diff --git a/pandora_server/ChangeLog b/pandora_server/ChangeLog index 28c1ffb6b9..0474bc9bf0 100644 --- a/pandora_server/ChangeLog +++ b/pandora_server/ChangeLog @@ -1,3 +1,13 @@ +2013-09-09 Ramon Novoa + + * conf/pandora_server.conf.new, + lib/PandoraFMS/Config.pm, + lib/PandoraFMS/Core.pm, + bin/pandora_server: Added support for event auto-expiry and small + fixes. + + * util/pandora_manage.pl: Added support for event custom data. + 2013-09-05 Ramon Novoa * lib/PandoraFMS/Core.pm: Added support for module macros. diff --git a/pandora_server/bin/pandora_server b/pandora_server/bin/pandora_server index bf8c2d3f5c..d434d3546b 100755 --- a/pandora_server/bin/pandora_server +++ b/pandora_server/bin/pandora_server @@ -306,6 +306,16 @@ sub pandora_server_tasks ($) { && $pa_config->{"self_monitoring"} == 1){ pandora_self_monitoring ($pa_config, $dbh); } + + # Event auto-expiry + my $expiry_time = $pa_config->{"event_expiry_time"}; + my $expiry_window = $pa_config->{"event_expiry_window"}; + if ($expiry_time > 0 && $expiry_window > 0 && $expiry_window > $expiry_time) { + my $time_ref = time (); + my $expiry_limit = $time_ref - $expiry_time; + my $expiry_window = $time_ref - $expiry_window; + db_do ($dbh, 'UPDATE tevento SET estado=1, ack_utimestamp=? WHERE estado=0 AND utimestamp < ? AND utimestamp > ?', $time_ref, $expiry_limit, $expiry_window); + } } # Avoid counter overflow diff --git a/pandora_server/conf/pandora_server.conf.new b/pandora_server/conf/pandora_server.conf.new index 19f5ac41e9..fa5e9f3909 100755 --- a/pandora_server/conf/pandora_server.conf.new +++ b/pandora_server/conf/pandora_server.conf.new @@ -428,3 +428,11 @@ event_auto_validation 1 #text_going_up_warning Module '_module_' is going to WARNING (_data_) #text_going_down_warning Module '_module_' is going to WARNING (_data_) #text_going_unknown Module '_module_' is going to UNKNOWN + +# Events older that the specified time (in seconds) will be auto-validated. Set to 0 to disable this feature. +event_expiry_time 0 + +# Only events more recent than the specified time window (in seconds) will be auto-validated. This value must +# be greater than event_expiry_time. +#event_expiry_window 86400 + diff --git a/pandora_server/lib/PandoraFMS/Config.pm b/pandora_server/lib/PandoraFMS/Config.pm index c09edc327c..09698d71e6 100644 --- a/pandora_server/lib/PandoraFMS/Config.pm +++ b/pandora_server/lib/PandoraFMS/Config.pm @@ -313,6 +313,12 @@ sub pandora_load_config { $pa_config->{"text_going_down_warning"} = "Module '_module_' is going to WARNING (_data_)"; # 5.0 $pa_config->{"text_going_unknown"} = "Module '_module_' is going to UNKNOWN"; # 5.0 + # Event auto-expiry time + $pa_config->{"event_expiry_time"} = 0; # 5.0 + + # Event auto-expiry time window + $pa_config->{"event_expiry_window"} = 86400; # 5.0 + # ------------------------------------------------------------------------- # This values are not stored in .conf files. # This values should be stored in database, not in .conf files! @@ -693,6 +699,12 @@ sub pandora_load_config { elsif ($parametro =~ m/^text_going_unknown\s+(.*)/i) { $pa_config->{'text_going_unknown'} = safe_input ($1); } + elsif ($parametro =~ m/^event_expiry_time\s+([0-9]*)/i) { + $pa_config->{'event_expiry_time'}= clean_blank($1); + } + elsif ($parametro =~ m/^event_expiry_window\s+([0-9]*)/i) { + $pa_config->{'event_expiry_window'}= clean_blank($1); + } } # end of loop for parameter # # Set to RDBMS' standard port diff --git a/pandora_server/lib/PandoraFMS/Core.pm b/pandora_server/lib/PandoraFMS/Core.pm index 8e26758729..606a00a71f 100644 --- a/pandora_server/lib/PandoraFMS/Core.pm +++ b/pandora_server/lib/PandoraFMS/Core.pm @@ -657,6 +657,7 @@ sub pandora_execute_alert ($$$$$$$$;$) { } # Execute