tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'develop' into ent-12495-volver-al-comportamiento-anterior-en-temas-de-permisos-politicas-10894

This commit is contained in:
Daniel Maya 2023-11-30 13:30:29 +01:00
parent 6e67dc81ac 8cfb0353dd
commit e4b369c769
168 changed files with 4126 additions and 1374 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_agents/unix/DEBIAN/control
View File

@ -1,5 +1,5 @@
package: pandorafms-agent-unix
Version: 7.0NG.774-231124
Version: 7.0NG.774-231130
Architecture: all
Priority: optional
Section: admin

2
pandora_agents/unix/DEBIAN/make_deb_package.sh
View File

@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
pandora_version="7.0NG.774-231124"
pandora_version="7.0NG.774-231130"
echo "Test if you has the tools for to make the packages."
whereis dpkg-deb | cut -d":" -f2 | grep dpkg-deb > /dev/null

2
pandora_agents/unix/pandora_agent
View File

@ -1039,7 +1039,7 @@ my $Sem = undef;
my $ThreadSem = undef;
use constant AGENT_VERSION => '7.0NG.774';
use constant AGENT_BUILD => '231124';
use constant AGENT_BUILD => '231130';
# Agent log default file size maximum and instances
use constant DEFAULT_MAX_LOG_SIZE => 600000;

2
pandora_agents/unix/pandora_agent.redhat.spec
View File

@ -4,7 +4,7 @@
%global __os_install_post %{nil}
%define name pandorafms_agent_linux
%define version 7.0NG.774
%define release 231124
%define release 231130
Summary: Pandora FMS Linux agent, PERL version
Name: %{name}

2
pandora_agents/unix/pandora_agent.redhat_bin.el8.spec
View File

@ -5,7 +5,7 @@
%define name pandorafms_agent_linux_bin
%define source_name pandorafms_agent_linux
%define version 7.0NG.774
%define release 231124
%define release 231130
%define debug_package %{nil}
Summary: Pandora FMS Linux agent, binary version

2
pandora_agents/unix/pandora_agent.redhat_bin.el9.spec
View File

@ -5,7 +5,7 @@
%define name pandorafms_agent_linux_bin
%define source_name pandorafms_agent_linux
%define version 7.0NG.774
%define release 231124
%define release 231130
%define debug_package %{nil}
Summary: Pandora FMS Linux agent, binary version

2
pandora_agents/unix/pandora_agent.redhat_bin.spec
View File

@ -5,7 +5,7 @@
%define name pandorafms_agent_linux_bin
%define source_name pandorafms_agent_linux
%define version 7.0NG.774
%define release 231124
%define release 231130
Summary: Pandora FMS Linux agent, binary version
Name: %{name}

2
pandora_agents/unix/pandora_agent.spec
View File

@ -4,7 +4,7 @@
%global __os_install_post %{nil}
%define name pandorafms_agent_linux
%define version 7.0NG.774
%define release 231124
%define release 231130
Summary: Pandora FMS Linux agent, PERL version
Name: %{name}

2
pandora_agents/unix/pandora_agent_installer
View File

@ -10,7 +10,7 @@
# **********************************************************************
PI_VERSION="7.0NG.774"
PI_BUILD="231124"
PI_BUILD="231130"
OS_NAME=`uname -s`
FORCE=0

2
pandora_agents/win32/installer/pandora.mpi
View File

@ -186,7 +186,7 @@ UpgradeApplicationID
{}
Version
{231124}
{231130}
ViewReadme
{Yes}

2
pandora_agents/win32/pandora.cc
View File

@ -30,7 +30,7 @@ using namespace Pandora;
using namespace Pandora_Strutils;
#define PATH_SIZE _MAX_PATH+1
#define PANDORA_VERSION ("7.0NG.774 Build 231124")
#define PANDORA_VERSION ("7.0NG.774 Build 231130")
string pandora_path;
string pandora_dir;

2
pandora_agents/win32/versioninfo.rc
View File

@ -11,7 +11,7 @@ BEGIN
VALUE "LegalCopyright", "Pandora FMS"
VALUE "OriginalFilename", "PandoraAgent.exe"
VALUE "ProductName", "Pandora FMS Windows Agent"
VALUE "ProductVersion", "(7.0NG.774(Build 231124))"
VALUE "ProductVersion", "(7.0NG.774(Build 231130))"
VALUE "FileVersion", "1.0.0.0"
END
END

2
pandora_console/DEBIAN/control
View File

@ -1,5 +1,5 @@
package: pandorafms-console
Version: 7.0NG.774-231124
Version: 7.0NG.774-231130
Architecture: all
Priority: optional
Section: admin

2
pandora_console/DEBIAN/make_deb_package.sh
View File

@ -14,7 +14,7 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
pandora_version="7.0NG.774-231124"
pandora_version="7.0NG.774-231130"
package_pear=0
package_pandora=1

33
pandora_console/extensions/agents_modules_csv.php
View File

@ -27,17 +27,18 @@
*/
global $config;
if (true) {
include_once '../include/config.php';
include_once '../include/functions_agents.php';
include_once '../include/functions_reporting.php';
include_once '../include/functions_modules.php';
include_once '../include/functions_users.php';
if ((bool) $config['metaconsole']) {
include_once $config['homedir'].'/include/config.php';
include_once $config['homedir'].'/include/functions_agents.php';
include_once $config['homedir'].'/include/functions_reporting.php';
include_once $config['homedir'].'/include/functions_modules.php';
include_once $config['homedir'].'/include/functions_users.php';
} else {
include_once '../include/config.php';
include_once '../include/functions_agents.php';
include_once '../include/functions_reporting.php';
include_once '../include/functions_modules.php';
include_once '../include/functions_users.php';
}
@ -106,7 +107,25 @@ if ($get_agents_module_csv === '1') {
foreach ($results as $result) {
foreach ($result as $key => $value) {
$out_csv .= io_safe_output($value).$divider;
if (preg_match('/Linux/i', $_SERVER['HTTP_USER_AGENT'])) {
$value = preg_replace(
'/\s+/',
' ',
io_safe_output($value)
);
} else {
$value = mb_convert_encoding(
preg_replace(
'/\s+/',
'',
io_safe_output($value)
),
'UTF-16LE',
'UTF-8'
);
}
$out_csv .= $value.$divider;
}
$out_csv .= "\n";

2
pandora_console/extensions/api_checker.php
View File

@ -99,7 +99,7 @@ function api_execute(
if (empty($token) === true) {
$data['apipass'] = $apipass;
$data['user'] = $user;
$data['password'] = $password;
$data['pass'] = $password;
}
}

2
pandora_console/extensions/dbmanager.php
View File

@ -90,7 +90,7 @@ function dbmgr_extension_main()
// Header.
ui_print_standard_header(
__('Database interface'),
__('DB interface'),
'images/gm_db.png',
false,
'',

38
pandora_console/extras/mr/67.sql Normal file
View File

@ -0,0 +1,38 @@
START TRANSACTION;
ALTER TABLE `tevento`
ADD COLUMN `event_custom_id` TEXT NULL AFTER `module_status`;
-- Telegram and vonage default alerts
UPDATE talert_actions
SET field2='[PANDORA] Alert FIRED on _agent_ / _module_ / _timestamp_ / _data_'
WHERE id=9;
UPDATE talert_actions
SET field2='[PANDORA] Alert FIRED on _agent_ / _module_ / _timestamp_ / _data_'
WHERE id=11;
-- Delete table tagent_access
DROP TABLE tagent_access;
ALTER TABLE `tevent_rule` DROP COLUMN `user_comment`;
ALTER TABLE `tevent_rule` DROP COLUMN `operator_user_comment`;
ALTER TABLE treport_content ADD check_unknowns_graph tinyint DEFAULT 0 NULL;
-- Update macros for plugin oracle
UPDATE `tdiscovery_apps` SET `version` = '1.1' WHERE `short_name` = 'pandorafms.oracle';
SET @id_app := (SELECT `id_app` FROM `tdiscovery_apps` WHERE `short_name` = 'pandorafms.oracle');
UPDATE `tdiscovery_apps_tasks_macros` SET `value` = 'agents_group_id=__taskGroupID__ interval=__taskInterval__ user=_dbuser_ password=_dbpass_ thick_mode=_thickMode_ client_path=_clientPath_ threads=_threads_ modules_prefix=_prefixModuleName_ execute_custom_queries=_executeCustomQueries_ analyze_connections=_checkConnections_ engine_uptime=_checkUptime_ query_stats=_queryStats_ cache_stats=_checkCache_ fragmentation_ratio=_checkFragmentation_ check_tablescpaces=_checkTablespaces_' WHERE `macro` = '_tempfileConf_' AND `id_task` IN (SELECT `id_rt` FROM `trecon_task` WHERE `id_app` = @id_app);
INSERT IGNORE INTO `tdiscovery_apps_tasks_macros` (`id_task`, `macro`, `type`, `value`, `temp_conf`) SELECT id_rt, '_thickMode_', 'custom', 0, 0 FROM `trecon_task` WHERE `id_app` = @id_app;
INSERT IGNORE INTO `tdiscovery_apps_tasks_macros` (`id_task`, `macro`, `type`, `value`, `temp_conf`) SELECT id_rt, '_clientPath_', 'custom', '', 0 FROM `trecon_task` WHERE `id_app` = @id_app;
UPDATE `trecon_task` SET `setup_complete` = 1 WHERE `id_app` = @id_app;
ALTER TABLE `tdashboard`
ADD COLUMN `date_range` TINYINT NOT NULL DEFAULT 0 AFTER `cells_slideshow`,
ADD COLUMN `date_from` INT NOT NULL DEFAULT 0 AFTER `date_range`,
ADD COLUMN `date_to` INT NOT NULL DEFAULT 0 AFTER `date_from`;
COMMIT;

