tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2007-08-01 Sancho Lerena <slerena@artica.es> 

* bsd_ipso/*: Some fixes. Added harm_mode to avoid be unpolite
        with IPSO in some heavy loaded systems (IMPERATIVE!). Some fixes.




git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@579 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
slerena 2007-08-01 18:32:34 +00:00
parent 74bc7232ea
commit d05919fad5
5 changed files with 112 additions and 164 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pandora_agents/ChangeLog
View File

@ -1,3 +1,8 @@
2007-08-01 Sancho Lerena <slerena@artica.es>
* bsd_ipso/*: Some fixes. Added harm_mode to avoid be unpolite
with IPSO in some heavy loaded systems (IMPERATIVE!). Some fixes.
2007-07-05 Manuel Arostegui <marostegui@artica.es>
* linux/pandora_agent: Fixed small but important bug.

175
pandora_agents/bsd-ipso/pandora_agent.conf
View File

@ -1,161 +1,96 @@
# Fichero de configuracion base de agentes de Pandora
# Base config file for Pandora agents
# Version 1.1
# Version 1.3
# FreeBSD/IPSO version
# Licenced under GPL licence, 2003-2004 Sancho Lerena, and others
# Licenced under GPL licence, 2003-2007 Sancho Lerena
# General Parameters
# ==================
server_ip pandora_server
server_ip 192.168.50.1
server_path /var/spool/pandora/data_in
pandora_path /usr/share/pandora_agent
pandora_path /opt/pandora_agent
temporal /var/spool/pandora/data_out
interval 300
#agent_name bsdbox01
debug 0
checksum 1
interval 600
agent_name nokia
debug 0
checksum 0
harmless_mode 1
# Module Definition
# =================
# Conexiones del Firewall
module_begin
module_name fwcon
module_type generic_data
module_exec cpstat -f policy fw | tr -s " " " " | grep "Num." |awk '{print $3}'
module_name TCP_Conections
module_type generic_data_inc
module_exec fw ctl pstat | grep "TCP" | awk '{ print $3 }'
module_end
module_begin
module_name max_fwconn
module_type generic_data
module_exec cpstat -f policy fw | tr -s " " " " |grep "Peak" | awk '{print $4}'
module_name UDP_Conections
module_type generic_data_inc
module_exec fw ctl pstat | grep "UDP" | awk '{ print $5 }'
module_end
# Consumo de CPU
module_begin
module_name Nat_Conecctions
module_type generic_data_inc
module_exec fw ctl pstat | grep "tcpudp" | awk '{ print $5 }'
module_end
module_begin
module_name SYS_Temp_Celsius
module_type generic_data
module_exec ipsctl hw:sys_stat:temp:1:current_val | awk '{ print $3 }'
module_end
module_begin
module_name TCP_Established
module_type generic_data_inc
module_exec ipsctl net:ip:tcp:stats:conns_established | awk '{ print $3 }'
module_end
module_begin
module_name UDP_RX_Packets
module_type generic_data_inc
module_exec ipsctl net:ip:udp:stats:rx_pkts | awk '{ print $3 }'
module_end
module_begin
module_name TCP_RX_Packets
module_type generic_data_inc
module_exec ipsctl net:ip:tcp:stats:rx_total_pkts | awk '{ print $3 }'
module_end
module_begin
module_name FW1_Conns
module_type generic_data
module_exec cpstat -f policy fw | grep "Num. connections" | awk '{ print $3 }'
module_end
module_begin
module_name cpu_user
module_type generic_data
module_exec vmstat 1 2 | tail -1 | awk '{ print $17 }'
module_exec vmstat 1 2 | tail -1 | awk '{ print $16 }'
module_end
module_begin
module_name cpu_sys
