diff --git a/pandora_agents/unix/DEBIAN/control b/pandora_agents/unix/DEBIAN/control index 67e9bee69a..4e0ddda275 100644 --- a/pandora_agents/unix/DEBIAN/control +++ b/pandora_agents/unix/DEBIAN/control @@ -1,5 +1,5 @@ package: pandorafms-agent-unix -Version: 7.0NG.774-231123 +Version: 7.0NG.774-231211 Architecture: all Priority: optional Section: admin diff --git a/pandora_agents/unix/DEBIAN/make_deb_package.sh b/pandora_agents/unix/DEBIAN/make_deb_package.sh index 00b50b4032..b9ad79a017 100644 --- a/pandora_agents/unix/DEBIAN/make_deb_package.sh +++ b/pandora_agents/unix/DEBIAN/make_deb_package.sh @@ -14,7 +14,7 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -pandora_version="7.0NG.774-231123" +pandora_version="7.0NG.774-231211" echo "Test if you has the tools for to make the packages." whereis dpkg-deb | cut -d":" -f2 | grep dpkg-deb > /dev/null diff --git a/pandora_agents/unix/pandora_agent b/pandora_agents/unix/pandora_agent index 0cd9b1fddf..dea8a1db61 100755 --- a/pandora_agents/unix/pandora_agent +++ b/pandora_agents/unix/pandora_agent @@ -1039,7 +1039,7 @@ my $Sem = undef; my $ThreadSem = undef; use constant AGENT_VERSION => '7.0NG.774'; -use constant AGENT_BUILD => '231123'; +use constant AGENT_BUILD => '231211'; # Agent log default file size maximum and instances use constant DEFAULT_MAX_LOG_SIZE => 600000; diff --git a/pandora_agents/unix/pandora_agent.redhat.spec b/pandora_agents/unix/pandora_agent.redhat.spec index 33b94d8697..00ca89e515 100644 --- a/pandora_agents/unix/pandora_agent.redhat.spec +++ b/pandora_agents/unix/pandora_agent.redhat.spec @@ -4,7 +4,7 @@ %global __os_install_post %{nil} %define name pandorafms_agent_linux %define version 7.0NG.774 -%define release 231123 +%define release 231211 Summary: Pandora FMS Linux agent, PERL version Name: %{name} diff --git a/pandora_agents/unix/pandora_agent.redhat_bin.el8.spec b/pandora_agents/unix/pandora_agent.redhat_bin.el8.spec index fdbbabbb8f..ca9029cba0 100644 --- a/pandora_agents/unix/pandora_agent.redhat_bin.el8.spec +++ b/pandora_agents/unix/pandora_agent.redhat_bin.el8.spec @@ -5,7 +5,7 @@ %define name pandorafms_agent_linux_bin %define source_name pandorafms_agent_linux %define version 7.0NG.774 -%define release 231123 +%define release 231211 %define debug_package %{nil} Summary: Pandora FMS Linux agent, binary version diff --git a/pandora_agents/unix/pandora_agent.redhat_bin.el9.spec b/pandora_agents/unix/pandora_agent.redhat_bin.el9.spec index 91615903ed..f47b8313f5 100644 --- a/pandora_agents/unix/pandora_agent.redhat_bin.el9.spec +++ b/pandora_agents/unix/pandora_agent.redhat_bin.el9.spec @@ -5,7 +5,7 @@ %define name pandorafms_agent_linux_bin %define source_name pandorafms_agent_linux %define version 7.0NG.774 -%define release 231123 +%define release 231211 %define debug_package %{nil} Summary: Pandora FMS Linux agent, binary version diff --git a/pandora_agents/unix/pandora_agent.redhat_bin.spec b/pandora_agents/unix/pandora_agent.redhat_bin.spec index ee88eaa7de..547fe315f0 100644 --- a/pandora_agents/unix/pandora_agent.redhat_bin.spec +++ b/pandora_agents/unix/pandora_agent.redhat_bin.spec @@ -5,7 +5,7 @@ %define name pandorafms_agent_linux_bin %define source_name pandorafms_agent_linux %define version 7.0NG.774 -%define release 231123 +%define release 231211 Summary: Pandora FMS Linux agent, binary version Name: %{name} diff --git a/pandora_agents/unix/pandora_agent.spec b/pandora_agents/unix/pandora_agent.spec index 8e3498ef71..baec9b3b27 100644 --- a/pandora_agents/unix/pandora_agent.spec +++ b/pandora_agents/unix/pandora_agent.spec @@ -4,7 +4,7 @@ %global __os_install_post %{nil} %define name pandorafms_agent_linux %define version 7.0NG.774 -%define release 231123 +%define release 231211 Summary: Pandora FMS Linux agent, PERL version Name: %{name} diff --git a/pandora_agents/unix/pandora_agent_installer b/pandora_agents/unix/pandora_agent_installer index 5fdf76928f..9f2d39b086 100755 --- a/pandora_agents/unix/pandora_agent_installer +++ b/pandora_agents/unix/pandora_agent_installer @@ -10,7 +10,7 @@ # ********************************************************************** PI_VERSION="7.0NG.774" -PI_BUILD="231123" +PI_BUILD="231211" OS_NAME=`uname -s` FORCE=0 diff --git a/pandora_agents/win32/installer/pandora.mpi b/pandora_agents/win32/installer/pandora.mpi index 246bd6dc3e..26255617af 100644 --- a/pandora_agents/win32/installer/pandora.mpi +++ b/pandora_agents/win32/installer/pandora.mpi @@ -186,7 +186,7 @@ UpgradeApplicationID {} Version -{231123} +{231211} ViewReadme {Yes} diff --git a/pandora_agents/win32/pandora.cc b/pandora_agents/win32/pandora.cc index fc84cd3119..b053ad9bda 100644 --- a/pandora_agents/win32/pandora.cc +++ b/pandora_agents/win32/pandora.cc @@ -30,7 +30,7 @@ using namespace Pandora; using namespace Pandora_Strutils; #define PATH_SIZE _MAX_PATH+1 -#define PANDORA_VERSION ("7.0NG.774 Build 231123") +#define PANDORA_VERSION ("7.0NG.774 Build 231211") string pandora_path; string pandora_dir; diff --git a/pandora_agents/win32/versioninfo.rc b/pandora_agents/win32/versioninfo.rc index 8a8f1ac85e..0a75f5df7d 100644 --- a/pandora_agents/win32/versioninfo.rc +++ b/pandora_agents/win32/versioninfo.rc @@ -11,7 +11,7 @@ BEGIN VALUE "LegalCopyright", "Pandora FMS" VALUE "OriginalFilename", "PandoraAgent.exe" VALUE "ProductName", "Pandora FMS Windows Agent" - VALUE "ProductVersion", "(7.0NG.774(Build 231123))" + VALUE "ProductVersion", "(7.0NG.774(Build 231211))" VALUE "FileVersion", "1.0.0.0" END END diff --git a/pandora_console/DEBIAN/control b/pandora_console/DEBIAN/control index 3a99aa4b24..3f268e2383 100644 --- a/pandora_console/DEBIAN/control +++ b/pandora_console/DEBIAN/control @@ -1,5 +1,5 @@ package: pandorafms-console -Version: 7.0NG.774-231123 +Version: 7.0NG.774-231211 Architecture: all Priority: optional Section: admin diff --git a/pandora_console/DEBIAN/make_deb_package.sh b/pandora_console/DEBIAN/make_deb_package.sh index 31b6c1c366..cbb2b91142 100644 --- a/pandora_console/DEBIAN/make_deb_package.sh +++ b/pandora_console/DEBIAN/make_deb_package.sh @@ -14,7 +14,7 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -pandora_version="7.0NG.774-231123" +pandora_version="7.0NG.774-231211" package_pear=0 package_pandora=1 diff --git a/pandora_console/ajax.php b/pandora_console/ajax.php index b3b9463ee6..a5dcf2cb0d 100644 --- a/pandora_console/ajax.php +++ b/pandora_console/ajax.php @@ -183,7 +183,9 @@ if (isset($config['force_instant_logout']) === true $_SESSION = []; session_destroy(); header_remove('Set-Cookie'); - setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/'); + if (isset($_COOKIE[session_name()]) === true) { + setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/'); + } if ($config['auth'] === 'saml' && empty($public_hash) === true) { include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php'; diff --git a/pandora_console/extensions/agents_modules_csv.php b/pandora_console/extensions/agents_modules_csv.php index 6ed1061c11..e4a331338f 100644 --- a/pandora_console/extensions/agents_modules_csv.php +++ b/pandora_console/extensions/agents_modules_csv.php @@ -27,17 +27,18 @@ */ global $config; -if (true) { - include_once '../include/config.php'; - include_once '../include/functions_agents.php'; - include_once '../include/functions_reporting.php'; - include_once '../include/functions_modules.php'; - include_once '../include/functions_users.php'; +if ((bool) $config['metaconsole']) { include_once $config['homedir'].'/include/config.php'; include_once $config['homedir'].'/include/functions_agents.php'; include_once $config['homedir'].'/include/functions_reporting.php'; include_once $config['homedir'].'/include/functions_modules.php'; include_once $config['homedir'].'/include/functions_users.php'; +} else { + include_once '../include/config.php'; + include_once '../include/functions_agents.php'; + include_once '../include/functions_reporting.php'; + include_once '../include/functions_modules.php'; + include_once '../include/functions_users.php'; } @@ -106,7 +107,25 @@ if ($get_agents_module_csv === '1') { foreach ($results as $result) { foreach ($result as $key => $value) { - $out_csv .= io_safe_output($value).$divider; + if (preg_match('/Linux/i', $_SERVER['HTTP_USER_AGENT'])) { + $value = preg_replace( + '/\s+/', + ' ', + io_safe_output($value) + ); + } else { + $value = mb_convert_encoding( + preg_replace( + '/\s+/', + '', + io_safe_output($value) + ), + 'UTF-16LE', + 'UTF-8' + ); + } + + $out_csv .= $value.$divider; } $out_csv .= "\n"; diff --git a/pandora_console/extensions/api_checker.php b/pandora_console/extensions/api_checker.php index fce3e1a00f..38488fc9e4 100755 --- a/pandora_console/extensions/api_checker.php +++ b/pandora_console/extensions/api_checker.php @@ -99,7 +99,7 @@ function api_execute( if (empty($token) === true) { $data['apipass'] = $apipass; $data['user'] = $user; - $data['password'] = $password; + $data['pass'] = $password; } } diff --git a/pandora_console/extensions/dbmanager.php b/pandora_console/extensions/dbmanager.php index 983e208bef..acaaadd12c 100644 --- a/pandora_console/extensions/dbmanager.php +++ b/pandora_console/extensions/dbmanager.php @@ -90,7 +90,7 @@ function dbmgr_extension_main() // Header. ui_print_standard_header( - __('Database interface'), + __('DB interface'), 'images/gm_db.png', false, '', diff --git a/pandora_console/extras/delete_files/delete_files.txt b/pandora_console/extras/delete_files/delete_files.txt index 234ec4e997..03db82db4e 100644 --- a/pandora_console/extras/delete_files/delete_files.txt +++ b/pandora_console/extras/delete_files/delete_files.txt @@ -1720,3 +1720,4 @@ include/functions_integriaims.php include/ajax/integria_incidents.ajax.php enterprise/operation/log/log_source.php enterprise/include/class/LogSource.class.php +include/chart_generator.php \ No newline at end of file diff --git a/pandora_console/extras/mr/67.sql b/pandora_console/extras/mr/67.sql new file mode 100644 index 0000000000..eecf9220d0 --- /dev/null +++ b/pandora_console/extras/mr/67.sql @@ -0,0 +1,50 @@ +START TRANSACTION; + +ALTER TABLE `tevento` +ADD COLUMN `event_custom_id` TEXT NULL AFTER `module_status`; + +-- Telegram and vonage default alerts +UPDATE talert_actions + SET field2='[PANDORA] Alert FIRED on _agent_ / _module_ / _timestamp_ / _data_' + WHERE id=9; +UPDATE talert_actions + SET field2='[PANDORA] Alert FIRED on _agent_ / _module_ / _timestamp_ / _data_' + WHERE id=11; +-- Delete table tagent_access +DROP TABLE IF EXISTS tagent_access; + +ALTER TABLE `tevent_rule` DROP COLUMN `user_comment`; +ALTER TABLE `tevent_rule` DROP COLUMN `operator_user_comment`; + +ALTER TABLE treport_content ADD check_unknowns_graph tinyint DEFAULT 0 NULL; + +ALTER TABLE `tevent_filter` +ADD COLUMN `regex` TEXT NULL AFTER `private_filter_user`; +-- Update macros for plugin oracle + +UPDATE `tdiscovery_apps` SET `version` = '1.1' WHERE `short_name` = 'pandorafms.oracle'; + +SET @id_app := (SELECT `id_app` FROM `tdiscovery_apps` WHERE `short_name` = 'pandorafms.oracle'); + +UPDATE `tdiscovery_apps_tasks_macros` SET `value` = 'agents_group_id=__taskGroupID__ interval=__taskInterval__ user=_dbuser_ password=_dbpass_ thick_mode=_thickMode_ client_path=_clientPath_ threads=_threads_ modules_prefix=_prefixModuleName_ execute_custom_queries=_executeCustomQueries_ analyze_connections=_checkConnections_ engine_uptime=_checkUptime_ query_stats=_queryStats_ cache_stats=_checkCache_ fragmentation_ratio=_checkFragmentation_ check_tablescpaces=_checkTablespaces_' WHERE `macro` = '_tempfileConf_' AND `id_task` IN (SELECT `id_rt` FROM `trecon_task` WHERE `id_app` = @id_app); + +INSERT IGNORE INTO `tdiscovery_apps_tasks_macros` (`id_task`, `macro`, `type`, `value`, `temp_conf`) SELECT id_rt, '_thickMode_', 'custom', 0, 0 FROM `trecon_task` WHERE `id_app` = @id_app; +INSERT IGNORE INTO `tdiscovery_apps_tasks_macros` (`id_task`, `macro`, `type`, `value`, `temp_conf`) SELECT id_rt, '_clientPath_', 'custom', '', 0 FROM `trecon_task` WHERE `id_app` = @id_app; +UPDATE `trecon_task` SET `setup_complete` = 1 WHERE `id_app` = @id_app; + +-- Update lts updates +UPDATE tconfig SET value='1' WHERE token='lts_updates'; + +ALTER TABLE `tdashboard` +ADD COLUMN `date_range` TINYINT NOT NULL DEFAULT 0 AFTER `cells_slideshow`, +ADD COLUMN `date_from` INT NOT NULL DEFAULT 0 AFTER `date_range`, +ADD COLUMN `date_to` INT NOT NULL DEFAULT 0 AFTER `date_from`; + +SELECT @generic_data := `id_tipo` FROM `ttipo_modulo` WHERE `nombre` = "generic_data"; +SELECT @generic_proc := `id_tipo` FROM `ttipo_modulo` WHERE `nombre` = "generic_proc"; +SELECT @async_data := `id_tipo` FROM `ttipo_modulo` WHERE `nombre` = "async_data"; +SELECT @async_proc := `id_tipo` FROM `ttipo_modulo` WHERE `nombre` = "async_proc"; +UPDATE `tagente_modulo` INNER JOIN `tservice` ON `tagente_modulo`.`custom_integer_1` = `tservice`.`id` SET `tagente_modulo`.`id_tipo_modulo` = @generic_data WHERE `tagente_modulo`.`id_tipo_modulo` = @async_data; +UPDATE `tagente_modulo` INNER JOIN `tservice` ON `tagente_modulo`.`custom_integer_1` = `tservice`.`id` SET `tagente_modulo`.`id_tipo_modulo` = @generic_proc WHERE `tagente_modulo`.`id_tipo_modulo` = @async_proc; + +COMMIT; diff --git a/pandora_console/general/login_page.php b/pandora_console/general/login_page.php index e18d278ac8..bbc499661f 100755 --- a/pandora_console/general/login_page.php +++ b/pandora_console/general/login_page.php @@ -418,7 +418,7 @@ switch ($login_screen) { } if ($config['enterprise_installed']) { - if ($config['reset_pass_option']) { + if ($config['reset_pass_option'] && $config['auth'] === 'mysql') { $reset_pass_link = 'reset_pass.php'; // Reset password link. echo '
'; diff --git a/pandora_console/godmode/agentes/agent_manager.php b/pandora_console/godmode/agentes/agent_manager.php index 9fd0d8c7ef..26bae75929 100644 --- a/pandora_console/godmode/agentes/agent_manager.php +++ b/pandora_console/godmode/agentes/agent_manager.php @@ -600,43 +600,176 @@ html_print_div( 'content' => html_print_table($tableAgent, true).$CodeQRTable, ] ); -/* - TODO REVIEW - $table_satellite = ''; - if ($remote_agent === true) { - // Satellite server selector. - $satellite_servers = db_get_all_rows_filter( - 'tserver', - ['server_type' => SERVER_TYPE_ENTERPRISE_SATELLITE], - [ - 'id_server', - 'name', - ] - ); - $satellite_names = []; - if (empty($satellite_servers) === false) { - foreach ($satellite_servers as $s_server) { - $satellite_names[$s_server['id_server']] = $s_server['name']; +// Basic Options. +$tableBasicAgent = new stdClass(); +$tableBasicAgent->class = 'filter-table-adv'; +$tableBasicAgent->data = []; +$disabledBasic = false; +$tableClassDisabled = ''; +if ($new_agent === true || $remote_agent === false || $has_remote_conf === false) { + $disabledBasic = true; + $tableClassDisabled = ' basic-options-disabled'; +} + +if (enterprise_installed()) { + // Get all plugins (BASIC OPTIONS). + $agent_plugin = new PandoraFMS\Agent($id_agente); + $plugins = $agent_plugin->getPlugins(); + // Check if some plugin was enabled/disabled in conf. + foreach ($plugins as $key => $row) { + if (preg_match('/pandora_hardening/', $row['raw']) === 1) { + if ($row['disabled'] === 1) { + $security_hardening = 0; + } else { + $security_hardening = 1; + } } - $table_satellite = '

'.__('Satellite').'

'; - $table_satellite .= '
'; + if ($id_os === '1' || $id_os === '8') { + if (preg_match('/(module_plugin grep_log_module ).*/', $row['raw']) === 1) { + if ($row['disabled'] === 1) { + $enable_log_collector = 0; + } else { + $enable_log_collector = 1; + } + } - $table_satellite .= html_print_input( + if (preg_match('/(module_plugin inventory).*/', $row['raw']) === 1) { + if ($row['disabled'] === 1) { + $enable_inventory = 0; + } else { + $enable_inventory = 1; + } + } + } else { + if (preg_match('/.vbs/', $row['raw']) === 1 && preg_match('/nettraffic.vbs/', $row['raw']) === 0 && preg_match('/software_installed.vbs/', $row['raw']) === 0 && preg_match('/df.vbs/', $row['raw']) === 0 && preg_match('/win_cf.vbs/', $row['raw']) === 0) { + if ($row['disabled'] === 1) { + $enable_inventory = 0; + } else { + $enable_inventory = 1; + } + } + } + } + + if ($id_os === '9') { + $modules = $agent_plugin->getModules(); + foreach ($modules as $key => $row) { + if (preg_match('/PandoraAgent_log/', $row['raw']) === 1) { + if ($row['disabled'] === 1) { + $enable_log_collector = 0; + } else { + $enable_log_collector = 1; + } + } + } + } + + unset($agent_plugin, $plugins); + if (($new_agent === true && $config['current_package'] >= 774) || ($agent_version >= 774 && $new_agent === false)) { + if ($disabledBasic === true || $has_remote_conf === false) { + $message = __('Remote config disabled, please activate to enable agent basic options'); + $tableBasicAgent->data[] = ''.$message.''; + } + + $tableBasicAgent->data[] = html_print_label_input_block( + __('Enable security hardening monitoring'), + html_print_input( [ - 'type' => 'select', - 'fields' => $satellite_names, - 'name' => 'satellite_server', - 'selected' => $satellite_server, - 'nothing' => __('None'), - 'nothinf_value' => 0, - 'return' => true, + 'type' => 'switch', + 'id' => 'security_hardening', + 'name' => 'security_hardening', + 'value' => $security_hardening, + 'disabled' => $disabledBasic, ] - ).'
'; + ).html_print_input_hidden('options_package', '1', true) + ); + + $tableBasicAgent->data[] = html_print_label_input_block( + __('Enable log collection'), + html_print_input( + [ + 'type' => 'switch', + 'id' => 'enable_log_collector', + 'name' => 'enable_log_collector', + 'value' => $enable_log_collector, + 'disabled' => $disabledBasic, + ] + ) + ); } + + $tableBasicAgent->data[] = html_print_label_input_block( + __('Enable inventory'), + html_print_input( + [ + 'type' => 'switch', + 'id' => 'enable_inventory', + 'name' => 'enable_inventory', + 'value' => $enable_inventory, + 'disabled' => $disabledBasic, + ] + ).html_print_input_hidden('enable_basic_options', '1', true) + ); + + if ($config['ehorus_enabled'] === '1') { + $pandoraRC_Id = html_print_image( + 'images/alert_recovered@svg.svg', + true, + [ + 'class' => 'invert_filter main_menu_icon', + 'title' => __('Pandora RC connected with id ').$config['ehorus_custom_field'], + ] + ); + } else { + $pandoraRC_Id = html_print_image( + 'images/alerts.svg', + true, + [ + 'class' => 'invert_filter main_menu_icon', + 'title' => __('This agent do not have a Pandora RC agent installed, install one.'), + ] + ); } -*/ + + $tableBasicAgent->data[] = html_print_label_input_block( + __('Enable remote control'), + $pandoraRC_Id + ); + + $WarningPackage = ''; + if (($new_agent === true && $config['current_package'] < 774) || ($agent_version < 774 && $new_agent === false)) { + $WarningPackage = html_print_image( + 'images/alert-yellow@svg.svg', + true, + [ + 'title' => __('Only available for agents 774 or higher'), + 'alt' => __('Only available for agents 774 or higher'), + 'class' => 'main_menu_icon mrgn_lft_5px', + ] + ); + } +} else { + $tableBasicAgent->data[] = ''.__('Remote config is enabled only in the Enteprise version').''; + $tableBasicAgent->data[] .= html_print_input_hidden( + 'enable_basic_options', + '0', + true + ); +} + +ui_toggle( + html_print_table($tableBasicAgent, true), + ''.__('Basic options').$WarningPackage.'', + '', + 'basic_options', + true, + false, + 'white_box_content', + 'no-border white_table_graph'.$tableClassDisabled, + 'box-flat white_table_graph invisible' +); // Advanced options. $tableAdvancedAgent = new stdClass(); @@ -922,22 +1055,25 @@ $tableAdvancedAgent->data['safe_operation'][] = html_print_label_input_block( ) ); -$tableAdvancedAgent->data['vul_scan_enabled'][] = html_print_label_input_block( - __('Vulnerability scanning'), - html_print_select( - [ - 0 => __('Disabled'), - 1 => __('Enabled'), - 2 => __('Use global settings'), - ], - 'vul_scan_enabled', - $vul_scan_enabled, - '', - '', - 0, - true - ) -); +if (enterprise_installed() === true) { + $tableAdvancedAgent->data['vul_scan_enabled'][] = html_print_label_input_block( + __('Vulnerability scanning'), + html_print_select( + [ + 0 => __('Disabled'), + 1 => __('Enabled'), + 2 => __('Use global settings'), + ], + 'vul_scan_enabled', + $vul_scan_enabled, + '', + '', + 0, + true + ) + ); +} + ui_toggle( html_print_table($tableAdvancedAgent, true), @@ -1253,7 +1389,8 @@ ui_require_jquery_file('bgiframe'); }); $("#checkbox-cascade_protection").change(function () { - var checked = $("#checkbox-cascade_protection").is(":checked"); if (checked) { + var checked = $("#checkbox-cascade_protection").is(":checked"); + if (checked) { $("#cascade_protection_module").removeAttr("disabled"); $("#text-id_parent").attr("required", "required"); } @@ -1263,7 +1400,7 @@ ui_require_jquery_file('bgiframe'); $("#text-id_parent").removeAttr("required"); } }); - + var safe_mode_checked = $("#checkbox-safe_mode").is(":checked"); if (safe_mode_checked) { $("#safe_mode_module").removeAttr("disabled"); @@ -1271,10 +1408,10 @@ ui_require_jquery_file('bgiframe'); else { $("#safe_mode_module").attr("disabled", 'disabled'); } - + $("#checkbox-safe_mode").change(function () { var safe_mode_checked = $("#checkbox-safe_mode").is(":checked"); - + if (safe_mode_checked) { $("#safe_mode_module").removeAttr("disabled"); } @@ -1308,5 +1445,17 @@ ui_require_jquery_file('bgiframe'); } }); + check_basic_options(); + $('#id_os').on('change', function(){ + check_basic_options(); + }) }); + + function check_basic_options(){ + if ($('#id_os').val() == 1 || $('#id_os').val() == 8 || $('#id_os').val() == 9) { + $('#basic_options').removeClass('invisible'); + } else { + $('#basic_options').addClass('invisible'); + } + } diff --git a/pandora_console/godmode/agentes/configurar_agente.php b/pandora_console/godmode/agentes/configurar_agente.php index 09ca22062e..b4abfa1ad7 100644 --- a/pandora_console/godmode/agentes/configurar_agente.php +++ b/pandora_console/godmode/agentes/configurar_agente.php @@ -232,7 +232,7 @@ if ($create_agent) { $cps = (int) get_parameter_switch('cps', -1); $fixed_ip = (int) get_parameter_switch('fixed_ip', 0); $vul_scan_enabled = (int) get_parameter_switch('vul_scan_enabled', 2); - + $agent_version = $config['current_package']; $secondary_groups = (array) get_parameter('secondary_groups_selected', ''); $fields = db_get_all_fields_in_table('tagent_custom_fields'); @@ -300,6 +300,7 @@ if ($create_agent) { 'cps' => $cps, 'fixed_ip' => $fixed_ip, 'vul_scan_enabled' => $vul_scan_enabled, + 'agent_version' => $agent_version, ] ); } else { @@ -1015,6 +1016,13 @@ if ($update_agent) { $satellite_server = (int) get_parameter('satellite_server', 0); $fixed_ip = (int) get_parameter_switch('fixed_ip', 0); $vul_scan_enabled = (int) get_parameter_switch('vul_scan_enabled', 2); + $security_vunerability = (int) get_parameter_switch('security_vunerability', 0); + $security_hardening = (int) get_parameter_switch('security_hardening', 0); + $security_monitoring = (int) get_parameter_switch('security_monitoring', 0); + $enable_log_collector = (int) get_parameter_switch('enable_log_collector', 0); + $enable_inventory = (int) get_parameter_switch('enable_inventory', 0); + $enable_basic_options = get_parameter('enable_basic_options'); + $options_package = get_parameter('options_package', '0'); if ($fields === false) { $fields = []; @@ -1243,6 +1251,81 @@ if ($update_agent) { ); } } + + if ($enable_basic_options === '1') { + // Get all plugins (BASIC OPTIONS). + $agent = new PandoraFMS\Agent($id_agente); + $plugins = $agent->getPlugins(); + foreach ($plugins as $key => $row) { + // Only check plugins when agent package is bigger than 774. + if ($options_package === '1') { + if (preg_match('/pandora_hardening/', $row['raw']) === 1) { + if ($security_hardening === 1) { + if ($row['disabled'] === 1) { + $agent->enablePlugins($row['raw']); + } + } else { + if ($row['disabled'] !== 1) { + $agent->disablePlugins($row['raw']); + } + } + } + + if (preg_match('/(module_plugin grep_log_module ).*/', $row['raw']) === 1) { + if ($enable_log_collector === 1) { + if ($row['disabled'] === 1) { + $agent->enablePlugins($row['raw']); + } + } else { + if ($row['disabled'] !== 1) { + $agent->disablePlugins($row['raw']); + } + } + } + } + + // Inventory switch enable when basic options are enabled. + if (preg_match('/(module_plugin inventory).*/', $row['raw']) === 1) { + if ($enable_inventory === 1) { + if ($row['disabled'] === 1) { + $agent->enablePlugins($row['raw']); + } + } else { + if ($row['disabled'] !== 1) { + $agent->disablePlugins($row['raw']); + } + } + } + + // Inventory switch enable when basic options are enabled. + if (preg_match('/.vbs/', $row['raw']) === 1 && preg_match('/nettraffic.vbs/', $row['raw']) === 0 && preg_match('/software_installed.vbs/', $row['raw']) === 0 && preg_match('/df.vbs/', $row['raw']) === 0 && preg_match('/win_cf.vbs/', $row['raw']) === 0) { + if ($enable_inventory === 1) { + if ($row['disabled'] === 1) { + $agent->enablePlugins($row['raw']); + } + } else { + if ($row['disabled'] !== 1) { + $agent->disablePlugins($row['raw']); + } + } + } + } + + $modules = $agent->getModules(); + foreach ($modules as $key => $row) { + if (preg_match('/PandoraAgent_log/', $row['raw']) === 1) { + if ($enable_log_collector === 1) { + if ($row['disabled'] === 1) { + $agent->enableModule($row['module_name'], $row); + } + } else { + if ($row['disabled'] !== 1) { + $agent->disableModule($row['module_name'], $row); + } + } + } + } + } } // Read agent data @@ -1300,6 +1383,19 @@ if ($id_agente) { $satellite_server = (int) $agent['satellite_server']; $fixed_ip = (int) $agent['fixed_ip']; $vul_scan_enabled = (int) $agent['vul_scan_enabled']; + if (strpos($agent['agent_version'], '(')) { + $agent_version = (int) explode('.', explode('(', $agent['agent_version'])[0])[2]; + } else { + if (strpos($agent['agent_version'], 'build') || strpos($agent['agent_version'], 'Build')) { + $agent_version = (int) explode('.', explode('build', $agent['agent_version'])[0])[2]; + } else { + if (strpos($agent['agent_version'], '.')) { + $agent_version = (int) explode('.', $agent['agent_version'])[2]; + } else { + $agent_version = $agent['agent_version']; + } + } + } } $update_module = (bool) get_parameter('update_module'); diff --git a/pandora_console/godmode/agentes/fields_manager.php b/pandora_console/godmode/agentes/fields_manager.php index 25b06e2f5a..53b4995d20 100644 --- a/pandora_console/godmode/agentes/fields_manager.php +++ b/pandora_console/godmode/agentes/fields_manager.php @@ -217,6 +217,7 @@ foreach ($fields as $field) { array_push($table->data, $data); } +$tablePagination = ''; if ($fields) { html_print_table($table); $tablePagination = ui_pagination($count_fields, false, $offset, 0, true, 'offset', false); @@ -231,6 +232,9 @@ html_print_action_buttons( [ 'icon' => 'next' ], true ), - ['type' => 'form_action'] + [ + 'type' => 'form_action', + 'right_content' => $tablePagination, + ], ); echo ''; diff --git a/pandora_console/godmode/agentes/module_manager.php b/pandora_console/godmode/agentes/module_manager.php index 5c21fa71a0..c3772c00d3 100644 --- a/pandora_console/godmode/agentes/module_manager.php +++ b/pandora_console/godmode/agentes/module_manager.php @@ -38,6 +38,7 @@ $isFunctionPolicies = enterprise_include_once('include/functions_policies.php'); require_once $config['homedir'].'/include/functions_modules.php'; require_once $config['homedir'].'/include/functions_agents.php'; require_once $config['homedir'].'/include/functions_servers.php'; +require_once $config['homedir'].'/include/functions_macros.php'; $search_string = get_parameter('search_string'); @@ -949,7 +950,23 @@ if ($modules !== false) { ); if (strlen($module['ip_target']) !== 0) { - $title .= '
IP: '.$module['ip_target']; + // Check if value is custom field. + if ($module['ip_target'][0] == '_' && $module['ip_target'][(strlen($module['ip_target']) - 1)] == '_') { + $custom_field_name = substr($module['ip_target'], 1, -1); + $custom_value = agents_get_agent_custom_field($id_agente, $custom_field_name); + if (isset($custom_value) && $custom_value !== false) { + $title .= '
IP: '.$custom_value; + } else { + $array_macros = return_agent_macros($id_agente); + if (isset($array_macros[$module['ip_target']])) { + $title .= '
IP: '.$array_macros[$module['ip_target']]; + } else { + $title .= '
IP: '.$module['ip_target']; + } + } + } else { + $title .= '
IP: '.$module['ip_target']; + } } // This module is initialized ? (has real data). diff --git a/pandora_console/godmode/agentes/module_manager_editor_common.php b/pandora_console/godmode/agentes/module_manager_editor_common.php index de08a299de..c396634f67 100644 --- a/pandora_console/godmode/agentes/module_manager_editor_common.php +++ b/pandora_console/godmode/agentes/module_manager_editor_common.php @@ -1391,7 +1391,6 @@ $table_advanced->data['made_enabled'][0] = html_print_checkbox_switch( false, '', false, - false, 'wp100 static' ); @@ -2000,23 +1999,18 @@ ui_require_jquery_file('json'); $('#' + thisLabel).prop('checked', true); $('#' + thisLabel).siblings().prop('checked', false); - if ($('#radius-percentage_warning').prop('checked') === true || $('#radius-percentage_critical').prop('checked') === true) { + var type_selected = $("#id_module_type").val(); + var type_names = jQuery.parseJSON(Base64.decode($('#hidden-type_names').val())); + var type_name_selected = type_names[type_selected]; + + if (($('#radius-percentage_warning').prop('checked') === true && $('#radius-percentage_critical').prop('checked') === true) || type_name_selected == 'generic_data_string') { + paint_graph_values(); $("#svg_dinamic").hide(); } else { paint_graph_values(); $("#svg_dinamic").show(); } - if ($('#radius-percentage_warning').prop('checked') === true) { - $('#radius-warning_inverse').hide(); - $('#label-radius-warning_inverse').hide(); - } - - if ($('#radius-warning_inverse').prop('checked') === true) { - $('#radius-percentage_warning').hide(); - $('#label-radius-percentage_warning').hide(); - } - if ($('#radius-normal_warning').prop('checked') === true) { $('#radius-warning_inverse').show(); $('#label-radius-warning_inverse').show(); @@ -2024,17 +2018,6 @@ ui_require_jquery_file('json'); $('#label-radius-percentage_warning').show(); } - - if ($('#radius-percentage_critical').prop('checked') === true) { - $('#radius-critical_inverse').hide(); - $('#label-radius-critical_inverse').hide(); - } - - if ($('#radius-critical_inverse').prop('checked') === true) { - $('#radius-percentage_critical').hide(); - $('#label-radius-percentage_critical').hide(); - } - if ($('#radius-normal_critical').prop('checked') === true) { $('#radius-critical_inverse').show(); $('#label-radius-critical_inverse').show(); @@ -2351,30 +2334,48 @@ ui_require_jquery_file('json'); var message_error_percentage = ''; //if haven't error - if (max_w == 0 || max_w > min_w) { - if (max_c == 0 || max_c > min_c) { - paint_graph_status( - min_w, max_w, min_c, max_c, inverse_w, - inverse_c, error_w, error_c, - legend_normal, legend_warning, legend_critical, - message_error_warning, message_error_critical - ); + if (max_w == 0 || max_w > min_w || $('#radius-percentage_warning').is(':checked') === true) { + if (max_c == 0 || max_c > min_c || $('#radius-percentage_critical').is(':checked') === true) { + error_c = 0; + error_w = 0; } else { error_c = 1; - paint_graph_status( - 0, 0, 0, 0, 0, 0, error_w, error_c, - legend_normal, legend_warning, legend_critical, - message_error_warning, message_error_critical - ); + min_w = 0; + max_w = 0; + min_c = 0; + max_c = 0; + inverse_w = 0; + inverse_c = 0; } } else { + if (max_c !== 0 && max_c < min_c && $('#radius-percentage_critical').is(':checked') === false) { + error_c = 2; + } error_w = 1; - paint_graph_status( - 0, 0, 0, 0, 0, 0, error_w, error_c, - legend_normal, legend_warning, legend_critical, - message_error_warning, message_error_critical - ); + min_w = 0; + max_w = 0; + min_c = 0; + max_c = 0; + inverse_w = 0; + inverse_c = 0; } + + if ($('#radius-percentage_warning').is(':checked') === true){ + min_w = 0; + max_w = 0; + } + + if ($('#radius-percentage_critical').is(':checked') === true){ + min_c = 0; + max_c = 0; + } + + paint_graph_status( + min_w, max_w, min_c, max_c, inverse_w, + inverse_c, error_w, error_c, + legend_normal, legend_warning, legend_critical, + message_error_warning, message_error_critical + ); } /* ]]> */ diff --git a/pandora_console/godmode/agentes/module_manager_editor_plugin.php b/pandora_console/godmode/agentes/module_manager_editor_plugin.php index 970a2c4d9f..9b5d98c27d 100644 --- a/pandora_console/godmode/agentes/module_manager_editor_plugin.php +++ b/pandora_console/godmode/agentes/module_manager_editor_plugin.php @@ -171,7 +171,7 @@ foreach ($password_fields as $k => $p) { } $(document).ready(function () { - if ($("#id_plugin").val() === 0) { + if ($("#id_plugin").val() !== 0) { changePluginSelect(); } }); diff --git a/pandora_console/godmode/agentes/module_manager_editor_prediction.php b/pandora_console/godmode/agentes/module_manager_editor_prediction.php index eb85a05618..095708d2b1 100644 --- a/pandora_console/godmode/agentes/module_manager_editor_prediction.php +++ b/pandora_console/godmode/agentes/module_manager_editor_prediction.php @@ -131,9 +131,10 @@ if ($module_service_synthetic_selector !== ENTERPRISE_NOT_HOOK) { } $data = []; -$data[0] = __('Agent'); -$data[1] = __('Module'); -$data[2] = __('Period'); + +$data[0] = __('Module'); +$data[1] = __('Period'); + $table_simple->cellclass['caption_prediction_module'][0] = 'w33p'; $table_simple->cellclass['caption_prediction_module'][1] = 'w33p'; $table_simple->cellclass['caption_prediction_module'][2] = 'w33p'; @@ -163,34 +164,68 @@ $params['none_module_text'] = __('Select Module'); $params['use_hidden_input_idagent'] = true; $params['input_style'] = 'width: 100%;'; $params['hidden_input_idagent_id'] = 'hidden-id_agente_module_prediction'; -$data[0] = ui_print_agent_autocomplete_input($params); -if ($id_agente > 0) { - $predictionModuleInput = html_print_select_from_sql( - 'SELECT id_agente_modulo, nombre - FROM tagente_modulo - WHERE delete_pending = 0 - AND history_data = 1 - AND id_agente = '.$id_agente_clean.' - AND id_agente_modulo <> '.$id_agente_modulo, +if (strstr($page, 'policy_modules') === false) { + $modules = agents_get_modules($id_agente); + + $predictionModuleInput = html_print_select( + $modules, 'prediction_module', $prediction_module, '', - __('Select Module'), + '', 0, true, false, true, + '', false, - 'width: 100%;' + false, + false, + false, + false, + '', + false, + false, + false, + false, + true, + false, + false, + '', + false, + 'pm' ); } else { - $predictionModuleInput = ''; + $modules = index_array(policies_get_modules($policy_id, false, ['id', 'name'])); + + $predictionModuleInput = html_print_select( + $modules, + 'id_module_policy', + $module['custom_integer_1'], + '', + '', + 0, + true, + false, + true, + '', + false, + false, + false, + false, + false, + '', + false, + false, + true + ); } -$data[1] = $predictionModuleInput; -$data[2] = html_print_select([__('Weekly'), __('Monthly'), __('Daily')], 'custom_integer_2', $custom_integer_2, '', '', 0, true, false, true, '', false, 'width: 100%;'); -$data[2] .= html_print_input_hidden('id_agente_module_prediction', $id_agente, true); +$data[0] = $predictionModuleInput; +$data[1] = html_print_select([__('Weekly'), __('Monthly'), __('Daily')], 'custom_integer_2', $custom_integer_2, '', '', 0, true, false, true, '', false, 'width: 100%;'); +$data[1] .= html_print_input_hidden('id_agente_module_prediction', $id_agente, true); + $table_simple->cellclass['prediction_module'][0] = 'w33p'; $table_simple->cellclass['prediction_module'][1] = 'w33p'; $table_simple->cellclass['prediction_module'][2] = 'w33p'; @@ -264,7 +299,7 @@ if ($selector_form !== ENTERPRISE_NOT_HOOK) { } // Synthetic modules are an Enterprise feature. -$synthetic_module_form = enterprise_hook('get_synthetic_module_form'); +$synthetic_module_form = enterprise_hook('get_synthetic_module_form', [$policy_id]); if ($synthetic_module_form !== ENTERPRISE_NOT_HOOK) { $data = []; $data[0] = $synthetic_module_form; diff --git a/pandora_console/godmode/alerts/alert_templates.php b/pandora_console/godmode/alerts/alert_templates.php index 003ec45d03..8236d1e69c 100644 --- a/pandora_console/godmode/alerts/alert_templates.php +++ b/pandora_console/godmode/alerts/alert_templates.php @@ -31,13 +31,14 @@ if (is_ajax()) { return; } - echo '