actions + my $event_generated = 0; foreach my $action (@actions) { # Check the action threshold (template_action_threshold takes precedence over action_threshold) @@ -665,6 +666,12 @@ sub pandora_execute_alert ($$$$$$$$;$) { $threshold = $action->{'action_threshold'} if (defined ($action->{'action_threshold'}) && $action->{'action_threshold'} > 0); $threshold = $action->{'module_action_threshold'} if (defined ($action->{'module_action_threshold'}) && $action->{'module_action_threshold'} > 0); if (time () >= ($action->{'last_execution'} + $threshold)) { + + # Does the action generate an event? + if (safe_output($action->{'name'}) eq "Pandora FMS Event") { + $event_generated = 1; + } + pandora_execute_action ($pa_config, $data, $agent, $alert, $alert_mode, $action, $module, $dbh, $timestamp, $extra_macros); } else { if (defined ($module)) { @@ -680,14 +687,16 @@ sub pandora_execute_alert ($$$$$$$$;$) { my $warning_instructions = get_db_value ($dbh, 'SELECT warning_instructions FROM tagente_modulo WHERE id_agente_modulo = ?', $alert->{'id_agent_module'}); my $unknown_instructions = get_db_value ($dbh, 'SELECT unknown_instructions FROM tagente_modulo WHERE id_agente_modulo = ?', $alert->{'id_agent_module'}); - # Generate an event - #If we've spotted an alert recovered, we set the new event's severity to 0, otherwise the original value is maintained. - my ($text, $event, $severity) = ($alert_mode == 0) ? ('recovered', 'alert_recovered', 0) : ('fired', 'alert_fired', $alert->{'priority'}); - - - pandora_event ($pa_config, "Alert $text (" . safe_output($alert->{'name'}) . ") " . (defined ($module) ? 'assigned to ('. safe_output($module->{'nombre'}) . ")" : ""), + # Generate an event only if an event has not already been generated by an alert action + if ($event_generated == 0) { + + #If we've spotted an alert recovered, we set the new event's severity to 0, otherwise the original value is maintained. + my ($text, $event, $severity) = ($alert_mode == 0) ? ('recovered', 'alert_recovered', 0) : ('fired', 'alert_fired', $alert->{'priority'}); + + pandora_event ($pa_config, "Alert $text (" . safe_output($alert->{'name'}) . ") " . (defined ($module) ? 'assigned to ('. safe_output($module->{'nombre'}) . ")" : ""), (defined ($agent) ? $agent->{'id_grupo'} : 0), (defined ($agent) ? $agent->{'id_agente'} : 0), $alert->{'priority'}, (defined ($alert->{'id_template_module'}) ? $alert->{'id_template_module'} : 0), (defined ($alert->{'id_agent_module'}) ? $alert->{'id_agent_module'} : 0), $event, 0, $dbh, 'Pandora', '', '', '', '', $critical_instructions, $warning_instructions, $unknown_instructions); + } } ########################################################################## @@ -733,16 +742,16 @@ sub pandora_execute_action ($$$$$$$$$;$) { } # Recovery fields, thanks to Kato Atsushi - if ($alert_mode == 0){ - $field2 = $alert->{'field2_recovery'} ne "" ? $alert->{'field2_recovery'} : "[RECOVER]" . $field2; - $field3 = $alert->{'field3_recovery'} ne "" ? $alert->{'field3_recovery'} : "[RECOVER]" . $field3; - $field4 = $alert->{'field4_recovery'} ne "" ? $alert->{'field4_recovery'} : "[RECOVER]" . $field4; - $field5 = $alert->{'field5_recovery'} ne "" ? $alert->{'field5_recovery'} : "[RECOVER]" . $field5; - $field6 = $alert->{'field6_recovery'} ne "" ? $alert->{'field6_recovery'} : "[RECOVER]" . $field6; - $field7 = $alert->{'field7_recovery'} ne "" ? $alert->{'field7_recovery'} : "[RECOVER]" . $field7; - $field8 = $alert->{'field8_recovery'} ne "" ? $alert->{'field8_recovery'} : "[RECOVER]" . $field8; - $field9 = $alert->{'field9_recovery'} ne "" ? $alert->{'field9_recovery'} : "[RECOVER]" . $field9; - $field10 = $alert->{'field10_recovery'} ne "" ? $alert->{'field10_recovery'} : "[RECOVER]" . $field10; + if ($alert_mode == 0) { + $field2 = $alert->{'field2_recovery'} ne "" ? $alert->{'field2_recovery'} : ($field2 ne "" ? "[RECOVER]" . $field2 : ""); + $field3 = $alert->{'field3_recovery'} ne "" ? $alert->{'field3_recovery'} : ($field3 ne "" ? "[RECOVER]" . $field3 : ""); + $field4 = $alert->{'field4_recovery'} ne "" ? $alert->{'field4_recovery'} : ($field4 ne "" ? "[RECOVER]" . $field4 : ""); + $field5 = $alert->{'field5_recovery'} ne "" ? $alert->{'field5_recovery'} : ($field5 ne "" ? "[RECOVER]" . $field5 : ""); + $field6 = $alert->{'field6_recovery'} ne "" ? $alert->{'field6_recovery'} : ($field6 ne "" ? "[RECOVER]" . $field6 : ""); + $field7 = $alert->{'field7_recovery'} ne "" ? $alert->{'field7_recovery'} : ($field7 ne "" ? "[RECOVER]" . $field7 : ""); + $field8 = $alert->{'field8_recovery'} ne "" ? $alert->{'field8_recovery'} : ($field8 ne "" ? "[RECOVER]" . $field8 : ""); + $field9 = $alert->{'field9_recovery'} ne "" ? $alert->{'field9_recovery'} : ($field9 ne "" ? "[RECOVER]" . $field9 : ""); + $field10 = $alert->{'field10_recovery'} ne "" ? $alert->{'field10_recovery'} : ($field10 ne "" ? "[RECOVER]" . $field10 : ""); } $field1 = decode_entities ($field1); @@ -2528,7 +2537,7 @@ sub pandora_event ($$$$$$$$$$;$$$$$$$$$) { my ($pa_config, $evento, $id_grupo, $id_agente, $severity, $id_alert_am, $id_agentmodule, $event_type, $event_status, $dbh, $source, $user_name, $comment, $id_extra, $tags, - $critical_instructions, $warning_instructions, $unknown_instructions) = @_; + $critical_instructions, $warning_instructions, $unknown_instructions, $custom_data) = @_; my $agent = undef; if ($id_agente != 0) { @@ -2568,6 +2577,7 @@ sub pandora_event ($$$$$$$$$$;$$$$$$$$$) { $critical_instructions = '' unless defined ($critical_instructions); $warning_instructions = '' unless defined ($warning_instructions); $unknown_instructions = '' unless defined ($unknown_instructions); + $custom_data = '' unless defined ($custom_data); # If the event is created with validated status, assign ack_utimestamp my $ack_utimestamp = $event_status == 1 ? time() : 0; @@ -2587,13 +2597,13 @@ sub pandora_event ($$$$$$$$$$;$$$$$$$$$) { if ($count > 0) { logger($pa_config, "Updating event '$evento' with extended id '$id_extra' for agent ID $id_agente module ID $id_agentmodule.", 10); - db_do ($dbh, 'UPDATE tevento SET id_agente=?, id_grupo=?, evento=?, timestamp=?, estado=?, utimestamp=?, event_type=?, id_agentmodule=?, id_alert_am=?, criticity=?, user_comment=?, tags=?, source=?, id_extra=?, id_usuario=?, critical_instructions=?, warning_instructions=?, unknown_instructions=?, ack_utimestamp=? - WHERE id_extra=?', $id_agente, $id_grupo, safe_input ($evento), $timestamp, $event_status, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity, $comment, $module_tags, $source, $id_extra, $user_name, $critical_instructions, $warning_instructions, $unknown_instructions, $ack_utimestamp, $id_extra); + db_do ($dbh, 'UPDATE tevento SET id_agente=?, id_grupo=?, evento=?, timestamp=?, estado=?, utimestamp=?, event_type=?, id_agentmodule=?, id_alert_am=?, criticity=?, user_comment=?, tags=?, source=?, id_extra=?, id_usuario=?, critical_instructions=?, warning_instructions=?, unknown_instructions=?, ack_utimestamp=?, custom_data=? + WHERE id_extra=?', $id_agente, $id_grupo, safe_input ($evento), $timestamp, $event_status, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity, $comment, $module_tags, $source, $id_extra, $user_name, $critical_instructions, $warning_instructions, $unknown_instructions, $ack_utimestamp, $custom_data, $id_extra); } else { logger($pa_config, "Generating event '$evento' for agent ID $id_agente module ID $id_agentmodule.", 10); - db_do ($dbh, 'INSERT INTO tevento (id_agente, id_grupo, evento, timestamp, estado, utimestamp, event_type, id_agentmodule, id_alert_am, criticity, user_comment, tags, source, id_extra, id_usuario, critical_instructions, warning_instructions, unknown_instructions, ack_utimestamp) - VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', $id_agente, $id_grupo, safe_input ($evento), $timestamp, $event_status, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity, $comment, $module_tags, $source, $id_extra, $user_name, $critical_instructions, $warning_instructions, $unknown_instructions, $ack_utimestamp); + db_do ($dbh, 'INSERT INTO tevento (id_agente, id_grupo, evento, timestamp, estado, utimestamp, event_type, id_agentmodule, id_alert_am, criticity, user_comment, tags, source, id_extra, id_usuario, critical_instructions, warning_instructions, unknown_instructions, ack_utimestamp, custom_data) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)', $id_agente, $id_grupo, safe_input ($evento), $timestamp, $event_status, $utimestamp, $event_type, $id_agentmodule, $id_alert_am, $severity, $comment, $module_tags, $source, $id_extra, $user_name, $critical_instructions, $warning_instructions, $unknown_instructions, $ack_utimestamp, $custom_data); } # Do not write to the event file diff --git a/pandora_server/util/pandora_manage.pl b/pandora_server/util/pandora_manage.pl index d18de37b2a..17119e854d 100755 --- a/pandora_server/util/pandora_manage.pl +++ b/pandora_server/util/pandora_manage.pl @@ -18,6 +18,7 @@ use POSIX; use HTML::Entities; # Encode or decode strings with HTML entities use File::Basename; use JSON qw(encode_json); +use MIME::Base64; # Default lib dir for RPM and DEB packages use lib '/usr/lib/perl5'; @@ -135,7 +136,7 @@ sub help_screen{ help_screen_line('--disable_eacl', '', 'Disable enterprise ACL system'); help_screen_line('--enable_eacl', '', 'Enable enterprise ACL system'); print "\nEVENTS:\n\n" unless $param ne ''; - help_screen_line('--create_event', " [ \n\t \n\t ]", 'Add event'); + help_screen_line('--create_event', " [ \n\t \n\t ]", 'Add event'); help_screen_line('--validate_event', " \n\t ", 'Validate events'); help_screen_line('--validate_event_id', '', 'Validate event given a event id'); help_screen_line('--get_event_info', '[]', 'Show info about a event given a event id'); @@ -2396,7 +2397,7 @@ sub cli_delete_profile() { ############################################################################## sub cli_create_event() { - my ($event,$event_type,$group_name,$agent_name,$module_name,$event_status,$severity,$template_name, $user_name, $comment, $source, $id_extra, $tags) = @ARGV[2..14]; + my ($event,$event_type,$group_name,$agent_name,$module_name,$event_status,$severity,$template_name, $user_name, $comment, $source, $id_extra, $tags, $custom_data) = @ARGV[2..15]; $event_status = 0 unless defined($event_status); $severity = 0 unless defined($severity); @@ -2458,8 +2459,11 @@ sub cli_create_event() { } print_log "[INFO] Adding event '$event' for agent '$agent_name' \n\n"; + # Base64 encode custom data + $custom_data = encode_base64 ($custom_data); + pandora_event ($conf, $event, $id_group, $id_agent, $severity, - $id_alert_agent_module, $id_agentmodule, $event_type, $event_status, $dbh, $source, $user_name, $comment, $id_extra, $tags); + $id_alert_agent_module, $id_agentmodule, $event_type, $event_status, $dbh, $source, $user_name, $comment, $id_extra, $tags, '', '', '', $custom_data); } ############################################################################## @@ -3466,7 +3470,7 @@ sub pandora_manage_main ($$$) { cli_delete_profile(); } elsif ($param eq '--create_event') { - param_check($ltotal, 13, 10); + param_check($ltotal, 14, 10); cli_create_event(); } elsif ($param eq '--validate_event') {