2
pandora_console/general/login_page.php
View File

@ -418,7 +418,7 @@ switch ($login_screen) {
}
if ($config['enterprise_installed']) {
if ($config['reset_pass_option']) {
if ($config['reset_pass_option'] && $config['auth'] === 'mysql') {
$reset_pass_link = 'reset_pass.php';
// Reset password link.
echo '<div class="reset_password">';

3
pandora_console/godmode/agentes/agent_manager.php
View File

@ -922,6 +922,7 @@ $tableAdvancedAgent->data['safe_operation'][] = html_print_label_input_block(
)
);
if (enterprise_installed() === true) {
$tableAdvancedAgent->data['vul_scan_enabled'][] = html_print_label_input_block(
__('Vulnerability scanning'),
html_print_select(
@ -938,6 +939,8 @@ $tableAdvancedAgent->data['vul_scan_enabled'][] = html_print_label_input_block(
true
)
);
}
ui_toggle(
html_print_table($tableAdvancedAgent, true),

6
pandora_console/godmode/agentes/fields_manager.php
View File

@ -217,6 +217,7 @@ foreach ($fields as $field) {
array_push($table->data, $data);
}
$tablePagination = '';
if ($fields) {
html_print_table($table);
$tablePagination = ui_pagination($count_fields, false, $offset, 0, true, 'offset', false);
@ -231,6 +232,9 @@ html_print_action_buttons(
[ 'icon' => 'next' ],
true
),
['type' => 'form_action']
[
'type' => 'form_action',
'right_content' => $tablePagination,
],
);
echo '</form>';

17
pandora_console/godmode/agentes/module_manager.php
View File

@ -38,6 +38,7 @@ $isFunctionPolicies = enterprise_include_once('include/functions_policies.php');
require_once $config['homedir'].'/include/functions_modules.php';
require_once $config['homedir'].'/include/functions_agents.php';
require_once $config['homedir'].'/include/functions_servers.php';
require_once $config['homedir'].'/include/functions_macros.php';
$search_string = get_parameter('search_string');
@ -949,8 +950,24 @@ if ($modules !== false) {
);
if (strlen($module['ip_target']) !== 0) {
// Check if value is custom field.
if ($module['ip_target'][0] == '_' && $module['ip_target'][(strlen($module['ip_target']) - 1)] == '_') {
$custom_field_name = substr($module['ip_target'], 1, -1);
$custom_value = agents_get_agent_custom_field($id_agente, $custom_field_name);
if (isset($custom_value) && $custom_value !== false) {
$title .= '<br/>IP: '.$custom_value;
} else {
$array_macros = return_agent_macros($id_agente);
if (isset($array_macros[$module['ip_target']])) {
$title .= '<br/>IP: '.$array_macros[$module['ip_target']];
} else {
$title .= '<br/>IP: '.$module['ip_target'];
}
}
} else {
$title .= '<br/>IP: '.$module['ip_target'];
}
}
// This module is initialized ? (has real data).
if ($status === STATUS_MODULE_NO_DATA) {

83
pandora_console/godmode/agentes/module_manager_editor_common.php
View File

@ -1391,7 +1391,6 @@ $table_advanced->data['made_enabled'][0] = html_print_checkbox_switch(
false,
'',
false,
false,
'wp100 static'
);
@ -2000,23 +1999,18 @@ ui_require_jquery_file('json');
$('#' + thisLabel).prop('checked', true);
$('#' + thisLabel).siblings().prop('checked', false);
if ($('#radius-percentage_warning').prop('checked') === true || $('#radius-percentage_critical').prop('checked') === true) {
var type_selected = $("#id_module_type").val();
var type_names = jQuery.parseJSON(Base64.decode($('#hidden-type_names').val()));
var type_name_selected = type_names[type_selected];
if (($('#radius-percentage_warning').prop('checked') === true && $('#radius-percentage_critical').prop('checked') === true) || type_name_selected == 'generic_data_string') {
paint_graph_values();
$("#svg_dinamic").hide();
} else {
paint_graph_values();
$("#svg_dinamic").show();
}
if ($('#radius-percentage_warning').prop('checked') === true) {
$('#radius-warning_inverse').hide();
$('#label-radius-warning_inverse').hide();
}
if ($('#radius-warning_inverse').prop('checked') === true) {
$('#radius-percentage_warning').hide();
$('#label-radius-percentage_warning').hide();
}
if ($('#radius-normal_warning').prop('checked') === true) {
$('#radius-warning_inverse').show();
$('#label-radius-warning_inverse').show();
@ -2024,17 +2018,6 @@ ui_require_jquery_file('json');
$('#label-radius-percentage_warning').show();
}
if ($('#radius-percentage_critical').prop('checked') === true) {
$('#radius-critical_inverse').hide();
$('#label-radius-critical_inverse').hide();
}
if ($('#radius-critical_inverse').prop('checked') === true) {
$('#radius-percentage_critical').hide();
$('#label-radius-percentage_critical').hide();
}
if ($('#radius-normal_critical').prop('checked') === true) {
$('#radius-critical_inverse').show();
$('#label-radius-critical_inverse').show();
@ -2351,30 +2334,48 @@ ui_require_jquery_file('json');
var message_error_percentage = '<?php echo __('Please introduce a positive percentage value'); ?>';
//if haven't error
if (max_w == 0 || max_w > min_w) {
if (max_c == 0 || max_c > min_c) {
if (max_w == 0 || max_w > min_w || $('#radius-percentage_warning').is(':checked') === true) {
if (max_c == 0 || max_c > min_c || $('#radius-percentage_critical').is(':checked') === true) {
error_c = 0;
error_w = 0;
} else {
error_c = 1;
min_w = 0;
max_w = 0;
min_c = 0;
max_c = 0;
inverse_w = 0;
inverse_c = 0;
}
} else {
if (max_c !== 0 && max_c < min_c && $('#radius-percentage_critical').is(':checked') === false) {
error_c = 2;
}
error_w = 1;
min_w = 0;
max_w = 0;
min_c = 0;
max_c = 0;
inverse_w = 0;
inverse_c = 0;
}
if ($('#radius-percentage_warning').is(':checked') === true){
min_w = 0;
max_w = 0;
}
if ($('#radius-percentage_critical').is(':checked') === true){
min_c = 0;
max_c = 0;
}
paint_graph_status(
min_w, max_w, min_c, max_c, inverse_w,
inverse_c, error_w, error_c,
legend_normal, legend_warning, legend_critical,
message_error_warning, message_error_critical
);
} else {
error_c = 1;
paint_graph_status(
0, 0, 0, 0, 0, 0, error_w, error_c,
legend_normal, legend_warning, legend_critical,
message_error_warning, message_error_critical
);
}
} else {
error_w = 1;
paint_graph_status(
0, 0, 0, 0, 0, 0, error_w, error_c,
legend_normal, legend_warning, legend_critical,
message_error_warning, message_error_critical
);
}
}
/* ]]> */

73
pandora_console/godmode/agentes/module_manager_editor_prediction.php
View File