module_type generic_data
module_exec vmstat 1 2 | tail -1 | awk '{ print $18 }'
module_exec vmstat 1 2 | tail -1 | awk '{ print $17 }'
module_end
# Parametros generales del sistema
module_begin
module_name system_freemem
module_type generic_data
module_exec vmstat | tail -1 | awk '{ print ($5*100)/($4+$5) }'
module_exec vmstat | tail -1 | awk '{ print $5 }'
module_end
module_begin
module_name system_disk_var_free
module_name load_avg
module_type generic_data
module_exec df -k /var | tail -1 | tr -s "%" " " | awk '{ print 100-$5 }'
module_exec uptime | tr -d "," | awk '{ print $9 }'
module_end
# Parametros generales del Firewall y del S.O
module_begin
module_name policy_name
module_type generic_data_string
module_exec cpstat -f policy fw | grep "Policy name:" | tr -s " " " " | awk '{print $3}'
module_end
module_begin
module_name policy_date
module_type generic_data_string
module_exec cpstat -f policy fw | grep "Policy install time:" | tr -s " " " " | awk '{print $4" "$5" "$6" "$7" "$8}'
module_end
module_begin
module_name ipso_ver
module_type generic_data_string
module_exec uname -a
module_end
module_begin
module_name fw_ver
module_type generic_data_string
module_exec fw ver | awk '{ print substr($0,46) }'
module_end
# Estado de HA
module_begin
module_name run_ha_ckp
module_type generic_proc
module_exec cpstat -f all ha | tr -s " " " " | awk '/Status short: OK|HA started: yes|HA state: active/{x+=1} END { if (x == 3) print "1"; else print "0"}'
module_end
module_begin
module_name ha_fw_ckp
module_type generic_proc
module_exec cpstat -f sync fw | tr -s " " " " | awk '/sync - configured: Yes|sync - out state: On|sync - in state: On/{x+=1} END { if (x == 3) print "1"; else print "0"}'
module_end
module_begin
module_name proc_cphamcset
module_type generic_proc
module_exec ps -x | grep "/opt/CPfw1-R55p/bin/cphamcset" | grep -v "grep" | wc -l | tr -s " " " "
module_end
# Paquetes procesados por el FW
module_begin
module_name accept_pkt
module_type generic_data_inc
module_exec cpstat -f totals fw | tail -4 | head -1 | tr -s "|" " " | awk '{ print $1 }'
module_end
module_begin
module_name drop_pkt
module_type generic_data_inc
module_exec cpstat -f totals fw | tail -4 | head -1 | tr -s "|" " " | awk '{ print $2 }'
module_end
# Consumo (%) de MEMORIA y CPU de los tres procesos principales del firewall mdq, fwd y cpd
module_begin
module_name MDQ_MEM
module_type generic_data
module_exec ps auxmw | grep " mdq" | grep -v grep | tr -s " " " " | awk '{ print $4 }'
module_end
module_begin
module_name MDQ_CPU
module_type generic_data
module_exec ps auxmw | grep " mdq" | grep -v grep | tr -s " " " " | awk '{ print $3 }'
module_end
module_begin
module_name FWD_MEM
module_type generic_data
module_exec ps auxmw | grep " fwd" | grep -v grep | tr -s " " " " | awk '{ print $4 }'
module_end
module_begin
module_name FWD_CPU
module_type generic_data
module_exec ps auxmw | grep " fwd" | grep -v grep | tr -s " " " " | awk '{ print $3 }'
module_end
module_begin
module_name CPD_MEM
module_type generic_data
module_exec ps auxmw | grep " cpd" | grep -v grep | tr -s " " " " | awk '{ print $4 }'
module_end
module_begin
module_name CPD_CPU
module_type generic_data
module_exec ps auxmw | grep " cpd" | grep -v grep | tr -s " " " " | awk '{ print $3 }'
module_end