'.$template['name'].'

'; + echo '

'.$template['name'].'

'; + echo html_print_image('images/info.svg', true, ['class' => 'invert_filter']); + echo ui_print_alert_template_example($template['id'], true, true, false); + echo '
'; + echo '
'; echo ''.__('Type').': '; echo alerts_get_alert_templates_type_name($template['type']); - echo '
'; - echo ui_print_alert_template_example($template['id'], true); - echo '
'; if ($template['description'] != '') { diff --git a/pandora_console/godmode/alerts/alert_view.php b/pandora_console/godmode/alerts/alert_view.php index 8d4d07e578..7809742221 100644 --- a/pandora_console/godmode/alerts/alert_view.php +++ b/pandora_console/godmode/alerts/alert_view.php @@ -256,7 +256,7 @@ $schedule = io_safe_output( $data[0] = ''; $data[0] .= html_print_input_hidden('schedule', $schedule, true); -$data[0] .= '
'; +$data[0] .= '
'; $data[1] = ''; $table_conditions->data[] = $data; diff --git a/pandora_console/godmode/alerts/configure_alert_action.php b/pandora_console/godmode/alerts/configure_alert_action.php index 4718689da5..6d33077bf8 100644 --- a/pandora_console/godmode/alerts/configure_alert_action.php +++ b/pandora_console/godmode/alerts/configure_alert_action.php @@ -520,7 +520,7 @@ $(document).ready (function () { name: "id_action", value: "" }); - + jQuery.post (, values, function (data, status) { @@ -552,6 +552,9 @@ $(document).ready (function () { // If the row is empty, hide it if (field_row == '') { + // Clear hidden fields. + $("[name=field" + i + "_value]").val(''); + $("[name=field" + i + "_recovery_value]").val('') $table_macros_field.hide(); continue; } diff --git a/pandora_console/godmode/alerts/configure_alert_template.php b/pandora_console/godmode/alerts/configure_alert_template.php index bbd758d9a9..7365339191 100644 --- a/pandora_console/godmode/alerts/configure_alert_template.php +++ b/pandora_console/godmode/alerts/configure_alert_template.php @@ -1240,7 +1240,7 @@ if ($step == 2) { 'priority', $priority, '', - 0, + '', 0, true, false, diff --git a/pandora_console/godmode/db/db_main.php b/pandora_console/godmode/db/db_main.php index 9979b2c224..3bd4052ba2 100644 --- a/pandora_console/godmode/db/db_main.php +++ b/pandora_console/godmode/db/db_main.php @@ -27,7 +27,6 @@ if (! check_acl($config['id_user'], 0, 'DM')) { // Get some general DB stats (not very heavy) // NOTE: this is not realtime monitoring stats, are more focused on DB sanity -$stat_access = db_get_sql('SELECT COUNT(*) FROM tagent_access WHERE id_agent != 0'); $stat_data = db_get_sql('SELECT COUNT(*) FROM tagente_datos WHERE id_agente_modulo != 0'); $stat_data_log4x = db_get_sql('SELECT COUNT(*) FROM tagente_datos_log4x WHERE id_agente_modulo != 0'); $stat_data_string = db_get_sql('SELECT COUNT(*) FROM tagente_datos_string WHERE id_agente_modulo != 0'); @@ -149,18 +148,6 @@ echo $stat_modules; echo ''; - -echo ''; -echo __('Total agent access records'); -echo ''; -if ($stat_access > $max_access) { - echo "$stat_access"; -} else { - echo $stat_access; -} - -echo ''; - // Sanity echo ''; echo __('Database sanity'); diff --git a/pandora_console/godmode/events/custom_events.php b/pandora_console/godmode/events/custom_events.php index c91a2df8fe..4ab84fa76b 100644 --- a/pandora_console/godmode/events/custom_events.php +++ b/pandora_console/godmode/events/custom_events.php @@ -115,6 +115,7 @@ $fields_available['module_status'] = __('Module Status'); $fields_available['mini_severity'] = __('Severity mini'); $fields_available['module_custom_id'] = __('Module custom ID'); $fields_available['custom_data'] = __('Custom data'); +$fields_available['event_custom_id'] = __('Event Custom ID'); // Remove fields already selected. diff --git a/pandora_console/godmode/gis_maps/configure_gis_map.php b/pandora_console/godmode/gis_maps/configure_gis_map.php index a6f282d2cf..cc9ed5d5f0 100644 --- a/pandora_console/godmode/gis_maps/configure_gis_map.php +++ b/pandora_console/godmode/gis_maps/configure_gis_map.php @@ -68,7 +68,7 @@ foreach ($layer_ids as $layer_id) { $layer_list[] = [ 'id' => (strpos($layer_id, 'new_') === false) ? (int) $layer_id : null, 'layer_name' => $trimmed_name, - 'layer_visible' => ((int) $layers[$layer_id]['visible'] === 1), + 'layer_visible' => ($layers[$layer_id]['visible'] === 'true'), 'layer_group' => (int) $layers[$layer_id]['agents_from_group'], 'layer_agent_list' => $layers[$layer_id]['agents'], 'layer_group_list' => $layers[$layer_id]['groups'], @@ -243,10 +243,15 @@ switch ($action) { $map_default_altitude = get_parameter('map_default_altitude'); $map_group_id = get_parameter('map_group_id'); $map_levels_zoom = get_parameter('map_levels_zoom', 16); - $map_connection_list_temp = explode(',', get_parameter('map_connection_list')); + $map_connection_list_temp_string = implode(',', $map_connection_list_temp); + if (strlen($map_connection_list_temp_string) > 0) { + $where_map_connection = ' WHERE id_tmap_connection IN('.$map_connection_list_temp_string.')'; + } else { + $where_map_connection = ''; + } - $listConnectionTemp = db_get_all_rows_sql('SELECT id_tmap_connection, conection_name, group_id FROM tgis_map_connection'); + $listConnectionTemp = db_get_all_rows_sql('SELECT id_tmap_connection, conection_name, group_id FROM tgis_map_connection'.$where_map_connection); foreach ($map_connection_list_temp as $index => $value) { $cleanValue = trim($value); @@ -256,7 +261,6 @@ switch ($action) { } $map_connection_default = get_parameter('map_connection_default'); - $map_connection_list = []; foreach ($listConnectionTemp as $idMapConnection) { $default = 0; @@ -345,7 +349,7 @@ function deleteConnectionMap(idConnectionMap) { checked = $("#radiobtn0001", $("#map_connection_" + idConnectionMap)).attr('checked'); $("#map_connection_" + idConnectionMap).remove(); - + if (checked) { //Checked first, but not is index = 0 maybe. @@ -485,7 +489,7 @@ foreach ($listConnectionTemp as $connectionTemp) { $table->data[1][0] = __('Add Map connection').$iconError; $table->data[1][1] = " - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -5751,6 +6025,27 @@ $(document).ready (function () { return false; } break; + case 'vuls_info_agent': + if ($("#hidden-id_agent").val() == 0) { + dialog_message('#message_no_agent'); + return false; + } + break; + + case 'top_n_agents_vuls': + if ($("#text-max_items").val() == '') { + dialog_message('#message_no_max_item'); + return false; + } + break; + + case 'top_n_vuls_count': + if ($("#text-max_items").val() == '') { + dialog_message('#message_no_max_item'); + return false; + } + break; + default: break; } @@ -5911,7 +6206,24 @@ $(document).ready (function () { return false; } break; - + case 'vuls_info_agent': + if ($("#hidden-id_agent").val() == 0) { + dialog_message('#message_no_agent'); + return false; + } + break; + case 'top_n_agents_vuls': + if ($("#text-max_items").val() == '') { + dialog_message('#message_no_max_item'); + return false; + } + break; + case 'top_n_vuls_count': + if ($("#text-max_items").val() == '') { + dialog_message('#message_no_max_item'); + return false; + } + break; default: break; } @@ -6964,12 +7276,22 @@ function chooseType() { $("#row_group_by").hide(); $("#row_type_show").hide(); $("#row_use_prefix_notation").hide(); + $("#row_unknowns_graph").hide(); $("#row_os_selector").hide(); $("#row_os_version_regexp").hide(); $("#row_os_end_of_life").hide(); $("#row_cat_security_hardening").hide(); $("#row_ignore_skipped").hide(); $("#row_status_check").hide(); + $("#row_secmon_status").hide(); + $("#row_security_hardening_score").hide(); + $("#row_vulnerabilities_status").hide(); + $("#row_vulnerabilities_packages").hide(); + $("#row_vulnerabilities_severity").hide(); + $("#row_vulnerabilities_ac").hide(); + $("#row_vulnerabilities_pr").hide(); + $("#row_vulnerabilities_ui").hide(); + $("#row_vulnerabilities_av").hide(); // SLA list default state. $("#sla_list").hide(); @@ -7056,6 +7378,7 @@ function chooseType() { $("#row_image_threshold").show(); $("#row_graph_render").show(); $("#row_percentil").show(); + $("#row_unknowns_graph").show(); // Force type. if('' === 'new'){ @@ -7885,6 +8208,50 @@ function chooseType() { $("#row_group").show(); $('#row_period').show(); break; + + case 'vuls_severity_graph': + $("#row_group").show(); + break; + + case 'vuls_attack_complexity': + $("#row_group").show(); + break; + + case 'vuls_by_packages': + $("#row_group").show(); + break; + + case 'vuls_by_agent': + $("#row_group").show(); + $("#row_custom_field_filter").show(); + $("#row_secmon_status").show(); + $("#row_security_hardening_score").show(); + $("#row_vulnerabilities_status").show(); + break; + + case 'vuls_info_agent': + $("#row_agent").show(); + $("#row_vulnerabilities_packages").show(); + $("#row_vulnerabilities_severity").show(); + $("#row_vulnerabilities_ac").show(); + $("#row_vulnerabilities_pr").show(); + $("#row_vulnerabilities_ui").show(); + $("#row_vulnerabilities_av").show(); + updatePackages(); + $('#row_agent input[type=text]').change(function(e) { + updatePackages(); + }); + break; + + case 'top_n_agents_vuls': + $("#row_group").show(); + $("#row_max_items").show(); + break; + + case 'top_n_vuls_count': + $("#row_group").show(); + $("#row_max_items").show(); + break; } switch (type) { @@ -8127,6 +8494,46 @@ function control_period_range() { }, 800); } } + + + + +function updateSelect(element, fields, selected) { + if (typeof fields === "object") { + $(element).find("select").empty(); + $(element).find(".select2-container .select2-selection__rendered").empty(); + Object.keys(fields).forEach(function(key) { + if (key === selected) { + $(element).find(".select2-container .select2-selection__rendered").append(`${fields[key]}`); + $(element).find("select").append(``); + } else { + $(element).find("select").append(``); + } + }); + } +} + +function updatePackages() { + let id_agent = $('#hidden-id_agent').val(); + let server_id = $('#hidden-server_id').val(); + $.ajax({ + method: "POST", + url: "", + data: { + page: "", + action: "updatePackages", + id_agent: id_agent, + server_id: server_id, + }, + success: function(data) { + const json = JSON.parse(data); + if (json.success) { + updateSelect("#row_vulnerabilities_packages", json.data, ''); + } + } + }); +} + $(document).ready(function () { $('[id^=period], #combo_graph_options, #combo_sla_sort_options').next().css('z-index', 0); diff --git a/pandora_console/godmode/reporting/reporting_builder.list_items.php b/pandora_console/godmode/reporting/reporting_builder.list_items.php index d3fd439181..e92e038dfe 100755 --- a/pandora_console/godmode/reporting/reporting_builder.list_items.php +++ b/pandora_console/godmode/reporting/reporting_builder.list_items.php @@ -777,7 +777,7 @@ $table->data[0][0] = html_print_label_input_block( ) ); $table->data[0][1] = html_print_label_input_block( - __('Poisition'), + __('Position'), html_print_input_text_extended( 'position_to_delete', 1, diff --git a/pandora_console/godmode/reporting/reporting_builder.main.php b/pandora_console/godmode/reporting/reporting_builder.main.php index c0381acca2..d4914d2b58 100755 --- a/pandora_console/godmode/reporting/reporting_builder.main.php +++ b/pandora_console/godmode/reporting/reporting_builder.main.php @@ -180,8 +180,8 @@ if ($report_id_user == $config['id_user'] $options['div_class'] = ''; } - $table->data[2][1] = html_print_label_input_block( - __('Group'), + $table->data[3][0] = html_print_label_input_block( + __('Write Access Group'), html_print_select_groups( false, 'RW', @@ -216,7 +216,7 @@ if ($enterpriseEnable) { if (enterprise_installed() === true) { - $table->data[3][0] = html_print_label_input_block( + $table->data[4][0] = html_print_label_input_block( __('Generate cover page in PDF render'), html_print_checkbox_switch( 'cover_page_render', @@ -226,7 +226,7 @@ if (enterprise_installed() === true) { ) ); - $table->data[3][1] = html_print_label_input_block( + $table->data[4][1] = html_print_label_input_block( __('Generate index in PDF render'), html_print_checkbox_switch( 'index_render', diff --git a/pandora_console/godmode/reporting/reporting_builder.php b/pandora_console/godmode/reporting/reporting_builder.php index 427aa95cef..50d4e4f451 100755 --- a/pandora_console/godmode/reporting/reporting_builder.php +++ b/pandora_console/godmode/reporting/reporting_builder.php @@ -1943,6 +1943,7 @@ switch ($action) { $values['graph_render'] = (int) get_parameter( 'graph_render' ); + $values['check_unknowns_graph'] = get_parameter_switch('unknowns_graph', 0); case 'simple_baseline_graph': // HACK it is saved in show_graph field. $values['show_graph'] = (int) get_parameter( @@ -2060,6 +2061,56 @@ switch ($action) { $good_format = true; break; + case 'vuls_severity_graph': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + + case 'vuls_attack_complexity': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + + case 'vuls_by_packages': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + + case 'vuls_by_agent': + $values['id_group'] = get_parameter('combo_group'); + $es['agent_custom_field_filter'] = get_parameter('agent_custom_field_filter'); + $es['secmon_status'] = get_parameter('secmon_status'); + $es['security_hardening_score'] = get_parameter('security_hardening_score'); + $es['vulnerabilities_status'] = get_parameter('vulnerabilities_status'); + $values['external_source'] = json_encode($es); + $good_format = true; + break; + + case 'vuls_info_agent': + $values['id_agent'] = get_parameter('id_agent'); + $es['server_id'] = get_parameter('server_id'); + $es['vul_package'] = get_parameter('vul_package'); + $es['vul_severity'] = get_parameter('vul_severity'); + $es['vul_ac'] = get_parameter('vul_ac'); + $es['vul_pr'] = get_parameter('vul_pr'); + $es['vul_ui'] = get_parameter('vul_ui'); + $es['vul_av'] = get_parameter('vul_av'); + $values['external_source'] = json_encode($es); + $good_format = true; + break; + + case 'top_n_agents_vuls': + $values['id_group'] = get_parameter('combo_group'); + $values['top_n_value'] = get_parameter('max_items'); + $good_format = true; + break; + + case 'top_n_vuls_count': + $values['id_group'] = get_parameter('combo_group'); + $values['top_n_value'] = get_parameter('max_items'); + $good_format = true; + break; + default: $values['period'] = get_parameter('period'); $values['top_n'] = get_parameter( @@ -2895,6 +2946,7 @@ switch ($action) { $values['graph_render'] = (int) get_parameter( 'graph_render' ); + $values['check_unknowns_graph'] = get_parameter_switch('unknowns_graph', 0); case 'simple_baseline_graph': // HACK it is saved in show_graph field. $values['show_graph'] = (int) get_parameter( @@ -3005,6 +3057,56 @@ switch ($action) { $good_format = true; break; + case 'vuls_severity_graph': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + + case 'vuls_attack_complexity': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + + case 'vuls_by_packages': + $values['id_group'] = get_parameter('combo_group'); + $good_format = true; + break; + + case 'vuls_by_agent': + $values['id_group'] = get_parameter('combo_group'); + $es['agent_custom_field_filter'] = get_parameter('agent_custom_field_filter'); + $es['secmon_status'] = get_parameter('secmon_status'); + $es['security_hardening_score'] = get_parameter('security_hardening_score'); + $es['vulnerabilities_status'] = get_parameter('vulnerabilities_status'); + $values['external_source'] = json_encode($es); + $good_format = true; + break; + + case 'vuls_info_agent': + $values['id_agent'] = get_parameter('id_agent'); + $es['server_id'] = get_parameter('server_id'); + $es['vul_package'] = get_parameter('vul_package'); + $es['vul_severity'] = get_parameter('vul_severity'); + $es['vul_ac'] = get_parameter('vul_ac'); + $es['vul_pr'] = get_parameter('vul_pr'); + $es['vul_ui'] = get_parameter('vul_ui'); + $es['vul_av'] = get_parameter('vul_av'); + $values['external_source'] = json_encode($es); + $good_format = true; + break; + + case 'top_n_agents_vuls': + $values['id_group'] = get_parameter('combo_group'); + $values['top_n_value'] = get_parameter('max_items'); + $good_format = true; + break; + + case 'top_n_vuls_count': + $values['id_group'] = get_parameter('combo_group'); + $values['top_n_value'] = get_parameter('max_items'); + $good_format = true; + break; + default: $values['period'] = get_parameter('period'); $values['top_n'] = get_parameter( diff --git a/pandora_console/godmode/reporting/visual_console_builder.data.php b/pandora_console/godmode/reporting/visual_console_builder.data.php index 5ce3c3f679..f5cc8d059c 100644 --- a/pandora_console/godmode/reporting/visual_console_builder.data.php +++ b/pandora_console/godmode/reporting/visual_console_builder.data.php @@ -151,7 +151,7 @@ $table->data[0][] = html_print_label_input_block( __('Name'), html_print_input_text( 'name', - $visualConsoleName, + io_safe_output($visualConsoleName), '', 80, 100, diff --git a/pandora_console/godmode/reporting/visual_console_builder.php b/pandora_console/godmode/reporting/visual_console_builder.php index 986dcb423b..bcfb6f99c9 100755 --- a/pandora_console/godmode/reporting/visual_console_builder.php +++ b/pandora_console/godmode/reporting/visual_console_builder.php @@ -164,6 +164,9 @@ switch ($activeTab) { $width = (int) get_parameter('width'); $height = (int) get_parameter('height'); $visualConsoleName = (string) get_parameter('name'); + $visualConsoleName = str_replace('<', '', $visualConsoleName); + $visualConsoleName = str_replace('>', '', $visualConsoleName); + $visualConsoleName = (string) io_safe_input($visualConsoleName); $is_favourite = (int) get_parameter('is_favourite_sent'); $auto_adjust = (int) get_parameter('auto_adjust_sent'); @@ -239,7 +242,7 @@ switch ($activeTab) { if ($uploadOK == 1) { if (move_uploaded_file($_FILES['background_image']['tmp_name'], $target_file)) { $background = $nameImage; - $values['background'] = $background; + $values['background'] = io_safe_input($background); $error2 = chmod($target_file, 0644); $uploadOK = $error2; } else { @@ -872,7 +875,7 @@ $buttons[$activeTab]['active'] = true; $tab_builder = ($activeTab === 'editor') ? 'visual_console_editor_editor_tab' : ''; ui_print_standard_header( - ($visualConsoleName ?? ''), + (io_safe_output($visualConsoleName) ?? ''), 'images/visual_console.png', false, $tab_builder, diff --git a/pandora_console/godmode/servers/plugin.php b/pandora_console/godmode/servers/plugin.php index 315702528e..39acc45c21 100644 --- a/pandora_console/godmode/servers/plugin.php +++ b/pandora_console/godmode/servers/plugin.php @@ -860,8 +860,10 @@ if (empty($create) === false || empty($view) === false) { if ($management_allowed === false) { ui_print_warning_message( __( - 'This console is not manager of this environment, - please manage this feature from centralized manager console (Metaconsole).' + 'This console is not manager of this environment, please manage this feature from feature from %s.', + ''.__('metaconsole').'' ) ); } diff --git a/pandora_console/godmode/servers/servers.build_table.php b/pandora_console/godmode/servers/servers.build_table.php index 101a99d955..516a62ea82 100644 --- a/pandora_console/godmode/servers/servers.build_table.php +++ b/pandora_console/godmode/servers/servers.build_table.php @@ -64,32 +64,33 @@ $table->style = []; // $table->style[0] = 'font-weight: bold'; $table->align = []; $table->align[1] = 'center'; -$table->align[3] = 'center'; -$table->align[8] = 'right'; +$table->align[4] = 'center'; +$table->align[9] = 'right'; $table->headstyle[1] = 'text-align:center'; -$table->headstyle[3] = 'text-align:center'; -$table->headstyle[8] = 'text-align:right;width: 120px;'; +$table->headstyle[4] = 'text-align:center'; +$table->headstyle[9] = 'text-align:right;width: 120px;'; $table->titleclass = 'tabletitle'; $table->titlestyle = 'text-transform:uppercase;'; -$table->style[6] = 'display: flex;align-items: center;'; +$table->style[7] = 'display: flex;align-items: center;'; $table->head = []; $table->head[0] = __('Name'); $table->head[1] = __('Status'); $table->head[2] = __('Type'); -$table->head[3] = __('Version'); -$table->head[4] = __('Modules'); -$table->head[5] = __('Lag').ui_print_help_tip(__('Avg. Delay(sec)/Modules delayed'), true); -$table->head[6] = __('T/Q').ui_print_help_tip(__('Threads / Queued modules currently'), true); +$table->head[3] = __('Master'); +$table->head[4] = __('Version'); +$table->head[5] = __('Modules'); +$table->head[6] = __('Lag').ui_print_help_tip(__('Avg. Delay(sec)/Modules delayed'), true); +$table->head[7] = __('T/Q').ui_print_help_tip(__('Threads / Queued modules currently'), true); // This will have a column of data such as "6 hours". -$table->head[7] = __('Updated'); +$table->head[8] = __('Updated'); // Only Pandora Administrator can delete servers. if ((bool) check_acl($config['id_user'], 0, 'PM') === true) { - $table->head[8] = ''.__('Op.').''; + $table->head[9] = ''.__('Op.').''; } $table->data = []; @@ -143,9 +144,11 @@ foreach ($servers as $server) { } // Type. - $data[2] = ''.$server['img']; + $data[2] = ''.$server['img'].'    '.$server['name']; if ($server['master'] == $master) { - $data[2] .= ui_print_help_tip(__('This is a master server'), true); + $data[3] .= __('Yes', true); + } else { + $data[3] .= __('-'); } if ((int) $server['exec_proxy'] === 1) { @@ -157,27 +160,27 @@ foreach ($servers as $server) { case 'event': case 'autoprovision': case 'migration': - $data[3] = $server['version']; - $data[4] = __('N/A'); + $data[4] = $server['version']; $data[5] = __('N/A'); + $data[6] = __('N/A'); break; case 'export': - $data[3] = $server['version']; - $data[4] = $server['modules'].' '.__('of').' '.$server['modules_total']; - $data[5] = __('N/A'); + $data[4] = $server['version']; + $data[5] = $server['modules'].' '.__('of').' '.$server['modules_total']; + $data[6] = __('N/A'); break; default: - $data[3] = $server['version']; - $data[4] = $server['modules'].' '.__('of').' '.$server['modules_total']; - $data[5] = ''.$server['lag_txt'].''; + $data[4] = $server['version']; + $data[5] = $server['modules'].' '.__('of').' '.$server['modules_total']; + $data[6] = ''.$server['lag_txt'].''; break; } - $data[6] = ''; - if ($server['queued_modules'] > 500) { - $data[6] .= '
'.html_print_image( + $data[7] = ''; + if ($server['queued_modules'] >= $config['number_modules_queue']) { + $data[7] .= '
'.html_print_image( 'images/info-warning.svg', true, [ @@ -189,9 +192,9 @@ foreach ($servers as $server) { ).'
  '; } - $data[6] .= $server['threads'].' : '.$server['queued_modules']; + $data[7] .= $server['threads'].' : '.$server['queued_modules']; - $data[7] = ui_print_timestamp($server['keepalive'], true); + $data[8] = ui_print_timestamp($server['keepalive'], true); if ($server['type'] === 'data') { $ext = '_server'; @@ -208,11 +211,11 @@ foreach ($servers as $server) { // Only Pandora Administrator can delete servers. if ((bool) check_acl($config['id_user'], 0, 'PM') === true) { - $data[8] = ''; + $data[9] = ''; if ($server['type'] === 'recon') { - $data[8] .= ''; - $data[8] .= html_print_image( + $data[9] .= ''; + $data[9] .= html_print_image( 'images/snmp-trap@svg.svg', true, [ @@ -221,12 +224,12 @@ foreach ($servers as $server) { ] ); - $data[8] .= ''; + $data[9] .= ''; } if ($server['type'] === 'data') { - $data[8] .= ''; - $data[8] .= html_print_image( + $data[9] .= ''; + $data[9] .= html_print_image( 'images/force@svg.svg', true, [ @@ -234,10 +237,10 @@ foreach ($servers as $server) { 'class' => 'main_menu_icon invert_filter', ] ); - $data[8] .= ''; + $data[9] .= ''; } else if ($server['type'] === 'enterprise snmp') { - $data[8] .= ''; - $data[8] .= html_print_image( + $data[9] .= ''; + $data[9] .= html_print_image( 'images/force@svg.svg', true, [ @@ -245,12 +248,12 @@ foreach ($servers as $server) { 'class' => 'main_menu_icon invert_filter', ] ); - $data[8] .= ''; + $data[9] .= ''; } if ($server['type'] === 'event' && (bool) check_acl($config['id_user'], 0, 'LM') === true) { - $data[8] .= ''; - $data[8] .= html_print_image( + $data[9] .= ''; + $data[9] .= html_print_image( 'images/alert@svg.svg', true, [ @@ -258,11 +261,11 @@ foreach ($servers as $server) { 'class' => 'main_menu_icon invert_filter', ] ); - $data[8] .= ''; + $data[9] .= ''; } - $data[8] .= ''; - $data[8] .= html_print_image( + $data[9] .= ''; + $data[9] .= html_print_image( 'images/edit.svg', true, [ @@ -270,11 +273,11 @@ foreach ($servers as $server) { 'class' => 'main_menu_icon invert_filter', ] ); - $data[8] .= ''; + $data[9] .= ''; if (($names_servers[$safe_server_name] === true) && ($ext === '_server' || $server['type'] === 'enterprise satellite')) { - $data[8] .= ''; - $data[8] .= html_print_image( + $data[9] .= ''; + $data[9] .= html_print_image( 'images/agents@svg.svg', true, [ @@ -282,10 +285,10 @@ foreach ($servers as $server) { 'class' => 'main_menu_icon invert_filter', ] ); - $data[8] .= ''; + $data[9] .= ''; - $data[8] .= ''; - $data[8] .= html_print_image( + $data[9] .= ''; + $data[9] .= html_print_image( 'images/remote-configuration@svg.svg', true, [ @@ -293,12 +296,12 @@ foreach ($servers as $server) { 'class' => 'main_menu_icon invert_filter', ] ); - $data[8] .= ''; + $data[9] .= ''; $names_servers[$safe_server_name] = false; } - $data[8] .= ''; - $data[8] .= html_print_image( + $data[9] .= ''; + $data[9] .= html_print_image( 'images/delete.svg', true, [ @@ -307,14 +310,14 @@ foreach ($servers as $server) { 'class' => 'main_menu_icon invert_filter', ] ); - $data[8] .= ''; + $data[9] .= ''; } if ($tiny) { - unset($data[4]); - unset($data[6]); + unset($data[5]); unset($data[7]); unset($data[8]); + unset($data[9]); } $ext = ''; @@ -323,10 +326,10 @@ foreach ($servers as $server) { } if ($tiny) { - unset($table->head[4]); - unset($table->head[6]); + unset($table->head[5]); unset($table->head[7]); unset($table->head[8]); + unset($table->head[9]); } if ($tiny) { diff --git a/pandora_console/godmode/setup/file_manager.php b/pandora_console/godmode/setup/file_manager.php index cfcf3c0827..211af66cb7 100644 --- a/pandora_console/godmode/setup/file_manager.php +++ b/pandora_console/godmode/setup/file_manager.php @@ -71,6 +71,8 @@ if (isset($config['filemanager']['message']) === true) { $fallback_directory = 'images'; // Get directory. $directory = (string) get_parameter('directory'); +$directory = str_replace('<', '', $text); +$directory = str_replace('>', '', $text); if (empty($directory) === true) { $directory = $fallback_directory; } else { diff --git a/pandora_console/godmode/setup/links.php b/pandora_console/godmode/setup/links.php index fc27454b48..20e61e95b0 100644 --- a/pandora_console/godmode/setup/links.php +++ b/pandora_console/godmode/setup/links.php @@ -54,8 +54,12 @@ if (isset($_POST['create'])) { if (! $result) { ui_print_error_message(__('There was a problem creating link')); } else { - ui_print_success_message(__('Successfully created')); $id_link = $result; + ui_print_result_message( + $id_link, + __('Successfully created'), + __('Could not be created') + ); } } @@ -111,8 +115,8 @@ if ((isset($_GET['form_add'])) or (isset($_GET['form_edit']))) { $link = ''; } - echo '
".html_print_select($listConnection, 'map_connection_list', '', '', '', '0', true)." + ".html_print_select($listConnection, 'select-map_connection_list', '', '', '', '0', true)." ".html_print_image( @@ -560,21 +564,23 @@ html_print_table($table); $user_groups = users_get_groups($config['user'], 'AR', false); -echo '

