From 9238172819a1029e5418a562ab54fe727a0d1380 Mon Sep 17 00:00:00 2001 From: slerena Date: Tue, 5 Aug 2008 10:55:41 +0000 Subject: [PATCH] 2008-08-05 Sancho Lerena * bin/pandora_recon: New functional recon server. It implements different recon tasks based on OS type. Uses a production/consumer thread model, detec OS typew and assign automatically network profiles (including new WMI components) and WMI, Plugin, Network and Prediction servers, taken the first master server that could found. Uses xprobe2 external tool to detect remote OS. * Makefile.PL: Added new dependencies (HTML::Entities), and new binary tool for controlled time executing (pandora_exec), used now by pandora_wmi and pandora_plugin. * Config.pm: Fixed problem parsing xprobe2 command. * DB.pm: Functions pandora_create_agent() and pandora_event() moved from Tools.pm to here. Removed some old DEBUG messages. * Tools.pm: Moved pandora_create_agent() and pandora_event() to DB.pm git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1002 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f --- pandora_server/ChangeLog | 20 +++ pandora_server/Makefile.PL | 3 +- pandora_server/bin/pandora_recon | 199 ++++++++++++++---------- pandora_server/lib/PandoraFMS/Config.pm | 4 +- pandora_server/lib/PandoraFMS/DB.pm | 96 +++++++++++- pandora_server/lib/PandoraFMS/Tools.pm | 60 ------- 6 files changed, 234 insertions(+), 148 deletions(-) diff --git a/pandora_server/ChangeLog b/pandora_server/ChangeLog index 7bb462eb31..3fe097d618 100644 --- a/pandora_server/ChangeLog +++ b/pandora_server/ChangeLog @@ -1,3 +1,23 @@ +2008-08-05 Sancho Lerena + + * bin/pandora_recon: New functional recon server. It implements + different recon tasks based on OS type. Uses a production/consumer + thread model, detec OS typew and assign automatically network profiles + (including new WMI components) and WMI, Plugin, Network and Prediction + servers, taken the first master server that could found. Uses xprobe2 + external tool to detect remote OS. + + * Makefile.PL: Added new dependencies (HTML::Entities), and new + binary tool for controlled time executing (pandora_exec), used now + by pandora_wmi and pandora_plugin. + + * Config.pm: Fixed problem parsing xprobe2 command. + + * DB.pm: Functions pandora_create_agent() and pandora_event() moved + from Tools.pm to here. Removed some old DEBUG messages. + + * Tools.pm: Moved pandora_create_agent() and pandora_event() to DB.pm + 2008-08-01 Ramon Novoa * bin/pandora_wmi: Removed the timeout mechanism. diff --git a/pandora_server/Makefile.PL b/pandora_server/Makefile.PL index fd9382e096..cf889863af 100644 --- a/pandora_server/Makefile.PL +++ b/pandora_server/Makefile.PL @@ -19,10 +19,11 @@ WriteMakefile( IO::Socket => 0, Mail::Sendmail => 0, Net::Traceroute::PurePerl => 0, + HTML::Entities => 0, SNMP => 0 }, EXE_FILES => -[ 'bin/pandora_server', 'bin/pandora_network', 'bin/pandora_recon', 'bin/pandora_snmpconsole' , 'bin/pandora_plugin', 'bin/pandora_prediction'], +[ 'bin/pandora_server', 'bin/pandora_network', 'bin/pandora_recon', 'bin/pandora_snmpconsole' , 'bin/pandora_plugin', 'bin/pandora_prediction', 'util/pandora_exec'], PMLIBDIRS => [ 'lib' ], 'dist' => { 'TAR' => 'tar', 'TARFLAGS' => 'cvfz', 'SUFFIX' => '.gz', 'COMPRESS' => 'gzip'} diff --git a/pandora_server/bin/pandora_recon b/pandora_server/bin/pandora_recon index 21b86adadf..ba04908e45 100755 --- a/pandora_server/bin/pandora_recon +++ b/pandora_server/bin/pandora_recon @@ -29,7 +29,7 @@ use