@ -131,9 +131,10 @@ if ($module_service_synthetic_selector !== ENTERPRISE_NOT_HOOK) {
}
$data = [];
$data[0] = __('Agent');
$data[1] = __('Module');
$data[2] = __('Period');
$data[0] = __('Module');
$data[1] = __('Period');
$table_simple->cellclass['caption_prediction_module'][0] = 'w33p';
$table_simple->cellclass['caption_prediction_module'][1] = 'w33p';
$table_simple->cellclass['caption_prediction_module'][2] = 'w33p';
@ -163,34 +164,68 @@ $params['none_module_text'] = __('Select Module');
$params['use_hidden_input_idagent'] = true;
$params['input_style'] = 'width: 100%;';
$params['hidden_input_idagent_id'] = 'hidden-id_agente_module_prediction';
$data[0] = ui_print_agent_autocomplete_input($params);
if ($id_agente > 0) {
$predictionModuleInput = html_print_select_from_sql(
'SELECT id_agente_modulo, nombre
FROM tagente_modulo
WHERE delete_pending = 0
AND history_data = 1
AND id_agente = '.$id_agente_clean.'
AND id_agente_modulo <> '.$id_agente_modulo,
if (strstr($page, 'policy_modules') === false) {
$modules = agents_get_modules($id_agente);
$predictionModuleInput = html_print_select(
$modules,
'prediction_module',
$prediction_module,
'',
__('Select Module'),
'',
0,
true,
false,
true,
'',
false,
'width: 100%;'
false,
false,
false,
false,
'',
false,
false,
false,
false,
true,
false,
false,
'',
false,
'pm'
);
} else {
$predictionModuleInput = '<select id="prediction_module" name="custom_integer_1" disabled="disabled"><option value="0">Select an Agent first</option></select>';
$modules = index_array(policies_get_modules($policy_id, false, ['id', 'name']));
$predictionModuleInput = html_print_select(
$modules,
'id_module_policy',
$module['custom_integer_1'],
'',
'',
0,
true,
false,
true,
'',
false,
false,
false,
false,
false,
'',
false,
false,
true
);
}
$data[1] = $predictionModuleInput;
$data[2] = html_print_select([__('Weekly'), __('Monthly'), __('Daily')], 'custom_integer_2', $custom_integer_2, '', '', 0, true, false, true, '', false, 'width: 100%;');
$data[2] .= html_print_input_hidden('id_agente_module_prediction', $id_agente, true);
$data[0] = $predictionModuleInput;
$data[1] = html_print_select([__('Weekly'), __('Monthly'), __('Daily')], 'custom_integer_2', $custom_integer_2, '', '', 0, true, false, true, '', false, 'width: 100%;');
$data[1] .= html_print_input_hidden('id_agente_module_prediction', $id_agente, true);
$table_simple->cellclass['prediction_module'][0] = 'w33p';
$table_simple->cellclass['prediction_module'][1] = 'w33p';
$table_simple->cellclass['prediction_module'][2] = 'w33p';
@ -264,7 +299,7 @@ if ($selector_form !== ENTERPRISE_NOT_HOOK) {
}
// Synthetic modules are an Enterprise feature.
$synthetic_module_form = enterprise_hook('get_synthetic_module_form');
$synthetic_module_form = enterprise_hook('get_synthetic_module_form', [$policy_id]);
if ($synthetic_module_form !== ENTERPRISE_NOT_HOOK) {
$data = [];
$data[0] = $synthetic_module_form;

9
pandora_console/godmode/alerts/alert_templates.php
View File

@ -31,13 +31,14 @@ if (is_ajax()) {
return;
}
echo '<h3>'.$template['name'].'</h3>';
echo '<h3 style="background-color: #14524f">'.$template['name'].'</h3>';
echo html_print_image('images/info.svg', true, ['class' => 'invert_filter']);
echo ui_print_alert_template_example($template['id'], true, true, false);
echo '<br />';
echo '<br />';
echo '<strong>'.__('Type').': </strong>';
echo alerts_get_alert_templates_type_name($template['type']);
echo '<br />';
echo ui_print_alert_template_example($template['id'], true);
echo '<br />';
if ($template['description'] != '') {

3
pandora_console/godmode/alerts/configure_alert_action.php
View File

@ -552,6 +552,9 @@ $(document).ready (function () {
// If the row is empty, hide it
if (field_row == '') {
// Clear hidden fields.
$("[name=field" + i + "_value]").val('');
$("[name=field" + i + "_recovery_value]").val('')
$table_macros_field.hide();
continue;
}

2
pandora_console/godmode/alerts/configure_alert_template.php
View File

@ -1240,7 +1240,7 @@ if ($step == 2) {
'priority',
$priority,
'',
0,
'',
0,
true,
false,

13
pandora_console/godmode/db/db_main.php
View File

@ -27,7 +27,6 @@ if (! check_acl($config['id_user'], 0, 'DM')) {
// Get some general DB stats (not very heavy)
// NOTE: this is not realtime monitoring stats, are more focused on DB sanity
$stat_access = db_get_sql('SELECT COUNT(*) FROM tagent_access WHERE id_agent != 0');
$stat_data = db_get_sql('SELECT COUNT(*) FROM tagente_datos WHERE id_agente_modulo != 0');
$stat_data_log4x = db_get_sql('SELECT COUNT(*) FROM tagente_datos_log4x WHERE id_agente_modulo != 0');
$stat_data_string = db_get_sql('SELECT COUNT(*) FROM tagente_datos_string WHERE id_agente_modulo != 0');
@ -149,18 +148,6 @@ echo $stat_modules;
echo '</b></td></tr>';
echo '<tr class="rowOdd"><td>';
echo __('Total agent access records');
echo '<td><b>';
if ($stat_access > $max_access) {
echo "<font color='#ff0000'>$stat_access</font>";
} else {
echo $stat_access;
}
echo '</b></td></tr>';
// Sanity
echo '<tr><th colspan=2><i>';
echo __('Database sanity');

1
pandora_console/godmode/events/custom_events.php
View File

@ -115,6 +115,7 @@ $fields_available['module_status'] = __('Module Status');
$fields_available['mini_severity'] = __('Severity mini');
$fields_available['module_custom_id'] = __('Module custom ID');
$fields_available['custom_data'] = __('Custom data');
$fields_available['event_custom_id'] = __('Event Custom ID');
// Remove fields already selected.

40
pandora_console/godmode/gis_maps/configure_gis_map.php
View File

@ -68,7 +68,7 @@ foreach ($layer_ids as $layer_id) {
$layer_list[] = [
'id' => (strpos($layer_id, 'new_') === false) ? (int) $layer_id : null,
'layer_name' => $trimmed_name,
'layer_visible' => ((int) $layers[$layer_id]['visible'] === 1),
'layer_visible' => ($layers[$layer_id]['visible'] === 'true'),
'layer_group' => (int) $layers[$layer_id]['agents_from_group'],
'layer_agent_list' => $layers[$layer_id]['agents'],
'layer_group_list' => $layers[$layer_id]['groups'],
@ -560,21 +560,23 @@ html_print_table($table);
$user_groups = users_get_groups($config['user'], 'AR', false);
echo '<h3>'.__('Layers').'</h3>';
echo '<fieldset class="margin-bottom-10"><legend>'.__('Layers').'</legend>';
$table->width = '100%';
$table->class = 'databox filters';
$table->valign = [];
$table->valign[0] = 'top';
$table->valign[1] = 'top';
$table->valign[0] = 'top; width: 50%';
$table->valign[1] = 'top; width: 50%';
$table->data = [];
$table->data[0][0] = '<h4>'.__('List of layers').'</h4>';
$table->data[0][1] = '<div class="right">'.html_print_button(__('New layer'), 'new_layer', false, 'newLayer();', 'class="sub add "', true).'</div>';
$table->data[1][0] = '<table class="databox" border="0" cellpadding="4" cellspacing="4" id="list_layers"></table>';
$table->data[1][1] = '<div id="form_layer" class="invisible">
$table->data[1][0] = '<div id="form_layer" class="invisible">
<table id="form_layer_table" class="" border="0" cellpadding="4" cellspacing="4">
<tr>
<td colspan="4"><hr/></td>
</tr>
<tr>
<td>'.__('Layer name').':</td>
<td>'.html_print_input_text('layer_name_form', '', '', 20, 40, true).'</td>
@ -592,10 +594,6 @@ $table->data[1][1] = '<div id="form_layer" class="invisible">
<td>'.__('Agent').':</td>
<td colspan="3">';
$table->data[1][1] .= html_print_button(__('Add agent'), 'add_agent', true, '', ['mode' => 'secondary', 'icon' => 'next'], true);
$params = [];
$params['return'] = true;
$params['show_helptip'] = true;
@ -608,11 +606,12 @@ $params['javascript_function_action_after_select'] = 'active_button_add_agent';
$params['javascript_is_function_select'] = true;
$params['disabled_javascript_on_blur_function'] = false;
$table->data[1][1] .= ui_print_agent_autocomplete_input($params);
$table->data[1][1] .= '</td>
$table->data[1][0] .= ui_print_agent_autocomplete_input($params);
$buttonAgent = html_print_button(__('Add agent'), 'add_agent', true, '', ['mode' => 'secondary', 'icon' => 'next'], true);
$table->data[1][0] .= '</td>
</tr>
<tr>
<td colspan="4" align="right">'.$buttonAgent.'</td>
</tr>
<tr>
<td colspan="4">
@ -641,7 +640,7 @@ $params['disabled_javascript_on_blur_function'] = false;
$agent_for_group_input = ui_print_agent_autocomplete_input($params);
$add_group_btn = html_print_button(__('Add'), 'add_group', true, '', ['mode' => 'secondary', 'icon' => 'next'], true);
$table->data[1][1] .= '<tr><td colspan="4"><hr /></td></tr>
$table->data[1][0] .= '<tr><td colspan="4"><hr /></td></tr>
<tr>
<td>'.__('Group').':</td>
<td colspan="3">'.$group_select.'</td>
@ -661,7 +660,7 @@ $table->data[1][1] .= '<tr><td colspan="4"><hr /></td></tr>
</td>
</tr>';
$table->data[1][1] .= '<tr>
$table->data[1][0] .= '<tr>
<td align="right" colspan="4">'.html_print_button(__('Save Layer'), 'save_layer', false, 'javascript:saveNewLayer();', 'class="sub wand"', true).'
'.html_print_input_hidden('current_edit_layer_id', '', true).'
</td>
@ -669,7 +668,12 @@ $table->data[1][1] .= '<tr>
</table>
</div>';
$table->data[1][1] = '<fieldset>
<legend>'.__('Layers list').'</legend>
<table class="databox invisible" border="0" id="list_layers"></table>
</fieldset>';
html_print_table($table);
echo '</fieldset>';
switch ($action) {
case 'save_new':
@ -1229,6 +1233,8 @@ function getLayerRow (layerId, layerData) {
.append($editCol)
.append($deleteCol);
$("#list_layers").removeClass('invisible');
return $row;
}

