (); diff --git a/pandora_agents/win32/windows/pandora_wmi.cc b/pandora_agents/win32/windows/pandora_wmi.cc index e1c7a62f39..83d6ada805 100644 --- a/pandora_agents/win32/windows/pandora_wmi.cc +++ b/pandora_agents/win32/windows/pandora_wmi.cc @@ -392,23 +392,25 @@ Pandora_Wmi::getEventList (string source, string type, string pattern, int inter CDhInitialize init; CDispPtr wmi_svc, quickfixes; char *value = NULL; + WCHAR *unicode_value; string event, limit, message, query, timestamp; - - limit = getTimestampLimit(interval); - if (limit.empty()) { + char *encode; + + limit = getTimestampLimit (interval); + if (limit.empty()) { pandoraDebug ("Pandora_Wmi::getEventList: getTimestampLimit error"); - return; - } - + return; + } + // Build the WQL query query = "SELECT * FROM Win32_NTLogEvent WHERE TimeWritten >= '" + limit + "'"; - if (! source.empty()) { - query += " AND Logfile = '" + source + "'"; - } - if (! type.empty()) { - query += " AND Type = '" + type + "'"; - } - + if (! source.empty()) { + query += " AND Logfile = '" + source + "'"; + } + if (! type.empty()) { + query += " AND Type = '" + type + "'"; + } + try { dhCheck (dhGetObject (getWmiStr (L"."), NULL, &wmi_svc)); dhCheck (dhGetValue (L"%o", &quickfixes, wmi_svc, @@ -416,30 +418,29 @@ Pandora_Wmi::getEventList (string source, string type, string pattern, int inter query.c_str())); FOR_EACH (quickfix, quickfixes, NULL) { - // Timestamp + // Timestamp dhGetValue (L"%s", &value, quickfix, L".TimeWritten"); timestamp = value; dhFreeString (value); - // Message - dhGetValue (L"%s", &value, quickfix, + // Message + dhGetValue (L"%S", &unicode_value, quickfix, L".Message"); - message = value; + value = Pandora_Strutils::strUnicodeToAnsi (unicode_value); + message = Pandora_Strutils::trim (value); dhFreeString (value); - // LIKE is not always available, we have to filter ourselves - if (pattern.empty() || (message.find(pattern) != string::npos)) { - event = timestamp + " " + message; - event_list.push_back(event); - } - + // LIKE is not always available, we have to filter ourselves + if (pattern.empty () || (message.find (pattern) != string::npos)) { + event = timestamp + " " + message; + event_list.push_back(event); + } + } NEXT_THROW (quickfix); } catch (string errstr) { pandoraDebug ("Pandora_Wmi::getEventList: error: %s", errstr.c_str ()); } - - return; } /** @@ -449,59 +450,62 @@ Pandora_Wmi::getEventList (string source, string type, string pattern, int inter */ string Pandora_Wmi::getTimestampLimit (int interval) { - char limit_str[26], diff_sign; - time_t limit_time, limit_time_utc, limit_diff; - struct tm *limit_tm = NULL, *limit_tm_utc = NULL; - - // Get current time - limit_time = time(0); - if (limit_time == (time_t)-1) { - return ""; - } - - // Get UTC time - limit_tm_utc = gmtime (&limit_time); - limit_time_utc = mktime (limit_tm_utc); - - // Calculate the difference in minutes - limit_diff = limit_time - limit_time_utc; - if (limit_diff >= 0) { - diff_sign = '+'; - } - else { - diff_sign = '-'; - } - limit_diff = abs(limit_diff); - limit_diff /= 60; - - // Substract the agent interval - limit_time_utc -= interval; - - limit_tm = localtime (&limit_time_utc); - if (limit_tm == NULL) { - return ""; - } - - // WMI date format: yyyymmddHHMMSS.xxxxxx+UUU - snprintf (limit_str, 26, "%.4d%.2d%.2d%.2d%.2d%.2d.000000%c%.3d", - limit_tm->tm_year + 1900, limit_tm->tm_mon + 1, - limit_tm->tm_mday, limit_tm->tm_hour, - limit_tm->tm_min, limit_tm->tm_sec, diff_sign, limit_diff); - limit_str[25] = '\0'; - - return