diff --git a/pandora_console/.gitignore b/pandora_console/.gitignore index 14c3e02e3d..66b97267ac 100644 --- a/pandora_console/.gitignore +++ b/pandora_console/.gitignore @@ -6,7 +6,9 @@ attachment/collection attachment/files_repo include/config.php pandora_console.log +log/console.log enterprise *.bak audit.log +log/audit.log install_old.php diff --git a/pandora_console/extensions/pandora_logs.php b/pandora_console/extensions/pandora_logs.php index bbdac372cd..038997f156 100644 --- a/pandora_console/extensions/pandora_logs.php +++ b/pandora_console/extensions/pandora_logs.php @@ -69,7 +69,11 @@ function pandoralogs_extension_main() $logs_directory = (!empty($config['server_log_dir'])) ? io_safe_output($config['server_log_dir']) : '/var/log/pandora'; - view_logfile($config['homedir'].'/pandora_console.log'); + // Do not attempt to show console log if disabled. + if ($config['console_log_enabled']) { + view_logfile($config['homedir'].'/log/console.log'); + } + view_logfile($logs_directory.'/pandora_server.log'); view_logfile($logs_directory.'/pandora_server.error'); } diff --git a/pandora_console/godmode/setup/setup_general.php b/pandora_console/godmode/setup/setup_general.php index d28a5e43fe..bbf1fbc6d7 100644 --- a/pandora_console/godmode/setup/setup_general.php +++ b/pandora_console/godmode/setup/setup_general.php @@ -329,15 +329,18 @@ $table->data[$i++][1] = html_print_input_text( $table->data[$i][0] = __('Include agents manually disabled'); $table->data[$i++][1] = html_print_checkbox_switch('include_agents', 1, $config['include_agents'], true); -$table->data[$i][0] = __('Audit log directory'); -$table->data[$i++][1] = html_print_input_text('auditdir', io_safe_output($config['auditdir']), '', 30, 100, true); - $table->data[$i][0] = __('Set alias as name by default in agent creation'); $table->data[$i++][1] = html_print_checkbox_switch('alias_as_name', 1, $config['alias_as_name'], true); $table->data[$i][0] = __('Unique IP'); $table->data[$i++][1] = html_print_checkbox_switch('unique_ip', 1, $config['unique_ip'], true); +$table->data[$i][0] = __('Enable console log').ui_print_help_tip(__('Log location').': pandora_console/log/console.log', true); +$table->data[$i++][1] = html_print_checkbox_switch('console_log_enabled', 1, $config['console_log_enabled'], true); + +$table->data[$i][0] = __('Enable audit log').ui_print_help_tip(__('Log location').': pandora_console/log/audit.log', true); +$table->data[$i++][1] = html_print_checkbox_switch('audit_log_enabled', 1, $config['audit_log_enabled'], true); + echo '
'; echo '
'; diff --git a/pandora_console/include/class/ConsoleSupervisor.php b/pandora_console/include/class/ConsoleSupervisor.php index 069b47b29a..3e5287cb4c 100644 --- a/pandora_console/include/class/ConsoleSupervisor.php +++ b/pandora_console/include/class/ConsoleSupervisor.php @@ -226,6 +226,19 @@ class ConsoleSupervisor * NOTIF.HAMASTER.MESSAGE */ $this->checkHaStatus(); + + /* + * Check if the Pandora Console log + * file remains in old location. + */ + $this->checkPandoraConsoleLogOldLocation(); + + /* + * Check if the audit log file + * remains in old location. + */ + $this->checkAuditLogOldLocation(); + } @@ -461,6 +474,17 @@ class ConsoleSupervisor */ $this->checkHaStatus(); + /* + * Check if the audit log file + * remains in old location. + */ + $this->checkAuditLogOldLocation(); + + /* + Check if AllowOverride is None or All. + */ + $this->checkAllowOverrideEnabled(); + } @@ -2253,8 +2277,8 @@ class ConsoleSupervisor ui_get_full_url(false) ); $message_conf_cron .= ENTERPRISE_DIR.'/'.EXTENSIONS_DIR; - $message_conf_cron .= '/cron/cron.php >> '; - $message_conf_cron .