166
pandora_console/godmode/groups/group_list.php
View File

@ -84,6 +84,9 @@ if (is_ajax() === true) {
}
$group = db_get_row('tgrupo', 'id_grupo', $id_group);
if (str_contains($group['icon'], '.png') === true) {
$group['folder'] = 'groups_small/';
}
echo json_encode($group);
return;
@ -757,6 +760,125 @@ if ($tab == 'tree') {
/*
* Group tree view.
*/
$table = new stdClass();
$table->width = '100%';
$table->class = 'databox filters filter-table-adv';
if (is_metaconsole() === true) {
$table->cellspacing = 0;
$table->cellpadding = 0;
}
$search_group_string = get_parameter('search_group_string', '');
$search_agent_string = get_parameter('search_agent_string', '');
$agent_status = get_parameter('agent_status', '');
$show_not_init_agents = get_parameter('show_not_init_agents', 1);
$show_not_init_modules = get_parameter('show_not_init_modules', 1);
$show_full_hirearchy = get_parameter('show_full_hirearchy', 1);
$table->data = [];
$table->head = [];
$table->style = [];
$table->style[0] = 'width: 50%;';
$table->style[1] = 'width: 50%;';
$table->data[0][0] = html_print_label_input_block(
__('Search group'),
html_print_input_text(
'search_group_string',
$search_group_string,
'',
25,
255,
true,
false,
false,
'',
)
);
$agents_status_list = agents_status_list();
$table->data[0][1] = html_print_label_input_block(
__('Search by agent status').ui_print_help_tip(__('Shows the groups that contain an agent with the status that has been searched'), true),
html_print_select(
$agents_status_list,
'agent_status',
$agent_status,
'',
__('All'),
'',
true,
false,
false,
'w200p',
false,
'width: 100%;'
)
);
$table->data[1][0] = html_print_label_input_block(
__('Search by agent').ui_print_help_tip(__('Shows groups that contain an agent matching the search'), true),
html_print_input_text(
'search_agent_string',
$search_agent_string,
'',
25,
255,
true,
false,
false,
'',
)
);
$table->data[1][1] = html_print_label_input_block(
__('Show full hierarchy'),
html_print_checkbox_switch_extended(
'show_full_hirearchy',
1,
$show_full_hirearchy,
false,
'',
'',
true
)
);
$table->data[3][0] = '&nbsp;';
$table->data[3][1] = html_print_submit_button(
__('Filter'),
'filter',
false,
[
'class' => 'float-right',
'icon' => 'search',
],
true
);
$form = "<form method='post' action=''>";
$form .= html_print_table($table, true);
$form .= '</form>';
ui_toggle(
$form,
'<span class="subsection_header_title">'.__('Filters').'</span>',
'filter_form',
'',
true,
false,
'',
'white-box-content',
'box-flat white_table_graph fixed_filter_bar'
);
echo "<div id='tree-controller-recipient'></div>";
} else {
/*
@ -826,6 +948,8 @@ if ($tab == 'tree') {
);
$form .= '</form>';
ui_toggle(
$form,
'<span class="subsection_header_title">'.__('Filters').'</span>',
@ -1058,6 +1182,34 @@ $tab = 'group_edition';
<?php } ?>
<script type="text/javascript">
let show_full_hirearchy = "<?php echo $show_full_hirearchy; ?>";
let show_not_init_agents = "<?php echo $show_not_init_agents; ?>";
let show_not_init_modules = "<?php echo $show_not_init_modules; ?>";
$('#checkbox-show_full_hirearchy').on("change", function() {
if (show_full_hirearchy == 1) {
show_full_hirearchy = 0;
} else {
show_full_hirearchy = 1;
}
});
$('#button-filter').on('click', function(event) {
console.log('here');
event.preventDefault();
load_tree(show_full_hirearchy, show_not_init_agents, show_not_init_modules);
});
window.addEventListener('load', function() {
load_tree(show_full_hirearchy, show_not_init_agents, show_not_init_modules);
});
function load_tree(show_full_hirearchy, show_not_init_agents, show_not_init_modules) {
var treeController = TreeController.getController();
treeController.meta = <?php echo (is_metaconsole() === true) ? 1 : 0; ?>;
@ -1071,16 +1223,17 @@ $tab = 'group_edition';
parameters['getChildren'] = 1;
parameters['type'] = "<?php echo $tab; ?>";
parameters['filter'] = {};
parameters['filter']['searchGroup'] = '';
parameters['filter']['searchAgent'] = '';
parameters['filter']['statusAgent'] = '';
parameters['filter']['searchGroup'] = $('#text-search_group_string').val();
parameters['filter']['searchAgent'] = $('#text-search_agent_string').val();
parameters['filter']['statusAgent'] = $('#agent_status option:selected').val();
parameters['filter']['searchModule'] = '';
parameters['filter']['statusModule'] = '';
parameters['filter']['groupID'] = '';
parameters['filter']['tagID'] = '';
parameters['filter']['searchHirearchy'] = 1;
parameters['filter']['show_not_init_agents'] = 1;
parameters['filter']['show_not_init_modules'] = 1;
parameters['filter']['show_full_hirearchy'] = show_full_hirearchy;
parameters['filter']['show_not_init_agents'] = show_not_init_agents;
parameters['filter']['show_not_init_modules'] = show_not_init_modules;
$.ajax({
type: "POST",
@ -1141,4 +1294,7 @@ $tab = 'group_edition';
},
dataType: "json"
});
}
</script>

39
pandora_console/godmode/massive/massive_add_alerts.php
View File

@ -255,7 +255,18 @@ $table->data[1][1] = html_print_select(
true,
'',
false,
'width:180px;'
'width:180px;',
false,
false,
false,
'',
false,
false,
false,
false,
true,
true,
true
);
$table->data[1][2] = __('When select agents');
$table->data[1][2] .= '<br>';
@ -271,7 +282,31 @@ $table->data[1][2] .= html_print_select(
'',
true
);
$table->data[1][3] = html_print_select([], 'module[]', '', false, '', '', true, true, false, '', false, 'width:180px;');
$table->data[1][3] = html_print_select(
[],
'module[]',
'',
false,
'',
'',
true,
true,
false,
'',
false,
'width:180px;',
false,
false,
false,
'',
true,
false,
false,
false,
true,
true,
false
);
$usr_groups = users_get_groups($config['id_user'], 'LW', true);
$filter_groups = '';

13
pandora_console/godmode/menu.php
View File

@ -367,6 +367,8 @@ if ($access_console_node === true) {
$sub['godmode/alerts/alert_list']['text'] = __('List of Alerts');
$sub['godmode/alerts/alert_list']['id'] = 'List_of_Alerts';
$sub['godmode/alerts/alert_list']['pages'] = ['godmode/alerts/alert_view'];
$sub['godmode/agentes/planned_downtime.list']['text'] = __('Scheduled downtime');
$sub['godmode/agentes/planned_downtime.list']['id'] = 'scheduled_downtime';
if ((bool) check_acl($config['id_user'], 0, 'LM') === true) {
$sub['godmode/alerts/alert_templates']['text'] = __('Templates');
@ -708,6 +710,17 @@ if ($access_console_node === true) {
}
if ($access_console_node === true) {
// Tools
$menu_godmode['tools']['text'] = __('Tools');
$menu_godmode['tools']['sec2'] = 'operation/extensions';
$menu_godmode['tools']['id'] = 'oper-extensions';
$sub = [];
$sub['operation/agentes/exportdata']['text'] = __('Export data');
$sub['operation/agentes/exportdata']['id'] = 'export_data';
$sub['extensions/files_repo']['text'] = __('File repository');
$sub['extensions/files_repo']['id'] = 'file_repository';
$menu_godmode['tools']['sub'] = $sub;
// About.
$menu_godmode['about']['text'] = __('About');
$menu_godmode['about']['id'] = 'about';