'.__('Layers').'

'; +echo '
'.__('Layers').''; $table->width = '100%'; $table->class = 'databox filters'; $table->valign = []; -$table->valign[0] = 'top'; -$table->valign[1] = 'top'; +$table->valign[0] = 'top; width: 50%'; +$table->valign[1] = 'top; width: 50%'; $table->data = []; $table->data[0][0] = '

'.__('List of layers').'

'; $table->data[0][1] = '
'.html_print_button(__('New layer'), 'new_layer', false, 'newLayer();', 'class="sub add "', true).'
'; -$table->data[1][0] = '
'; -$table->data[1][1] = '
'; switch ($action) { case 'save_new': @@ -1229,6 +1237,8 @@ function getLayerRow (layerId, layerData) { .append($editCol) .append($deleteCol); + $("#list_layers").removeClass('invisible'); + return $row; } diff --git a/pandora_console/godmode/groups/group_list.php b/pandora_console/godmode/groups/group_list.php index 00bbdddb39..66717bc35b 100644 --- a/pandora_console/godmode/groups/group_list.php +++ b/pandora_console/godmode/groups/group_list.php @@ -84,6 +84,9 @@ if (is_ajax() === true) { } $group = db_get_row('tgrupo', 'id_grupo', $id_group); + if (str_contains($group['icon'], '.png') === true) { + $group['folder'] = 'groups_small/'; + } echo json_encode($group); return; @@ -757,6 +760,125 @@ if ($tab == 'tree') { /* * Group tree view. */ + + $table = new stdClass(); + $table->width = '100%'; + $table->class = 'databox filters filter-table-adv'; + if (is_metaconsole() === true) { + $table->cellspacing = 0; + $table->cellpadding = 0; + } + + $search_group_string = get_parameter('search_group_string', ''); + $search_agent_string = get_parameter('search_agent_string', ''); + $agent_status = get_parameter('agent_status', ''); + $show_not_init_agents = get_parameter('show_not_init_agents', 1); + $show_not_init_modules = get_parameter('show_not_init_modules', 1); + $show_full_hirearchy = get_parameter('show_full_hirearchy', 1); + + + $table->data = []; + $table->head = []; + $table->style = []; + + $table->style[0] = 'width: 50%;'; + $table->style[1] = 'width: 50%;'; + + $table->data[0][0] = html_print_label_input_block( + __('Search group'), + html_print_input_text( + 'search_group_string', + $search_group_string, + '', + 25, + 255, + true, + false, + false, + '', + ) + ); + + $agents_status_list = agents_status_list(); + + $table->data[0][1] = html_print_label_input_block( + __('Search by agent status').ui_print_help_tip(__('Shows the groups that contain an agent with the status that has been searched'), true), + html_print_select( + $agents_status_list, + 'agent_status', + $agent_status, + '', + __('All'), + '', + true, + false, + false, + 'w200p', + false, + 'width: 100%;' + ) + ); + + $table->data[1][0] = html_print_label_input_block( + __('Search by agent').ui_print_help_tip(__('Shows groups that contain an agent matching the search'), true), + html_print_input_text( + 'search_agent_string', + $search_agent_string, + '', + 25, + 255, + true, + false, + false, + '', + ) + ); + + $table->data[1][1] = html_print_label_input_block( + __('Show full hierarchy'), + html_print_checkbox_switch_extended( + 'show_full_hirearchy', + 1, + $show_full_hirearchy, + false, + '', + '', + true + ) + ); + + $table->data[3][0] = ' '; + + $table->data[3][1] = html_print_submit_button( + __('Filter'), + 'filter', + false, + [ + 'class' => 'float-right', + 'icon' => 'search', + ], + true + ); + + $form = "
"; + $form .= html_print_table($table, true); + $form .= '
'; + + + + ui_toggle( + $form, + ''.__('Filters').'', + 'filter_form', + '', + true, + false, + '', + 'white-box-content', + 'box-flat white_table_graph fixed_filter_bar' + ); + + echo "
"; } else { /* @@ -826,6 +948,8 @@ if ($tab == 'tree') { ); $form .= ''; + + ui_toggle( $form, ''.__('Filters').'', @@ -1058,87 +1182,119 @@ $tab = 'group_edition'; diff --git a/pandora_console/godmode/massive/massive_add_alerts.php b/pandora_console/godmode/massive/massive_add_alerts.php index 57261a357b..ad5cc00e27 100755 --- a/pandora_console/godmode/massive/massive_add_alerts.php +++ b/pandora_console/godmode/massive/massive_add_alerts.php @@ -255,7 +255,18 @@ $table->data[1][1] = html_print_select( true, '', false, - 'width:180px;' + 'width:180px;', + false, + false, + false, + '', + false, + false, + false, + false, + true, + true, + true ); $table->data[1][2] = __('When select agents'); $table->data[1][2] .= '
'; @@ -271,7 +282,31 @@ $table->data[1][2] .= html_print_select( '', true ); -$table->data[1][3] = html_print_select([], 'module[]', '', false, '', '', true, true, false, '', false, 'width:180px;'); +$table->data[1][3] = html_print_select( + [], + 'module[]', + '', + false, + '', + '', + true, + true, + false, + '', + false, + 'width:180px;', + false, + false, + false, + '', + true, + false, + false, + false, + true, + true, + false +); $usr_groups = users_get_groups($config['id_user'], 'LW', true); $filter_groups = ''; diff --git a/pandora_console/godmode/menu.php b/pandora_console/godmode/menu.php index 94509ab820..171e16870b 100644 --- a/pandora_console/godmode/menu.php +++ b/pandora_console/godmode/menu.php @@ -367,6 +367,8 @@ if ($access_console_node === true) { $sub['godmode/alerts/alert_list']['text'] = __('List of Alerts'); $sub['godmode/alerts/alert_list']['id'] = 'List_of_Alerts'; $sub['godmode/alerts/alert_list']['pages'] = ['godmode/alerts/alert_view']; + $sub['godmode/agentes/planned_downtime.list']['text'] = __('Scheduled downtime'); + $sub['godmode/agentes/planned_downtime.list']['id'] = 'scheduled_downtime'; if ((bool) check_acl($config['id_user'], 0, 'LM') === true) { $sub['godmode/alerts/alert_templates']['text'] = __('Templates'); @@ -708,6 +710,17 @@ if ($access_console_node === true) { } if ($access_console_node === true) { + // Tools + $menu_godmode['tools']['text'] = __('Tools'); + $menu_godmode['tools']['sec2'] = 'operation/extensions'; + $menu_godmode['tools']['id'] = 'oper-extensions'; + $sub = []; + $sub['operation/agentes/exportdata']['text'] = __('Export data'); + $sub['operation/agentes/exportdata']['id'] = 'export_data'; + $sub['extensions/files_repo']['text'] = __('File repository'); + $sub['extensions/files_repo']['id'] = 'file_repository'; + $menu_godmode['tools']['sub'] = $sub; + // About. $menu_godmode['about']['text'] = __('About'); $menu_godmode['about']['id'] = 'about'; diff --git a/pandora_console/godmode/reporting/graph_container.php b/pandora_console/godmode/reporting/graph_container.php index b4fdcf521d..d7e0aefb78 100644 --- a/pandora_console/godmode/reporting/graph_container.php +++ b/pandora_console/godmode/reporting/graph_container.php @@ -95,7 +95,7 @@ $subsection = reporting_enterprise_add_graph_template_subsection('', $buttons); $buttons['graph_container'] = [ 'active' => true, 'text' => ''.html_print_image( - 'images/graph-container.svg@svg', + 'images/graph-container@svg.svg', true, [ 'title' => __('Graph container'), diff --git a/pandora_console/godmode/reporting/map_builder.php b/pandora_console/godmode/reporting/map_builder.php index d879bb5a5a..7a8d2df32c 100644 --- a/pandora_console/godmode/reporting/map_builder.php +++ b/pandora_console/godmode/reporting/map_builder.php @@ -519,9 +519,9 @@ if (!$maps && is_metaconsole() === false) { $data = []; if (is_metaconsole() === false) { - $data[0] = ''.$map['name'].''; + $data[0] = ''.io_safe_output($map['name']).''; } else { - $data[0] = ''.$map['name'].''; + $data[0] = ''.io_safe_output($map['name']).''; } $data[1] = ui_print_group_icon($map['id_group'], true); @@ -541,7 +541,7 @@ if (!$maps && is_metaconsole() === false) { true, ['class' => 'main_menu_icon invert_filter'] ).''; - $data[4] = ''.html_print_image( + $data[4] = ''.html_print_image( 'images/delete.svg', true, ['class' => 'main_menu_icon invert_filter'] @@ -552,7 +552,7 @@ if (!$maps && is_metaconsole() === false) { true, ['class' => 'main_menu_icon invert_filter'] ).''; - $data[4] = ''.html_print_image( + $data[4] = ''.html_print_image( 'images/delete.svg', true, ['class' => 'main_menu_icon invert_filter'] diff --git a/pandora_console/godmode/reporting/reporting_builder.item_editor.php b/pandora_console/godmode/reporting/reporting_builder.item_editor.php index 2c34431078..c9fa71860c 100755 --- a/pandora_console/godmode/reporting/reporting_builder.item_editor.php +++ b/pandora_console/godmode/reporting/reporting_builder.item_editor.php @@ -152,6 +152,7 @@ $fullscale = false; $percentil = false; $image_threshold = false; $time_compare_overlapped = false; +$unknowns_graph = false; // Added for events items. $server_multiple = [0]; @@ -356,6 +357,7 @@ switch ($action) { $percentil = isset($style['percentil']) ? (bool) $style['percentil'] : 0; $image_threshold = (isset($style['image_threshold']) === true) ? (bool) $style['image_threshold'] : false; $graph_render = $item['graph_render']; + $unknowns_graph = $item['check_unknowns_graph']; // The break hasn't be forgotten. case 'simple_baseline_graph': case 'projection_graph': @@ -1108,6 +1110,50 @@ switch ($action) { $period = $item['period']; break; + case 'vuls_severity_graph': + $group = $item['id_group']; + break; + + case 'vuls_attack_complexity': + $group = $item['id_group']; + break; + + case 'vuls_by_packages': + $group = $item['id_group']; + break; + + case 'vuls_by_agent': + $group = $item['id_group']; + $es = json_decode($item['external_source'], true); + $selected_agent_custom_field_filter = $es['agent_custom_field_filter']; + $security_hardening_score = $es['security_hardening_score']; + $vulnerabilities_status = $es['vulnerabilities_status']; + $secmon_status = $es['secmon_status']; + break; + + case 'vuls_info_agent': + $idAgent = $item['id_agent']; + $es = json_decode($item['external_source'], true); + $vul_package = $es['vul_package']; + $vul_severity = $es['vul_severity']; + $vul_ac = $es['vul_ac']; + $vul_pr = $es['vul_pr']; + $vul_ui = $es['vul_ui']; + $vul_av = (empty($es['vul_av']) === true) ? 'all' : $es['vul_av']; + break; + + case 'top_n_agents_vuls': + $group = $item['id_group']; + $recursion = $item['recursion']; + $top_n_value = (empty($item['top_n_value']) === true) ? 10 : $item['top_n_value']; + break; + + case 'top_n_vuls_count': + $group = $item['id_group']; + $recursion = $item['recursion']; + $top_n_value = (empty($item['top_n_value']) === true) ? 10 : $item['top_n_value']; + break; + default: // It's not possible. break; @@ -3026,6 +3072,23 @@ if (is_metaconsole() === true) {
+ + + +
+ + + __('All'), + 'critical' => __('Critical'), + 'warning' => __('Warning'), + ], + 'secmon_status', + $secmon_status, + ); + ?> +
+ + + __('All'), + '90' => __('< 90%'), + '80' => __('< 80%'), + '70' => __('< 70%'), + '60' => __('< 60%'), + '50' => __('< 50%'), + '40' => __('< 40%'), + '30' => __('< 30%'), + '20' => __('< 20%'), + '10' => __('< 10%'), + ], + 'security_hardening_score', + (empty($security_hardening_score) === false) ? $security_hardening_score : 'all', + '', + '', + 0, + false, + false, + false + ); + ?> +
+ + + __('All'), + 'crit' => __('Critical'), + 'warn' => __('Warning'), + ], + 'vulnerabilities_status', + $vulnerabilities_status, + ); + ?> +
+ + + __('All'), + ], + 'vul_package', + $vul_package, + ); + ?> +
+ + + __('All'), + 'high' => __('High'), + 'low' => __('Low'), + 'none' => __('None'), + ], + 'vul_severity', + $vul_severity, + ); + ?> +
+ + + __('All'), + 'H' => __('High'), + 'L' => __('Low'), + ], + 'vul_ac', + $vul_ac, + ); + ?> +
+ + + __('All'), + 'H' => __('High'), + 'L' => __('Low'), + 'N' => __('None'), + ], + 'vul_pr', + $vul_pr, + ); + ?> +
+ + + __('All'), + 'R' => __('Required'), + 'N' => __('None'), + ], + 'vul_ui', + $vul_ui, + ); + ?> +
+ + + __('All'), + 'A' => __('Adjacent Network'), + 'L' => __('Local'), + 'N' => __('Network'), + 'P' => __('Physical'), + ], + 'vul_av', + (empty($vul_av) === true) ? 'all' : $vul_av, + '', + '', + 0, + false, + false, + false + ); + ?> +
'; echo ''; + echo '
'; if ($creation_mode == 1) { echo ""; } else { @@ -179,10 +183,10 @@ if ((isset($_GET['form_add'])) or (isset($_GET['form_edit']))) { ) ); - echo '
'; + echo ''; } else { - // Main list view for Links editor - $rows = db_get_all_rows_in_table('tlink', 'name'); + // Main list view for Links editor. + $rows = db_get_all_fields_in_table('tlink', '', '', 'name'); if ($rows === false) { $rows = []; } diff --git a/pandora_console/godmode/setup/os.builder.php b/pandora_console/godmode/setup/os.builder.php index 2d0e54a681..6313aa3edd 100644 --- a/pandora_console/godmode/setup/os.builder.php +++ b/pandora_console/godmode/setup/os.builder.php @@ -46,7 +46,7 @@ if ($idOS > 0) { $description = $os['description']; $icon = $os['icon_name']; } else { - $name = io_safe_input(strip_tags(io_safe_output((string) get_parameter('name')))); + $name = io_safe_input(strip_tags(trim(io_safe_output((string) get_parameter('name'))))); $description = io_safe_input(strip_tags(io_safe_output((string) get_parameter('description')))); $icon = get_parameter('icon', 0); } @@ -87,9 +87,16 @@ if ($is_management_allowed === true) { if (in_array($file_ext, $allowed_extensions) === false) { $message = 9; + } else if (exif_imagetype($file_tmp) === false && $file_ext !== 'svg') { + $message = 10; } else { $message = 8; - move_uploaded_file($file_tmp, $config['homedir'].'/images/os_icons/'.$file_name); + + $file_uploaded = move_uploaded_file($file_tmp, $config['homedir'].'/images/os_icons/'.$file_name); + + if ($file_uploaded !== true) { + $message = 10; + } } } } else { @@ -108,7 +115,7 @@ if ($is_management_allowed === true) { if ($resultOrId === false) { $message = 2; - $tab = 'builder'; + $tab = 'manage_os'; $actionHidden = 'save'; $textButton = __('Create'); $classButton = ['icon' => 'wand']; @@ -144,13 +151,19 @@ if ($is_management_allowed === true) { if (in_array($file_ext, $allowed_extensions) === false) { $message = 9; + } else if (exif_imagetype($file_tmp) === false) { + $message = 10; } else { $message = 8; - move_uploaded_file($file_tmp, $config['homedir'].'/images/os_icons/'.$file_name); + $file_uploaded = move_uploaded_file($file_tmp, $config['homedir'].'/images/os_icons/'.$file_name); + + if ($file_uploaded !== true) { + $message = 10; + } } } } else { - $name = io_safe_input(strip_tags(io_safe_output((string) get_parameter('name')))); + $name = io_safe_input(strip_tags(trim(io_safe_output((string) get_parameter('name'))))); $description = io_safe_input(strip_tags(io_safe_output((string) get_parameter('description')))); $icon = get_parameter('icon', 0); @@ -254,7 +267,7 @@ $table->class = 'databox filter-table-adv'; $table->data[0][] = html_print_label_input_block( __('Name'), - html_print_input_text('name', $name, __('Name'), 20, 30, true, false, false, '', 'w250px') + html_print_input_text('name', $name, __('Name'), 20, 30, true, false, true, '', 'w250px') ); $table->data[0][] = html_print_label_input_block( @@ -290,6 +303,28 @@ html_print_action_buttons( echo ''; +$id_message = get_parameter('id_message', 0); + +if ($id_message !== 0) { + switch ($id_message) { + case 8: + echo ui_print_success_message(__('Icon successfuly uploaded'), '', true); + break; + + case 9: + echo ui_print_error_message(__('File must be of type JPG, JPEG, PNG or SVG'), '', true); + break; + + case 10: + echo ui_print_error_message(__('An error ocurrered to upload icon'), '', true); + break; + + default: + // Nothing to do. + break; + } +} + function get_list_os_icons_dir() { diff --git a/pandora_console/godmode/setup/os.php b/pandora_console/godmode/setup/os.php index 99402ff30a..dcfe95ecdb 100644 --- a/pandora_console/godmode/setup/os.php +++ b/pandora_console/godmode/setup/os.php @@ -162,11 +162,15 @@ if (empty($id_message) === false) { break; case 8: - echo ui_print_success_message(__('Icon successfuly uploaded'), '', true); + header('Location: index.php?sec=gagente&sec2=godmode/setup/os&tab=manage_os&action=edit&id_message=8'); break; case 9: - echo ui_print_error_message(__('File must be of type JPG, JPEG, PNG or SVG'), '', true); + header('Location: index.php?sec=gagente&sec2=godmode/setup/os&tab=manage_os&action=edit&id_message=9'); + break; + + case 10: + header('Location: index.php?sec=gagente&sec2=godmode/setup/os&tab=manage_os&action=edit&id_message=10'); break; default: diff --git a/pandora_console/godmode/setup/performance.php b/pandora_console/godmode/setup/performance.php index 51cd554a66..870c4c283a 100644 --- a/pandora_console/godmode/setup/performance.php +++ b/pandora_console/godmode/setup/performance.php @@ -154,8 +154,7 @@ if ($update_config == 1 && $config['history_db_enabled'] == 1) { $performance_variables_control = (array) json_decode(io_safe_output($config['performance_variables_control'])); $total_agents = db_get_value('count(*)', 'tagente'); -$disable_agentaccess = ($total_agents >= 200 && $config['agentaccess'] == 0) ? true : false; - +// $disable_agentaccess = ($total_agents >= 200 && $config['agentaccess'] == 0) ? true : false; $table_status = new StdClass(); $table_status->width = '100%'; $table_status->class = 'databox filters'; @@ -666,8 +665,8 @@ $table_other->data[2][1] = html_print_label_input_block( true ) ); - -$table_other->data[3][0] = html_print_label_input_block( +/* + $table_other->data[3][0] = html_print_label_input_block( __('Use agent access graph'), html_print_checkbox_switch( 'agentaccess', @@ -676,9 +675,9 @@ $table_other->data[3][0] = html_print_label_input_block( true, $disable_agentaccess ) -); - -$table_other->data[3][1] = html_print_label_input_block( + ); +*/ +$table_other->data[3][0] = html_print_label_input_block( __('Max. recommended number of files in attachment directory'), html_print_input_text( 'num_files_attachment', diff --git a/pandora_console/godmode/setup/setup.php b/pandora_console/godmode/setup/setup.php index 0fd6bebff8..0f3b494fc5 100644 --- a/pandora_console/godmode/setup/setup.php +++ b/pandora_console/godmode/setup/setup.php @@ -93,7 +93,7 @@ $buttons['general'] = [ 'images/setup.png', true, [ - 'title' => __('General'), + 'title' => __('General setup'), 'class' => 'invert_filter', ] @@ -265,7 +265,7 @@ if (enterprise_installed()) { switch ($section) { case 'general': $buttons['general']['active'] = true; - $subpage = __('General'); + $subpage = __('General setup'); $help_header = 'setup_general_tab'; break; @@ -370,14 +370,14 @@ switch ($section) { break; default: - $subpage = 'seccion: '.$section; + $subpage = 'seccion: '; // Default. break; } // Header. ui_print_standard_header( - $subpage, + __('Setup').' » '.$subpage, '', false, $help_header, @@ -388,6 +388,10 @@ ui_print_standard_header( 'link' => '', 'label' => __('Setup'), ], + [ + 'link' => '', + 'label' => $subpage, + ], ] ); diff --git a/pandora_console/godmode/setup/setup_ITSM.php b/pandora_console/godmode/setup/setup_ITSM.php index 3196ef677c..012d80f849 100644 --- a/pandora_console/godmode/setup/setup_ITSM.php +++ b/pandora_console/godmode/setup/setup_ITSM.php @@ -187,7 +187,8 @@ $button_test .= ' '; $row['control'] = html_print_label_input_block( __('Test connection pandora to ITSM'), - $button_test + $button_test, + ['div_class' => 'ITSM-remote-setup-ITSM_token'] ); $table_remote->data['ITSM_test'] = $row; diff --git a/pandora_console/godmode/setup/setup_auth.php b/pandora_console/godmode/setup/setup_auth.php index 40a816a6fa..f9f2afcd14 100644 --- a/pandora_console/godmode/setup/setup_auth.php +++ b/pandora_console/godmode/setup/setup_auth.php @@ -535,16 +535,47 @@ html_print_action_buttons( __('Update'), 'update_button', false, - [ 'icon' => 'update' ], + [ + 'icon' => 'update', + 'onclick' => 'onFormSubmit()', + ], true ) ); echo ''; +echo ui_print_warning_message( + [ + 'message' => __('Session timeout must be a number'), + 'force_class' => 'invisible js_warning_msg', + ], + '', + true +); ?> \ No newline at end of file diff --git a/pandora_console/godmode/update_manager/update_manager.php b/pandora_console/godmode/update_manager/update_manager.php index e201bc14dd..3cb774c4d5 100644 --- a/pandora_console/godmode/update_manager/update_manager.php +++ b/pandora_console/godmode/update_manager/update_manager.php @@ -119,11 +119,13 @@ switch ($tab) { case 'setup': include $config['homedir'].'/godmode/update_manager/update_manager.setup.php'; + include $config['homedir'].'/godmode/update_manager/modal_lts_update.php'; break; case 'offline': $mode = \UpdateManager\UI\Manager::MODE_OFFLINE; include $config['homedir'].'/godmode/um_client/index.php'; + include $config['homedir'].'/godmode/update_manager/modal_lts_update.php'; break; case 'online': @@ -163,5 +165,6 @@ switch ($tab) { $mode = \UpdateManager\UI\Manager::MODE_ONLINE; include $config['homedir'].'/godmode/um_client/index.php'; + include $config['homedir'].'/godmode/update_manager/modal_lts_update.php'; break; } diff --git a/pandora_console/godmode/update_manager/update_manager.setup.php b/pandora_console/godmode/update_manager/update_manager.setup.php index ac5471f96a..6fb56aed15 100644 --- a/pandora_console/godmode/update_manager/update_manager.setup.php +++ b/pandora_console/godmode/update_manager/update_manager.setup.php @@ -63,6 +63,10 @@ if (users_is_admin()) { } } +if (isset($config['lts_updates']) === false) { + config_update_value('lts_updates', 1); +} + if (!$action_update_url_update_manager) { $url_update_manager = get_parameter( 'url_update_manager', diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php index c2089ab298..83e54f24c5 100644 --- a/pandora_console/godmode/users/configure_user.php +++ b/pandora_console/godmode/users/configure_user.php @@ -155,14 +155,92 @@ if (is_ajax() === true) { return; } + + if ($delete_profile === true) { + // Get parameters. + $result = false; + $id_user = (string) get_parameter('id_user'); + $id_up = (int) get_parameter('id_user_profile'); + $delete_user = (bool) get_parameter('delete_user', false); + $user_is_global_admin = users_is_admin($id_user); + + $perfilUser = db_get_row('tusuario_perfil', 'id_up', $id_up); + $id_perfil = $perfilUser['id_perfil']; + + db_pandora_audit( + AUDIT_LOG_USER_MANAGEMENT, + 'Deleted profile for user '.io_safe_output($id_user), + false, + false, + 'The profile with id '.$id_perfil.' in the group '.$perfilUser['id_grupo'] + ); + // Delete profile. + $profile_deleted = profile_delete_user_profile($id_user, $id_up); + // Check if exists more profiles. + $has_profile = db_get_row('tusuario_perfil', 'id_usuario', $id_user); + if ($profile_deleted === true) { + if ($has_profile === false && $user_is_global_admin === false && $delete_user === true) { + if (is_metaconsole() === true) { + $servers = metaconsole_get_servers(); + foreach ($servers as $server) { + // Connect to the remote console. + metaconsole_connect($server); + + // Delete the user. + $result = delete_user($id_user); + if ($result === true) { + db_pandora_audit( + AUDIT_LOG_USER_MANAGEMENT, + __('Deleted user %s from metaconsole', io_safe_output($id_user)) + ); + } + + // Restore the db connection. + metaconsole_restore_db(); + + // Log to the metaconsole too. + if ($result === true) { + db_pandora_audit( + AUDIT_LOG_USER_MANAGEMENT, + __( + 'Deleted user %s from %s', + io_safe_input($id_user), + io_safe_input($server['server_name']) + ) + ); + } + } + + $result = delete_user((string) $id_user); + + if ($result === true) { + db_pandora_audit( + AUDIT_LOG_USER_MANAGEMENT, + __('Deleted user %s', io_safe_output($id_user)) + ); + } + } else { + $result = delete_user((string) $id_user); + if ($result === true) { + db_pandora_audit( + AUDIT_LOG_USER_MANAGEMENT, + __('Deleted user %s', io_safe_output($id_user)) + ); + } + } + } else { + $result = $profile_deleted; + } + } + + return $result; + } } $tab = get_parameter('tab', 'user'); - // Save autorefresh list. $autorefresh_list = (array) get_parameter_post('autorefresh_list'); $autorefresh_white_list = (($autorefresh_list[0] === '') || ($autorefresh_list[0] === '0')) ? '' : json_encode($autorefresh_list); - // Header. if (is_metaconsole() === true) { user_meta_print_header(); @@ -195,11 +273,11 @@ if (is_metaconsole() === true) { ).'', ], ]; - $buttons[$tab]['active'] = true; } $edit_user = get_parameter('edit_user'); + ui_print_standard_header( ($edit_user) ? sprintf('%s [ %s ]', __('Update User'), $id) : __('Create User'), 'images/gm_users.png', @@ -222,11 +300,9 @@ if (is_metaconsole() === true) { ], ] ); - $sec = 'gusuarios'; } - if ((bool) $config['user_can_update_info'] === true) { $view_mode = false; } else { @@ -348,8 +424,10 @@ if ($create_user === true) { $values['data_section'] = $dashboard; } else if (io_safe_output($values['section']) === HOME_SCREEN_VISUAL_CONSOLE) { $values['data_section'] = $visual_console; - } else if ($values['section'] === HOME_SCREEN_OTHER || io_safe_output($values['section']) === HOME_SCREEN_EXTERNAL_LINK) { - $values['data_section'] = get_parameter('data_section'); + } else if ($values['section'] === HOME_SCREEN_OTHER) { + $values['data_section'] = get_parameter('data_section_other'); + } else if (io_safe_output($values['section']) === HOME_SCREEN_EXTERNAL_LINK) { + $values['data_section'] = get_parameter('data_section_external'); } // $values['section'] = $homeScreenValues[$values['section']]; @@ -596,8 +674,11 @@ if ($update_user) { $values['email'] = (string) get_parameter('email'); $values['phone'] = (string) get_parameter('phone'); $values['comments'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('comments')))); - $values['allowed_ip_active'] = ((int) get_parameter('allowed_ip_active', -1) === 0); - $values['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list')))); + if (users_is_admin($config['id_user']) === true || (bool) check_acl($config['id_user'], 0, 'PM') === true) { + $values['allowed_ip_active'] = ((int) get_parameter('allowed_ip_active', -1) === 0); + $values['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list')))); + } + $values['is_admin'] = (get_parameter('is_admin', 0) === 0) ? 0 : 1; $values['language'] = (string) get_parameter('language'); $values['timezone'] = (string) get_parameter('timezone'); @@ -643,8 +724,10 @@ if ($update_user) { $values['data_section'] = $dashboard; } else if (io_safe_output($values['section']) === HOME_SCREEN_VISUAL_CONSOLE) { $values['data_section'] = $visual_console; - } else if ($values['section'] === HOME_SCREEN_OTHER || io_safe_output($values['section']) === HOME_SCREEN_EXTERNAL_LINK) { - $values['data_section'] = get_parameter('data_section'); + } else if ($values['section'] === HOME_SCREEN_OTHER) { + $values['data_section'] = get_parameter('data_section_other'); + } else if (io_safe_output($values['section']) === HOME_SCREEN_EXTERNAL_LINK) { + $values['data_section'] = get_parameter('data_section_external'); } // $values['section'] = $homeScreenValues[$values['section']]; @@ -686,23 +769,55 @@ if ($update_user) { $id_user = (string) get_parameter('id_user', ''); if ($password_new != '') { - $correct_password = false; + if ($config['auth'] !== 'mysql') { + ui_print_error_message(__('It is not possible to change the password because external authentication is being used')); + } else { + $correct_password = false; - $user_credentials_check = process_user_login($id_user, $own_password_confirm, true); + $user_credentials_check = process_user_login($id_user, $own_password_confirm, true); - if ($user_credentials_check !== false) { - $correct_password = true; - } + if ($user_credentials_check !