= $config['homedir'].'/pandora_console.log'; + $message_conf_cron .= '/cron/cron.php >> '; + $message_conf_cron .= $config['homedir'].'/log/console.log'; } if (isset($config['cron_last_run']) === true) { @@ -2483,4 +2507,72 @@ class ConsoleSupervisor } + /* + * Check if Pandora console log file remains in old location. + * + * @return void + */ + public function checkPandoraConsoleLogOldLocation() + { + global $config; + + if (file_exists($config['homedir'].'/pandora_console.log')) { + $title_pandoraconsole_old_log = __( + 'Pandora FMS console log file changed location', + $config['homedir'] + ); + $message_pandoraconsole_old_log = __( + 'Pandora FMS console log file has been moved to new location %s/pandora_console/log/pandora. Currently you have an outdated and inoperative version of this file at %s. Please, consider deleting it.', + $config['homedir'], + $config['homedir'] + ); + + $this->notify( + [ + 'type' => 'NOTIF.PANDORACONSOLE.LOG.OLD', + 'title' => __($title_pandoraconsole_old_log), + 'message' => __($message_pandoraconsole_old_log), + 'url' => '#', + ] + ); + } else { + $this->cleanNotifications('NOTIF.PANDORACONSOLE.LOG.OLD'); + } + } + + + /** + * Check if audit log file remains in old location. + * + * @return void + */ + public function checkAuditLogOldLocation() + { + global $config; + + if (file_exists($config['homedir'].'/audit.log')) { + $title_audit_old_log = __( + 'Pandora FMS audit log file changed location', + $config['homedir'] + ); + $message_audit_old_log = __( + 'Pandora FMS audit log file has been moved to new location %s/pandora_console/log/pandora. Currently you have an outdated and inoperative version of this file at %s. Please, consider deleting it.', + $config['homedir'], + $config['homedir'] + ); + + $this->notify( + [ + 'type' => 'NOTIF.AUDIT.LOG.OLD', + 'title' => __($title_audit_old_log), + 'message' => __($message_audit_old_log), + 'url' => '#', + ] + ); + } else { + $this->cleanNotifications('NOTIF.AUDIT.LOG.OLD'); + } + } + + } diff --git a/pandora_console/include/class/Diagnostics.class.php b/pandora_console/include/class/Diagnostics.class.php index bcf36551d7..257b9926e5 100644 --- a/pandora_console/include/class/Diagnostics.class.php +++ b/pandora_console/include/class/Diagnostics.class.php @@ -1008,7 +1008,7 @@ class Diagnostics extends Wizard $pathErrLogs = '/var/log/pandora/pandora_server.error'; $errors = $this->getLogInfo($pathErrLogs); - $pathConsoleLogs = $config['homedir'].'/pandora_console.log'; + $pathConsoleLogs = $config['homedir'].'/log/pandora_console.log'; $console = $this->getLogInfo($pathConsoleLogs); $result = [ diff --git a/pandora_console/include/config_process.php b/pandora_console/include/config_process.php index 7e56caff42..3923ea6c2f 100644 --- a/pandora_console/include/config_process.php +++ b/pandora_console/include/config_process.php @@ -51,8 +51,6 @@ if ($develop_bypass != 1) { } ini_set('display_errors', 0); - ini_set('log_errors', 1); - ini_set('error_log', $config['homedir'].'/pandora_console.log'); } else { // Develop mode, show all notices and errors on Console (and log it) if (version_compare(PHP_VERSION, '5.3.0') >= 0) { @@ -62,8 +60,6 @@ if ($develop_bypass != 1) { } ini_set('display_errors', 1); - ini_set('log_errors', 1); - ini_set('error_log', $config['homedir'].'