2
pandora_console/godmode/reporting/graph_container.php
View File

@ -95,7 +95,7 @@ $subsection = reporting_enterprise_add_graph_template_subsection('', $buttons);
$buttons['graph_container'] = [
'active' => true,
'text' => '<a href="index.php?sec=reporting&sec2=godmode/reporting/graph_container">'.html_print_image(
'images/graph-container.svg@svg',
'images/graph-container@svg.svg',
true,
[
'title' => __('Graph container'),

8
pandora_console/godmode/reporting/map_builder.php
View File

@ -519,9 +519,9 @@ if (!$maps && is_metaconsole() === false) {
$data = [];
if (is_metaconsole() === false) {
$data[0] = '<a href="index.php?sec=network&amp;sec2=operation/visual_console/render_view&amp;id='.$map['id'].'&amp;refr='.$refr.'">'.$map['name'].'</a>';
$data[0] = '<a href="index.php?sec=network&amp;sec2=operation/visual_console/render_view&amp;id='.$map['id'].'&amp;refr='.$refr.'">'.io_safe_output($map['name']).'</a>';
} else {
$data[0] = '<a href="index.php?sec=screen&sec2=screens/screens&action=visualmap&pure='.$pure.'&id='.$map['id'].'&amp;refr='.$refr.'">'.$map['name'].'</a>';
$data[0] = '<a href="index.php?sec=screen&sec2=screens/screens&action=visualmap&pure='.$pure.'&id='.$map['id'].'&amp;refr='.$refr.'">'.io_safe_output($map['name']).'</a>';
}
$data[1] = ui_print_group_icon($map['id_group'], true);
@ -541,7 +541,7 @@ if (!$maps && is_metaconsole() === false) {
true,
['class' => 'main_menu_icon invert_filter']
).'</a>';
$data[4] = '<a class="delete_visualmap" href="index.php?sec=network&amp;sec2=godmode/reporting/map_builder&amp;id_layout='.$map['id'].'&amp;delete_layout=1" onclick="javascript: if (!confirm(\''.__('Are you sure?').'\n'.__('Delete').': '.$map['name'].'\')) return false;">'.html_print_image(
$data[4] = '<a class="delete_visualmap" href="index.php?sec=network&amp;sec2=godmode/reporting/map_builder&amp;id_layout='.$map['id'].'&amp;delete_layout=1" onclick="javascript: if (!confirm(\''.__('Are you sure?').'\n'.__('Delete').': '.io_safe_output($map['name']).'\')) return false;">'.html_print_image(
'images/delete.svg',
true,
['class' => 'main_menu_icon invert_filter']
@ -552,7 +552,7 @@ if (!$maps && is_metaconsole() === false) {
true,
['class' => 'main_menu_icon invert_filter']
).'</a>';
$data[4] = '<a class="delete_visualmap" href="index.php?sec=screen&sec2=screens/screens&action=visualmap&pure='.$pure.'&id_layout='.$map['id'].'&amp;delete_layout=1" onclick="javascript: if (!confirm(\''.__('Are you sure?').'\n'.__('Delete').': '.$map['name'].'\')) return false;">'.html_print_image(
$data[4] = '<a class="delete_visualmap" href="index.php?sec=screen&sec2=screens/screens&action=visualmap&pure='.$pure.'&id_layout='.$map['id'].'&amp;delete_layout=1" onclick="javascript: if (!confirm(\''.__('Are you sure?').'\n'.__('Delete').': '.io_safe_output($map['name']).'\')) return false;">'.html_print_image(
'images/delete.svg',
true,
['class' => 'main_menu_icon invert_filter']

409
pandora_console/godmode/reporting/reporting_builder.item_editor.php
View File