Date::Manip; # Needed to manipulate DateTime formats use Net::Ping; use Time::Local; # DateTime basic manipulation use NetAddr::IP; # To manage IP Addresses -use Net::Traceroute::PurePerl; # Traceroute in rawsockets (need root) +use Net::Traceroute::PurePerl; # Traceroute needs traceroute command use POSIX; # to use ceil() function use Socket; # to resolve address use threads; @@ -45,7 +45,7 @@ my @pending_task : shared; my %pending_task_hash : shared; my %current_task_hash : shared; my $queue_lock : shared; - +my $icmp_lock : shared; # FLUSH in each IO (only for debug, very slooow) # ENABLED in DEBUGMODE @@ -57,7 +57,6 @@ my %pa_config; $SIG{'TERM'} = 'pandora_shutdown'; $SIG{'INT'} = 'pandora_shutdown'; - # Inicio del bucle principal de programa pandora_init(\%pa_config, "Pandora FMS Recon server"); @@ -67,6 +66,16 @@ pandora_loadconfig (\%pa_config, 3); # Audit server starting pandora_audit (\%pa_config, "Pandora FMS Recon Daemon starting", "SYSTEM", "System"); +# Check for xprobe2 +my $xprobe2 = $pa_config{"xprobe2"}; + +if (! -e $xprobe2) { + print " [E] $xprobe2 not found. Pandora FMS Recon cannot detect OS types without it.\n\n"; + exit; +} else { + print " [*] $xprobe2 Detected.\n\n"; +} + sleep(1); # Daemonize and put in background @@ -129,11 +138,12 @@ sub pandora_recon_producer ($) { while (1) { $query_sql = "SELECT * FROM trecon_task WHERE - id_network_server = $server_id - AND - status = 1 - AND + id_recon_server = $server_id + AND ( + status = 1 + OR (utimestamp + interval_sweep) < UNIX_TIMESTAMP() + ) "; $exec_sql1 = $dbh->prepare($query_sql); @@ -233,13 +243,15 @@ sub pandora_detect_os { } my $command= ""; eval { - $command = `$xprobe2 $host 2> /dev/null | grep "Running OS" | head -1`; + $command = `$xprobe2 $host 2> /dev/null | grep "Running OS" 2> /dev/null | head -1 2> /dev/null`; }; if ($@){ return 10; } return pandora_get_os ($command); } + + ########################################################################## # SUB pandora_exec_task (pa_config, id_task) # Execute task @@ -250,11 +262,11 @@ sub pandora_recon_exec_task { my $dbh = $_[2]; my $target_ip; # Real ip to check - my @ip2; # temp array for NetAddr::IP - my $space; # temp var to store space of ip's for netaddr::ip + my @ip2; # temp array for NetAddr::IP + my $space; # temp var to store space of ip's for netaddr::ip my $query_sql; # for use in SQL my $exec_sql; # for use in SQL - my @sql_data; # for use in SQL + my $sql_data; # for use in SQL $query_sql = "SELECT * FROM trecon_task WHERE id_rt = $id_task"; $exec_sql = $dbh->prepare($query_sql); @@ -263,24 +275,24 @@ sub pandora_recon_exec_task { # something wrong.. return -1; } - @sql_data = $exec_sql->fetchrow_array(); - my $status = $sql_data[10]; - my $interval = $sql_data[11]; - my $network_server_assigned = $sql_data[12]; - my $extended_info = $sql_data[13]; - my $extended_value = $sql_data[14]; - my $target_network = $sql_data[4]; - my $task_name = $sql_data[1]; + + $sql_data = $exec_sql->fetchrow_hashref(); + my $status = $sql_data->{"status"}; + my $interval = $sql_data->{"interval"}; + my $target_network = $sql_data->{"subnet"}; + my $task_name = $sql_data->{"name"}; + my $task_ncprofile = $sql_data->{"id_network_profile"}; + my $task_group = $sql_data->{"id_group"}; + my $task_create_incident = $sql_data->{"create_incident"}; + my $task_id_os = $sql_data->{"id_os"}; + my $position = 0; - my $task_type = $sql_data[3]; - my $task_ncprofile = $sql_data[6]; - my $task_group = $sql_data[8]; - my $task_create_incident = $sql_data[7]; my $list_ip = ""; my $list_host = ""; my $host_found = 0; my $add_host = 0; my $id_parent = 0; + my $id_os = 0; # Asign target dir to netaddr object "space" $space = new NetAddr::IP $target_network; @@ -296,28 +308,27 @@ sub pandora_recon_exec_task { do { @ip2 = split(/\//,$space); $target_ip = $ip2[0]; - $space++; $position++; + $space++; + $position++; $add_host = 0; # Is this IP listed for any agent ? if (pandora_check_ip ($pa_config, $dbh, $target_ip) == 0){ - # Check ICMP for this IP - if (($task_type == 1) && (scan_icmp ($target_ip, $pa_config->{'networktimeout'}) == 1)){ - $add_host = 1; - } - # Check TCP port for this IP - elsif (($task_type == 2) && (scan_icmp ($target_ip, $pa_config->{'networktimeout'}) == 1)) { - if (scan_tcp ($target_ip, $pa_config->{'networktimeout'}, $extended_value) == 1){ + if ( scan_icmp ($target_ip, $pa_config->{'networktimeout'}) == 1) { + $id_os = pandora_detect_os ($pa_config, $target_ip); + if ($task_id_os == -1){ + $add_host = 1; + } elsif ($id_os == $task_id_os){ $add_host = 1; } } - + if ($add_host == 1){ $host_found ++; my $target_ip_resolved = resolv_ip2name($target_ip); - $list_ip = $list_ip." ".$target_ip; - $list_host = $list_host." ".resolv_ip2name($target_ip_resolved); + $list_ip = $list_ip . " " . $target_ip; + $list_host = $list_host . " " . $target_ip_resolved; $id_parent = pandora_getparent ($pa_config, $target_ip, $dbh); # If has a network profile, create agent and modules @@ -325,12 +336,11 @@ sub pandora_recon_exec_task { if ($task_ncprofile > 0){ # Create address, agent and more... my $target_ip_id = pandora_task_create_address ($pa_config, $dbh, $id_task, $target_ip); - $agent_id = pandora_task_create_agent($pa_config, $dbh, $target_ip, $target_ip_id, $task_group, $network_server_assigned, $target_ip_resolved, $id_parent); - pandora_task_create_agentmodules($pa_config, $dbh, $agent_id, $task_ncprofile, $target_ip); + $agent_id = pandora_task_create_agent ($pa_config, $dbh, $target_ip, $target_ip_id, $task_group, $target_ip_resolved, $id_parent, $id_os); + pandora_task_create_agentmodules ($pa_config, $dbh, $agent_id, $task_ncprofile, $target_ip); } else { my $target_ip_id = pandora_task_create_address ($pa_config, $dbh, $id_task, $target_ip); - $agent_id = pandora_task_create_agent($pa_config, $dbh, $target_ip, $target_ip_id, $task_group, - $network_server_assigned, $target_ip_resolved, $id_parent); + $agent_id = pandora_task_create_agent($pa_config, $dbh, $target_ip, $target_ip_id, $task_group, $target_ip_resolved, $id_parent, $id_os); } my $title = "[RECON] New host [$target_ip_resolved] detected on network [$target_network]"; # Always create event about this detected IP @@ -366,35 +376,27 @@ sub pandora_recon_exec_task { sub scan_icmp { my $dest = $_[0]; my $l_timeout = $_[1]; - # temporal vars. + + # Temp vars. my $result = 0; my $p; - + # Check for valid destination - if (!defined($dest)) { + if (!defined($dest)){ return 0; } - # Thread safe - # Some hosts don't accept ICMP with too small payload. Use 16 Bytes - { - $p = Net::Ping->new("icmp",$l_timeout,16); - $p->source_verify(1); - $result = $p->ping($dest); - } + { + lock $icmp_lock; + $p = Net::Ping->new(); + } - # Check for valid result - if (!defined($result)) { - return 0; - } - - # Lets see the result - if ($result == 1) { - $p->close(); - return 1; - } else { - $p->close(); - return 0; - } + if ($p->ping($dest)){ + $p->close(); + undef ($p); + return 1; + } else { + return 