string (limit_str); + char limit_str[26], diff_sign; + time_t limit_time, limit_time_utc, limit_diff; + struct tm *limit_tm = NULL, *limit_tm_utc = NULL; + + // Get current time + limit_time = time(0); + if (limit_time == (time_t)-1) { + return ""; + } + + // Get UTC time + limit_tm_utc = gmtime (&limit_time); + limit_time_utc = mktime (limit_tm_utc); + + // Calculate the difference in minutes + limit_diff = limit_time - limit_time_utc; + if (limit_diff >= 0) { + diff_sign = '+'; + } + else { + diff_sign = '-'; + } + limit_diff = abs(limit_diff); + limit_diff /= 60; + + // Substract the agent interval + limit_time_utc -= interval; + + limit_tm = localtime (&limit_time_utc); + if (limit_tm == NULL) { + return ""; + } + + // WMI date format: yyyymmddHHMMSS.xxxxxx+UUU + snprintf (limit_str, 26, "%.4d%.2d%.2d%.2d%.2d%.2d.000000%c%.3d", + limit_tm->tm_year + 1900, limit_tm->tm_mon + 1, + limit_tm->tm_mday, limit_tm->tm_hour, + limit_tm->tm_min, limit_tm->tm_sec, diff_sign, limit_diff); + limit_str[25] = '\0'; + + return string (limit_str); } -/* +/** * Converts a date in WMI format to SYSTEMTIME format. + * + * @param wmi_date Date in WMI format + * @param system_time Output system time variable */ void -Pandora_Wmi::convertWMIDate (string wmi_date, SYSTEMTIME *system_time) { - - system_time->wYear = atoi(wmi_date.substr (0, 4).c_str()); - system_time->wMonth = atoi(wmi_date.substr (4, 2).c_str()); - system_time->wDay = atoi(wmi_date.substr (6, 2).c_str()); - system_time->wHour = atoi(wmi_date.substr (8, 2).c_str()); - system_time->wMinute = atoi(wmi_date.substr (10, 2).c_str()); - system_time->wSecond = atoi(wmi_date.substr (12, 2).c_str()); +Pandora_Wmi::convertWMIDate (string wmi_date, SYSTEMTIME *system_time) +{ + system_time->wYear = atoi (wmi_date.substr (0, 4).c_str()); + system_time->wMonth = atoi (wmi_date.substr (4, 2).c_str()); + system_time->wDay = atoi (wmi_date.substr (6, 2).c_str()); + system_time->wHour = atoi (wmi_date.substr (8, 2).c_str()); + system_time->wMinute = atoi (wmi_date.substr (10, 2).c_str()); + system_time->wSecond = atoi (wmi_date.substr (12, 2).c_str()); } diff --git a/pandora_agents/win32/windows/pandora_wmi.h b/pandora_agents/win32/windows/pandora_wmi.h index 252824da77..bb36be156e 100644 --- a/pandora_agents/win32/windows/pandora_wmi.h +++ b/pandora_agents/win32/windows/pandora_wmi.h @@ -36,23 +36,20 @@ namespace Pandora_Wmi { /** * Exception super-class when doing a WMI operation. */ - class Pandora_Wmi_Exception : public Pandora_Exception { }; + class Pandora_Wmi_Exception : public Pandora_Exception { }; - int isProcessRunning (string process_name); + int isProcessRunning (string process_name); int isServiceRunning (string service_name); unsigned long getDiskFreeSpace (string disk_id); int getCpuUsagePercentage (int cpu_id); long getFreememory (); string getOSName (); - string getOSVersion (); - string getOSBuild (); - string getSystemName (); - void getEventList (string source, string type, string pattern, int interval, list &event_list); - string getTimestampLimit (int interval); - void convertWMIDate (string wmi_date, SYSTEMTIME *system_time); - - - + string getOSVersion (); + string getOSBuild (); + string getSystemName (); + void getEventList (string source, string type, string pattern, int interval, list &event_list); + string getTimestampLimit (int interval); + void convertWMIDate (string wmi_date, SYSTEMTIME *system_time); }; #endif