== false) { + $correct_password = true; + } - if ((string) $password_confirm === (string) $password_new) { - if ($correct_password === true || is_user_admin($config['id_user'])) { - if ((is_user_admin($config['id_user']) === false || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) { - $pass_ok = login_validate_pass($password_new, $id, true); - if ($pass_ok != 1) { - ui_print_error_message($pass_ok); + if ((string) $password_confirm === (string) $password_new) { + if ($correct_password === true || is_user_admin($config['id_user'])) { + if ((is_user_admin($config['id_user']) === false || $config['enable_pass_policy_admin']) && $config['enable_pass_policy']) { + $pass_ok = login_validate_pass($password_new, $id, true); + if ($pass_ok != 1) { + ui_print_error_message($pass_ok); + } else { + $res2 = update_user_password($id, $password_new); + if ($res2) { + db_process_sql_insert( + 'tsesion', + [ + 'id_sesion' => '', + 'id_usuario' => $id, + 'ip_origen' => $_SERVER['REMOTE_ADDR'], + 'accion' => 'Password change', + 'descripcion' => 'Access password updated', + 'fecha' => date('Y-m-d H:i:s'), + 'utimestamp' => time(), + ] + ); + $res3 = save_pass_history($id, $password_new); + + // Generate new API token. + $newToken = api_token_generate(); + $res4 = update_user($id, ['api_token' => $newToken]); + } + + ui_print_result_message( + $res1 || $res2, + __('User info successfully updated'), + __('Error updating user info (no change?)') + ); + } } else { $res2 = update_user_password($id, $password_new); if ($res2) { + $res3 = save_pass_history($id, $password_new); db_process_sql_insert( 'tsesion', [ @@ -715,7 +830,6 @@ if ($update_user) { 'utimestamp' => time(), ] ); - $res3 = save_pass_history($id, $password_new); // Generate new API token. $newToken = api_token_generate(); @@ -729,54 +843,27 @@ if ($update_user) { ); } } else { - $res2 = update_user_password($id, $password_new); - if ($res2) { - $res3 = save_pass_history($id, $password_new); - db_process_sql_insert( - 'tsesion', - [ - 'id_sesion' => '', - 'id_usuario' => $id, - 'ip_origen' => $_SERVER['REMOTE_ADDR'], - 'accion' => 'Password change', - 'descripcion' => 'Access password updated', - 'fecha' => date('Y-m-d H:i:s'), - 'utimestamp' => time(), - ] - ); - - // Generate new API token. - $newToken = api_token_generate(); - $res4 = update_user($id, ['api_token' => $newToken]); + if ($own_password_confirm === '') { + ui_print_error_message(__('Password of the active user is required to perform password change')); + } else { + ui_print_error_message(__('Password of active user is not correct')); } - - ui_print_result_message( - $res1 || $res2, - __('User info successfully updated'), - __('Error updating user info (no change?)') - ); } } else { - if ($own_password_confirm === '') { - ui_print_error_message(__('Password of the active user is required to perform password change')); - } else { - ui_print_error_message(__('Password of active user is not correct')); - } + db_process_sql_insert( + 'tsesion', + [ + 'id_sesion' => '', + 'id_usuario' => $id, + 'ip_origen' => $_SERVER['REMOTE_ADDR'], + 'accion' => 'Password change', + 'descripcion' => 'Access password update failed', + 'fecha' => date('Y-m-d H:i:s'), + 'utimestamp' => time(), + ] + ); + ui_print_error_message(__('Passwords does not match')); } - } else { - db_process_sql_insert( - 'tsesion', - [ - 'id_sesion' => '', - 'id_usuario' => $id, - 'ip_origen' => $_SERVER['REMOTE_ADDR'], - 'accion' => 'Password change', - 'descripcion' => 'Access password update failed', - 'fecha' => date('Y-m-d H:i:s'), - 'utimestamp' => time(), - ] - ); - ui_print_error_message(__('Passwords does not match')); } } else { $has_skin = false; @@ -862,89 +949,6 @@ if ($update_user) { $user_info = $values; } -if ($delete_profile) { - $id2 = (string) get_parameter('id_user'); - $id_up = (int) get_parameter('id_user_profile'); - $perfilUser = db_get_row('tusuario_perfil', 'id_up', $id_up); - $id_perfil = $perfilUser['id_perfil']; - $perfil = db_get_row('tperfil', 'id_perfil', $id_perfil); - - db_pandora_audit( - AUDIT_LOG_USER_MANAGEMENT, - 'Deleted profile for user '.io_safe_output($id2), - false, - false, - 'The profile with id '.$id_perfil.' in the group '.$perfilUser['id_grupo'] - ); - - $return = profile_delete_user_profile($id2, $id_up); - ui_print_result_message( - $return, - __('Successfully deleted'), - __('Could not be deleted') - ); - - - $has_profile = db_get_row('tusuario_perfil', 'id_usuario', $id2); - $user_is_global_admin = users_is_admin($id2); - - if ($has_profile === false && $user_is_global_admin === false) { - $result = delete_user($id2); - - if ($result === true) { - db_pandora_audit( - AUDIT_LOG_USER_MANAGEMENT, - __('Deleted user %s', io_safe_output($id_user)) - ); - } - - ui_print_result_message( - $result, - __('Successfully deleted'), - __('There was a problem deleting the user') - ); - - // Delete the user in all the consoles. - if (is_metaconsole() === true) { - $servers = metaconsole_get_servers(); - foreach ($servers as $server) { - // Connect to the remote console. - metaconsole_connect($server); - - // Delete the user. - $result = delete_user($id_user); - if ($result === true) { - db_pandora_audit( - AUDIT_LOG_USER_MANAGEMENT, - __('Deleted user %s from metaconsole', io_safe_output($id_user)) - ); - } - - // Restore the db connection. - metaconsole_restore_db(); - - // Log to the metaconsole too. - if ($result === true) { - db_pandora_audit( - AUDIT_LOG_USER_MANAGEMENT, - __( - 'Deleted user %s from %s', - io_safe_input($id_user), - io_safe_input($server['server_name']) - ) - ); - } - - ui_print_result_message( - $result, - __('Successfully deleted from %s', io_safe_input($server['server_name'])), - __('There was a problem deleting the user from %s', io_safe_input($server['server_name'])) - ); - } - } - } -} - if ((int) $status !== -1) { ui_print_result_message( $status, @@ -1155,6 +1159,13 @@ if (is_user_admin($id) === true) { ); } +html_print_div( + [ + 'id' => 'delete_profile_modal', + 'content' => '', + ] +); + $full_name = '
'.html_print_input_text_extended( 'fullname', $user_info['fullname'], @@ -1927,24 +1938,87 @@ if (is_metaconsole() === false) { } }); }); - + $('input:image[name="del"]').click(function(e) { - if ($(json_profile).length > 0) return; - if (!confirm('Are you sure?')) return; - e.preventDefault(); - var rows = $("#table_profiles tr").length; - if (((is_metaconsole === '1' && rows <= 4) || (is_metaconsole === '' && rows <= 3)) && user_is_global_admin !== '1') { - if (!confirm('' + '. ' + '')) { - return; - } - } + + var rows = $("#table_profiles tr").length; + let deleteuser = 0; + e.preventDefault(); var id_user_profile = $(this).siblings(); id_user_profile = id_user_profile[1].value; var row = $(this).closest('tr'); + if (((is_metaconsole === '1' && rows <= 3) || (is_metaconsole !== '1' && rows <= 3)) && user_is_global_admin !== '1') { + $("#delete_profile_modal") + .empty() + .html(""); + // Set the title. + $("#delete_profile_modal").prop("title", ""); + // Build the dialog for show the mesage. + $("#delete_profile_modal").dialog({ + resizable: true, + draggable: true, + modal: true, + width: 500, + buttons: [ + { + text: "Cancel", + click: function() { + $(this).dialog("close"); + return false; + } + }, + { + text: "Delete", + click: function() { + $(this).dialog("close"); + deleteuser = 1; + delete_user_profile(id_user_profile, row, id_user, deleteuser); + } + }, + { + text: "Preserve", + click: function() { + $(this).dialog("close"); + deleteuser = 0; + delete_user_profile(id_user_profile, row, id_user, deleteuser) + } + } + ], + overlay: { + opacity: 0.5, + background: "black" + }, + closeOnEscape: false, + open: function(event, ui) { + $(".ui-dialog-titlebar-close").hide(); + } + }); + } else { + if (((is_metaconsole === '1' && rows <= 3) || (is_metaconsole === '' && rows <= 3)) && user_is_global_admin !== '1') { + if (!confirm('' + '. ' + '')) { + return false; + } else { + delete_user_profile(id_user_profile, row, id_user, deleteuser); + } + } else { + if (!confirm('Are you sure?')) { + return false; + } else { + delete_user_profile(id_user_profile, row, id_user, deleteuser); + } + } + } + + if ($(json_profile).length > 0) return; + }); + + function delete_user_profile(id_user_profile, row, id_user, deleteuser){ var params = []; params.push("delete_profile=1"); + params.push("edit_user=1"); + params.push("delete_user=" + deleteuser); params.push("id_user=" + id_user); params.push("id_user_profile=" + id_user_profile); params.push("page=godmode/users/configure_user"); @@ -1955,15 +2029,14 @@ if (is_metaconsole() === false) { success: function(data) { row.remove(); var rows = $("#table_profiles tr").length; - - if (is_metaconsole === '' && rows <= 2 && user_is_global_admin !== '1') { + if (is_metaconsole === '' && rows <= 2 && user_is_global_admin !== '1' && deleteuser == '1') { window.location.replace(""); - } else if (is_metaconsole === '1' && rows <= 3 && user_is_global_admin !== '1') { + } else if (is_metaconsole === '1' && rows <= 2 && user_is_global_admin !== '1' && deleteuser == '1') { window.location.replace(""); } } }); - }); + } function checkProfiles(e) { e.preventDefault(); diff --git a/pandora_console/godmode/users/user_management.php b/pandora_console/godmode/users/user_management.php index 8d9efea97b..b1212c11ec 100644 --- a/pandora_console/godmode/users/user_management.php +++ b/pandora_console/godmode/users/user_management.php @@ -81,6 +81,11 @@ $customHomeScreenAddition[HOME_SCREEN_DASHBOARD] = html_print_select( false, 'width: 100%' ); +// Home screen. Visual consoles. +$customHomeScreenAddition[HOME_SCREEN_VISUAL_CONSOLE] = html_print_select($layouts_aux, 'visual_console', $user_info['data_section'], '', '', '', true, false, true, 'w100p', false, 'width: 100%'); +// Home screen. External link and Other. +$customHomeScreenAddition[HOME_SCREEN_EXTERNAL_LINK] = html_print_input_text('data_section_external', $user_info['data_section'], '', 60, 255, true); +$customHomeScreenAddition[HOME_SCREEN_OTHER] = html_print_input_text('data_section_other', $user_info['data_section'], '', 60, 255, true); $layouts = visual_map_get_user_layouts($config['id_user'], true); $layouts_aux = []; @@ -327,7 +332,7 @@ $passwordManageTable->data = []; $passwordManageTable->data['captions_newpassword'][0] = __('New password'); $passwordManageTable->rowclass['fields_newpassword'] = 'w540px'; -$passwordManageTable->data['fields_newpassword'][0] = html_print_input_text_extended( +$passwordManageTable->data['fields_newpassword'][0] = '
'.html_print_input_text_extended( 'password_new', '', 'password_new', @@ -337,16 +342,17 @@ $passwordManageTable->data['fields_newpassword'][0] = html_print_input_text_exte $view_mode, '', [ - 'class' => 'input w100p', + 'class' => 'input', 'placeholder' => __('Password'), + 'style' => 'width: 540px', ], true, true -); +).'
'; $passwordManageTable->data['captions_repeatpassword'][0] = __('Repeat new password'); $passwordManageTable->rowclass['fields_repeatpassword'] = 'w540px'; -$passwordManageTable->data['fields_repeatpassword'][0] = html_print_input_text_extended( +$passwordManageTable->data['fields_repeatpassword'][0] = '
'.html_print_input_text_extended( 'password_confirm', '', 'password_conf', @@ -358,10 +364,11 @@ $passwordManageTable->data['fields_repeatpassword'][0] = html_print_input_text_e [ 'class' => 'input w100p', 'placeholder' => __('Password confirmation'), + 'style' => 'width: 540px', ], true, true -); +).'
'; if ($new_user === false && users_is_admin() === false) { $passwordManageTable->data['captions_currentpassword'][0] = __('Current password'); @@ -857,50 +864,56 @@ $userManagementTable->data['fields_addSettings'][0] = html_print_textarea( '' ); -$userManagementTable->data['captions_addSettings'][1] = __('Login allowed IP list'); -$userManagementTable->data['fields_addSettings'][1] = html_print_div( - [ - 'class' => 'edit_user_allowed_ip', - 'content' => html_print_textarea( - 'allowed_ip_list', - 5, - 65, - ($user_info['allowed_ip_list'] ?? ''), - (((bool) $view_mode === true) ? 'readonly="readonly"' : ''), - true - ), - ], - true -); +if (users_is_admin($config['id_user']) === true || (bool) check_acl($config['id_user'], 0, 'PM') === true) { + $allowAllIpsContent = []; + $allowAllIpsContent[] = ''.__('Enable IP allowlist').''; + $allowAllIpsContent[] = html_print_div( + [ + 'content' => html_print_checkbox_switch( + 'allowed_ip_active', + 0, + ($user_info['allowed_ip_active'] ?? 0), + true, + false, + 'handleIpAllowlist(this)' + ), + ], + true + ); -$userManagementTable->data['fields_addSettings'][1] .= ui_print_input_placeholder( - __('Add the source IPs that will allow console access. Each IP must be separated only by comma. * allows all.'), - true -); + $userManagementTable->data['captions_addSettings'][1] = html_print_div( + [ + 'class' => 'margin-top-10', + 'style' => 'display: flex; flex-direction: row-reverse; align-items: center;', + 'content' => implode('', $allowAllIpsContent), + ], + true + ); -$allowAllIpsContent = []; -$allowAllIpsContent[] = ''.__('Allow all IPs').''; -$allowAllIpsContent[] = html_print_div( - [ - 'content' => html_print_checkbox_switch( - 'allowed_ip_active', - 0, - ($user_info['allowed_ip_active'] ?? 0), - true - ), - ], - true -); - -$userManagementTable->data['fields_addSettings'][1] .= html_print_div( - [ - 'class' => 'margin-top-10', - 'style' => 'display: flex; flex-direction: row-reverse; align-items: center;', - 'content' => implode('', $allowAllIpsContent), - ], - true -); + $userManagementTable->data['fields_addSettings'][1] .= html_print_div( + [ + 'class' => 'edit_user_allowed_ip '.(((int) $user_info['allowed_ip_active'] === 1) ? '' : 'invisible'), + 'content' => html_print_textarea( + 'allowed_ip_list', + 5, + 65, + ($user_info['allowed_ip_list'] ?? ''), + (((bool) $view_mode === true) ? 'readonly="readonly"' : ''), + true + ), + ], + true + ); + $userManagementTable->data['fields_addSettings'][1] .= ui_print_input_placeholder( + __('Add the source IPs that will allow console access. Each IP must be separated only by comma. * allows all.'), + true, + [ + 'id' => 'info_allowed_ip', + 'class' => ((int) $user_info['allowed_ip_active'] === 1) ? 'input_sub_placeholder' : 'input_sub_placeholder invisible', + ] + ); +} if ($config['ITSM_enabled'] && $config['ITSM_user_level_conf']) { // Pandora ITSM user remote login. @@ -1038,4 +1051,14 @@ $(document).ready(function () { } }) }); + +function handleIpAllowlist(e){ + if(e.checked === true) { + $('.edit_user_allowed_ip').show(); + $('#info_allowed_ip').show(); + } else { + $('.edit_user_allowed_ip').hide(); + $('#info_allowed_ip').hide(); + } +} \ No newline at end of file diff --git a/pandora_console/images/desacoplar-ventana.svg b/pandora_console/images/desacoplar-ventana.svg new file mode 100644 index 0000000000..0b3cbca31d --- /dev/null +++ b/pandora_console/images/desacoplar-ventana.svg @@ -0,0 +1,14 @@ + + + Icons/Dark/20/desacoplar-ventana + + + + + + + + + + + \ No newline at end of file diff --git a/pandora_console/images/minimizar.svg b/pandora_console/images/minimizar.svg new file mode 100644 index 0000000000..957268b4ea --- /dev/null +++ b/pandora_console/images/minimizar.svg @@ -0,0 +1,7 @@ + + + Icons/Dark/20/minimizar + + + + \ No newline at end of file diff --git a/pandora_console/include/ajax/alert_list.ajax.php b/pandora_console/include/ajax/alert_list.ajax.php index d742f952e8..fd00f2eaee 100644 --- a/pandora_console/include/ajax/alert_list.ajax.php +++ b/pandora_console/include/ajax/alert_list.ajax.php @@ -435,6 +435,7 @@ if ($get_agent_alerts_datatable === true) { } $idGroup = $filter_alert['ag_group']; + $search_sg = $filter_alert['search_sg']; $tag_filter = $filter_alert['tag']; $action_filter = $filter_alert['action']; @@ -658,10 +659,9 @@ if ($get_agent_alerts_datatable === true) { $id_groups = array_keys( users_get_groups($config['id_user'], 'AR', false) ); + $alerts['alerts_simple'] = alerts_meta_get_group_alerts($id_groups, $filter_alert, false, $whereAlertSimple, false, false, $idGroup, false, $strict_user, $tag_filter, $action_filter, $search_sg); - $alerts['alerts_simple'] = alerts_meta_get_group_alerts($id_groups, $filter_alert, false, $whereAlertSimple, false, false, $idGroup, false, $strict_user, $tag_filter, $action_filter); - - $countAlertsSimple = alerts_meta_get_group_alerts($id_groups, $filter_alert, false, $whereAlertSimple, false, false, $idGroup, true, $strict_user, $tag_filter, $action_filter); + $countAlertsSimple = alerts_meta_get_group_alerts($id_groups, $filter_alert, false, $whereAlertSimple, false, false, $idGroup, true, $strict_user, $tag_filter, $action_filter, $search_sg); } } else { if ($idAgent !== 0) { @@ -673,9 +673,9 @@ if ($get_agent_alerts_datatable === true) { users_get_groups($config['id_user'], $access, false) ); - $alerts['alerts_simple'] = get_group_alerts($id_groups, $filter_alert, $options_simple, $whereAlertSimple, false, false, $idGroup, false, $strict_user, $tag_filter, $action_filter, false); + $alerts['alerts_simple'] = get_group_alerts($id_groups, $filter_alert, $options_simple, $whereAlertSimple, false, false, $idGroup, false, $strict_user, $tag_filter, $action_filter, false, $search_sg); - $countAlertsSimple = get_group_alerts($id_groups, $filter_alert, false, $whereAlertSimple, false, false, $idGroup, true, $strict_user, $tag_filter, $action_filter, false); + $countAlertsSimple = get_group_alerts($id_groups, $filter_alert, false, $whereAlertSimple, false, false, $idGroup, true, $strict_user, $tag_filter, $action_filter, false, $search_sg); } } diff --git a/pandora_console/include/ajax/dashboard.ajax.php b/pandora_console/include/ajax/dashboard.ajax.php index f07d1aee57..50a0e0b7a1 100644 --- a/pandora_console/include/ajax/dashboard.ajax.php +++ b/pandora_console/include/ajax/dashboard.ajax.php @@ -99,10 +99,26 @@ if ($method === 'draw') { $table->data = []; + $where_name = ''; if (strlen($filter['free_search']) > 0) { - $where = 'WHERE name LIKE "%'.$filter['free_search'].'%"'; - } else { - $where = ''; + $where_name = 'name LIKE "%'.$filter['free_search'].'%"'; + } + + $where_group = ''; + if (empty($filter['group']) === false && $filter['group'] !== '0') { + $where_group = sprintf('id_group = %s', $filter['group']); + if (empty($where_name) === false) { + $where_group = 'AND '.$where_group; + } + } + + $where = ''; + if (empty($where_name) === false || empty($where_group) === false) { + $where = sprintf( + 'WHERE %s %s', + $where_name, + $where_group + ); } $sql = 'SELECT * FROM tdashboard '.$where.' ORDER BY id '.$pagination; diff --git a/pandora_console/include/ajax/events.php b/pandora_console/include/ajax/events.php index 7e8341c4a1..0aea4cf37f 100644 --- a/pandora_console/include/ajax/events.php +++ b/pandora_console/include/ajax/events.php @@ -92,6 +92,9 @@ $get_id_source_event = get_parameter('get_id_source_event'); $node_id = (int) get_parameter('node_id', 0); $settings_modal = get_parameter('settings', 0); $parameters_modal = get_parameter('parameters', 0); +$update_event_custom_id = get_parameter('update_event_custom_id', 0); +$draw_events_graph = get_parameter('drawEventsGraph', false); + // User private filter. $current_filter = get_parameter('current_filter', 0); $private_filter_event = get_parameter('private_filter_event', 0); @@ -311,6 +314,7 @@ if ($save_event_filter) { $values['severity'] = implode(',', get_parameter('severity', -1)); $values['status'] = get_parameter('status'); $values['search'] = get_parameter('search'); + $values['regex'] = get_parameter('regex'); $values['not_search'] = get_parameter('not_search'); $values['text_agent'] = get_parameter('text_agent'); $values['id_agent'] = get_parameter('id_agent'); @@ -379,6 +383,7 @@ if ($update_event_filter) { $values['severity'] = implode(',', get_parameter('severity', -1)); $values['status'] = get_parameter('status'); $values['search'] = get_parameter('search'); + $values['regex'] = get_parameter('regex'); $values['not_search'] = get_parameter('not_search'); $values['text_agent'] = get_parameter('text_agent'); $values['id_agent'] = get_parameter('id_agent'); @@ -638,6 +643,8 @@ function load_form_filter() { $("#status").val(val); if (i == 'search') $('#text-search').val(val); + if (i == 'regex') + $('#text-regex').val(val); if (i == 'not_search') $('#checkbox-not_search').val(val); if (i == 'text_agent') @@ -968,6 +975,7 @@ function save_new_filter() { "severity" : $("#severity").val(), "status" : $("#status").val(), "search" : $("#text-search").val(), + "regex" : $('#text-regex').val(), "not_search" : $("#checkbox-not_search").val(), "text_agent" : $("#text_id_agent").val(), "id_agent" : $('input:hidden[name=id_agent]').val(), @@ -1048,6 +1056,7 @@ function save_update_filter() { "severity" : $("#severity").val(), "status" : $("#status").val(), "search" : $("#text-search").val(), + "regex" : $('#text-regex').val(), "not_search" : $("#checkbox-not_search").val(), "text_agent" : $("#text_id_agent").val(), "id_agent" : $('input:hidden[name=id_agent]').val(), @@ -2642,6 +2651,8 @@ if ($get_events_fired) { $filter['date_to'] = date('Y-m-d', $end); $filter['time_from'] = date('H:i:s', $start); $filter['time_to'] = date('H:i:s', $end); + $filter['severity'] = explode(',', $filter['severity']); + $data = events_get_all( ['te.*'], $filter @@ -2751,3 +2762,56 @@ if ($draw_row_response_info === true) { echo $output; return; } + +if ($update_event_custom_id) { + $event_custom_id = get_parameter('event_custom_id'); + $event_id = get_parameter('event_id'); + $server_id = 0; + if (is_metaconsole() === true) { + $server_id = (int) get_parameter('server_id'); + } + + // Safe custom fields for hacks. + if (preg_match('/script/i', io_safe_output($event_custom_id))) { + $return = false; + } else { + try { + if (is_metaconsole() === true + && $server_id > 0 + ) { + $node = new Node($server_id); + $node->connect(); + } + + $return = events_event_custom_id( + $event_id, + $event_custom_id + ); + } catch (\Exception $e) { + // Unexistent agent. + if (is_metaconsole() === true + && $server_id > 0 + ) { + $node->disconnect(); + } + + $return = false; + } finally { + if (is_metaconsole() === true + && $server_id > 0 + ) { + $node->disconnect(); + } + } + } + + echo ($return === true) ? 'update_ok' : 'update_error'; + return; +} + +if ((bool) $draw_events_graph === true) { + $filter = get_parameter('filter'); + $output = event_print_graph($filter); + echo $output; + return; +} \ No newline at end of file diff --git a/pandora_console/include/ajax/module.php b/pandora_console/include/ajax/module.php index 3d77c7ba30..e4eba79858 100755 --- a/pandora_console/include/ajax/module.php +++ b/pandora_console/include/ajax/module.php @@ -35,6 +35,7 @@ if (check_login()) { include_once $config['homedir'].'/include/functions_agents.php'; include_once $config['homedir'].'/include/functions_modules.php'; include_once $config['homedir'].'/include/functions_ui.php'; + include_once $config['homedir'].'/include/functions_macros.php'; enterprise_include_once('include/functions_metaconsole.php'); $get_plugin_macros = get_parameter('get_plugin_macros'); @@ -1168,7 +1169,9 @@ if (check_login()) { ); } + $data[2] .= ''; $data[2] .= ui_print_truncate_text($module['nombre'], 'module_medium', false, true, true, '…', 'font-size: 9pt;'); + $data[2] .= ''; if (empty($module['extended_info']) === false) { $data[2] .= ui_print_help_tip($module['extended_info'], true, '/images/default_list.png'); } @@ -1204,7 +1207,23 @@ if (check_login()) { ); if (strlen($module['ip_target']) !== 0) { - $title .= '
IP: '.$module['ip_target']; + // Check if value is custom field. + if ($module['ip_target'][0] == '_' && $module['ip_target'][(strlen($module['ip_target']) - 1)] == '_') { + $custom_field_name = substr($module['ip_target'], 1, -1); + $custom_value = agents_get_agent_custom_field($id_agente, $custom_field_name); + if (isset($custom_value) && $custom_value !== false) { + $title .= '
IP: '.$custom_value; + } else { + $array_macros = return_agent_macros($id_agente); + if (isset($array_macros[$module['ip_target']])) { + $title .= '
IP: '.$array_macros[$module['ip_target']]; + } else { + $title .= '
IP: '.$module['ip_target']; + } + } + } else { + $title .= '
IP: '.$module['ip_target']; + } } $last_status_change_text = __('Time elapsed since last status change: '); @@ -1361,10 +1380,12 @@ if (check_login()) { $additionalLinkAction = '&flag=1'; $linkCaption = __('Force checks'); $imgaction = 'images/force@svg.svg'; + $visibility = ''; } else { $additionalLinkAction = ''; $linkCaption = __('Refresh'); $imgaction = 'images/go-back@svg.svg'; + $visibility = 'visibility: initial;'; } $moduleActionButtons[] = html_print_anchor( @@ -1376,6 +1397,7 @@ if (check_login()) { [ 'title' => __('Force remote check'), 'class' => 'main_menu_icon forced_title', + 'style' => $visibility, ] ), ], diff --git a/pandora_console/include/ajax/notifications.ajax.php b/pandora_console/include/ajax/notifications.ajax.php index 36ea95900d..a69ad1b56e 100644 --- a/pandora_console/include/ajax/notifications.ajax.php +++ b/pandora_console/include/ajax/notifications.ajax.php @@ -38,6 +38,10 @@ if ($change_label === '1') { $source = get_parameter('source', 0); $user = get_parameter('user', ''); $value = get_parameter('value', 0) ? 1 : 0; + $user_info = get_user_info($config['id_user']); + if ((bool) $user_info['is_admin'] === false && $config['id_user'] !== $user) { + return false; + } // Update the label value. ob_clean(); diff --git a/pandora_console/include/ajax/tree.ajax.php b/pandora_console/include/ajax/tree.ajax.php index 319b98e168..600b30e74d 100644 --- a/pandora_console/include/ajax/tree.ajax.php +++ b/pandora_console/include/ajax/tree.ajax.php @@ -59,6 +59,7 @@ if (is_ajax() === true) { $metaID = (int) get_parameter('metaID', 0); $childrenMethod = get_parameter('childrenMethod', 'on_demand'); + $default_filters = [ 'searchAgent' => '', 'statusAgent' => AGENT_STATUS_ALL, @@ -69,6 +70,7 @@ if (is_ajax() === true) { ]; $filter = get_parameter('filter', $default_filters); + $agent_a = check_acl($config['id_user'], 0, 'AR'); $agent_w = check_acl($config['id_user'], 0, 'AW'); $access = ($agent_a === true) ? 'AR' : (($agent_w === true) ? 'AW' : 'AR'); diff --git a/pandora_console/include/api.php b/pandora_console/include/api.php index 0d105d5994..b29dd06bd3 100644 --- a/pandora_console/include/api.php +++ b/pandora_console/include/api.php @@ -70,8 +70,7 @@ $otherSerialize = get_parameter('other'); $otherMode = get_parameter('other_mode', 'url_encode'); $returnType = get_parameter('return_type', 'string'); $info = get_parameter('info', ''); -$raw_decode = (bool) get_parameter('raw_decode', false); - +$raw_decode = (bool) get_parameter('raw_decode', true); $other = parseOtherParameter($otherSerialize, $otherMode, $raw_decode); $apiPassword = io_output_password( db_get_value_filter( diff --git a/pandora_console/include/chart_generator.php b/pandora_console/include/chart_generator.php deleted file mode 100644 index 529684569d..0000000000 --- a/pandora_console/include/chart_generator.php +++ /dev/null @@ -1,324 +0,0 @@ - 'api_password'] - ) - ); - - - if ($apiPassword === $data_decoded['apipass']) { - $bypassLogin = true; - } -} - -if (!isset($config[$slicebar])) { - $config[$slicebar] = $slicebar_value; -} - -// Try to initialize session using existing php session id. -$user = new PandoraFMS\User(['phpsessionid' => $session_id]); - -if (check_login(false) === false && $bypassLogin !== true) { - // Error handler. - ?> - - - - - Access denied - - - - - - - - - -