0; + } } ############################################################################## @@ -524,7 +526,7 @@ sub pandora_task_create_address { ########################################################################## # SUB pandora_task_create_agent (pa_config, dbh, target_ip, target_ip_id, -# id_group, network_server_assigned, name) +# id_group, name, id_parent) # Create agent, and associate address to agent in taddress_agent table. # it returns created id_agent. ########################################################################## @@ -534,12 +536,11 @@ sub pandora_task_create_agent { my $target_ip = $_[2]; my $target_ip_id = $_[3]; my $id_group = $_[4]; - my $id_server = $_[5]; - my $name = $_[6]; - my $id_parent = $_[7]; + my $name = $_[5]; + my $id_parent = $_[6]; + my $id_os = $_[7]; - my $id_os = pandora_detect_os ($pa_config, $target_ip); - return pandora_create_agent ($pa_config, $dbh, $target_ip, $target_ip_id, $id_group, $id_server, $name, $id_parent, $id_os); + return pandora_create_agent ($pa_config, $dbh, $target_ip, $target_ip_id, $id_group, 0, $name, $id_parent, $id_os); } ########################################################################## @@ -564,38 +565,66 @@ sub pandora_task_create_agentmodules { my $exec_sql2 = $dbh->prepare($query_sql2); $exec_sql2 ->execute; if ($exec_sql2->rows != 0) { - my @sql_data2 = $exec_sql2->fetchrow_array(); + my $sql_data2 = $exec_sql2->fetchrow_hashref(); + my $name = ""; - $name = $sql_data2[1]; - my $description = "Autocreated by Pandora FMS Recon Server"; - $description = $sql_data2[2]; + $name = $sql_data2->{"name"}; + + my $description = ""; + $description = $sql_data2->{"description"}; + my $type = "1"; - $type = $sql_data2[4]; + $type = $sql_data2->{"type"}; + my $max = 0; - $max = $sql_data2[5]; + $max = $sql_data2->{"max"}; + my $min = 0; - $min = $sql_data2[6]; + $min = $sql_data2->{"min"}; + my $interval = 300; - $interval = $sql_data2[7]; + $interval = $sql_data2->{"module_interval"}; + my $tcp_port = ""; - $tcp_port = $sql_data2[8]; + $tcp_port = $sql_data2->{"tcp_port"}; + my $tcp_send = ""; - $tcp_send = $sql_data2[9]; + $tcp_send = $sql_data2->{"tcp_send"}; + my $tcp_rcv = ""; - $tcp_rcv = $sql_data2[10]; + $tcp_rcv = $sql_data2->{"tcp_rcv"}; + my $snmp_community = "public"; - $snmp_community = $sql_data2[11]; + $snmp_community = $sql_data2->{"snmp_community"}; + my $snmp_oid = ""; - $snmp_oid = $sql_data2[12]; + $snmp_oid = $sql_data2->{"snmp_oid"}; + my $id_module_group = 0; - $id_module_group = $sql_data2[13]; + $id_module_group = $sql_data2->{"id_module_group"}; + + my $id_module = 0; + $id_module = $sql_data2->{"id_modulo"}; + + my $plugin_user = ""; + $plugin_user = $dbh->quote($sql_data2->{"plugin_user"}); + + my $plugin_pass = ""; + $plugin_pass = $dbh->quote($sql_data2->{"plugin_pass"}); + + my $plugin_parameter = ""; + $plugin_parameter = $dbh->quote($sql_data2->{"plugin_parameter"}); + + my $max_timeout = "30"; + $max_timeout = $sql_data2->{"max_timeout"}; - my $query_sql3 = "INSERT INTO tagente_modulo (id_agente, id_tipo_modulo, descripcion, nombre, max, min, module_interval, tcp_port, tcp_send, tcp_rcv, snmp_community, snmp_oid, ip_target, id_module_group, flag ) VALUES ( $agent_id, $type, '$description', '$name', $max, $min, $interval, $tcp_port, '$tcp_send', '$tcp_rcv', '$snmp_community', '$snmp_oid', '$ip_adress', $id_module_group, 1)"; + my $query_sql3 = "INSERT INTO tagente_modulo (id_agente, id_tipo_modulo, descripcion, nombre, max, min, module_interval, tcp_port, tcp_send, tcp_rcv, snmp_community, snmp_oid, ip_target, id_module_group, flag, disabled, plugin_user, plugin_pass, plugin_parameter, max_timeout, id_modulo ) VALUES ( $agent_id, $type, '$description', '$name', $max, $min, $interval, $tcp_port, '$tcp_send', '$tcp_rcv', '$snmp_community', '$snmp_oid', '$ip_adress', $id_module_group, 1, 0, $plugin_user, $plugin_pass, $plugin_parameter, $max_timeout, $id_module)"; + $dbh->do($query_sql3); my $last_id_agente_modulo = $dbh->{'mysql_insertid'}; logger($pa_config,"Recon Server: Creating module $name for agent $ip_adress",3); my $query_sql4; - if (($type == 2) || ($type == 6) || ($type == 9) || ($type == 18)) { + if (($type == 2) || ($type == 6) || ($type == 21) || ($type == 9) || ($type == 18)) { # for monitors $query_sql4 = "INSERT INTO tagente_estado (id_agente_modulo, datos, timestamp, cambio, estado, id_agente, last_try, utimestamp, current_interval, running_by) VALUES ($last_id_agente_modulo, '', '0000-00-00 00:00:00', 0, 0, $agent_id, '0000-00-00 00:00:00', 0, $interval, 0)"; } else { @@ -615,7 +644,7 @@ sub pandora_getparent ($$){ my $dbh = $_[2]; my $t = new Net::Traceroute::PurePerl( - backend => 'PurePerl', # this optional + backend => 'PurePerl', host => $destination, debug => 0, max_ttl => 15, @@ -624,6 +653,7 @@ sub pandora_getparent ($$){ protocol => 'icmp', # udp or icmp ); + my $success = 0; $success = $t->traceroute(); if ($t->hops > 1){ @@ -632,6 +662,7 @@ sub pandora_getparent ($$){ return pandora_get_agent_from_ip ($pa_config, $dbh, $parent_ip); } } + return 0; } diff --git a/pandora_server/lib/PandoraFMS/Config.pm b/pandora_server/lib/PandoraFMS/Config.pm index dc71b5e7a4..75c0ac4904 100644 --- a/pandora_server/lib/PandoraFMS/Config.pm +++ b/pandora_server/lib/PandoraFMS/Config.pm @@ -394,7 +394,7 @@ sub pandora_loadconfig { $pa_config->{"keepalive"} = clean_blank($1); $pa_config->{"keepalive_orig"} = clean_blank($1); } - elsif ($parametro =~ m/^xprobe2\s([.*]*)/i) { + elsif ($parametro =~ m/^xprobe2\s(.*)/i) { $pa_config->{'xprobe2'}= clean_blank($1); } elsif ($parametro =~ m/^autocreate\s([0-9*]*)/i) { @@ -541,7 +541,7 @@ sub pandora_startlog ($){ open STDERR, ">>$pa_config->{'errorlogfile'}" or die " [ERROR] Pandora FMS can't write to Errorlog. Aborting : \n $! \n"; my $time_now = &UnixDate("today","%Y/%m/%d %H:%M:%S"); print STDERR "$time_now - ".$pa_config->{'servername'}.$pa_config->{"servermode"}." Starting Pandora FMS Server. Error logging activated \n"; - # This redirect ANY output to errorlog. Not a good idea for real usage ! + # This redirect ANY output to errorlog. # open STDOUT, ">>$pa_config->{'errorlogfile'}" } # End of function declaration diff --git a/pandora_server/lib/PandoraFMS/DB.pm b/pandora_server/lib/PandoraFMS/DB.pm index a1e1fbd477..c231ee05db 100644 --- a/pandora_server/lib/PandoraFMS/DB.pm +++ b/pandora_server/lib/PandoraFMS/DB.pm @@ -64,6 +64,8 @@ our @EXPORT = qw( pandora_generate_compound_alerts pandora_process_alert pandora_planned_downtime + pandora_create_agent + pandora_event module_generic_proc module_generic_data module_generic_data_inc @@ -849,7 +851,6 @@ sub module_generic_proc (%$$$$$) { } else { $estado = 1; } -print "Checkpoint Proc prev. writestate #1 \n"; pandora_writestate ($pa_config, $agent_name, $module_type, $a_name, $a_datos, $estado, $dbh, $bUpdateDatos); } } @@ -2125,6 +2126,99 @@ sub get_db_free_row ($$) { return -1; } + +########################################################################## +# SUB