79
pandora_agents/bsd-ipso/pandora_agent.sh
View File

@ -2,12 +2,13 @@
# **********************************************************************
# Agente Generico Pandora
# FreeBSD/IPSO version
# (c) Sancho Lerena 2003-2005, slerena@gmail.com
# (c) Sancho Lerena 2003-2007, slerena@gmail.com
# Este codigo esta licenciado bajo la licencia GPL 2.0
# This code is licenced under GPL 2.0 licence.
# **********************************************************************
AGENT_VERSION=1.2a
AGENT_VERSION=1.3
BUILD_VERSION=070801
OLDIFS=$IFS
# Stupid trick to use IFS in some unix ... doesnt work linux standard $'\n' :-?
@ -40,13 +41,21 @@ fi
echo "$TIMESTAMP - Reading general config parameters from .conf file" >> $PANDORA_HOME/pandora.log
# Default values
CHECKSUM_MODE=1
CHECKSUM_MODE=0
DEBUG_MODE=0
PANDORA_HARMLESS=1
INTERVAL=300
IFS=$NEWIFS
for a in `cat $PANDORA_HOME/pandora_agent.conf | grep -v "^#" | grep -v "^module" `
do
a=`echo $a | tr -s " " " "`
if [ "$PANDORA_HARMLESS" = "1" ]
then
sleep 1
fi
a=`echo $a | tr -s " " " "`
# Get general configuration parameters from config file
if [ ! -z "`echo $a | grep '^server_ip'`" ]
then
@ -73,16 +82,21 @@ do
NOMBRE_HOST=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Agent name is $NOMBRE_HOST " >> $PANDORA_HOME/pandora.log
fi
if [ ! -z "`echo $a | grep '^debug'`" ]
if [ ! -z "`echo $a | grep '^debug'`" ]
then
DEBUG_MODE=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Debug mode is $DEBUG_MODE " >> $PANDORA_HOME/pandora.log
fi
if [ ! -z "`echo $a | grep '^checksum'`" ]
if [ ! -z "`echo $a | grep '^checksum'`" ]
then
CHECKSUM_MODE=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Checksum mode is $CHECKSUM_MODE " >> $PANDORA_HOME/pandora.log
fi
if [ ! -z "`echo $a | grep -e '^harmless_mode'`" ]
then
PANDORA_HARMLESS=`echo $a | awk '{ print $2 }' `
echo "$TIMESTAMP - [SETUP] - Pandora Harmless mode is $PANDORA_HARMLESS" >> $PANDORA_HOME/pandora.log
fi
done
# MAIN Program loop begin
@ -110,13 +124,18 @@ do
# Makes data packet
echo "<agent_data os_name='$OS_NAME' os_version='$OS_VERSION' interval='$INTERVAL' version='$AGENT_VERSION' timestamp='$TIMESTAMP' agent_name='$NOMBRE_HOST'>" > $DATA
if [ $DEBUG_MODE = 1 ]
then
echo "$TIMESTAMP - Reading module adquisition data from .conf file" >> $PANDORA_HOME/pandora.log
fi
if [ $DEBUG_MODE = 1 ]
then
echo "$TIMESTAMP - Reading module adquisition data from .conf file" >> $PANDORA_HOME/pandora.log
fi
for a in `cat $PANDORA_HOME/pandora_agent.conf | grep -v "^#" | grep "^module" `
do
if [ "$PANDORA_HARMLESS" = "1" ]
then
sleep 1
fi
a=`echo $a | tr -s " " " "`
if [ ! -z "`echo $a | grep '^module_exec'`" ]
then
@ -136,17 +155,21 @@ do
echo "<module>" >> $DATA
fi
if [ ! -z "`echo $a | grep '^module_max' `" ]
then
max=`echo $a | awk '{ print $2 }' `
echo "<max>$max</max>" >> $DATA
fi
if [ "$PANDORA_HARMLESS" = "0" ]
then
if [ ! -z "`echo $a | grep '^module_max' `" ]
then
max=`echo $a | awk '{ print $2 }' `
echo "<max>$max</max>" >> $DATA
fi
if [ ! -z "`echo $a | grep '^module_min'`" ]
then
min=`echo $a | awk '{ print $2 }' `
echo "<min>$min</min>" >> $DATA
fi
fi
if [ ! -z "`echo $a | grep '^module_min'`" ]
then
min=`echo $a | awk '{ print $2 }' `
echo "<min>$min</min>" >> $DATA
fi
if [ ! -z "`echo $a | grep '^module_description'`" ]
then
desc=`echo $a | awk '{ print substr($0, 20)}' `
@ -174,20 +197,20 @@ do
echo "</agent_data>" >> $DATA
# Calculate Checksum and prepare MD5 file
if [ $CHECKSUM_MODE = 0 ]
then
CHECKSUM_DATA="No valid checksum"
else
CHECKSUM_DATA=`cat $DATA | /sbin/md5 `
fi
then
CHECKSUM_DATA="No valid checksum"
else
CHECKSUM_DATA=`cat $DATA | /sbin/md5 `
fi
echo $CHECKSUM_DATA $DATA> $CHECKSUM
# Send packets to server and detele it
scp -B $PANDORA_FILES pandora@$SERVER_IP:$SERVER_PATH > /dev/null 2> /dev/null
# Send packets to server and detele it
scp -B $PANDORA_FILES pandora@$SERVER_IP:$SERVER_PATH > /dev/null 2> /dev/null
if [ $DEBUG_MODE = 1 ]
then
echo "$TIMESTAMP - Copying $PANDORA_FILES to $SERVER_IP:$SERVER_PATH" >> $PANDORA_HOME/pandora.log
exit
exit
fi
rm -f $PANDORA_FILES> /dev/null

2
pandora_agents/bsd-ipso/pandora_agent_daemon
View File

@ -4,7 +4,7 @@
# Version para IPSO/BSD (csh)
# version 1.1
set PANDORA_PATH=/usr/share/pandora_agent
set PANDORA_PATH=/opt/pandora_agent
set DAEMON=pandora_agent.sh
set PIDFILE=/var/run/pandora.pid
test -x $PANDORA_PATH/$DAEMON || exit

15
pandora_agents/bsd-ipso/pandora_user.conf
View File

@ -12,18 +12,3 @@
# a little example, to monitor changes on DNS versus actual IP on interface ppp0
# Uncomment below this line to execute. All output needs to be in Pandora XML Agent-Output format
#PLC_DNS=`dig @194.179.1.101 plc.genterara.com A +short | tail -1 `
#PLC_LOCAL=`ifconfig ppp0 | head -2 | tail -1 | tr -s ":" " " | awk ' { print $3 } '`
#if [ "$PLC_DNS" == "$PLC_LOCAL" ]
#then
# PLC_STATUS=1
#else
# PLC_STATUS=0
#fi
#
#echo "<module>"
#echo "<name>PLC_DNS_CHECK</name>"
#echo "<type>generic_proc</type>"
#echo "<data>$PLC_STATUS</data>"
#echo "</module>"