@ -150,6 +150,7 @@ $fullscale = false;
$percentil = false;
$image_threshold = false;
$time_compare_overlapped = false;
$unknowns_graph = false;
// Added for events items.
$server_multiple = [0];
@ -354,6 +355,7 @@ switch ($action) {
$percentil = isset($style['percentil']) ? (bool) $style['percentil'] : 0;
$image_threshold = (isset($style['image_threshold']) === true) ? (bool) $style['image_threshold'] : false;
$graph_render = $item['graph_render'];
$unknowns_graph = $item['check_unknowns_graph'];
// The break hasn't be forgotten.
case 'simple_baseline_graph':
case 'projection_graph':
@ -1084,6 +1086,50 @@ switch ($action) {
$period = $item['period'];
break;
case 'vuls_severity_graph':
$group = $item['id_group'];
break;
case 'vuls_attack_complexity':
$group = $item['id_group'];
break;
case 'vuls_by_packages':
$group = $item['id_group'];
break;
case 'vuls_by_agent':
$group = $item['id_group'];
$es = json_decode($item['external_source'], true);
$selected_agent_custom_field_filter = $es['agent_custom_field_filter'];
$security_hardening_score = $es['security_hardening_score'];
$vulnerabilities_status = $es['vulnerabilities_status'];
$secmon_status = $es['secmon_status'];
break;
case 'vuls_info_agent':
$idAgent = $item['id_agent'];
$es = json_decode($item['external_source'], true);
$vul_package = $es['vul_package'];
$vul_severity = $es['vul_severity'];
$vul_ac = $es['vul_ac'];
$vul_pr = $es['vul_pr'];
$vul_ui = $es['vul_ui'];
$vul_av = (empty($es['vul_av']) === true) ? 'all' : $es['vul_av'];
break;
case 'top_n_agents_vuls':
$group = $item['id_group'];
$recursion = $item['recursion'];
$top_n_value = (empty($item['top_n_value']) === true) ? 10 : $item['top_n_value'];
break;
case 'top_n_vuls_count':
$group = $item['id_group'];
$recursion = $item['recursion'];
$top_n_value = (empty($item['top_n_value']) === true) ? 10 : $item['top_n_value'];
break;
default:
// It's not possible.
break;
@ -2954,6 +3000,23 @@ if (is_metaconsole() === true) {
</td>
</tr>
<tr id="row_unknowns_graph" class="datos">
<td class="bolder">
<?php
echo __('Show unknowns in graph');
?>
</td>
<td>
<?php
html_print_checkbox_switch(
'unknowns_graph',
1,
$unknowns_graph
);
?>
</td>
</tr>
<tr id="row_time_compare_overlapped" class="datos">
<td class="bolder">
<?php
@ -3946,6 +4009,217 @@ if (is_metaconsole() === true) {
?>
</td>
</tr>
<tr id="row_secmon_status" class="datos">
<td class="bolder">
<?php
echo __('Secmon status');
?>
</td>
<td>
<?php
html_print_select(
[
'all' => __('All'),
'critical' => __('Critical'),
'warning' => __('Warning'),
],
'secmon_status',
$secmon_status,
);
?>
</td>
</tr>
<tr id="row_security_hardening_score" class="datos">
<td class="bolder">
<?php
echo __('Security hardening score');
?>
</td>
<td>
<?php
html_print_select(
[
'all' => __('All'),
'90' => __('< 90%'),
'80' => __('< 80%'),
'70' => __('< 70%'),
'60' => __('< 60%'),
'50' => __('< 50%'),
'40' => __('< 40%'),
'30' => __('< 30%'),
'20' => __('< 20%'),
'10' => __('< 10%'),
],
'security_hardening_score',
(empty($security_hardening_score) === false) ? $security_hardening_score : 'all',
'',
'',
0,
false,
false,
false
);
?>
</td>
</tr>
<tr id="row_vulnerabilities_status" class="datos">
<td class="bolder">
<?php
echo __('Vulnerabilities status');
?>
</td>
<td>
<?php
html_print_select(
[
'all' => __('All'),
'crit' => __('Critical'),
'warn' => __('Warning'),
],
'vulnerabilities_status',
$vulnerabilities_status,
);
?>
</td>
</tr>
<tr id="row_vulnerabilities_packages" class="datos">
<td class="bolder">
<?php
echo __('Package').ui_print_help_tip(__('Select a agent for load his packages.'), true);
?>
</td>
<td>
<?php
html_print_select(
[
'all' => __('All'),
],
'vul_package',
$vul_package,
);
?>
</td>
</tr>
<tr id="row_vulnerabilities_severity" class="datos">
<td class="bolder">
<?php
echo __('Severity');
?>
</td>
<td>
<?php
html_print_select(
[
'all' => __('All'),
'high' => __('High'),
'low' => __('Low'),
'none' => __('None'),
],
'vul_severity',
$vul_severity,
);
?>
</td>
</tr>
<tr id="row_vulnerabilities_ac" class="datos">
<td class="bolder">
<?php
echo __('Attack Complexity');
?>
</td>
<td>
<?php
html_print_select(
[
'all' => __('All'),
'H' => __('High'),
'L' => __('Low'),
],
'vul_ac',
$vul_ac,
);
?>
</td>
</tr>
<tr id="row_vulnerabilities_pr" class="datos">
<td class="bolder">
<?php
echo __('Privileges Required');
?>
</td>
<td>
<?php
html_print_select(
[
'all' => __('All'),
'H' => __('High'),
'L' => __('Low'),
'N' => __('None'),
],
'vul_pr',
$vul_pr,
);
?>
</td>
</tr>
<tr id="row_vulnerabilities_ui" class="datos">
<td class="bolder">
<?php
echo __('User Interaction');
?>
</td>
<td>
<?php
html_print_select(
[
'all' => __('All'),
'R' => __('Required'),
'N' => __('None'),
],
'vul_ui',
$vul_ui,
);
?>
</td>
</tr>
<tr id="row_vulnerabilities_av" class="datos">
<td class="bolder">
<?php
echo __('Attack vector');
?>
</td>
<td>
<?php
html_print_select(
[
'all' => __('All'),
'A' => __('Adjacent Network'),
'L' => __('Local'),
'N' => __('Network'),
'P' => __('Physical'),
],
'vul_av',
(empty($vul_av) === true) ? 'all' : $vul_av,
'',
'',
0,
false,
false,
false
);
?>
</td>
</tr>
<?php endif; ?>
<tr id="row_status_check" class="datos">
@ -5673,6 +5947,27 @@ $(document).ready (function () {
return false;
}
break;
case 'vuls_info_agent':
if ($("#hidden-id_agent").val() == 0) {
dialog_message('#message_no_agent');
return false;
}
break;
case 'top_n_agents_vuls':
if ($("#text-max_items").val() == '') {
dialog_message('#message_no_max_item');
return false;
}
break;
case 'top_n_vuls_count':
if ($("#text-max_items").val() == '') {
dialog_message('#message_no_max_item');
return false;
}
break;
default:
break;
}
@ -5827,7 +6122,24 @@ $(document).ready (function () {
return false;
}
break;
case 'vuls_info_agent':
if ($("#hidden-id_agent").val() == 0) {
dialog_message('#message_no_agent');
return false;
}
break;
case 'top_n_agents_vuls':
if ($("#text-max_items").val() == '') {
dialog_message('#message_no_max_item');
return false;
}
break;
case 'top_n_vuls_count':
if ($("#text-max_items").val() == '') {
dialog_message('#message_no_max_item');
return false;
}
break;
default:
break;
}
@ -6877,12 +7189,22 @@ function chooseType() {
$("#row_group_by").hide();
$("#row_type_show").hide();
$("#row_use_prefix_notation").hide();
$("#row_unknowns_graph").hide();
$("#row_os_selector").hide();
$("#row_os_version_regexp").hide();
$("#row_os_end_of_life").hide();
$("#row_cat_security_hardening").hide();
$("#row_ignore_skipped").hide();
$("#row_status_check").hide();
$("#row_secmon_status").hide();
$("#row_security_hardening_score").hide();
$("#row_vulnerabilities_status").hide();
$("#row_vulnerabilities_packages").hide();
$("#row_vulnerabilities_severity").hide();
$("#row_vulnerabilities_ac").hide();
$("#row_vulnerabilities_pr").hide();
$("#row_vulnerabilities_ui").hide();
$("#row_vulnerabilities_av").hide();
// SLA list default state.
$("#sla_list").hide();
@ -6969,6 +7291,7 @@ function chooseType() {
$("#row_image_threshold").show();
$("#row_graph_render").show();
$("#row_percentil").show();
$("#row_unknowns_graph").show();
// Force type.
if('<?php echo $action; ?>' === 'new'){
@ -7782,6 +8105,50 @@ function chooseType() {
$("#row_group").show();
$('#row_period').show();
break;
case 'vuls_severity_graph':
$("#row_group").show();
break;
case 'vuls_attack_complexity':
$("#row_group").show();
break;
case 'vuls_by_packages':
$("#row_group").show();
break;
case 'vuls_by_agent':
$("#row_group").show();
$("#row_custom_field_filter").show();
$("#row_secmon_status").show();
$("#row_security_hardening_score").show();
$("#row_vulnerabilities_status").show();
break;
case 'vuls_info_agent':
$("#row_agent").show();
$("#row_vulnerabilities_packages").show();
$("#row_vulnerabilities_severity").show();
$("#row_vulnerabilities_ac").show();
$("#row_vulnerabilities_pr").show();
$("#row_vulnerabilities_ui").show();
$("#row_vulnerabilities_av").show();
updatePackages();
$('#row_agent input[type=text]').change(function(e) {
updatePackages();
});
break;
case 'top_n_agents_vuls':
$("#row_group").show();
$("#row_max_items").show();
break;
case 'top_n_vuls_count':
$("#row_group").show();
$("#row_max_items").show();
break;
}
switch (type) {
@ -8024,6 +8391,46 @@ function control_period_range() {
}, 800);
}
}
function updateSelect(element, fields, selected) {
if (typeof fields === "object") {
$(element).find("select").empty();
$(element).find(".select2-container .select2-selection__rendered").empty();
Object.keys(fields).forEach(function(key) {
if (key === selected) {
$(element).find(".select2-container .select2-selection__rendered").append(`${fields[key]}`);
$(element).find("select").append(`<option value="${key}" selected>${fields[key]}</option>`);
} else {
$(element).find("select").append(`<option value="${key}">${fields[key]}</option>`);
}
});
}
}
function updatePackages() {
let id_agent = $('#hidden-id_agent').val();
let server_id = $('#hidden-server_id').val();
$.ajax({
method: "POST",
url: "<?php echo ui_get_full_url('ajax.php'); ?>",
data: {
page: "<?php echo ENTERPRISE_DIR.'/include/ajax/vulnerabilities.ajax'; ?>",
action: "updatePackages",
id_agent: id_agent,
server_id: server_id,
},
success: function(data) {
const json = JSON.parse(data);
if (json.success) {
updateSelect("#row_vulnerabilities_packages", json.data, '<?php echo $vul_package; ?>');
}
}
});
}
$(document).ready(function () {
$('[id^=period], #combo_graph_options, #combo_sla_sort_options').next().css('z-index', 0);

2
pandora_console/godmode/reporting/reporting_builder.list_items.php
View File

@ -777,7 +777,7 @@ $table->data[0][0] = html_print_label_input_block(
)
);
$table->data[0][1] = html_print_label_input_block(
__('Poisition'),
__('Position'),
html_print_input_text_extended(
'position_to_delete',
1,

8
pandora_console/godmode/reporting/reporting_builder.main.php
View File

@ -180,8 +180,8 @@ if ($report_id_user == $config['id_user']
$options['div_class'] = '';
}
$table->data[2][1] = html_print_label_input_block(
__('Group'),
$table->data[3][0] = html_print_label_input_block(
__('Write Access Group'),
html_print_select_groups(
false,
'RW',
@ -216,7 +216,7 @@ if ($enterpriseEnable) {
if (enterprise_installed() === true) {
$table->data[3][0] = html_print_label_input_block(
$table->data[4][0] = html_print_label_input_block(
__('Generate cover page in PDF render'),
html_print_checkbox_switch(
'cover_page_render',
@ -226,7 +226,7 @@ if (enterprise_installed() === true) {
)
);
$table->data[3][1] = html_print_label_input_block(
$table->data[4][1] = html_print_label_input_block(
__('Generate index in PDF render'),
html_print_checkbox_switch(
'index_render',