pandora_create_agent (pa_config, dbh, target_ip, target_ip_id, +# id_group, network_server_assigned, name, id_os) +# Create agent, and associate address to agent in taddress_agent table. +# it returns created id_agent. +########################################################################## +sub pandora_create_agent { + my $pa_config = $_[0]; + my $dbh = $_[1]; + my $target_ip = $_[2]; + my $target_ip_id = $_[3]; + my $id_group = $_[4]; + my $id_server= $_[5]; + my $name = $_[6]; + my $id_parent = $_[7]; + my $id_os = $_[8]; + + my $prediction; + my $wmi; + my $plugin; + + if ((!is_numeric($id_server)) || ($id_server == 0)){ + $id_server = get_db_free_field ("SELECT id_server FROM tserver WHERE network_server = 1 AND master = 1 LIMIT 1", $dbh); + } + + $prediction = get_db_free_field ("SELECT id_server FROM tserver WHERE prediction_server = 1 AND master = 1 LIMIT 1", $dbh); + $wmi = get_db_free_field ("SELECT id_server FROM tserver WHERE wmi_server = 1 AND master = 1 LIMIT 1", $dbh); + $plugin = get_db_free_field ("SELECT id_server FROM tserver WHERE plugin_server = 1 AND master = 1 LIMIT 1", $dbh); + + if ($wmi < 0){ + $wmi = 0; + } + + if ($plugin < 0){ + $plugin = 0; + } + + if ($prediction < 0){ + $prediction = 0; + } + + if ($id_server < 0){ + $id_server = 0; + } + + my $server = $pa_config->{'servername'}.$pa_config->{"servermode"}; + logger ($pa_config,"$server: Creating agent $name $target_ip ", 1); + + my $query_sql2 = "INSERT INTO tagente (nombre, direccion, comentarios, id_grupo, id_os, id_network_server, intervalo, id_parent, modo, id_prediction_server, id_wmi_server, id_plugin_server) VALUES ('$name', '$target_ip', 'Created by $server', $id_group, $id_os, $id_server, 300, $id_parent, 1, $prediction, $wmi, $plugin)"; + + $dbh->do ($query_sql2); + + my $lastid = $dbh->{'mysql_insertid'}; + + pandora_event ($pa_config, "Agent '$name' created by ".$pa_config->{'servername'}.$pa_config->{"servermode"}, $pa_config->{'autocreate_group'}, $lastid, 2, 0, 0, 'new_agent', $dbh); + + if ($target_ip_id > 0){ + my $query_sql3 = "INSERT INTO taddress_agent (id_a, id_agent) values ($target_ip_id, $lastid)"; + $dbh->do($query_sql3); + } + return $lastid; +} + +########################################################################## +## SUB pandora_event +## Write in internal audit system an entry. +## Params: config_hash, event_title, group, agent_id, severity, id_alertam +## id_agentmodule, event_type (from a set, as string), db_handle +########################################################################## + +sub pandora_event (%$$$$$$$$) { + my $pa_config = $_[0]; + my $evento = $_[1]; + my $id_grupo = $_[2]; + my $id_agente = $_[3]; + my $severity = $_[4]; # new in 2.0 + my $id_alert_am = $_[5]; # new in 2.0 + my $id_agentmodule = $_[6]; # new in 2.0 + my $event_type = $_[7]; # new in 2.0 + my $dbh = $_[8]; + my $timestamp = &UnixDate("today","%Y-%m-%d %H:%M:%S"); + my $utimestamp; # integer version of timestamp + + $utimestamp = &UnixDate($timestamp,"%s"); # convert from human to integer + $evento = $dbh->quote($evento); + $event_type = $dbh->quote($event_type); + $timestamp = $dbh->quote($timestamp); + my $query = "INSERT INTO tevento (id_agente, id_grupo, evento, timestamp, estado, utimestamp, event_type, id_agentmodule, id_alert_am, criticity) VALUES ($id_agente, $id_grupo, $evento, $timestamp, 0, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity)"; + $dbh->do($query); +} + + # End of