Access is not granted

- @@ -1136,7 +1135,7 @@ class WelcomeWindow extends Wizard } function configureEmail() { - window.location = ''; + window.location = ''; } function serversUp() { @@ -1263,14 +1262,18 @@ class WelcomeWindow extends Wizard }); }); - $('#button-create_conectivity').click(function(){ + $('#button-create_conectivity').click(function(e){ + if($("#text-ip_target")[0].checkValidity() == false) { + $("#text-ip_target")[0].reportValidity(); + return false; + } $.ajax({ async: false, type: "POST", url: "include/ajax/task_to_perform.php", data: { check_connectivity: 1, - id_group: $('#id_group :selected').val(), + id_group: $('#id_group1 option:selected').val(), ip_target: $('#text-ip_target').val(), agent_name: $('#text-agent_name').val(), }, diff --git a/pandora_console/include/config_process.php b/pandora_console/include/config_process.php index e2984499c0..ccf7174e57 100644 --- a/pandora_console/include/config_process.php +++ b/pandora_console/include/config_process.php @@ -20,7 +20,7 @@ /** * Pandora build version and version */ -$build_version = 'PC231123'; +$build_version = 'PC231211'; $pandora_version = 'v7.0NG.774'; // Do not overwrite default timezone set if defined. diff --git a/pandora_console/include/constants.php b/pandora_console/include/constants.php index 4f020e61de..5207298b03 100644 --- a/pandora_console/include/constants.php +++ b/pandora_console/include/constants.php @@ -45,6 +45,7 @@ define('EVENT_NEW', 0); define('EVENT_VALIDATE', 1); define('EVENT_PROCESS', 2); define('EVENT_NO_VALIDATED', 3); +define('EVENT_NO_PROCESS', 4); // Events group by constants. define('EVENT_GROUP_REP_ALL', 0); diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index 3d67118346..0bb6612376 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -1006,6 +1006,70 @@ function get_parameter($name, $default='') } +function get_parameter_date($name, $default='', $date_format='Y/m/d') +{ + $date_end = get_parameter('date_end', 0); + $time_end = get_parameter('time_end'); + $datetime_end = strtotime($date_end.' '.$time_end); + + $custom_date = get_parameter('custom_date', 0); + $range = get_parameter('range', SECONDS_1DAY); + $date_text = get_parameter('range_text', SECONDS_1DAY); + $date_init_less = (strtotime(date('Y/m/d')) - SECONDS_1DAY); + $date_init = get_parameter('date_init', date(DATE_FORMAT, $date_init_less)); + $time_init = get_parameter('time_init', date(TIME_FORMAT, $date_init_less)); + $datetime_init = strtotime($date_init.' '.$time_init); + if ($custom_date === '1') { + if ($datetime_init >= $datetime_end) { + $datetime_init = $date_init_less; + } + + $date_init = date('Y/m/d H:i:s', $datetime_init); + $date_end = date('Y/m/d H:i:s', $datetime_end); + $period = ($datetime_end - $datetime_init); + } else if ($custom_date === '2') { + $date_units = get_parameter('range_units'); + $date_end = date('Y/m/d H:i:s'); + $date_init = date('Y/m/d H:i:s', (strtotime($date_end) - ((int) $date_text * (int) $date_units))); + $period = (strtotime($date_end) - strtotime($date_init)); + } else if (in_array($range, ['this_week', 'this_month', 'past_week', 'past_month'])) { + if ($range === 'this_week') { + $monday = date('Y/m/d', strtotime('last monday')); + + $sunday = date('Y/m/d', strtotime($monday.' +6 days')); + $period = (strtotime($sunday) - strtotime($monday)); + $date_init = $monday; + $date_end = $sunday; + } else if ($range === 'this_month') { + $date_end = date('Y/m/d', strtotime('last day of this month')); + $first_of_month = date('Y/m/d', strtotime('first day of this month')); + $date_init = $first_of_month; + $period = (strtotime($date_end) - strtotime($first_of_month)); + } else if ($range === 'past_month') { + $date_end = date('Y/m/d', strtotime('last day of previous month')); + $first_of_month = date('Y/m/d', strtotime('first day of previous month')); + $date_init = $first_of_month; + $period = (strtotime($date_end) - strtotime($first_of_month)); + } else if ($range === 'past_week') { + $date_end = date('Y/m/d', strtotime('sunday', strtotime('last week'))); + $first_of_week = date('Y/m/d', strtotime('monday', strtotime('last week'))); + $date_init = $first_of_week; + $period = (strtotime($date_end) - strtotime($first_of_week)); + } + } else { + $date_end = date('Y/m/d H:i:s'); + $date_init = date('Y/m/d H:i:s', (strtotime($date_end) - $range)); + $period = (strtotime($date_end) - strtotime($date_init)); + } + + return [ + 'date_init' => date($date_format, strtotime($date_init)), + 'date_end' => date($date_format, strtotime($date_end)), + 'period' => $period, + ]; +} + + /** * Get a parameter from a get request. * @@ -4326,48 +4390,22 @@ function generator_chart_to_pdf( $module_list=false ) { global $config; - - if (is_metaconsole()) { + $hack_metaconsole = ''; + if (is_metaconsole() === true) { $hack_metaconsole = '../..'; - } else { - $hack_metaconsole = ''; } - $url = ui_get_full_url(false).$hack_metaconsole.'/include/chart_generator.php'; - if (!$params['return_img_base_64']) { $img_file = 'img_'.uniqid().'.png'; $img_path = $config['homedir'].'/attachment/'.$img_file; $img_url = ui_get_full_url(false).$hack_metaconsole.'/attachment/'.$img_file; } - $session_id = session_id(); - if ($type_graph_pdf === 'combined') { - $data = [ - 'data' => $params, - 'session_id' => $session_id, - 'type_graph_pdf' => $type_graph_pdf, - 'data_module_list' => $module_list, - 'data_combined' => $params_combined, - 'id_user' => $config['id_user'], - 'slicebar' => $_SESSION['slicebar'], - 'slicebar_value' => $config[$_SESSION['slicebar']], - 'apipass' => get_parameter('apipass', null), - - ]; - } else { - $data = [ - 'data' => $params, - 'session_id' => $session_id, - 'type_graph_pdf' => $type_graph_pdf, - 'id_user' => $config['id_user'], - 'slicebar' => $_SESSION['slicebar'], - 'slicebar_value' => $config[$_SESSION['slicebar']], - 'apipass' => get_parameter('apipass', null), - ]; + if ($type_graph_pdf !== 'combined') { + $params_combined = []; + $module_list = []; } - unset($data['data']['graph_data']); // If not install chromium avoid 500 convert tu images no data to show. $chromium_dir = io_safe_output($config['chromium_path']); $result_ejecution = exec($chromium_dir.' --version'); @@ -4387,22 +4425,16 @@ function generator_chart_to_pdf( // Creates a new page. $page = $browser->createPage(); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, $url); - curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, ['data' => json_encode($data)]); + // Generate Html. + $html = chart_generator( + $type_graph_pdf, + $params, + $params_combined, + $module_list + ); - $response = curl_exec($curl); - - curl_close($curl); - - $page->setHtml($response); - /* - //For debug url with parameters. - $navigation = $page->navigate($url.'?data='.urlencode(json_encode($data))); - $navigation->waitForNavigation(Page::DOM_CONTENT_LOADED); - */ + $page->setHtml($html); // Dynamic. $dynamic_height = $page->evaluate('document.getElementById("container-chart-generator-item").clientHeight')->getReturnValue(); @@ -4449,6 +4481,211 @@ function generator_chart_to_pdf( } +/** + * Html print chart for chromium + * + * @param string $type_graph_pdf Chart mode. + * @param array $params Params. + * @param array $params_combined Params Combined charts. + * @param array $module_list Module list Combined charts. + * + * @return string Output Html. + */ +function chart_generator( + string $type_graph_pdf, + array $params, + array $params_combined=[], + array $module_list=[] +) : string { + global $config; + + include_once $config['homedir'].'/include/graphs/functions_d3.php'; + + if (isset($params['backgroundColor']) === false) { + $params['backgroundColor'] = 'inherit'; + } + + $hack_metaconsole = (is_metaconsole() === true) ? '../../' : ''; + + $output = ''; + $output .= ''; + $output .= ''; + $output .= ''; + $output .= 'Pandora FMS Graph'; + $output .= ''; + + $css_files = [ + 'pandora' => 'include/styles/', + 'pandora_minimal' => 'include/styles/', + 'jquery-ui.min' => 'include/styles/js/', + 'jquery-ui_custom' => 'include/styles/js/', + ]; + + foreach ($css_files as $name => $path) { + $output .= ui_require_css_file($name, $path, true, true); + } + + $js_files = [ + 'pandora_ui' => 'include/javascript/', + 'jquery.current' => 'include/javascript/', + 'jquery.pandora' => 'include/javascript/', + 'jquery-ui.min' => 'include/javascript/', + 'date' => 'include/javascript/timezone/src/', + 'pandora' => 'include/javascript/', + 'jquery.flot' => 'include/graphs/flot/', + 'jquery.flot.min' => 'include/graphs/flot/', + 'jquery.flot.time' => 'include/graphs/flot/', + 'jquery.flot.pie' => 'include/graphs/flot/', + 'jquery.flot.crosshair.min' => 'include/graphs/flot/', + 'jquery.flot.stack.min' => 'include/graphs/flot/', + 'jquery.flot.selection.min' => 'include/graphs/flot/', + 'jquery.flot.resize.min' => 'include/graphs/flot/', + 'jquery.flot.threshold' => 'include/graphs/flot/', + 'jquery.flot.threshold.multiple' => 'include/graphs/flot/', + 'jquery.flot.symbol.min' => 'include/graphs/flot/', + 'jquery.flot.exportdata.pandora' => 'include/graphs/flot/', + 'jquery.flot.axislabels' => 'include/graphs/flot/', + 'pandora.flot' => 'include/graphs/flot/', + 'chart' => 'include/graphs/chartjs/', + 'chartjs-plugin-datalabels.min' => 'include/graphs/chartjs/', + ]; + + foreach ($js_files as $name => $path) { + $output .= ui_require_javascript_file($name, $path, true, true); + } + + $output .= include_javascript_d3(true, true); + + $output .= ''; + $output .= ''; + $params['only_image'] = false; + $params['menu'] = false; + $params['disable_black'] = true; + + $viewport = [ + 'width' => 0, + 'height' => 0, + ]; + + $style = 'width:100%;'; + if (isset($params['options']['viewport']) === true) { + $viewport = $params['options']['viewport']; + if (empty($viewport['width']) === false) { + $style .= 'width:'.$viewport['width'].'px;'; + } + + if (empty($viewport['height']) === false) { + $style .= 'height:'.$viewport['height'].'px;'; + } + } + + $output .= '
'; + switch ($type_graph_pdf) { + case 'combined': + $params['pdf'] = true; + $result = graphic_combined_module( + $module_list, + $params, + $params_combined + ); + + $output .= $result; + break; + + case 'sparse': + $params['pdf'] = true; + $output .= grafico_modulo_sparse($params); + break; + + case 'pie_graph': + $params['pdf'] = true; + $chart = get_build_setup_charts( + 'PIE', + $params['options'], + $params['chart_data'] + ); + + $output .= $chart->render(true); + break; + + case 'vbar_graph': + $params['pdf'] = true; + $chart = get_build_setup_charts( + 'BAR', + $params['options'], + $params['chart_data'] + ); + + $output .= $chart->render(true); + break; + + case 'ring_graph': + $params['pdf'] = true; + $params['options']['width'] = 500; + $params['options']['height'] = 500; + + $chart = get_build_setup_charts( + 'DOUGHNUT', + $params['options'], + $params['chart_data'] + ); + + $output .= $chart->render(true); + break; + + case 'line_graph': + $params['pdf'] = true; + $params['options']['width'] = '100%'; + $params['options']['height'] = 200; + $chart = get_build_setup_charts( + 'LINE', + $params['options'], + $params['chart_data'] + ); + $output .= $chart->render(true); + break; + + case 'slicebar': + $output .= flot_slicesbar_graph( + $params['graph_data'], + $params['period'], + $params['width'], + $params['height'], + $params['legend'], + $params['colors'], + $params['fontpath'], + $params['round_corner'], + $params['homeurl'], + $params['watermark'], + $params['adapt_key'], + $params['stat_winalse'], + $params['id_agent'], + $params['full_legend_daterray'], + $params['not_interactive'], + $params['ttl'], + $params['sizeForTicks'], + $params['show'], + $params['date_to'], + $params['server_id'] + ); + break; + + default: + // Code... + break; + } + + $output .= '
'; + $output .= ''; + $output .= ''; + + return $output; +} + + /** * Get the product name. * diff --git a/pandora_console/include/functions_agents.php b/pandora_console/include/functions_agents.php index 720b0e6e55..2d6803ccd4 100644 --- a/pandora_console/include/functions_agents.php +++ b/pandora_console/include/functions_agents.php @@ -4752,7 +4752,7 @@ function get_resume_agent_concat($id_agente, $all_groups, $agent) $secondary_groups = enterprise_hook('agents_get_secondary_groups', [$id_agente]); $secondaryLinks = []; if (empty($secondary_groups['for_select']) === true) { - $secondaryLinks[] = ''.__('N/A').''; + $secondaryLinks = []; } else { foreach ($secondary_groups['for_select'] as $id => $name) { $secondaryLinks[] = html_print_anchor( @@ -4811,22 +4811,22 @@ function get_resume_agent_concat($id_agente, $all_groups, $agent) 'content' => groups_get_name($agent['id_grupo']), ], true - ); + ).' '.ui_print_group_icon($agent['id_grupo'], true, '', 'margin-left: 2%;', true, false, false, '', true); $table_contact->data[] = $data; // Secondary groups. $data = []; - $data[0] = ''.__('Secondary groups').''; - $data[1] = implode(', ', $secondaryLinks); - $table_contact->data[] = $data; + if (!empty($secondaryLinks) === true) { + $data[0] = ''.__('Secondary groups').''; + $data[1] = implode(', ', $secondaryLinks); + $table_contact->data[] = $data; + } // Parent agent line. if (enterprise_installed() === true) { - $data = []; - $data[0] = ''.__('Parent').''; - if ((int) $agent['id_parent'] === 0) { - $data[1] = ''.__('N/A').''; - } else { + if ((int) $agent['id_parent'] !== 0) { + $data = []; + $data[0] = ''.__('Parent').''; $data[1] = html_print_anchor( [ 'href' => 'index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente='.$agent['id_parent'], @@ -4834,9 +4834,9 @@ function get_resume_agent_concat($id_agente, $all_groups, $agent) ], true ); - } - $table_contact->data[] = $data; + $table_contact->data[] = $data; + } } // Last status change line. @@ -4845,6 +4845,123 @@ function get_resume_agent_concat($id_agente, $all_groups, $agent) $data[1] = $time_elapsed; $table_contact->data[] = $data; + $has_remote_conf = enterprise_hook( + 'config_agents_has_remote_configuration', + [$agent['id_agente']] + ); + + if ((bool) $has_remote_conf) { + $data = []; + $data[0] = __('Remote configuration'); + $data[1] = ''.__('Enabled').''; + $data[1] .= html_print_menu_button( + [ + 'href' => ui_get_full_url('index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&tab=remote_configuration&id_agente='.$agent['id_agente'].'&disk_conf=1'), + 'image' => 'images/remote-configuration@svg.svg', + 'title' => __('Edit remote config'), + ], + true + ); + + $satellite_server = (int) db_get_value_filter( + 'satellite_server', + 'tagente', + ['id_agente' => $id_agente] + ); + + if (empty($satellite_server) === false) { + $satellite_name = db_get_value_filter( + 'name', + 'tserver', + ['id_server' => $satellite_server] + ); + + $data[0] = __('Satellite server'); + $data[1] = $satellite_name; + } + + $table_contact->data[] = $data; + } + + if (enterprise_installed() === true) { + // SecurityMon line. + $id_module_group = db_get_value('id_mg', 'tmodule_group', 'name', 'Security'); + $modules = db_get_all_rows_filter( + 'tagente_modulo', + [ + 'id_agente' => $agent['id_agente'], + 'id_module_group' => $id_module_group, + ] + ); + + if (is_array($modules) === true && count($modules) > 0) { + $secmon_status = secmon_status($agent['id_agente']); + $data = []; + $data[0] = ''.__('SecurityMon').''; + $data[1] = ui_print_status_secmon_div($secmon_status, __('Total security modules: %s', count($modules))); + $table_contact->data[] = $data; + } + + // Hardening line. + $module_score = modules_get_agentmodule_id(io_safe_input('Hardening - Score'), $agent['id_agente']); + $hardening = ''; + if (is_array($module_score) === true && key_exists('id_agente_modulo', $module_score) == true) { + $raw_data_score = modules_get_raw_data($module_score['id_agente_modulo'], 0, time()); + $hardening = format_numeric($raw_data_score[0]['datos'], 2); + $data = []; + $data[0] = ''.__('Hardening').''; + $data[1] = $hardening.' %'; + $table_contact->data[] = $data; + } + + // Vulnerabilities line. + $vuls = get_vulnerabilities($agent['id_agente']); + if (is_array($vuls) === true && count($vuls) > 0) { + $score = get_score($vuls); + $data = []; + $data[0] = ''.__('Vulnerability').''; + $data[1] = ui_print_status_vulnerability_div($score); + $table_contact->data[] = $data; + } + } + + // Optional data + // Position Information. + if ((bool) $config['activate_gis'] === true) { + $data = []; + + $dataPositionAgent = gis_get_data_last_position_agent( + $agent['id_agente'] + ); + if (is_array($dataPositionAgent) === true && $dataPositionAgent['stored_longitude'] !== '' && $dataPositionAgent['stored_latitude'] !== '') { + $data[0] = __('Position (Long, Lat)'); + + $dataOptionalOutput = html_print_anchor( + [ + 'href' => 'index.php?sec=estado&sec2=operation/agentes/ver_agente&tab=gis&id_agente='.$id_agente, + 'content' => $dataPositionAgent['stored_longitude'].', '.$dataPositionAgent['stored_latitude'], + ], + true + ); + + if (empty($dataPositionAgent['description']) === false) { + $dataOptionalOutput .= ' ('.$dataPositionAgent['description'].')'; + } + + $data[1] = $dataOptionalOutput; + } + + $table_contact->data[] = $data; + } + + // Timezone Offset. + if ((int) $agent['timezone_offset'] !== 0) { + $data = []; + $data[0] = __('Timezone Offset'); + $data[1] = $agent['timezone_offset']; + $table_contact->data[] = $data; + } + $agent_contact = html_print_div( [ 'class' => 'agent_details_header', @@ -4856,4 +4973,25 @@ function get_resume_agent_concat($id_agente, $all_groups, $agent) $agent_contact .= html_print_table($table_contact, true); return $agent_contact; +} + + +/** + * Return an array with a list of status agents + * + * @return array. + */ + + +function agents_status_list() +{ + $status_list = []; + $status_list[AGENT_STATUS_NORMAL] = __('Normal'); + $status_list[AGENT_STATUS_WARNING] = __('Warning'); + $status_list[AGENT_STATUS_CRITICAL] = __('Critical'); + $status_list[AGENT_STATUS_UNKNOWN] = __('Unknown'); + $status_list[AGENT_STATUS_NOT_NORMAL] = __('Not normal'); + $status_list[AGENT_STATUS_NOT_INIT] = __('Not init'); + + return $status_list; } \ No newline at end of file diff --git a/pandora_console/include/functions_alerts.php b/pandora_console/include/functions_alerts.php index 94dcb97f6c..c461eb1402 100644 --- a/pandora_console/include/functions_alerts.php +++ b/pandora_console/include/functions_alerts.php @@ -2169,13 +2169,16 @@ function get_group_alerts( $strict_user=false, $tag=false, $action_filter=false, - $alert_action=true + $alert_action=true, + $search_sg=false ) { global $config; - $group_query = ''; if (!empty($idGroup)) { $group_query = ' AND id_grupo = '.$idGroup; + if ((bool) $search_sg === true) { + $group_query .= ' OR tasg.id_group = '.$idGroup; + } } if (is_array($filter)) { diff --git a/pandora_console/include/functions_api.php b/pandora_console/include/functions_api.php index f6d1674022..8f5fb66f54 100644 --- a/pandora_console/include/functions_api.php +++ b/pandora_console/include/functions_api.php @@ -82,7 +82,7 @@ function parseOtherParameter($other, $otherType, $rawDecode) case 'url_encode': $returnVar = [ 'type' => 'string', - 'data' => urldecode($other), + 'data' => $rawDecode ? rawurldecode($other) : urldecode($other), ]; break; @@ -12952,7 +12952,7 @@ function api_set_create_event($id, $trash1, $other, $returnType) $values = []; if ($other['data'][0] != '') { - $values['event'] = $other['data'][0]; + $values['event'] = io_safe_input(io_safe_output($other['data'][0])); } else { returnError('Event text required.'); return; @@ -13132,7 +13132,7 @@ function api_set_create_event($id, $trash1, $other, $returnType) if ($other['data'][18] != '') { $values['id_extra'] = $other['data'][18]; - $sql_validation = 'SELECT id_evento,estado,ack_utimestamp,id_usuario + $sql_validation = 'SELECT id_evento,estado,ack_utimestamp,id_usuario,event_custom_id FROM tevento WHERE estado IN (0,2) AND id_extra ="'.