102
pandora_console/godmode/reporting/reporting_builder.php
View File

@ -1928,6 +1928,7 @@ switch ($action) {
$values['graph_render'] = (int) get_parameter(
'graph_render'
);
$values['check_unknowns_graph'] = get_parameter_switch('unknowns_graph', 0);
case 'simple_baseline_graph':
// HACK it is saved in show_graph field.
$values['show_graph'] = (int) get_parameter(
@ -2045,6 +2046,56 @@ switch ($action) {
$good_format = true;
break;
case 'vuls_severity_graph':
$values['id_group'] = get_parameter('combo_group');
$good_format = true;
break;
case 'vuls_attack_complexity':
$values['id_group'] = get_parameter('combo_group');
$good_format = true;
break;
case 'vuls_by_packages':
$values['id_group'] = get_parameter('combo_group');
$good_format = true;
break;
case 'vuls_by_agent':
$values['id_group'] = get_parameter('combo_group');
$es['agent_custom_field_filter'] = get_parameter('agent_custom_field_filter');
$es['secmon_status'] = get_parameter('secmon_status');
$es['security_hardening_score'] = get_parameter('security_hardening_score');
$es['vulnerabilities_status'] = get_parameter('vulnerabilities_status');
$values['external_source'] = json_encode($es);
$good_format = true;
break;
case 'vuls_info_agent':
$values['id_agent'] = get_parameter('id_agent');
$es['server_id'] = get_parameter('server_id');
$es['vul_package'] = get_parameter('vul_package');
$es['vul_severity'] = get_parameter('vul_severity');
$es['vul_ac'] = get_parameter('vul_ac');
$es['vul_pr'] = get_parameter('vul_pr');
$es['vul_ui'] = get_parameter('vul_ui');
$es['vul_av'] = get_parameter('vul_av');
$values['external_source'] = json_encode($es);
$good_format = true;
break;
case 'top_n_agents_vuls':
$values['id_group'] = get_parameter('combo_group');
$values['top_n_value'] = get_parameter('max_items');
$good_format = true;
break;
case 'top_n_vuls_count':
$values['id_group'] = get_parameter('combo_group');
$values['top_n_value'] = get_parameter('max_items');
$good_format = true;
break;
default:
$values['period'] = get_parameter('period');
$values['top_n'] = get_parameter(
@ -2867,6 +2918,7 @@ switch ($action) {
$values['graph_render'] = (int) get_parameter(
'graph_render'
);
$values['check_unknowns_graph'] = get_parameter_switch('unknowns_graph', 0);
case 'simple_baseline_graph':
// HACK it is saved in show_graph field.
$values['show_graph'] = (int) get_parameter(
@ -2977,6 +3029,56 @@ switch ($action) {
$good_format = true;
break;
case 'vuls_severity_graph':
$values['id_group'] = get_parameter('combo_group');
$good_format = true;
break;
case 'vuls_attack_complexity':
$values['id_group'] = get_parameter('combo_group');
$good_format = true;
break;
case 'vuls_by_packages':
$values['id_group'] = get_parameter('combo_group');
$good_format = true;
break;
case 'vuls_by_agent':
$values['id_group'] = get_parameter('combo_group');
$es['agent_custom_field_filter'] = get_parameter('agent_custom_field_filter');
$es['secmon_status'] = get_parameter('secmon_status');
$es['security_hardening_score'] = get_parameter('security_hardening_score');
$es['vulnerabilities_status'] = get_parameter('vulnerabilities_status');
$values['external_source'] = json_encode($es);
$good_format = true;
break;
case 'vuls_info_agent':
$values['id_agent'] = get_parameter('id_agent');
$es['server_id'] = get_parameter('server_id');
$es['vul_package'] = get_parameter('vul_package');
$es['vul_severity'] = get_parameter('vul_severity');
$es['vul_ac'] = get_parameter('vul_ac');
$es['vul_pr'] = get_parameter('vul_pr');
$es['vul_ui'] = get_parameter('vul_ui');
$es['vul_av'] = get_parameter('vul_av');
$values['external_source'] = json_encode($es);
$good_format = true;
break;
case 'top_n_agents_vuls':
$values['id_group'] = get_parameter('combo_group');
$values['top_n_value'] = get_parameter('max_items');
$good_format = true;
break;
case 'top_n_vuls_count':
$values['id_group'] = get_parameter('combo_group');
$values['top_n_value'] = get_parameter('max_items');
$good_format = true;
break;
default:
$values['period'] = get_parameter('period');
$values['top_n'] = get_parameter(

2
pandora_console/godmode/reporting/visual_console_builder.data.php
View File

@ -151,7 +151,7 @@ $table->data[0][] = html_print_label_input_block(
__('Name'),
html_print_input_text(
'name',
$visualConsoleName,
io_safe_output($visualConsoleName),
'',
80,
100,

6
pandora_console/godmode/reporting/visual_console_builder.php
View File

@ -163,7 +163,7 @@ switch ($activeTab) {
$background_color = (string) get_parameter('background_color');
$width = (int) get_parameter('width');
$height = (int) get_parameter('height');
$visualConsoleName = (string) get_parameter('name');
$visualConsoleName = (string) io_safe_input(get_parameter('name'));
$is_favourite = (int) get_parameter('is_favourite_sent');
$auto_adjust = (int) get_parameter('auto_adjust_sent');
@ -239,7 +239,7 @@ switch ($activeTab) {
if ($uploadOK == 1) {
if (move_uploaded_file($_FILES['background_image']['tmp_name'], $target_file)) {
$background = $nameImage;
$values['background'] = $background;
$values['background'] = io_safe_input($background);
$error2 = chmod($target_file, 0644);
$uploadOK = $error2;
} else {
@ -872,7 +872,7 @@ $buttons[$activeTab]['active'] = true;
$tab_builder = ($activeTab === 'editor') ? 'visual_console_editor_editor_tab' : '';
ui_print_standard_header(
($visualConsoleName ?? ''),
(io_safe_output($visualConsoleName) ?? ''),
'images/visual_console.png',
false,
$tab_builder,

6
pandora_console/godmode/servers/plugin.php
View File

@ -860,8 +860,10 @@ if (empty($create) === false || empty($view) === false) {
if ($management_allowed === false) {
ui_print_warning_message(
__(
'This console is not manager of this environment,
please manage this feature from centralized manager console (Metaconsole).'
'This console is not manager of this environment, please manage this feature from feature from %s.',
'<a target="_blank" href="'.ui_get_meta_url(
'index.php?sec=advanced&sec2=godmode/servers/plugin_registration&tab=plugin_registration&pure=0'
).'">'.__('metaconsole').'</a>'
)
);
}