function declaration # End of defined Code diff --git a/pandora_server/lib/PandoraFMS/Tools.pm b/pandora_server/lib/PandoraFMS/Tools.pm index e80127c8a2..01b91527e3 100644 --- a/pandora_server/lib/PandoraFMS/Tools.pm +++ b/pandora_server/lib/PandoraFMS/Tools.pm @@ -39,9 +39,7 @@ our @EXPORT = qw( is_numeric clean_blank pandora_sendmail - pandora_create_agent pandora_get_os - pandora_event pandora_trash_ascii ); @@ -61,33 +59,6 @@ sub pandora_trash_ascii { return $output } -########################################################################## -## SUB pandora_event -## Write in internal audit system an entry. -## Params: config_hash, event_title, group, agent_id, severity, id_alertam -## id_agentmodule, event_type (from a set, as string), db_handle -########################################################################## - -sub pandora_event (%$$$$$$$$) { - my $pa_config = $_[0]; - my $evento = $_[1]; - my $id_grupo = $_[2]; - my $id_agente = $_[3]; - my $severity = $_[4]; # new in 2.0 - my $id_alert_am = $_[5]; # new in 2.0 - my $id_agentmodule = $_[6]; # new in 2.0 - my $event_type = $_[7]; # new in 2.0 - my $dbh = $_[8]; - my $timestamp = &UnixDate("today","%Y-%m-%d %H:%M:%S"); - my $utimestamp; # integer version of timestamp - - $utimestamp = &UnixDate($timestamp,"%s"); # convert from human to integer - $evento = $dbh->quote($evento); - $event_type = $dbh->quote($event_type); - $timestamp = $dbh->quote($timestamp); - my $query = "INSERT INTO tevento (id_agente, id_grupo, evento, timestamp, estado, utimestamp, event_type, id_agentmodule, id_alert_am, criticity) VALUES ($id_agente, $id_grupo, $evento, $timestamp, 0, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity)"; - $dbh->do($query); -} ########################################################################## # SUB pandora_get_os (string) @@ -158,37 +129,6 @@ sub pandora_daemonize { # Pandora other General functions | # -------------------------------------------+ -########################################################################## -# SUB pandora_create_agent (pa_config, dbh, target_ip, target_ip_id, -# id_group, network_server_assigned, name, id_os) -# Create agent, and associate address to agent in taddress_agent table. -# it returns created id_agent. -########################################################################## -sub pandora_create_agent { - my $pa_config = $_[0]; - my $dbh = $_[1]; - my $target_ip = $_[2]; - my $target_ip_id = $_[3]; - my $id_group = $_[4]; - my $id_server= $_[5]; - my $name = $_[6]; - my $id_parent = $_[7]; - my $id_os = $_[8]; - - my $server = $pa_config->{'servername'}.$pa_config->{"servermode"}; - logger($pa_config,"$server: Creating agent $name $target_ip ", 1); - my $query_sql2 = "INSERT INTO tagente (nombre, direccion, comentarios, id_grupo, id_os, id_network_server, intervalo, id_parent, modo) VALUES ('$name', '$target_ip', 'Created by $server', $id_group, $id_os, $id_server, 300, $id_parent, 1)"; - $dbh->do ($query_sql2); - my $lastid = $dbh->{'mysql_insertid'}; - - pandora_event ($pa_config, "Agent '$name' created by ".$pa_config->{'servername'}.$pa_config->{"servermode"}, $pa_config->{'autocreate_group'}, $lastid, 2, 0, 0, 'new_agent', $dbh); - - if ($target_ip_id > 0){ - my $query_sql3 = "INSERT INTO taddress_agent (id_a, id_agent) values ($target_ip_id, $lastid)"; - $dbh->do($query_sql3); - } - return $lastid; -} ########################################################################## # SUB pandora_sendmail