$other['data'][18].'";'; @@ -13147,6 +13147,7 @@ function api_set_create_event($id, $trash1, $other, $returnType) $values['status'] = 2; $ack_utimestamp = $val['ack_utimestamp']; $values['id_usuario'] = $val['id_usuario']; + $values['event_custom_id'] = $val['event_custom_id']; } api_set_validate_event_by_id($val['id_evento']); @@ -13177,7 +13178,8 @@ function api_set_create_event($id, $trash1, $other, $returnType) $custom_data, $values['server_id'], $values['id_extra'], - $ack_utimestamp + $ack_utimestamp, + $values['event_custom_id'] ?? null ); if ($other['data'][12] != '') { @@ -17787,6 +17789,48 @@ function api_token_check(string $token) } +/** + * Set custom field value in tevento + * + * @param mixed $id_event Event id. + * @param mixed $custom_field Custom field to set. + * @return void + */ +function api_set_event_custom_id($id, $value) +{ + // Get the event + $event = events_get_event($id, false, is_metaconsole()); + // If event not exists, end the execution. + if ($event === false) { + returnError( + 'event_not_exists', + 'Event not exists' + ); + $result = false; + } + + // Safe custom fields for hacks. + if (preg_match('/script/i', io_safe_output($value))) { + $result = false; + } + + $result = events_event_custom_id( + $id, + $value + ); + + // If update results failed + if (empty($result) === true || $result === false) { + returnError( + 'The event could not be updated' + ); + return false; + } else { + returnData('string', ['data' => 'Event updated.']); + } +} + + /** * Extract info Agents for inventories ITSM. * diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php index c9e4aa2226..e47e84adeb 100644 --- a/pandora_console/include/functions_config.php +++ b/pandora_console/include/functions_config.php @@ -249,10 +249,6 @@ function config_update_config() $error_update[] = __('Enable Netflow'); } - if (config_update_value('activate_sflow', (bool) get_parameter('activate_sflow'), true) === false) { - $error_update[] = __('Enable Sflow'); - } - if (config_update_value('activate_feedback', (bool) get_parameter('activate_feedback'), true) === false) { $error_update[] = __('Enable Feedback'); } @@ -371,6 +367,10 @@ function config_update_config() $error_update[] = __('show_experimental_features'); } + if (config_update_value('number_modules_queue', get_parameter('number_modules_queue'), true) === false) { + $error_update[] = __('number_modules_queue'); + } + if (config_update_value('console_log_enabled', get_parameter('console_log_enabled'), true) === false) { $error_update[] = __('Console log enabled'); } @@ -917,10 +917,6 @@ function config_update_config() $error_update[] = __('Batch statistics period (secs)'); } - if (config_update_value('agentaccess', (int) get_parameter('agentaccess'), true) === false) { - $error_update[] = __('Use agent access graph'); - } - if (config_update_value('num_files_attachment', (int) get_parameter('num_files_attachment'), true) === false) { $error_update[] = __('Max. recommended number of files in attachment directory'); } @@ -1623,6 +1619,10 @@ function config_update_config() if (config_update_value('netflow_get_ip_hostname', (int) get_parameter('netflow_get_ip_hostname'), true) === false) { $error_update[] = __('Name resolution for IP address'); } + + if (config_update_value('activate_sflow', (bool) get_parameter('activate_sflow'), true) === false) { + $error_update[] = __('Enable Sflow'); + } break; case 'sflow': @@ -2237,10 +2237,6 @@ function config_process_config() config_update_value('show_qr_code_header', false); } - if (!isset($config['agentaccess'])) { - config_update_value('agentaccess', true); - } - if (!isset($config['timezone'])) { config_update_value('timezone', 'Europe/Berlin'); } @@ -2449,6 +2445,10 @@ function config_process_config() config_update_value('show_experimental_features', 0); } + if (!isset($config['number_modules_queue'])) { + config_update_value('number_modules_queue', 500); + } + if (!isset($config['agent_vulnerabilities'])) { config_update_value('agent_vulnerabilities', 1); } diff --git a/pandora_console/include/functions_events.php b/pandora_console/include/functions_events.php index 5534897e84..747e5154ce 100644 --- a/pandora_console/include/functions_events.php +++ b/pandora_console/include/functions_events.php @@ -127,6 +127,58 @@ function events_translate_event_type($event_type) } +/** + * Module status event_type into descriptive text. + * + * @param integer $event_type Event type. + * + * @return string Module status. + */ +function events_status_module_event_type($event_type) +{ + $module_status = ''; + switch ($event_type) { + case 'alert_fired': + case 'alert_recovered': + case 'alert_ceased': + case 'alert_manual_validation': + $module_status = AGENT_MODULE_STATUS_CRITICAL_ALERT; + break; + + case 'going_down_normal': + case 'going_up_normal': + $module_status = AGENT_MODULE_STATUS_NORMAL; + break; + + case 'going_unknown': + case 'unknown': + $module_status = AGENT_MODULE_STATUS_UNKNOWN; + break; + + case 'going_up_warning': + case 'going_down_warning': + $module_status = AGENT_MODULE_STATUS_WARNING; + break; + + case 'going_up_critical': + case 'going_down_critical': + $module_status = AGENT_MODULE_STATUS_CRITICAL_BAD; + break; + + case 'recon_host_detected': + case 'system': + case 'error': + case 'new_agent': + case 'configuration_change': + default: + $module_status = AGENT_MODULE_STATUS_NOT_INIT; + break; + } + + return $module_status; +} + + /** * Translates a numeric value event_status into descriptive text. * @@ -219,6 +271,7 @@ function events_get_all_fields() $columns['module_status'] = __('Module status'); $columns['module_custom_id'] = __('Module custom id'); $columns['custom_data'] = __('Custom data'); + $columns['event_custom_id'] = __('Event Custom ID'); return $columns; } @@ -322,6 +375,9 @@ function events_get_column_name($field, $table_alias=false) case 'custom_data': return __('Custom data'); + case 'event_custom_id': + return __('Event Custom ID'); + default: return __($field); } @@ -982,6 +1038,9 @@ function events_get_all( case EVENT_NO_VALIDATED: $filter['status'][$key] = (EVENT_NEW.', '.EVENT_PROCESS); + + case EVENT_NO_PROCESS: + $filter['status'][$key] = (EVENT_NEW.', '.EVENT_VALIDATE); default: // Ignore. break; @@ -1027,6 +1086,24 @@ function events_get_all( $validatedState ); break; + + case EVENT_NO_PROCESS: + // Show comments in validated events. + $validatedState = ''; + if ($validatedEvents === true) { + $validatedState = sprintf( + 'OR estado = %d', + EVENT_VALIDATE + ); + } + + $sql_filters[] = sprintf( + ' AND (estado = %d OR estado = %d %s)', + EVENT_NEW, + EVENT_VALIDATE, + $validatedState + ); + break; } } } @@ -2335,7 +2412,8 @@ function events_create_event( $custom_data='', $server_id=0, $id_extra='', - $ack_utimestamp=0 + $ack_utimestamp=0, + $event_custom_id=null ) { if ($source === false) { $source = get_product_name(); @@ -2367,6 +2445,7 @@ function events_create_event( 'custom_data' => $custom_data, 'data' => '', 'module_status' => 0, + 'event_custom_id' => $event_custom_id, ]; return (int) db_process_sql_insert('tevento', $values); @@ -2590,7 +2669,6 @@ function events_print_type_img( $urlImage = ui_get_full_url(false); $icon = ''; $style = 'main_menu_icon'; - switch ($type) { case 'alert_recovered': $icon = 'images/alert_recovered@svg.svg'; @@ -2656,16 +2734,6 @@ function events_print_type_img( if ($only_url) { $output = $urlImage.'/'.$icon; } else { - /* - $output .= html_print_div( - [ - 'title' => events_print_type_description($type, true), - 'class' => $style, - 'style' => ((empty($icon) === false) ? 'background-image: url('.$icon.'); background-repeat: no-repeat;' : ''), - ], - true - ); - */ $output .= html_print_image( $icon, true, @@ -3204,12 +3272,14 @@ function events_get_all_status($report=false) $fields[1] = __('Only validated'); $fields[2] = __('Only in process'); $fields[3] = __('Only not validated'); + $fields[4] = __('Only not in process'); } else { $fields[-1] = __('All event'); $fields[0] = __('New'); $fields[1] = __('Validated'); $fields[2] = __('In process'); $fields[3] = __('Not Validated'); + $fields[4] = __('Not in process'); } return $fields; @@ -4039,7 +4109,13 @@ function events_get_response_target( if (empty($event['custom_data']) === false) { $custom_data = json_decode($event['custom_data']); foreach ($custom_data as $key => $value) { - $target = str_replace('_customdata_'.$key.'_', $value, $target); + if (is_array($value) === true) { + foreach ($value as $k => $v) { + $target = str_replace('_customdata_'.$k.'_', $v, $target); + } + } else { + $target = str_replace('_customdata_'.$key.'_', $value, $target); + } } if (strpos($target, '_customdata_json_') !== false) { @@ -4629,6 +4705,30 @@ function events_page_details($event, $server_id=0) $data[1] = ''.__('N/A').''; } + $table_details->data[] = $data; + $readonly = true; + if (check_acl($config['id_user'], 0, 'EW')) { + $readonly = false; + } + + $data = []; + $data[0] = __('Event Custom ID'); + $data[1] = '
'.html_print_input_text('event_custom_id', $event['event_custom_id'], '', false, 255, true, $readonly, false, '', 'w60p'); + if ($readonly === false) { + $data[1] .= html_print_button( + __('Update'), + 'update_event_custom_id', + false, + 'update_event_custom_id('.$event['id_evento'].', '.$event['server_id'].');', + [ + 'icon' => 'next', + 'mode' => 'link', + ], + true + ); + } + + $data[1] .= '
'; $table_details->data[] = $data; $details = '
'.html_print_table($table_details, true).'
'; @@ -5993,17 +6093,47 @@ function get_count_event_criticity( $type = 'AND event_type = "'.$eventType.'"'; } - $groups = ' '; + $groups = ' '; if ((int) $groupId !== 0) { $groups = 'AND id_grupo IN ('.$groupId.')'; } - $status = ' '; - if ((int) $eventStatus !== -1) { - $status = 'AND estado = '.$eventStatus; + $status = ' '; + if (empty($eventStatus) === false) { + switch ($eventStatus) { + case EVENT_ALL: + default: + // Do not filter. + break; + + case EVENT_NEW: + case EVENT_VALIDATE: + case EVENT_PROCESS: + $status = sprintf( + ' AND estado = %d', + $eventStatus + ); + break; + + case EVENT_NO_VALIDATED: + $status = sprintf( + ' AND (estado = %d OR estado = %d)', + EVENT_NEW, + EVENT_PROCESS + ); + break; + + case EVENT_NO_PROCESS: + $status = sprintf( + ' AND (estado = %d OR estado = %d)', + EVENT_NEW, + EVENT_VALIDATE + ); + break; + } } - $criticity = ' '; + $criticity = ' '; if (empty($criticityId) === false) { $criticity = 'AND criticity IN ('.$criticityId.')'; } @@ -6199,3 +6329,201 @@ function event_get_counter_extraId(array $event, ?array $filters) return $counters; } + + +/** + * Update event detail custom field + * + * @param mixed $id_event Event ID or array of events. + * @param string $event_custom_id Event custom ID to be update. + * + * @return boolean Whether or not it was successful + */ +function events_event_custom_id( + $id_event, + $event_custom_id, +) { + global $config; + // Cleans up the selection for all unwanted values also casts any single + // values as an array. + if (![$id_event]) { + $id_event = (array) safe_int($id_event, 1); + } + + // Check ACL. + foreach ($id_event as $k => $id) { + $event_group = events_get_group($id); + if (check_acl($config['id_user'], $event_group, 'EW') == 0) { + db_pandora_audit( + AUDIT_LOG_ACL_VIOLATION, + 'Attempted updating event #'.$id + ); + + unset($id_event[$k]); + } + } + + if (empty($id_event) === true) { + return false; + } + + // Get the current event comments. + $first_event = $id_event; + if (is_array($id_event) === true) { + $first_event = reset($id_event); + } + + // Update comment. + $ret = db_process_sql_update( + 'tevento', + ['event_custom_id' => $event_custom_id], + ['id_evento' => $first_event] + ); + + if (($ret === false) || ($ret === 0)) { + return false; + } + + return true; +} + + +function event_print_graph( + $filter, + $graph_height=100, +) { + global $config; + $show_all_data = false; + $events = events_get_all(['te.id_evento', 'te.timestamp', 'te.utimestamp'], $filter, null, null, 'te.utimestamp', true); + + if (empty($filter['date_from']) === false + && empty($filter['time_from']) === false + && empty($filter['date_to']) === false + && empty($filter['time_to']) === false + ) { + $start_utimestamp = strtotime($filter['date_from'].' '.$filter['time_from']); + $end_utimestamp = strtotime($filter['date_to'].' '.$filter['time_to']); + } else if ($filter['event_view_hr'] !== '') { + $start_utimestamp = strtotime('-'.$filter['event_view_hr'].' hours'); + $end_utimestamp = strtotime('now'); + } else { + $show_all_data = true; + $start_utimestamp = $events[0]['utimestamp']; + $end_utimestamp = $events[array_key_last($events)]['utimestamp']; + } + + $data_events = []; + $control_timestamp = $start_utimestamp; + $count = 0; + foreach ($events as $event) { + if ($event['utimestamp'] === $control_timestamp) { + $count++; + } else { + $control_timestamp = $event['utimestamp']; + $count = 1; + } + + $data_events[$control_timestamp] = $count; + } + + $num_data = count($data_events); + + $num_intervals = $num_data; + + $period = ($end_utimestamp - $start_utimestamp); + + if ($period <= SECONDS_6HOURS) { + $chart_time_format = 'H:i:s'; + } else if ($period < SECONDS_1DAY) { + $chart_time_format = 'H:i'; + } else if ($period < SECONDS_15DAYS) { + $chart_time_format = 'M d H:i'; + } else if ($period < SECONDS_1MONTH) { + $chart_time_format = 'M d H\h'; + } else { + $chart_time_format = 'M d H\h'; + } + + $chart = []; + $labels = []; + $color = []; + $count = 0; + + if ($show_all_data === true) { + foreach ($events as $event) { + if ($event['utimestamp'] === $control_timestamp) { + $count++; + } else { + $control_timestamp = $event['utimestamp']; + $count = 1; + } + + $data_events[$control_timestamp] = $count; + } + + $data_events = array_reverse($data_events, true); + + foreach ($data_events as $utimestamp => $count) { + $labels[] = date($chart_time_format, $utimestamp); + $chart[] = [ + 'y' => $count, + 'x' => date($chart_time_format, $utimestamp), + ]; + $color[] = '#82b92f'; + } + } else { + $interval_length = (int) ($period / $num_intervals); + $intervals = []; + $intervals[0] = $start_utimestamp; + for ($i = 0; $i < $num_intervals; $i++) { + $intervals[($i + 1)] = ($intervals[$i] + $interval_length); + } + + $control_data = []; + + foreach ($data_events as $utimestamp => $count_event) { + for ($i = 0; $i < $num_intervals; $i++) { + if ((int) $utimestamp > (int) $intervals[$i] && (int) $utimestamp < (int) $intervals[($i + 1)]) { + $control_data[(string) $intervals[$i]] += $count_event; + } + } + } + + for ($i = 0; $i < $num_intervals; $i++) { + $labels[] = date($chart_time_format, $intervals[$i]); + $chart[] = [ + 'y' => $control_data[$intervals[$i]], + 'x' => date($chart_time_format, $intervals[$i]), + ]; + $color[] = '#82b92f'; + } + } + + $water_mark = [ + 'file' => $config['homedir'].'/images/logo_vertical_water.png', + 'url' => ui_get_full_url('/images/logo_vertical_water.png'), + ]; + + $options = [ + 'height' => $graph_height, + 'waterMark' => $water_mark, + 'legend' => ['display' => false], + 'colors' => $color, + 'border' => false, + 'scales' => [ + 'x' => [ + 'grid' => ['display' => false], + ], + 'y' => [ + 'grid' => ['display' => false], + ], + ], + 'labels' => $labels, + ]; + + $graph = '
'; + $graph .= vbar_graph($chart, $options); + $graph .= '
'; + + return $graph; +} diff --git a/pandora_console/include/functions_gis.php b/pandora_console/include/functions_gis.php index ba9116759b..b57ec9e9ff 100644 --- a/pandora_console/include/functions_gis.php +++ b/pandora_console/include/functions_gis.php @@ -1585,7 +1585,7 @@ function gis_add_conection_maps_in_form($map_connection_list) '.html_print_input_text('map_connection_name_'.$mapConnection['id_conection'], $mapConnectionRowDB['conection_name'], '', 20, 40, true, true).' '.$radioButton.' - '.html_print_image('images/delete.svg', true, ['alt' => '', 'class' => 'invert_filter']).' + '.html_print_image('images/delete.svg', true, ['alt' => '', 'class' => 'invert_filter main_menu_icon']).' '; - return null; + if ($echo_tag === true) { + $filename .= '?v='.$config['current_package']; + $tag_name = ''; + if ($return === false) { + echo $tag_name; + return null; + } else { + return $tag_name; + } } if (! isset($config['js'])) { @@ -8230,3 +8243,43 @@ function ui_update_name_fav_element($id_element, $section, $label) ] ); } + + +function ui_print_status_vulnerability_div(float $score) +{ + $return = ''; + $class = 'status_rounded_rectangles forced_title'; + if (((float) $score) <= 5) { + return ui_print_div('group_view_ok '.$class, $score); + } + + if (((float) $score) > 5 && ((float) $score) <= 7.5) { + return ui_print_div('group_view_warn '.$class, $score); + } + + if (((float) $score) > 7.5) { + return ui_print_div('group_view_crit '.$class, $score); + } + + return $return; +} + + +function ui_print_status_secmon_div($status, $title=false) +{ + $class = 'status_rounded_rectangles forced_title'; + if (($status) === 'normal') { + $title = ($title === false) ? __('normal') : $title; + return ui_print_div('group_view_ok '.$class, $title); + } + + if (($status) === 'warning') { + $title = ($title === false) ? __('warning') : $title; + return ui_print_div('group_view_warn '.$class, $title); + } + + if (($status) === 'critical') { + $title = ($title === false) ? __('critical') : $title; + return ui_print_div('group_view_crit '.$class, $title); + } +} \ No newline at end of file diff --git a/pandora_console/include/graphs/export_data.php b/pandora_console/include/graphs/export_data.php index 3710668faa..9448b11365 100644 --- a/pandora_console/include/graphs/export_data.php +++ b/pandora_console/include/graphs/export_data.php @@ -45,6 +45,7 @@ if (file_exists('../languages/'.$user_language.'.mo') === true) { $type = (string) get_parameter('type', 'csv'); $data = (string) get_parameter('data'); +$data = strip_tags(io_safe_output($data)); $data = json_decode(io_safe_output($data), true); $default_filename = 'data_exported - '.date($config['date_format']); diff --git a/pandora_console/include/graphs/fgraph.php b/pandora_console/include/graphs/fgraph.php index 5839e0784b..98f99aefe1 100644 --- a/pandora_console/include/graphs/fgraph.php +++ b/pandora_console/include/graphs/fgraph.php @@ -1004,6 +1004,13 @@ function get_build_setup_charts($type, $options, $data) } } + // Set display grid true or false. + if (isset($options['grid']) === true) { + $scales = $chart->options()->getScales(); + $scales->getX()->grid()->setDrawOnChartArea($options['grid']); + $scales->getY()->grid()->setDrawOnChartArea($options['grid']); + } + // Radius is null maximum possible. if (isset($options['radius']) === true && empty($options['radius']) === false @@ -1228,6 +1235,12 @@ function get_build_setup_charts($type, $options, $data) ) { $colors = $options['colors']; $borders = $options['colors']; + if (isset($options['border']) === true && (bool) $options['border'] === false) { + $borders = []; + foreach ($colors as $color) { + $borders[] = 'rgba(0, 0, 0, 0)'; + } + } } else { // Colors. $defaultColor = []; diff --git a/pandora_console/include/graphs/flot/pandora.flot.js b/pandora_console/include/graphs/flot/pandora.flot.js index 56cd4a71a1..077a3200e5 100644 --- a/pandora_console/include/graphs/flot/pandora.flot.js +++ b/pandora_console/include/graphs/flot/pandora.flot.js @@ -2223,6 +2223,9 @@ function pandoraFlotArea( } var dataInSelection = ranges.xaxis.to - ranges.xaxis.from; + if (dataInSelection < 35000) { + return; + } var maxticks_zoom = dataInSelection / 3600000 / number_ticks; if (maxticks_zoom < 0.001) { diff --git a/pandora_console/include/graphs/functions_d3.php b/pandora_console/include/graphs/functions_d3.php index 5bfd03d244..e4324afd45 100644 --- a/pandora_console/include/graphs/functions_d3.php +++ b/pandora_console/include/graphs/functions_d3.php @@ -11,14 +11,14 @@ // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -function include_javascript_d3($return=false) +function include_javascript_d3($return=false, $force=false) { global $config; static $is_include_javascript = false; $output = ''; - if (!$is_include_javascript) { + if (!$is_include_javascript || $force === true) { $is_include_javascript = true; $output .= ' diff --git a/pandora_console/operation/menu.php b/pandora_console/operation/menu.php index 3794a30ae3..e2361fc73f 100644 --- a/pandora_console/operation/menu.php +++ b/pandora_console/operation/menu.php @@ -774,7 +774,7 @@ if ($access_console_node === true) { // Check if was displayed inside other menu. if ($extension['operation_menu']['fatherId'] == '') { - if ($extension_menu['name'] == 'Update manager') { + if ($extension_menu['name'] == 'Warp update') { continue; } @@ -819,13 +819,6 @@ if ($access_console_node === true) { } } } - - if (!empty($sub)) { - $menu_operation['extensions']['text'] = __('Tools'); - $menu_operation['extensions']['sec2'] = 'operation/extensions'; - $menu_operation['extensions']['id'] = 'oper-extensions'; - $menu_operation['extensions']['sub'] = $sub; - } } // ~ } diff --git a/pandora_console/operation/messages/message_edit.php b/pandora_console/operation/messages/message_edit.php index d2d3520b2b..cc197960ed 100644 --- a/pandora_console/operation/messages/message_edit.php +++ b/pandora_console/operation/messages/message_edit.php @@ -38,7 +38,7 @@ $send_mes = (bool) get_parameter('send_mes', false); $new_msg = (string) get_parameter('new_msg'); $dst_user = get_parameter('dst_user'); $dst_group = get_parameter('dst_group'); -$subject = io_safe_html_tags(get_parameter('subject')); +$subject = io_safe_input(get_parameter('subject')); $message = (string) get_parameter('message'); $read_message = (bool) get_parameter('read_message', false); $reply = (bool) get_parameter('reply', false); @@ -132,7 +132,7 @@ if ($read_message) { echo '

Conversation with '.$user_name.'

'; } - echo '

Subject: '.$message['subject'].'

'; + echo '

Subject: '.io_safe_output($message['subject']).'