/pandora_console.log'); } // Check if mysqli is available diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index 724fe11fd6..37b3b2e0b6 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -3997,7 +3997,7 @@ function generate_hash_to_api() * @param string Key to identify the profiler run. * @param string Way to display the result * "link" (default): Click into word "Performance" to display the profilling info. - * "console": Display with a message in pandora_console.log. + * "console": Display with a message in console.log. */ function pandora_xhprof_display_result($key='', $method='link') { diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php index 96f266fc1e..71c4589af7 100644 --- a/pandora_console/include/functions_config.php +++ b/pandora_console/include/functions_config.php @@ -319,8 +319,12 @@ function config_update_config() $error_update[] = __('alias_as_name'); } - if (!config_update_value('auditdir', get_parameter('auditdir'))) { - $error_update[] = __('Audit log directory'); + if (!config_update_value('console_log_enabled', get_parameter('console_log_enabled'))) { + $error_update[] = __('Console log enabled'); + } + + if (!config_update_value('audit_log_enabled', get_parameter('audit_log_enabled'))) { + $error_update[] = __('Audit log enabled'); } if (!config_update_value('unique_ip', get_parameter('unique_ip'))) { @@ -1924,14 +1928,12 @@ function config_process_config() config_update_value('alias_as_name', 0); } - if (!isset($config['auditdir'])) { - $auditdir = '/var/www/html/pandora_console'; - if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { - // Windows. - $auditdir = $config['homedir']; - } + if (!isset($config['console_log_enabled'])) { + config_update_value('console_log_enabled', 0); + } - config_update_value('auditdir', $auditdir); + if (!isset($config['audit_log_enabled'])) { + config_update_value('audit_log_enabled', 0); } if (!isset($config['elasticsearch_ip'])) { diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php index a99ab2e41e..7b4525b408 100644 --- a/pandora_console/include/functions_db.php +++ b/pandora_console/include/functions_db.php @@ -251,10 +251,8 @@ function db_pandora_audit($accion, $descripcion, $user_id=false, $ip=true, $info $valor = ''.$values['fecha'].' - '.io_safe_output($id).' - '.io_safe_output($accion).' - '.$ip.' - '.io_safe_output($descripcion)."\n"; - if (empty($config['auditdir'])) { - file_put_contents($config['homedir'].'/audit.log', $valor, FILE_APPEND); - } else { - file_put_contents($config['auditdir'].'/audit.log', $valor, FILE_APPEND); + if ($config['audit_log_enabled']) { + file_put_contents($config['homedir'].'/log/audit.log', $valor, FILE_APPEND); } enterprise_include_once('include/functions_audit.php'); diff --git a/pandora_console/index.php b/pandora_console/index.php index 6619b75b78..550885d520 100755 --- a/pandora_console/index.php +++ b/pandora_console/index.php @@ -141,6 +141,14 @@ if ((! file_exists('include/config.php')) require_once 'include/config.php'; require_once 'include/functions_config.php'; +if (isset($config['console_log_enabled']) && $config['console_log_enabled'] == 1) { + ini_set('log_errors', 1); + ini_set('error_log', $config['homedir'].'/log/console.log'); +} else { + ini_set('log_errors', 0); + ini_set('error_log', 0); +} + if (isset($config['error'])) { $login_screen = $config['error']; include 'general/error_screen.php'; diff --git a/pandora_console/log/.htaccess b/pandora_console/log/.htaccess new file mode 100644 index 0000000000..6f6064119f --- /dev/null +++ b/pandora_console/log/.htaccess @@ -0,0 +1,6 @@ +# pandora disable log access + + +Order Allow,Deny +Deny from All + diff --git a/pandora_console/pandora_console_logrotate_centos b/pandora_console/pandora_console_logrotate_centos index 3666165272..d3d824e1bd 100644 --- a/pandora_console/pandora_console_logrotate_centos +++ b/pandora_console/pandora_console_logrotate_centos @@ -1,5 +1,5 @@ # Centos, Redhat, Fedora -/var/www/html/pandora_console/pandora_console.log { +/var/www/html/pandora_console/log/console.log { weekly missingok size 100000 diff --git a/pandora_console/pandora_console_logrotate_suse b/pandora_console/pandora_console_logrotate_suse index 8f0380a4d5..53f18c326a 100644 --- a/pandora_console/pandora_console_logrotate_suse +++ b/pandora_console/pandora_console_logrotate_suse @@ -1,5 +1,5 @@ # OpenSUSE, SLES -/srv/www/htdocs/pandora_console/pandora_console.log { +/srv/www/htdocs/pandora_console/log/console.log { weekly missingok size 100000 diff --git a/pandora_console/pandora_console_logrotate_ubuntu b/pandora_console/pandora_console_logrotate_ubuntu index a7acfaa6e5..d8aecc325c 100644 --- a/pandora_console/pandora_console_logrotate_ubuntu +++ b/pandora_console/pandora_console_logrotate_ubuntu @@ -1,5 +1,5 @@ # DEBIAN / UBUNTU -/var/www/pandora_console/pandora_console.log { +/var/www/pandora_console/log/console.log { weekly missingok size 100000 diff --git a/pandora_console/pandora_websocket_engine b/pandora_console/pandora_websocket_engine index 871009eb9d..fb5b7551bb 100755 --- a/pandora_console/pandora_websocket_engine +++ b/pandora_console/pandora_websocket_engine @@ -31,7 +31,7 @@ fi export WS_ENGINE="/var/www/html/pandora_console/ws.php" export PHP=/usr/bin/php -export WS_LOG="/var/www/html/pandora_console/pandora_console.log" +export WS_LOG="/var/log/pandora/web_socket.log" export GOTTY="/tmp/" # Environment variables diff --git a/pandora_console/pandora_websocket_engine.service b/pandora_console/pandora_websocket_engine.service index fe19ff1490..118db6a7b2 100644 --- a/pandora_console/pandora_websocket_engine.service +++ b/pandora_console/pandora_websocket_engine.service @@ -6,13 +6,13 @@ After=syslog.target network.target User=apache Type=simple -ExecStart=php /var/www/html/pandora_console/ws.php >> /var/www/html/pandora_console/pandora_console.log 2>&1 +ExecStart=php /var/www/html/pandora_console/ws.php >> /var/log/pandora/web_socket.log 2>&1 TimeoutStopSec=20 KillMode=process Restart=always RestartSec=2 -StandardOutput=file:/var/www/html/pandora_console/pandora_console.log -StandardError=file:/var/www/html/pandora_console/pandora_console.log +StandardOutput=file:/var/log/pandora/web_socket.log +StandardError=file:/var/log/pandora/web_socket.log [Install] WantedBy=multi-user.target diff --git a/pandora_console/ws.php b/pandora_console/ws.php index 6c7a513185..2902384eac 100644 --- a/pandora_console/ws.php +++ b/pandora_console/ws.php @@ -124,12 +124,12 @@ if (substr($os, 0, 3) !== 'win') { // Launch gotty - SSH. $cmd = $base_cmd.' --port '.$config['gotty_ssh_port']; - $cmd .= ' ssh >> '.__DIR__.'/pandora_console.log 2>&1 &'; + $cmd .= ' ssh >> /var/log/pandora/web_socket.log 2>&1 &'; shell_exec($cmd); // Launch gotty - telnet. $cmd = $base_cmd.' --port '.$config['gotty_telnet_port']; - $cmd .= ' telnet >> '.__DIR__.'/pandora_console.log 2>&1 &'; + $cmd .= ' telnet >> /var/log/pandora/web_socket.log 2>&1 &'; shell_exec($cmd); } } diff --git a/pandora_server/util/pandora_logrotate b/pandora_server/util/pandora_logrotate index f954d3738a..757381ca8c 100644 --- a/pandora_server/util/pandora_logrotate +++ b/pandora_server/util/pandora_logrotate @@ -12,7 +12,7 @@ } # DEBIAN / UBUNTU -/var/www/pandora_console/pandora_console.log { +/var/www/pandora_console/log/console.log { weekly missingok size 100000 @@ -24,7 +24,7 @@ } # OpenSUSE, SLES -/srv/www/htdocs/pandora_console/pandora_console.log { +/srv/www/htdocs/pandora_console/log/console.log { weekly missingok size 100000 @@ -36,7 +36,7 @@ } # Centos, Redhat, Fedora -/var/www/html/pandora_console/pandora_console.log { +/var/www/html/pandora_console/log/console.log { weekly missingok size 100000