'; $conversation = messages_get_conversation($message); diff --git a/pandora_console/operation/messages/message_list.php b/pandora_console/operation/messages/message_list.php index d7dc2881da..26ffbc5bfe 100644 --- a/pandora_console/operation/messages/message_list.php +++ b/pandora_console/operation/messages/message_list.php @@ -259,7 +259,7 @@ if (empty($messages) === true) { $pathSubject = 'index.php?sec=message_list&sec2=operation/messages/message_edit&read_message=1&id_message='.$message_id; } - $contentSubject = (empty($message['subject']) === true) ? __('No Subject') : $message['subject']; + $contentSubject = (empty($message['subject']) === true) ? __('No Subject') : io_safe_output($message['subject']); if ((int) $message['read'] !== 1) { $contentSubject = ''.$contentSubject.''; diff --git a/pandora_console/operation/search_agents.getdata.php b/pandora_console/operation/search_agents.getdata.php index bdeea391a1..d8182385b2 100644 --- a/pandora_console/operation/search_agents.getdata.php +++ b/pandora_console/operation/search_agents.getdata.php @@ -72,6 +72,7 @@ if ($searchAgents) { $has_secondary = enterprise_hook('agents_is_using_secondary_groups'); $stringSearchSQL = str_replace('&', '&', $stringSearchSQL); + $stringSearchSQL = str_replace('\', '\\', $stringSearchSQL); $sql = "SELECT DISTINCT taddress_agent.id_agent FROM taddress INNER JOIN taddress_agent ON taddress.id_a = taddress_agent.id_a diff --git a/pandora_console/operation/search_modules.getdata.php b/pandora_console/operation/search_modules.getdata.php index e83c6035ef..a278ca8cd0 100644 --- a/pandora_console/operation/search_modules.getdata.php +++ b/pandora_console/operation/search_modules.getdata.php @@ -19,17 +19,25 @@ require_once $config['homedir'].'/include/functions_users.php'; $searchModules = check_acl($config['id_user'], 0, 'AR'); -$selectModuleNameUp = ''; -$selectModuleNameDown = ''; -$selectAgentNameUp = ''; -$selectAgentNameDown = ''; +if ($config['style'] === 'pandora_black') { + $selectModuleNameUp = ''; + $selectModuleNameDown = ''; + $selectAgentNameUp = ''; + $selectAgentNameDown = ''; +} else { + $selectModuleNameUp = '_black'; + $selectModuleNameDown = '_black'; + $selectAgentNameUp = '_black'; + $selectAgentNameDown = '_black'; +} + $is_admin = (bool) db_get_value('is_admin', 'tusuario', 'id_user', $config['id_user']); switch ($sortField) { case 'module_name': switch ($sort) { case 'up': - $selectModuleNameUp = $selected; + $selectModuleNameUp = $selected_module; $order = [ 'field' => 'module_name', 'order' => 'ASC', @@ -37,7 +45,7 @@ switch ($sortField) { break; case 'down': - $selectModuleNameDown = $selected; + $selectModuleNameDown = $selected_module; $order = [ 'field' => 'module_name', 'order' => 'DESC', @@ -49,7 +57,7 @@ switch ($sortField) { case 'agent_name': switch ($sort) { case 'up': - $selectAgentNameUp = $selected; + $selectAgentNameUp = $selected_module; $order = [ 'field' => 'agent_name', 'order' => 'ASC', @@ -57,7 +65,7 @@ switch ($sortField) { break; case 'down': - $selectAgentNameDown = $selected; + $selectAgentNameDown = $selected_module; $order = [ 'field' => 'agent_name', 'order' => 'DESC', @@ -67,7 +75,7 @@ switch ($sortField) { break; default: - $selectModuleNameUp = $selected; + $selectModuleNameUp = $selected_module; $order = [ 'field' => 'module_name', 'order' => 'ASC', diff --git a/pandora_console/operation/search_modules.php b/pandora_console/operation/search_modules.php index 6d35064b68..e2ae260d3c 100644 --- a/pandora_console/operation/search_modules.php +++ b/pandora_console/operation/search_modules.php @@ -30,10 +30,9 @@ if (!$modules || !$searchModules) { $table->cellspacing = 4; $table->width = '98%'; $table->class = 'info_table'; - $table->head = []; - $table->head[0] = __('Module').' '.html_print_image('images/sort_up.png', true, ['style' => $selectModuleNameUp]).''.html_print_image('images/sort_down.png', true, ['style' => $selectModuleNameDown]).''; - $table->head[1] = __('Agent').' '.html_print_image('images/sort_up.png', true, ['style' => $selectAgentNameUp]).''.html_print_image('images/sort_down.png', true, ['style' => $selectAgentNameDown]).''; + $table->head[0] = __('Module').' '.html_print_image('images/sort_up'.$selectModuleNameUp.'.png', true).''.html_print_image('images/sort_down'.$selectModuleNameDown.'.png', true).''; + $table->head[1] = __('Agent').' '.html_print_image('images/sort_up'.$selectAgentNameUp.'.png', true).''.html_print_image('images/sort_down'.$selectAgentNameDown.'.png', true).''; $table->head[2] = __('Type'); $table->head[3] = __('Interval'); $table->head[4] = __('Status'); @@ -80,6 +79,9 @@ if (!$modules || !$searchModules) { $module['datos'] = modules_get_last_value($module['id_agente_modulo']); $module['module_name'] = $module['nombre']; + $linked_module_name = ''; + $linked_module_name .= $module['module_name']; + $linked_module_name .= ''; // To search the monitor status $status_sql = sprintf('SELECT estado from tagente_estado where id_agente_modulo ='.$module['id_agente_modulo']); $status_sql = db_process_sql($status_sql); @@ -217,7 +219,7 @@ if (!$modules || !$searchModules) { $url_edit = 'index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&id_agente='.$module['id_agente'].'&tab=module&id_agent_module='.$module['id_agente_modulo'].'&edit_module=1'; - $edit_module = ''.html_print_image('images/edit.svg', true).''; + $edit_module = ''.html_print_image('images/edit.svg', true, ['class' => 'invert_filter main_menu_icon']).''; } else { $edit_module = ''; } @@ -226,7 +228,7 @@ if (!$modules || !$searchModules) { array_push( $table->data, [ - $module['module_name'], + $linked_module_name, $agentCell, $typeCell, $intervalCell, diff --git a/pandora_console/operation/search_results.php b/pandora_console/operation/search_results.php index cef9788be0..76638e3525 100644 --- a/pandora_console/operation/search_results.php +++ b/pandora_console/operation/search_results.php @@ -60,7 +60,7 @@ $order = null; $sortField = get_parameter('sort_field'); $sort = get_parameter('sort', 'none'); $selected = 'border: 1px solid black;'; - +$selected_module = '_green'; if ($searchMain) { $main_tab = [ 'text' => "".html_print_image( diff --git a/pandora_console/operation/visual_console/public_view.php b/pandora_console/operation/visual_console/public_view.php index 46dd4e43b4..64529133b4 100644 --- a/pandora_console/operation/visual_console/public_view.php +++ b/pandora_console/operation/visual_console/public_view.php @@ -33,7 +33,7 @@ require_once $config['homedir'].'/vendor/autoload.php'; ui_require_css_file('register', 'include/styles/', true); // Connection lost alert. -ui_require_javascript_file('connection_check', 'include/javascript/', true); +// ui_require_javascript_file('connection_check', 'include/javascript/', true); set_js_value('absolute_homeurl', ui_get_full_url(false, false, false, false)); $conn_title = __('Connection with console has been lost'); $conn_text = __('Connection to the console has been lost. Please check your internet connection.'); @@ -47,7 +47,7 @@ global $vc_public_view; global $config; $vc_public_view = true; -$config['public_view'] = true; +$config['public_access'] = true; // This starts the page head. In the call back function, // things from $page['head'] array will be processed into the head. @@ -62,12 +62,6 @@ require_once 'include/functions_visual_map.php'; $hash = (string) get_parameter('hash'); -// For public link issue. -$force_instant_logout = true; -if (isset($config['id_user']) === true) { - $force_instant_logout = false; -} - // Check input hash. // DO NOT move it after of get parameter user id. if (User::validatePublicHash($hash) !== true) { @@ -256,17 +250,17 @@ $visualConsoleItems = VisualConsole::getItemsFromDB( if (menuLinks !== null) { menuLinks.forEach(function (menuLink) { menuLink.href = menuLink.href.replace(regex, replacement); - menuLink.href = menuLink.href.replace( - regex_hash, - replacement_hash - ); + //menuLink.href = menuLink.href.replace( + // regex_hash, + // replacement_hash + //); }); } // Change the URL (if the browser has support). if ("history" in window) { var href = window.location.href.replace(regex, replacement); - href = href.replace(regex_hash, replacement_hash); + //href = href.replace(regex_hash, replacement_hash); window.history.replaceState({}, document.title, href); } } @@ -321,20 +315,24 @@ $visualConsoleItems = VisualConsole::getItemsFromDB( } } }); - - - // No click enabled when user not logged. - $( "a" ).on( "click", function( event ) { - event.preventDefault(); - $('#visual-console-container').removeClass('is-updating'); - $('.div-visual-console-spinner').remove(); - }); - 0) { + ob_end_flush(); } \ No newline at end of file diff --git a/pandora_console/pandora_console.redhat.spec b/pandora_console/pandora_console.redhat.spec index 8249ba13d6..b20ddfd914 100644 --- a/pandora_console/pandora_console.redhat.spec +++ b/pandora_console/pandora_console.redhat.spec @@ -6,7 +6,7 @@ %define debug_package %{nil} %define name pandorafms_console %define version 7.0NG.774 -%define release 231123 +%define release 231211 # User and Group under which Apache is running %define httpd_name httpd diff --git a/pandora_console/pandora_console.rhel7.spec b/pandora_console/pandora_console.rhel7.spec index f1cd103edd..23057d2456 100644 --- a/pandora_console/pandora_console.rhel7.spec +++ b/pandora_console/pandora_console.rhel7.spec @@ -6,7 +6,7 @@ %define debug_package %{nil} %define name pandorafms_console %define version 7.0NG.774 -%define release 231123 +%define release 231211 # User and Group under which Apache is running %define httpd_name httpd diff --git a/pandora_console/pandora_console.spec b/pandora_console/pandora_console.spec index ec3d23c877..a4d3b8bcbf 100644 --- a/pandora_console/pandora_console.spec +++ b/pandora_console/pandora_console.spec @@ -3,7 +3,7 @@ # %define name pandorafms_console %define version 7.0NG.774 -%define release 231123 +%define release 231211 %define httpd_name httpd # User and Group under which Apache is running %define httpd_name apache2 diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index dfd2fe0a52..dd9e4c3ab3 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -290,16 +290,6 @@ CREATE TABLE IF NOT EXISTS `tagente_modulo` ( ) ENGINE=InnoDB DEFAULT CHARSET=UTF8MB4; -- snmp_oid is also used for WMI query --- ----------------------------------------------------- --- Table `tagent_access` --- ----------------------------------------------------- -CREATE TABLE IF NOT EXISTS `tagent_access` ( - `id_agent` INT UNSIGNED NOT NULL DEFAULT 0, - `utimestamp` BIGINT NOT NULL DEFAULT 0, - KEY `agent_index` (`id_agent`), - KEY `idx_utimestamp` USING BTREE (`utimestamp`) -) ENGINE=InnoDB DEFAULT CHARSET=UTF8MB4; - -- ----------------------------------------------------- -- Table `talert_snmp` -- ----------------------------------------------------- @@ -726,6 +716,7 @@ CREATE TABLE IF NOT EXISTS `tevento` ( `custom_data` TEXT, `data` TINYTEXT, `module_status` INT NOT NULL DEFAULT 0, + `event_custom_id` TEXT, PRIMARY KEY (`id_evento`), KEY `idx_agente` (`id_agente`), KEY `idx_agentmodule` (`id_agentmodule`), @@ -1271,6 +1262,7 @@ CREATE TABLE IF NOT EXISTS `tevent_filter` ( `custom_data_filter_type` TINYINT UNSIGNED DEFAULT 0, `owner_user` TEXT, `private_filter_user` TEXT, + `regex` TEXT, PRIMARY KEY (`id_filter`) ) ENGINE=InnoDB DEFAULT CHARSET=UTF8MB4; @@ -1646,6 +1638,7 @@ CREATE TABLE IF NOT EXISTS `treport_content` ( `cat_security_hardening` INT NOT NULL DEFAULT 0, `ignore_skipped` INT NOT NULL DEFAULT 0, `status_of_check` TINYTEXT, + `check_unknowns_graph` tinyint DEFAULT '0', PRIMARY KEY(`id_rc`), FOREIGN KEY (`id_report`) REFERENCES treport(`id_report`) ON UPDATE CASCADE ON DELETE CASCADE @@ -2639,6 +2632,9 @@ CREATE TABLE IF NOT EXISTS `tdashboard` ( `active` TINYINT NOT NULL DEFAULT 0, `cells` INT UNSIGNED DEFAULT 0, `cells_slideshow` TINYINT NOT NULL DEFAULT 0, + `date_range` TINYINT NOT NULL DEFAULT 0, + `date_from` INT NOT NULL DEFAULT 0, + `date_to` INT NOT NULL DEFAULT 0, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=UTF8MB4; @@ -3030,7 +3026,6 @@ CREATE TABLE IF NOT EXISTS `tevent_rule` ( `module` TEXT, `alert` TEXT, `criticity` TEXT, - `user_comment` TEXT, `id_tag` TEXT, `name` TEXT, `group_recursion` TEXT, @@ -3045,7 +3040,6 @@ CREATE TABLE IF NOT EXISTS `tevent_rule` ( `operator_module` TEXT COMMENT 'Operator for module', `operator_alert` TEXT COMMENT 'Operator for alert', `operator_criticity` TEXT COMMENT 'Operator for criticity', - `operator_user_comment` TEXT COMMENT 'Operator for user_comment', `operator_id_tag` TEXT COMMENT 'Operator for id_tag', `operator_log_content` TEXT COMMENT 'Operator for log_content', `operator_log_source` TEXT COMMENT 'Operator for log_source', diff --git a/pandora_console/pandoradb_data.sql b/pandora_console/pandoradb_data.sql index bfb1d0ee96..28605959ed 100644 --- a/pandora_console/pandoradb_data.sql +++ b/pandora_console/pandoradb_data.sql @@ -156,7 +156,8 @@ INSERT INTO `tconfig` (`token`, `value`) VALUES ('gotty', '/usr/bin/gotty'), ('custom_module_units', '{"bytes":"bytes","entries":"entries","files":"files","hits":"hits","sessions":"sessions","users":"users","ºC":"ºC","ºF":"ºF"}'), ('server_unique_identifier', replace(uuid(),'-','')), -('lts_name', ''); +('lts_name', ''), +('lts_updates', 1); UNLOCK TABLES; -- @@ -1167,9 +1168,9 @@ INSERT INTO `talert_actions` (`id`, `name`, `id_alert_command`, `field1`, `field INSERT INTO `talert_actions` (`id`, `name`, `id_alert_command`) VALUES (6,'Create Pandora ITSM ticket',16); INSERT INTO `talert_actions` (`id`, `name`, `id_alert_command`, `field1`, `field2`, `field3`, `field4`, `field5`, `field6`, `field7`, `field8`, `field9`, `field10`, `id_group`, `action_threshold`, `field1_recovery`, `field2_recovery`, `field3_recovery`, `field4_recovery`, `field5_recovery`, `field6_recovery`, `field7_recovery`, `field8_recovery`, `field9_recovery`, `field10_recovery`) VALUES (7, 'Pandora Google chat', 17, "", "data=_data_", "[PANDORA] Alert FIRED on _agent_ / _module_", "_agent_ | _module_ | _data_ | _timestamp_", "", "", "", "", "", "", 0, 0, "", "data=_data_", "[PANDORA] Alert RECOVERED on _agent_ / _module_", "_agent_ | _module_ | _data_ | _timestamp_", "", "", "", "", "", ""); INSERT INTO `talert_actions` (`id`, `name`, `id_alert_command`, `field1`, `field2`, `field3`, `field4`, `field5`, `field6`, `field7`, `field8`, `field9`, `field10`, `id_group`, `action_threshold`, `field1_recovery`, `field2_recovery`, `field3_recovery`, `field4_recovery`, `field5_recovery`, `field6_recovery`, `field7_recovery`, `field8_recovery`, `field9_recovery`, `field10_recovery`) VALUES (8, 'Pandora Slack', 18, "data=_data_", "", ":red_circle:", "[PANDORA] Alert FIRED on _agent_ / _module_", "_agent_ | _module_ | _data_ | _timestamp_", "", "", "", "", "", 0, 0, "data=_data_", "", ":green_circle:", "[PANDORA] Alert RECOVERED on _agent_ / _module_", "_agent_ | _module_ | _data_ | _timestamp_", "", "", "", "", ""); -INSERT INTO `talert_actions` (`id`, `name`, `id_alert_command`, `field1`, `field2`, `field3`, `field4`, `field5`, `field6`, `field7`, `field8`, `field9`, `field10`, `id_group`, `action_threshold`, `field1_recovery`, `field2_recovery`, `field3_recovery`, `field4_recovery`, `field5_recovery`, `field6_recovery`, `field7_recovery`, `field8_recovery`, `field9_recovery`, `field10_recovery`) VALUES (9, 'Pandora Telegram', 19, "", "[PANDORA] Alert FIRED on _agent_ / _module_ / _tiemstamp_ / _data_", "", "", "", "", "", "", "", "", 0, 0, "", "[PANDORA] Alert RECOVERED on _agent_ / _module_ / _tiemstamp_ / _data_", "", "", "", "", "", "", "", ""); +INSERT INTO `talert_actions` (`id`, `name`, `id_alert_command`, `field1`, `field2`, `field3`, `field4`, `field5`, `field6`, `field7`, `field8`, `field9`, `field10`, `id_group`, `action_threshold`, `field1_recovery`, `field2_recovery`, `field3_recovery`, `field4_recovery`, `field5_recovery`, `field6_recovery`, `field7_recovery`, `field8_recovery`, `field9_recovery`, `field10_recovery`) VALUES (9, 'Pandora Telegram', 19, "", "[PANDORA] Alert FIRED on _agent_ / _module_ / _timestamp_ / _data_", "", "", "", "", "", "", "", "", 0, 0, "", "[PANDORA] Alert RECOVERED on _agent_ / _module_ / _timestamp_ / _data_", "", "", "", "", "", "", "", ""); INSERT INTO `talert_actions` (`id`, `name`, `id_alert_command`, `field1`, `field2`, `field3`, `field4`, `field5`, `field6`, `field7`, `field8`, `field9`, `field10`, `id_group`, `action_threshold`, `field1_recovery`, `field2_recovery`, `field3_recovery`, `field4_recovery`, `field5_recovery`, `field6_recovery`, `field7_recovery`, `field8_recovery`, `field9_recovery`, `field10_recovery`) VALUES (10, 'Pandora ilert', 20, "alert", "", "[PANDORA] Alert FIRED on _agent_ / _module_", "_agent_ | _module_ | _data_ | _timestamp_", "", "", "", "", "", "", 0, 0, "resolved", "", "[PANDORA] Alert RECOVERED on _agent_ / _module_", "_agent_ | _module_ | _data_ | _timestamp_", "", "", "", "", "", ""); -INSERT INTO `talert_actions` (`id`, `name`, `id_alert_command`, `field1`, `field2`, `field3`, `field4`, `field5`, `field6`, `field7`, `field8`, `field9`, `field10`, `id_group`, `action_threshold`, `field1_recovery`, `field2_recovery`, `field3_recovery`, `field4_recovery`, `field5_recovery`, `field6_recovery`, `field7_recovery`, `field8_recovery`, `field9_recovery`, `field10_recovery`) VALUES (11, 'Pandora Vonage', 21, "", "[PANDORA] Alert FIRED on _agent_ / _module_ / _tiemstamp_ / _data_", "", "", "", "", "", "", "", "", 0, 0, "", "[PANDORA] Alert RECOVERED on _agent_ / _module_ / _tiemstamp_ / _data_", "", "", "", "", "", "", "", ""); +INSERT INTO `talert_actions` (`id`, `name`, `id_alert_command`, `field1`, `field2`, `field3`, `field4`, `field5`, `field6`, `field7`, `field8`, `field9`, `field10`, `id_group`, `action_threshold`, `field1_recovery`, `field2_recovery`, `field3_recovery`, `field4_recovery`, `field5_recovery`, `field6_recovery`, `field7_recovery`, `field8_recovery`, `field9_recovery`, `field10_recovery`) VALUES (11, 'Pandora Vonage', 21, "", "[PANDORA] Alert FIRED on _agent_ / _module_ / _timestamp_ / _data_", "", "", "", "", "", "", "", "", 0, 0, "", "[PANDORA] Alert RECOVERED on _agent_ / _module_ / _timestamp_ / _data_", "", "", "", "", "", "", "", ""); -- alert templates (default) @@ -1194,7 +1195,7 @@ INSERT INTO `trecon_script` (`type`,`name`,`description`,`script`,`macros`) VALU INSERT INTO `trecon_script` (`type`,`name`,`description`,`script`,`macros`) VALUES (2, 'Discovery.Cloud', 'Discovery Cloud script to monitor Cloud technologies (AWS.EC2, AWS.S3, AWS.RDS, RDS,ȊWS.EKS)', '/usr/share/pandora_server/util/recon_scripts/pcm_client.pl', '{"1":{"macro":"_field1_","desc":"Configuration file","help":"","value":"","hide":""}}'); -- IPAM is 3. -INSERT INTO `trecon_script` (`type`,`name`,`description`,`script`,`macros`) VALUES (4, 'IPMI Recon','Specific Pandora FMS Intel DCM Discovery (c) Artica ST 2011 <info@artica.es> Usage: ./ipmi-recon.pl <task_id> <group_id> <custom_field1> <custom_field2> <custom_field3> <custom_field4> * custom_field1 = Network i.e.: 192.168.100.0/24 * custom_field2 = Username * custom_field3 = Password * custom_field4 = Additional parameters i.e.: -D LAN_2_0','/usr/share/pandora_server/util/recon_scripts/ipmi-recon.pl','{\"1\":{\"macro\":\"_field1_\",\"desc\":\"Network\",\"help\":\"i.e.: 192.168.100.0/24\",\"value\":\"\",\"hide\":\"\"},\"2\":{\"macro\":\"_field2_\",\"desc\":\"Username\",\"help\":\"\",\"value\":\"\",\"hide\":\"\"},\"3\":{\"macro\":\"_field3_\",\"desc\":\"Password\",\"help\":\"\",\"value\":\"\",\"hide\":\"1\"},\"4\":{\"macro\":\"_field4_\",\"desc\":\"Additional parameters\",\"help\":\"Optional additional parameters such as -D LAN_2_0 to use IPMI ver 2.0 instead of 1.5. These options will also be passed to the IPMI plugin when the current values are read.\",\"value\":\"\",\"hide\":\"\"}}'); +INSERT INTO `trecon_script` (`type`,`name`,`description`,`script`,`macros`) VALUES (4, 'IPMI Recon','Specific Pandora FMS Intel DCM Discovery (c) Artica ST 2011 <info@pandorafms.com> Usage: ./ipmi-recon.pl <task_id> <group_id> <custom_field1> <custom_field2> <custom_field3> <custom_field4> * custom_field1 = Network i.e.: 192.168.100.0/24 * custom_field2 = Username * custom_field3 = Password * custom_field4 = Additional parameters i.e.: -D LAN_2_0','/usr/share/pandora_server/util/recon_scripts/ipmi-recon.pl','{\"1\":{\"macro\":\"_field1_\",\"desc\":\"Network\",\"help\":\"i.e.: 192.168.100.0/24\",\"value\":\"\",\"hide\":\"\"},\"2\":{\"macro\":\"_field2_\",\"desc\":\"Username\",\"help\":\"\",\"value\":\"\",\"hide\":\"\"},\"3\":{\"macro\":\"_field3_\",\"desc\":\"Password\",\"help\":\"\",\"value\":\"\",\"hide\":\"1\"},\"4\":{\"macro\":\"_field4_\",\"desc\":\"Additional parameters\",\"help\":\"Optional additional parameters such as -D LAN_2_0 to use IPMI ver 2.0 instead of 1.5. These options will also be passed to the IPMI plugin when the current values are read.\",\"value\":\"\",\"hide\":\"\"}}'); INSERT INTO `trecon_script` (`type`,`name`,`description`,`script`,`macros`) VALUES (3, 'IPAM Recon', 'This script is used to automatically detect network hosts availability and name, used as Recon Custom Script in the recon task. Parameters used are:\n\n* custom_field1 = network. i.e.: 192.168.100.0/24\n* custom_field2 = associated IPAM network id. i.e.: 4. Please do not change this value, it is assigned automatically in IPAM management.\n\nSee documentation for more information.', '/usr/share/pandora_server/util/recon_scripts/IPAMrecon.pl', '{"1":{"macro":"_field1_","desc":"Network","help":"i.e.: 192.168.100.0/24","value":"","hide":""}}'); @@ -1214,7 +1215,7 @@ INSERT INTO `tplugin` (`id`, `name`, `description`, `max_timeout`, `max_retries` INSERT INTO `tagent_custom_fields` VALUES (1,'Serial Number',0,0,'',0),(2,'Department',0,0,'',0),(3,'Additional ID',0,0,'',0),(4,'eHorusID',0,0,'',0); -INSERT INTO `ttag` VALUES (1,'network','Network equipment','http://artica.es','','',''),(2,'critical','Critical modules','','','',''),(3,'dmz','DMZ Network Zone','','','',''),(4,'performance','Performance anda capacity modules','','','',''),(5,'configuration','','','','',''); +INSERT INTO `ttag` VALUES (1,'network','Network equipment','http://pandorafms.com','','',''),(2,'critical','Critical modules','','','',''),(3,'dmz','DMZ Network Zone','','','',''),(4,'performance','Performance anda capacity modules','','','',''),(5,'configuration','','','','',''); INSERT INTO `tevent_response` VALUES (1,'Ping to host','Ping to the agent host','ping -c 5 _agent_address_','command',0,620,500,0,'',0,90,0),(3,'Create incident from event','Create a incident from the event with the standard incidents system of Pandora FMS','index.php?sec=workspace&sec2=operation/incidents/incident_detail&insert_form&from_event=_event_id_','url',0,0,0,1,'',0,90,0),(5,'Restart agent','Restart the agent with using UDP protocol. To use this response is necessary to have installed Pandora FMS server and console in the same machine.','/usr/share/pandora_server/util/udp_client.pl _agent_address_ 41122 "REFRESH AGENT"','command',0,620,500,0,'',0,90,0),(6,'Ping to module agent host','Ping to the module agent host','ping -c 5 _module_address_','command',0,620,500,0,'',0,90,0),(7,'Create ticket in Pandora ITSM from event','Create a ticket in Pandora ITSM from an event','index.php?sec=manageTickets&sec2=operation/ITSM/itsm&operation=edit&from_event=_event_id_','url',0,0,0,1,'',0,90,1); @@ -2775,7 +2776,7 @@ SET @short_name = 'pandorafms.oracle'; SET @name = 'Oracle'; SET @section = 'app'; SET @description = 'Monitor Oracle databases'; -SET @version = '1.0'; +SET @version = '1.1'; INSERT IGNORE INTO `tdiscovery_apps` (`id_app`, `short_name`, `name`, `section`, `description`, `version`) VALUES ('', @short_name, @name, @section, @description, @version); SELECT @id_app := `id_app` FROM `tdiscovery_apps` WHERE `short_name` = @short_name; diff --git a/pandora_console/update_manager_client/lib/UpdateManager/Client.php b/pandora_console/update_manager_client/lib/UpdateManager/Client.php index c75c84fefb..a0ca625009 100644 --- a/pandora_console/update_manager_client/lib/UpdateManager/Client.php +++ b/pandora_console/update_manager_client/lib/UpdateManager/Client.php @@ -1378,6 +1378,34 @@ class Client } + private function getDirectorySize($directory) + { + if (is_string($directory) === false || is_dir($directory) === false) { + throw new \InvalidArgumentException('Invalid directory path'); + } + + $size = 0; + + if ($handle = opendir($directory)) { + while (false !== ($file = readdir($handle))) { + if ($file != '.' && $file != '..') { + $path = $directory.DIRECTORY_SEPARATOR.$file; + if (is_dir($path) === true) { + // Recursive call for subdirectories. + $size += $this->getDirectorySize($path); + } else { + $size += filesize($path); + } + } + } + + closedir($handle); + } + + return $size; + } + + /** * Update files. * @@ -1395,7 +1423,8 @@ class Client string $from, string $to, bool $test=false, - bool $classic=false + bool $classic=false, + bool $called_recursively=false ) :void { if (is_dir($from) !== true || is_readable($from) !== true) { throw new \Exception('Cannot access patch files '.$from); @@ -1416,6 +1445,18 @@ class Client throw new \Exception('Files are not readable'); } + if ($test === true && $called_recursively === false) { + // Get size of folder and its subfolders corresponding to "from" path containing those files + // that will be updated in product. + // Do once. + $source_size = $this->getDirectorySize($from); + + // Check available disk space before writing files. + if (disk_free_space($to) < $source_size) { + throw new \Exception('Not enough disk space to write the files'); + } + } + $created_directories = []; while (($pf = readdir($pd)) !== false) { @@ -1440,11 +1481,13 @@ class Client $created_directories[] = $dest; } - $this->updateFiles($version, $pf.'/', $to, $test, $classic); + $this->updateFiles($version, $pf.'/', $to, $test, $classic, true); } else { // It's a file. if ($test === true) { - if (is_writable($target_folder) !== true) { + if (is_writable($target_folder) !== true + || (file_exists($dest) === true && is_writable($dest) !== true) + ) { throw new \Exception($dest.' is not writable'); } } else { diff --git a/pandora_console/views/dashboard/cell.php b/pandora_console/views/dashboard/cell.php index 919ce9e07e..7816f79351 100644 --- a/pandora_console/views/dashboard/cell.php +++ b/pandora_console/views/dashboard/cell.php @@ -34,9 +34,8 @@ if ($redraw === false) { $output .= '
'; $output .= '
'; - -if ((int) $cellData['id_widget'] !== 0) { - $options = json_decode($cellData['options'], true); +$options = json_decode($cellData['options'], true); +if ($cellData['id_widget'] !== '0') { $output .= $options['title']; } else { $output .= __('New widget'); @@ -44,10 +43,15 @@ if ((int) $cellData['id_widget'] !== 0) { $output .= '
'; $output .= '
'; - if ($manageDashboards !== 0 || $writeDashboards !== 0) { if ((int) $cellData['id_widget'] !== 0) { - $output .= ''; + $count_options = count(json_decode($cellData['options'], true)); + $invisible = ''; + if ($count_options <= 2 && $options['copy'] == 0) { + $invisible = 'invisible'; + } + + $output .= ''; $output .= html_print_image( 'images/copy.svg', true, diff --git a/pandora_console/views/dashboard/configurationWidgets.php b/pandora_console/views/dashboard/configurationWidgets.php index f985517f4f..68a51edbaa 100644 --- a/pandora_console/views/dashboard/configurationWidgets.php +++ b/pandora_console/views/dashboard/configurationWidgets.php @@ -28,15 +28,11 @@ // Includes. require_once $config['homedir'].'/include/class/HTML.class.php'; +ui_require_javascript_file('tinymce', 'vendor/tinymce/tinymce/', true); +ui_require_javascript_file('pandora', 'include/javascript/', true); $output = ''; -$output .= ui_require_javascript_file( - 'tiny_mce', - 'include/javascript/tiny_mce/', - true -); - $form = [ 'action' => '#', 'method' => 'POST', @@ -47,6 +43,18 @@ $form = [ 'extra' => 'novalidate', ]; +$js = 'tinymce.init({ + selector: "#textarea_text", + plugins: "preview, searchreplace, table, nonbreaking, link, image", + promotion: false, + branding: false, + setup: function (editor) { + editor.on("change", function () { + tinymce.triggerSave(); + }) + } +});'; + HTML::printForm( [ 'form' => $form, @@ -56,15 +64,4 @@ HTML::printForm( ] ); -$output .= ''; echo $output; diff --git a/pandora_console/views/dashboard/formDashboard.php b/pandora_console/views/dashboard/formDashboard.php index c36df6cf06..be21a3142e 100644 --- a/pandora_console/views/dashboard/formDashboard.php +++ b/pandora_console/views/dashboard/formDashboard.php @@ -102,6 +102,31 @@ $inputs = [ ], ], ], + [ + 'label' => __('Date range'), + 'arguments' => [ + 'name' => 'date_range', + 'id' => 'date_range', + 'type' => 'switch', + 'value' => $arrayDashboard['date_range'], + 'onchange' => 'handle_date_range(this)', + ], + ], + [ + 'label' => __('Select range'), + 'style' => 'display: none;', + 'class' => 'row_date_range', + 'arguments' => [ + 'name' => 'range', + 'id' => 'range', + 'selected' => ($arrayDashboard['date_from'] === '0' && $arrayDashboard['date_to'] === '0') ? 300 : 'chose_range', + 'type' => 'date_range', + 'date_init' => date('Y/m/d', $arrayDashboard['date_from']), + 'time_init' => date('H:i:s', $arrayDashboard['date_from']), + 'date_end' => date('Y/m/d', $arrayDashboard['date_to']), + 'time_end' => date('H:i:s', $arrayDashboard['date_to']), + ], + ], [ 'block_id' => 'private', 'direct' => 1, @@ -135,3 +160,30 @@ HTML::printForm( 'inputs' => $inputs, ] ); + +?> + + \ No newline at end of file diff --git a/pandora_console/views/dashboard/list.php b/pandora_console/views/dashboard/list.php index 657f0a8683..aae6778f6d 100644 --- a/pandora_console/views/dashboard/list.php +++ b/pandora_console/views/dashboard/list.php @@ -67,74 +67,6 @@ if (isset($resultCopy) === true) { ); } -// Filter table. -$filter_id_group = \get_parameter_post('id_group', ''); -$filter_name = \get_parameter_post('name', ''); - -$filterTable = new stdClass(); -$filterTable->class = 'filter-table-adv w100p'; -$filterTable->size[0] = '20%'; -$filterTable->size[1] = '20%'; -$filterTable->data = []; - -$filterTable->data[0][0] = html_print_label_input_block( - __('Group'), - html_print_select_groups( - false, - 'AR', - true, - 'id_group', - $filter_id_group, - '', - '', - '', - true, - false, - true, - 'w100p', - false, - '' - ) -); - -$filterTable->data[0][1] = html_print_label_input_block( - __('Name'), - html_print_input_text('name', $filter_name, '', 25, 80, true) -); - -$form_html = ''; - -ui_toggle( - $form_html, - ''.__('Filter').'', - 'dashboard_search', - false, - true, - false, - '', - 'white-box-content', - 'box-flat white_table_graph fixed_filter_bar' -); - - if (empty($dashboards) === true) { ui_print_info_message( [ @@ -189,15 +121,21 @@ if (empty($dashboards) === true) { 'form' => [ 'inputs' => [ [ - 'label' => __('Free search'), + 'label' => __('Name'), 'type' => 'text', - 'class' => 'w400px', + 'class' => 'w80p', 'id' => 'free_search', 'name' => 'free_search', ], + [ + 'label' => __('Group'), + 'type' => 'select_groups', + 'id' => 'group', + 'name' => 'group', + ], ], ], - 'filter_main_class' => 'box-flat white_table_graph fixed_filter_bar ', + 'filter_main_class' => 'box-flat white_table_graph fixed_filter_bar', 'csv' => false, ] ); diff --git a/pandora_console/views/dashboard/tipsWindow.php b/pandora_console/views/dashboard/tipsWindow.php index b9ff3f2420..573a11abcc 100644 --- a/pandora_console/views/dashboard/tipsWindow.php +++ b/pandora_console/views/dashboard/tipsWindow.php @@ -72,37 +72,36 @@ $output .= '

'.$title.'

'; $output .= '

'; $output .= $text; $output .= '

'; - -$link_class = 'invisible'; +$disabled_class = 'disabled_button'; +$disabled = true; if (empty($url) === false && $url !== '') { - $link_class = ''; + $disabled_class = ''; + $disabled = false; } -$output .= ''.__('See more info').''; - $output .= '
'; $output .= '
'; - +$output .= ''; $output .= html_print_button( - __('Maybe later'), + __('Learn more'), + 'learn_more', + $disabled, '', - false, - '', - [ - 'onclick' => 'close_dialog()', - 'class' => 'secondary mini', - ], + ['class' => 'secondary mini '.$disabled_class], true ); +$output .= ''; $output .= '
'; -$output .= html_print_image('images/arrow-left-grey.png', true, ['class' => 'arrow_counter']); -$output .= html_print_image('images/arrow-right-grey.png', true, ['class' => 'arrow_counter']); + +$output .= html_print_image('images/arrow-left-grey.png', true, ['class' => 'arrow_counter', 'onclick' => 'previous_tip()']); +$output .= html_print_image('images/arrow-right-grey.png', true, ['class' => 'arrow_counter', 'onclick' => 'next_tip()']); +$output .= html_print_input_hidden('tip_position', 0, true); $output .= '
'; if ($preview === true) { $output .= html_print_button( - __('Ok'), - 'next_tip', + __('Close'), + 'close_dialog', false, '', [ @@ -113,12 +112,12 @@ if ($preview === true) { ); } else { $output .= html_print_button( - __('Ok'), - 'next_tip', + __('Close'), + 'close_dialog', false, '', [ - 'onclick' => 'next_tip()', + 'onclick' => 'close_dialog()', 'class' => ($totalTips === '1') ? 'mini hide-button' : 'mini', ], true diff --git a/pandora_console/views/dashboard/widget.php b/pandora_console/views/dashboard/widget.php index 2f0bfe7364..a2fbdc1783 100644 --- a/pandora_console/views/dashboard/widget.php +++ b/pandora_console/views/dashboard/widget.php @@ -43,7 +43,7 @@ if ((int) $cellData['id_widget'] !== 0 || $widgetId !== 0) { true ); - $output .= '
'; + $output .= '
'; $output .= \ui_print_info_message( __('Please select widget'), '', diff --git a/pandora_console/views/tacticalView/view.php b/pandora_console/views/tacticalView/view.php index 308c9626e9..29b1c923fc 100644 --- a/pandora_console/views/tacticalView/view.php +++ b/pandora_console/views/tacticalView/view.php @@ -268,7 +268,7 @@
- +
loading(); ?>
diff --git a/pandora_server/DEBIAN/control b/pandora_server/DEBIAN/control index bc43811b78..d3163b928e 100644 --- a/pandora_server/DEBIAN/control +++ b/pandora_server/DEBIAN/control @@ -1,5 +1,5 @@ package: pandorafms-server -Version: 7.0NG.774-231123 +Version: 7.0NG.774-231211 Architecture: all Priority: optional Section: admin diff --git a/pandora_server/DEBIAN/make_deb_package.sh b/pandora_server/DEBIAN/make_deb_package.sh index 6c338c62a3..48c89a7c2e 100644 --- a/pandora_server/DEBIAN/make_deb_package.sh +++ b/pandora_server/DEBIAN/make_deb_package.sh @@ -14,7 +14,7 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -pandora_version="7.0NG.774-231123" +pandora_version="7.0NG.774-231211" package_cpan=0 package_pandora=1 diff --git a/pandora_server/lib/PandoraFMS/Config.pm b/pandora_server/lib/PandoraFMS/Config.pm index c152432365..fa05731660 100644 --- a/pandora_server/lib/PandoraFMS/Config.pm +++ b/pandora_server/lib/PandoraFMS/Config.pm @@ -46,7 +46,7 @@ our @EXPORT = qw( # version: Defines actual version of Pandora Server for this module only my $pandora_version = "7.0NG.774"; -my $pandora_build = "231123"; +my $pandora_build = "231211"; our $VERSION = $pandora_version." ".$pandora_build; # Setup hash @@ -128,7 +128,6 @@ sub pandora_get_sharedconfig ($$) { my ($pa_config, $dbh) = @_; # Agentaccess option - $pa_config->{"agentaccess"} = pandora_get_tconfig_token ($dbh, 'agentaccess', 1); # Realtimestats 0 disabled, 1 enabled. # Master servers will generate all the information (global tactical stats). @@ -466,7 +465,6 @@ sub pandora_load_config { # don't get an error later. $pa_config->{"realtimestats"} = 0; $pa_config->{"stats_interval"} = 300; - $pa_config->{"agentaccess"} = 1; $pa_config->{"event_storm_protection"} = 0; $pa_config->{"use_custom_encoding"} = 0; $pa_config->{"node_metaconsole"} = 0; # > 7.0NG diff --git a/pandora_server/lib/PandoraFMS/Core.pm b/pandora_server/lib/PandoraFMS/Core.pm index 420a49426b..673ccce1f0 100644 --- a/pandora_server/lib/PandoraFMS/Core.pm +++ b/pandora_server/lib/PandoraFMS/Core.pm @@ -1836,6 +1836,34 @@ sub pandora_execute_action ($$$$$$$$$;$$) { . $base64_data . "\n"; } + # Image that comes from module macro substitution. + if ($field3 =~ /cid:moduledata_/) { + $content_type = 'multipart/related; boundary="'.$boundary.'"'; + $boundary = "--" . $boundary; + + $field3 = $boundary . "\n" + . "Content-Type: " . $html_content_type . "\n\n" + # "Content-Transfer-Encoding: quoted-printable\n\n" + . $field3 . "\n"; + my @matches = ($field3 =~ /cid:moduledata_(\d+)/g); + foreach my $module_id (@matches) { + # Get base64 Image for the module. + my $module_data = get_db_value($dbh, 'SELECT datos FROM tagente_estado WHERE id_agente_modulo = ?', $module_id); + my $base64_data = substr($module_data, 23); # remove first 23 characters: 'data:image/png;base64, ' + + $cid = 'moduledata_'.$module_id; + my $filename = $cid . ".png"; + + $field3 .= $boundary . "\n" + . "Content-Type: image/png; name=\"" . $filename . "\"\n" + . "Content-Disposition: inline; filename=\"" . $filename . "\"\n" + . "Content-Transfer-Encoding: base64\n" + . "Content-ID: <" . $cid . ">\n" + . "Content-Location: " . $filename . "\n\n" + . $base64_data . "\n"; + } + } + if ($pa_config->{"mail_in_separate"} != 0){ foreach my $address (split (',', $field1)) { # Remove blanks @@ -2159,24 +2187,6 @@ sub send_console_notification { } } -########################################################################## -=head2 C<< pandora_access_update (I<$pa_config>, I<$agent_id>, I<$dbh>) >> - -Update agent access table. - -=cut -########################################################################## -sub pandora_access_update ($$$) { - my ($pa_config, $agent_id, $dbh) = @_; - - return if ($agent_id < 0); - - if ($pa_config->{"agentaccess"} == 0){ - return; - } - db_do ($dbh, "INSERT INTO tagent_access (id_agent, utimestamp) VALUES (?, ?)", $agent_id, time ()); -} - ########################################################################## =head2 C<< pandora_process_module (I<$pa_config>, I<$data>, I<$agent>, I<$module>, I<$module_type>, I<$timestamp>, I<$utimestamp>, I<$server_id>, I<$dbh>) >> @@ -2413,10 +2423,8 @@ sub pandora_process_module ($$$$$$$$$;$) { } else { if($new_status == 0 && $ff_normal > $min_ff_event) { - # Reached normal FF but status have not changed, reset counters. + # Reached normal FF but status have not changed, reset counter. $ff_normal = 0; - $ff_critical = 0; - $ff_warning = 0; } # Active ff interval @@ -3428,14 +3436,10 @@ sub pandora_update_agent ($$$$$$$;$$$) { # No access update for data without interval. # Single modules from network server, for example. This could be very Heavy for Pandora FMS - if ($agent_interval != -1){ - pandora_access_update ($pa_config, $agent_id, $dbh); - } else { - - # Do not update the agent interval + if ($agent_interval == -1){ $agent_interval = undef; } - + # Update tagente my $timestamp = strftime ("%Y-%m-%d %H:%M:%S", localtime()); my ($set, $values) = db_update_get_values ({'agent_version' => $agent_version, @@ -4240,9 +4244,6 @@ sub pandora_delete_agent ($$;$) { # Delete the agent db_do ($dbh, 'DELETE FROM tagente WHERE id_agente = ?', $agent_id); - # Delete agent access data - db_do ($dbh, 'DELETE FROM tagent_access WHERE id_agent = ?', $agent_id); - # Delete addresses db_do ($dbh, 'DELETE FROM taddress_agent WHERE id_ag = ?', $agent_id); @@ -4331,6 +4332,7 @@ sub pandora_event { my $utimestamp = time (); my $timestamp = strftime ("%Y-%m-%d %H:%M:%S", localtime ($utimestamp)); + my $event_custom_id = undef; $id_agentmodule = 0 unless defined ($id_agentmodule); # Validate events with the same event id @@ -4348,6 +4350,7 @@ sub pandora_event { logger($pa_config, "Keeping In process status from last event with extended id '$id_extra'.", 10); $ack_utimestamp = get_db_value ($dbh, 'SELECT ack_utimestamp FROM tevento WHERE id_extra=? AND estado=2', $id_extra); $event_status = 2; + $event_custom_id = get_db_value ($dbh, 'SELECT event_custom_id FROM tevento WHERE id_extra=? AND estado=2', $id_extra); } } @@ -4359,8 +4362,8 @@ sub pandora_event { # Create the event logger($pa_config, "Generating event '$evento' for agent ID $id_agente module ID $id_agentmodule.", 10); - $event_id = db_insert ($dbh, 'id_evento','INSERT INTO tevento (id_agente, id_grupo, evento, timestamp, estado, utimestamp, event_type, id_agentmodule, id_alert_am, criticity, tags, source, id_extra, id_usuario, critical_instructions, warning_instructions, unknown_instructions, ack_utimestamp, custom_data, data, module_status) - VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', $id_agente, $id_grupo, safe_input ($evento), $timestamp, $event_status, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity, $module_tags, $source, $id_extra, $user_name, $critical_instructions, $warning_instructions, $unknown_instructions, $ack_utimestamp, $custom_data, safe_input($module_data), $module_status); + $event_id = db_insert ($dbh, 'id_evento','INSERT INTO tevento (id_agente, id_grupo, evento, timestamp, estado, utimestamp, event_type, id_agentmodule, id_alert_am, criticity, tags, source, id_extra, id_usuario, critical_instructions, warning_instructions, unknown_instructions, ack_utimestamp, custom_data, data, module_status, event_custom_id) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', $id_agente, $id_grupo, safe_input ($evento), $timestamp, $event_status, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity, $module_tags, $source, $id_extra, $user_name, $critical_instructions, $warning_instructions, $unknown_instructions, $ack_utimestamp, $custom_data, safe_input($module_data), $module_status, $event_custom_id); if(defined($event_id) && $comment ne '') { my $comment_id = db_insert ($dbh, 'id','INSERT INTO tevent_comment (id_event, utimestamp, comment, id_user, action) @@ -5179,6 +5182,11 @@ sub on_demand_macro($$$$$$;$) { elsif (defined($unit_mod) && $unit_mod ne '') { $field_value .= $unit_mod; } + + if ($field_value =~ /^data:image\/png;base64, /) { + # macro _data_ substitution in case is image. + $field_value = ''; + } return(defined($field_value)) ? $field_value : ''; } elsif ($macro eq '_secondarygroups_') { @@ -6711,8 +6719,7 @@ sub pandora_installation_monitoring($$) { FROM information_schema.tables WHERE - table_schema not in ('information_schema', 'mysql') - AND table_name NOT IN ('tagent_access, tevento')" + table_schema not in ('information_schema', 'mysql')" ); $module->{'unit'} = '%'; push(@modules, $module); diff --git a/pandora_server/lib/PandoraFMS/InventoryServer.pm b/pandora_server/lib/PandoraFMS/InventoryServer.pm index 5f0f90e95d..e6b070f4d8 100644 --- a/pandora_server/lib/PandoraFMS/InventoryServer.pm +++ b/pandora_server/lib/PandoraFMS/InventoryServer.pm @@ -181,17 +181,21 @@ sub data_consumer ($$) { AND tagent_module_inventory.id_module_inventory = tmodule_inventory.id_module_inventory', $module_id); - # No code to run - return if ($module->{'interpreter'} eq ''); - - # Save script in a temporary file + my $command; my ($fh, $temp_file) = tempfile(); - $fh->print (decode_base64($module->{'code'})); - close ($fh); - set_file_permissions($pa_config, $temp_file, "0777"); - # Run the script - my $command = $module->{'interpreter'} . ' ' . $temp_file . ' "' . $module->{'target'} . '"'; + if ($module->{'script_mode'} == '1') { + my $script_file = $module->{'script_path'}; + $command = $module->{'interpreter'} . ' ' . $script_file . ' "' . $module->{'target'} . '"'; + } else { + # Save script in a temporary file + $fh->print (decode_base64($module->{'code'})); + close ($fh); + set_file_permissions($pa_config, $temp_file, "0777"); + + # Run the script + $command = $module->{'interpreter'} . ' ' . $temp_file . ' "' . $module->{'target'} . '"'; + } # Try to read the custom fields to use them as arguments into the command if (defined($module->{'custom_fields'}) && $module->{'custom_fields'} ne '') { @@ -206,7 +210,11 @@ sub data_consumer ($$) { if (!defined ($decoded_cfields)) { logger ($pa_config, "Remote inventory module ".$module->{'name'}." has failed because the custom fields can't be read", 6); - unlink ($temp_file); + + if ($module->{'script_mode'} == '2') { + unlink ($temp_file); + } + return; } @@ -237,11 +245,18 @@ sub data_consumer ($$) { # Check for errors if ($? != 0) { logger ($pa_config, "Remote inventory module ".$module->{'name'}." has failed with error level $?", 6); - unlink ($temp_file); + + if ($module->{'script_mode'} == '2') { + unlink ($temp_file); + } + return; } - unlink ($temp_file); + if ($module->{'script_mode'} == '2') { + unlink ($temp_file); + } + my $utimestamp = time (); my $timestamp = strftime ("%Y-%m-%d %H:%M:%S", localtime ($utimestamp)); eval { diff --git a/pandora_server/lib/PandoraFMS/PluginTools.pm b/pandora_server/lib/PandoraFMS/PluginTools.pm index 0f54a3f36b..16d61a00a5 100644 --- a/pandora_server/lib/PandoraFMS/PluginTools.pm +++ b/pandora_server/lib/PandoraFMS/PluginTools.pm @@ -34,7 +34,7 @@ our @ISA = qw(Exporter); # version: Defines actual version of Pandora Server for this module only my $pandora_version = "7.0NG.774"; -my $pandora_build = "231123"; +my $pandora_build = "231211"; our $VERSION = $pandora_version." ".$pandora_build; our %EXPORT_TAGS = ( 'all' => [ qw() ] ); diff --git a/pandora_server/lib/PandoraFMS/Tools.pm b/pandora_server/lib/PandoraFMS/Tools.pm index c4c118ae05..580344542c 100755 --- a/pandora_server/lib/PandoraFMS/Tools.pm +++ b/pandora_server/lib/PandoraFMS/Tools.pm @@ -181,6 +181,7 @@ our @EXPORT = qw( check_cron_value check_cron_element cron_check + p_pretty_json ); # ID of the different servers @@ -2977,6 +2978,18 @@ sub get_server_name { return "UNKNOWN"; } +################################################################################ +# Pretty print json. +################################################################################ +sub p_pretty_json { + my ($data) = @_; + + # Initialize JSON manager. + my $j = JSON->new->utf8(1)->pretty(1)->indent(1); + my $output = $j->encode($data); + + return $output; +} 1; __END__ diff --git a/pandora_server/pandora_server.redhat.spec b/pandora_server/pandora_server.redhat.spec index ed01554f83..8aea06e829 100644 --- a/pandora_server/pandora_server.redhat.spec +++ b/pandora_server/pandora_server.redhat.spec @@ -7,7 +7,7 @@ %define debug_package %{nil} %define name pandorafms_server %define version 7.0NG.774 -%define release 231123 +%define release 231211 Summary: Pandora FMS Server Name: %{name} diff --git a/pandora_server/pandora_server.spec b/pandora_server/pandora_server.spec index 8f1aaab8e2..24151d4685 100644 --- a/pandora_server/pandora_server.spec +++ b/pandora_server/pandora_server.spec @@ -4,7 +4,7 @@ %global __os_install_post %{nil} %define name pandorafms_server %define version 7.0NG.774 -%define release 231123 +%define release 231211 Summary: Pandora FMS Server Name: %{name} diff --git a/pandora_server/pandora_server_installer b/pandora_server/pandora_server_installer index bbc79c91b2..e833bb1958 100755 --- a/pandora_server/pandora_server_installer +++ b/pandora_server/pandora_server_installer @@ -9,7 +9,7 @@ # ********************************************************************** PI_VERSION="7.0NG.774" -PI_BUILD="231123" +PI_BUILD="231211" MODE=$1 if [ $# -gt 1 ]; then diff --git a/pandora_server/util/pandora_db.pl b/pandora_server/util/pandora_db.pl index a722e5f557..269e23f3eb 100755 --- a/pandora_server/util/pandora_db.pl +++ b/pandora_server/util/pandora_db.pl @@ -38,7 +38,7 @@ use PandoraFMS::Config; use PandoraFMS::DB; # version: define current version -my $version = "7.0NG.774 Build 231123"; +my $version = "7.0NG.774 Build 231211"; # Pandora server configuration my %conf; @@ -142,10 +142,18 @@ sub pandora_purgedb ($$$) { # Delete manually disabled agents after some period if (defined ($conf->{'_delete_disabled_agents'}) && $conf->{'_delete_disabled_agents'} > 0) { log_message('PURGE', "Deleting old disabled agents (More than " . $conf->{'_delete_disabled_agents'} . " days)."); - db_do ($dbh, "DELETE FROM tagente - WHERE UNIX_TIMESTAMP(ultimo_contacto) + ? < UNIX_TIMESTAMP(NOW()) - AND disabled = 1 - AND modo != 2", $conf->{'_delete_disabled_agents'} * 8600); + my @agents_to_delete = get_db_rows ( + $dbh, + "SELECT id_agente FROM tagente + WHERE UNIX_TIMESTAMP(ultimo_contacto) + ? < UNIX_TIMESTAMP(NOW()) + AND disabled = 1 + AND modo != 2", + $conf->{'_delete_disabled_agents'} * 8600 + ); + + foreach my $agent_to_delete (@agents_to_delete) { + pandora_delete_agent($dbh, $agent_to_delete->{'id_agente'}, $conf); + } } # Delete old data @@ -279,25 +287,7 @@ sub pandora_purgedb ($$$) { log_message ('PURGE', "Deleting old access data (More than 24hr)"); - $first_mark = get_db_value_limit ($dbh, 'SELECT utimestamp FROM tagent_access ORDER BY utimestamp ASC', 1); - if (defined ($first_mark)) { - $total_time = $ulimit_access_timestamp - $first_mark; - $purge_steps = int( $total_time / $BIG_OPERATION_STEP); - if ($purge_steps > 0) { - for (my $ax = 1; $ax <= $BIG_OPERATION_STEP; $ax++){ - db_do ($dbh, "DELETE FROM tagent_access WHERE utimestamp < ". ( $first_mark + ($purge_steps * $ax)) . " AND utimestamp >= ". $first_mark); - log_message ('PURGE', "Agent access deletion progress %$ax", "\r"); - # Do a nanosleep here for 0,01 sec - usleep (10000); - } - log_message ('', "\n"); - } else { - log_message ('PURGE', "No agent access data to purge."); - } - } else { - log_message ('PURGE', "No agent access data."); - } - + # Purge the reports if (defined($conf->{'_enterprise_installed'}) && $conf->{'_enterprise_installed'} eq '1' && defined($conf->{'_metaconsole'}) && $conf->{'_metaconsole'} eq '1'){ @@ -340,14 +330,22 @@ sub pandora_purgedb ($$$) { AND id_rc NOT IN (SELECT id_report_content FROM treport_content_sla_combined)"); } - - # Delete disabled autodisable agents after some period - log_message ('PURGE', 'Delete autodisabled agents where last contact is bigger than ' . $conf->{'_days_autodisable_deletion'} . ' days.'); - db_do ($dbh, "DELETE FROM tagente - WHERE UNIX_TIMESTAMP(ultimo_contacto) + ? < UNIX_TIMESTAMP(NOW()) - AND disabled=1 - AND modo=2", $conf->{'_days_autodisable_deletion'}*8600); - + # Delete disabled autodisable agents after some period + if (defined ($conf->{'_days_autodisable_deletion'}) && $conf->{'_days_autodisable_deletion'} > 0) { + log_message ('PURGE', 'Delete autodisabled agents where last contact is bigger than ' . $conf->{'_days_autodisable_deletion'} . ' days.'); + my @agents_autodisable_to_delete = get_db_rows ( + $dbh, + "SELECT id_agente FROM tagente + WHERE UNIX_TIMESTAMP(ultimo_contacto) + ? < UNIX_TIMESTAMP(NOW()) + AND disabled = 1 + AND modo = 2", + $conf->{'_days_autodisable_deletion'} * 8600 + ); + + foreach my $agent_autodisable_to_delete (@agents_autodisable_to_delete) { + pandora_delete_agent($dbh, $agent_autodisable_to_delete->{'id_agente'}, $conf); + } + } # Delete old netflow data if (!defined($conf->{'_netflow_max_lifetime'})){ @@ -460,7 +458,7 @@ sub pandora_compactdb { my $last_compact_offset = pandora_get_config_value($dbh, "last_compact_offset"); - unless ($last_compact_offset) { + if ($last_compact_offset eq "") { db_do($dbh, "INSERT INTO tconfig (token, value) VALUES ('last_compact_offset', '0')"); $last_compact_offset = 0; } diff --git a/pandora_server/util/pandora_manage.pl b/pandora_server/util/pandora_manage.pl index 25fa325da7..aae2e87f8e 100755 --- a/pandora_server/util/pandora_manage.pl +++ b/pandora_server/util/pandora_manage.pl @@ -36,7 +36,7 @@ use Encode::Locale; Encode::Locale::decode_argv; # version: define current version -my $version = "7.0NG.774 Build 231123"; +my $version = "7.0NG.774 Build 231211"; # save program name for logging my $progname = basename($0); @@ -201,6 +201,7 @@ sub help_screen{ help_screen_line('--disable_double_auth', '', 'Disable the double authentication for the specified user'); print "\nEVENTS:\n\n" unless $param ne ''; help_screen_line('--create_event', " [ \n\t \n\t \n\t ]", 'Add event'); + help_screen_line('--update_event_custom_id', " ", 'Update Event Custom ID'); help_screen_line('--validate_event', " \n\t []", 'Validate events'); help_screen_line('--validate_event_id', '', 'Validate event given a event id'); help_screen_line('--get_event_info', '[]', 'Show info about a event given a event id'); @@ -4549,6 +4550,17 @@ sub cli_create_event() { } } +############################################################################## +# Update event custom id +# Related option: --update_event_custom_id +############################################################################## + +sub cli_update_event_custom_id() { + my ($id_event, $event_custom_id) = @ARGV[2..3]; + my $result = api_call(\%conf, 'set', 'event_custom_id', $id_event, $event_custom_id); + print "\n$result\n"; +} + ############################################################################## # Validate event. # Related option: --validate_event @@ -8335,6 +8347,10 @@ sub pandora_manage_main ($$$) { param_check($ltotal, 4, 0); cli_insert_gis_data(); } + elsif ($param eq '--update_event_custom_id'){ + param_check($ltotal, 2); + cli_update_event_custom_id(); + } else { print_log "[ERROR] Invalid option '$param'.\n\n"; $param = ''; diff --git a/pandora_server/util/pandora_perf_report.pl b/pandora_server/util/pandora_perf_report.pl index cbc11219c7..cdad51d9ab 100644 --- a/pandora_server/util/pandora_perf_report.pl +++ b/pandora_server/util/pandora_perf_report.pl @@ -212,7 +212,6 @@ sub stress_agent { sub table_stats { my ($dbh, $conf) = @_; my $stats = { - tagent_access => 'N/A', tagente => 'N/A', tagente_datos => 'N/A', tagente_datos_string => 'N/A', @@ -225,8 +224,7 @@ sub table_stats { FROM information_schema.TABLES WHERE TABLE_SCHEMA=? AND TABLE_NAME IN (?, ?, ?, ?, ?, ?, ?)", - $conf->{'dbname'}, - 'tagent_access', + $conf->{'dbname'},, 'tagente', 'tagente_datos', 'tagente_datos_string', @@ -309,7 +307,6 @@ sub generate_optimized_my_cnf { sub table_comments { my ($stats) = @_; my $comments = { - tagent_access => 'OK', tagente => 'OK', tagente_datos => 'OK', tagente_datos_string => 'OK', @@ -319,12 +316,6 @@ sub table_comments { tsesion => 'OK', }; - if ($stats->{'tagent_access'} > $stats->{'tagente'} * 24 * 250) { - $comments->{'tagent_access'} = 'CRITICAL: Table too big. Please contact our support team at: support@artica.es'; - } elsif ($stats->{'tagent_access'} > $stats->{'tagente'} * 24 * 100) { - $comments->{'tagent_access'} = 'WARNING: Table too big. Please contact our support team at: support@artica.es'; - } - if ($stats->{'tagente_datos'} > 5000000) { $comments->{'tagente_datos'} = 'CRITICAL: Table too big. Please use a history database or decrease the purge period.'; } elsif ($stats->{'tagente_datos'} > 1000000) { @@ -474,7 +465,6 @@ Module table $table_stats->{'tagente_modulo'} $tab Data table $table_stats->{'tagente_datos'} $table_comments->{'tagente_datos'} String data table $table_stats->{'tagente_datos_string'} $table_comments->{'tagente_datos_string'} Event table $table_stats->{'tevento'} $table_comments->{'tevento'} -Access stats $table_stats->{'tagent_access'} $table_comments->{'tagent_access'} Audit information $table_stats->{'tsesion'} $table_comments->{'tsesion'} diff --git a/tests/console/Views.py b/tests/console/Views.py index b4ad48134e..f4967e3db7 100644 --- a/tests/console/Views.py +++ b/tests/console/Views.py @@ -305,7 +305,7 @@ class viewAppear(PandoraWebDriverTestCase): click_menu_element(driver,"CSV import") time.sleep(2) self.assertEqual("Upload file" in driver.page_source,True) - click_menu_element(driver,"CSV import group") + click_menu_element(driver,"Import groups with CSV file") time.sleep(2) self.assertEqual("Upload file" in driver.page_source,True) click_menu_element(driver,"IPAM")