113
pandora_console/godmode/servers/servers.build_table.php
View File

@ -64,32 +64,33 @@ $table->style = [];
// $table->style[0] = 'font-weight: bold';
$table->align = [];
$table->align[1] = 'center';
$table->align[3] = 'center';
$table->align[8] = 'right';
$table->align[4] = 'center';
$table->align[9] = 'right';
$table->headstyle[1] = 'text-align:center';
$table->headstyle[3] = 'text-align:center';
$table->headstyle[8] = 'text-align:right;width: 120px;';
$table->headstyle[4] = 'text-align:center';
$table->headstyle[9] = 'text-align:right;width: 120px;';
$table->titleclass = 'tabletitle';
$table->titlestyle = 'text-transform:uppercase;';
$table->style[6] = 'display: flex;align-items: center;';
$table->style[7] = 'display: flex;align-items: center;';
$table->head = [];
$table->head[0] = __('Name');
$table->head[1] = __('Status');
$table->head[2] = __('Type');
$table->head[3] = __('Version');
$table->head[4] = __('Modules');
$table->head[5] = __('Lag').ui_print_help_tip(__('Avg. Delay(sec)/Modules delayed'), true);
$table->head[6] = __('T/Q').ui_print_help_tip(__('Threads / Queued modules currently'), true);
$table->head[3] = __('Master');
$table->head[4] = __('Version');
$table->head[5] = __('Modules');
$table->head[6] = __('Lag').ui_print_help_tip(__('Avg. Delay(sec)/Modules delayed'), true);
$table->head[7] = __('T/Q').ui_print_help_tip(__('Threads / Queued modules currently'), true);
// This will have a column of data such as "6 hours".
$table->head[7] = __('Updated');
$table->head[8] = __('Updated');
// Only Pandora Administrator can delete servers.
if ((bool) check_acl($config['id_user'], 0, 'PM') === true) {
$table->head[8] = '<span title="Operations">'.__('Op.').'</span>';
$table->head[9] = '<span title="Operations">'.__('Op.').'</span>';
}
$table->data = [];
@ -143,9 +144,11 @@ foreach ($servers as $server) {
}
// Type.
$data[2] = '<span class="nowrap">'.$server['img'];
$data[2] = '<span class="nowrap">'.$server['img'].'&nbsp;&nbsp;&nbsp;&nbsp;'.$server['name'];
if ($server['master'] == $master) {
$data[2] .= ui_print_help_tip(__('This is a master server'), true);
$data[3] .= __('Yes', true);
} else {
$data[3] .= __('-');
}
if ((int) $server['exec_proxy'] === 1) {
@ -157,27 +160,27 @@ foreach ($servers as $server) {
case 'event':
case 'autoprovision':
case 'migration':
$data[3] = $server['version'];
$data[4] = __('N/A');
$data[4] = $server['version'];
$data[5] = __('N/A');
$data[6] = __('N/A');
break;
case 'export':
$data[3] = $server['version'];
$data[4] = $server['modules'].' '.__('of').' '.$server['modules_total'];
$data[5] = __('N/A');
$data[4] = $server['version'];
$data[5] = $server['modules'].' '.__('of').' '.$server['modules_total'];
$data[6] = __('N/A');
break;
default:
$data[3] = $server['version'];
$data[4] = $server['modules'].' '.__('of').' '.$server['modules_total'];
$data[5] = '<span class="nowrap">'.$server['lag_txt'].'</span>';
$data[4] = $server['version'];
$data[5] = $server['modules'].' '.__('of').' '.$server['modules_total'];
$data[6] = '<span class="nowrap">'.$server['lag_txt'].'</span>';
break;
}
$data[6] = '';
if ($server['queued_modules'] > 500) {
$data[6] .= '<div class="inline"><a onclick="show_dialog();" >'.html_print_image(
$data[7] = '';
if ($server['queued_modules'] >= $config['number_modules_queue']) {
$data[7] .= '<div class="inline"><a onclick="show_dialog();" >'.html_print_image(
'images/info-warning.svg',
true,
[
@ -189,9 +192,9 @@ foreach ($servers as $server) {
).'</a></div>&nbsp;&nbsp;';
}
$data[6] .= $server['threads'].' : '.$server['queued_modules'];
$data[7] .= $server['threads'].' : '.$server['queued_modules'];
$data[7] = ui_print_timestamp($server['keepalive'], true);
$data[8] = ui_print_timestamp($server['keepalive'], true);
if ($server['type'] === 'data') {
$ext = '_server';
@ -208,11 +211,11 @@ foreach ($servers as $server) {
// Only Pandora Administrator can delete servers.
if ((bool) check_acl($config['id_user'], 0, 'PM') === true) {
$data[8] = '';
$data[9] = '';
if ($server['type'] === 'recon') {
$data[8] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/discovery&wiz=tasklist').'">';
$data[8] .= html_print_image(
$data[9] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/discovery&wiz=tasklist').'">';
$data[9] .= html_print_image(
'images/snmp-trap@svg.svg',
true,
[
@ -221,12 +224,12 @@ foreach ($servers as $server) {
]
);
$data[8] .= '</a>';
$data[9] .= '</a>';
}
if ($server['type'] === 'data') {
$data[8] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&refr=0&server_reset_counts='.$server['id_server']).'">';
$data[8] .= html_print_image(
$data[9] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&refr=0&server_reset_counts='.$server['id_server']).'">';
$data[9] .= html_print_image(
'images/force@svg.svg',
true,
[
@ -234,10 +237,10 @@ foreach ($servers as $server) {
'class' => 'main_menu_icon invert_filter',
]
);
$data[8] .= '</a>';
$data[9] .= '</a>';
} else if ($server['type'] === 'enterprise snmp') {
$data[8] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&refr=0&server_reset_snmp_enterprise='.$server['id_server']).'">';
$data[8] .= html_print_image(
$data[9] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&refr=0&server_reset_snmp_enterprise='.$server['id_server']).'">';
$data[9] .= html_print_image(
'images/force@svg.svg',
true,
[
@ -245,12 +248,12 @@ foreach ($servers as $server) {
'class' => 'main_menu_icon invert_filter',
]
);
$data[8] .= '</a>';
$data[9] .= '</a>';
}
if ($server['type'] === 'event' && (bool) check_acl($config['id_user'], 0, 'LM') === true) {
$data[8] .= '<a class="open-alerts-list-modal" href="">';
$data[8] .= html_print_image(
$data[9] .= '<a class="open-alerts-list-modal" href="">';
$data[9] .= html_print_image(
'images/alert@svg.svg',
true,
[
@ -258,11 +261,11 @@ foreach ($servers as $server) {
'class' => 'main_menu_icon invert_filter',
]
);
$data[8] .= '</a>';
$data[9] .= '</a>';
}
$data[8] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&server='.$server['id_server']).'">';
$data[8] .= html_print_image(
$data[9] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&server='.$server['id_server']).'">';
$data[9] .= html_print_image(
'images/edit.svg',
true,
[
@ -270,11 +273,11 @@ foreach ($servers as $server) {
'class' => 'main_menu_icon invert_filter',
]
);
$data[8] .= '</a>';
$data[9] .= '</a>';
if (($names_servers[$safe_server_name] === true) && ($ext === '_server' || $server['type'] === 'enterprise satellite')) {
$data[8] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&server_remote='.$server['id_server'].'&ext='.$ext.'&tab=agent_editor').'">';
$data[8] .= html_print_image(
$data[9] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&server_remote='.$server['id_server'].'&ext='.$ext.'&tab=advanced_editor').'">';
$data[9] .= html_print_image(
'images/agents@svg.svg',
true,
[
@ -282,10 +285,10 @@ foreach ($servers as $server) {
'class' => 'main_menu_icon invert_filter',
]
);
$data[8] .= '</a>';
$data[9] .= '</a>';
$data[8] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&server_remote='.$server['id_server'].'&ext='.$ext).'">';
$data[8] .= html_print_image(
$data[9] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&server_remote='.$server['id_server'].'&ext='.$ext).'">';
$data[9] .= html_print_image(
'images/remote-configuration@svg.svg',
true,
[
@ -293,12 +296,12 @@ foreach ($servers as $server) {
'class' => 'main_menu_icon invert_filter',
]
);
$data[8] .= '</a>';
$data[9] .= '</a>';
$names_servers[$safe_server_name] = false;
}
$data[8] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&server_del='.$server['id_server'].'&amp;delete=1').'">';
$data[8] .= html_print_image(
$data[9] .= '<a href="'.ui_get_full_url('index.php?sec=gservers&sec2=godmode/servers/modificar_server&server_del='.$server['id_server'].'&amp;delete=1').'">';
$data[9] .= html_print_image(
'images/delete.svg',
true,
[
@ -307,14 +310,14 @@ foreach ($servers as $server) {
'class' => 'main_menu_icon invert_filter',
]
);
$data[8] .= '</a>';
$data[9] .= '</a>';
}
if ($tiny) {
unset($data[4]);
unset($data[6]);
unset($data[5]);
unset($data[7]);
unset($data[8]);
unset($data[9]);
}
$ext = '';
@ -323,10 +326,10 @@ foreach ($servers as $server) {
}
if ($tiny) {
unset($table->head[4]);
unset($table->head[6]);
unset($table->head[5]);
unset($table->head[7]);
unset($table->head[8]);
unset($table->head[9]);
}
if ($tiny) {

2
pandora_console/godmode/setup/file_manager.php
View File

@ -71,6 +71,8 @@ if (isset($config['filemanager']['message']) === true) {
$fallback_directory = 'images';
// Get directory.
$directory = (string) get_parameter('directory');
$directory = str_replace('&lt;', '', $text);
$directory = str_replace('&gt;', '', $text);
if (empty($directory) === true) {
$directory = $fallback_directory;
} else {

14
pandora_console/godmode/setup/links.php
View File

@ -54,8 +54,12 @@ if (isset($_POST['create'])) {
if (! $result) {
ui_print_error_message(__('There was a problem creating link'));
} else {
ui_print_success_message(__('Successfully created'));
$id_link = $result;
ui_print_result_message(
$id_link,
__('Successfully created'),
__('Could not be created')
);
}
}
@ -111,8 +115,8 @@ if ((isset($_GET['form_add'])) or (isset($_GET['form_edit']))) {
$link = '';
}
echo '<table class="databox filters filter-table-adv max_floating_element_size" cellpadding="4" cellspacing="4" width="100%">';
echo '<form name="ilink" method="post" action="index.php?sec=gsetup&sec2=godmode/setup/links">';
echo '<table class="databox filters filter-table-adv max_floating_element_size" cellpadding="4" cellspacing="4" width="100%">';
if ($creation_mode == 1) {
echo "<input type='hidden' name='create' value='1'>";
} else {
@ -179,10 +183,10 @@ if ((isset($_GET['form_add'])) or (isset($_GET['form_edit']))) {
)
);
echo '</form></td></tr></table>';
echo '</td></tr></table></form>';
} else {
// Main list view for Links editor
$rows = db_get_all_rows_in_table('tlink', 'name');
// Main list view for Links editor.
$rows = db_get_all_fields_in_table('tlink', '', '', 'name');
if ($rows === false) {
$rows = [];
}

47
pandora_console/godmode/setup/os.builder.php
View File

@ -46,7 +46,7 @@ if ($idOS > 0) {
$description = $os['description'];
$icon = $os['icon_name'];
} else {
$name = io_safe_input(strip_tags(io_safe_output((string) get_parameter('name'))));
$name = io_safe_input(strip_tags(trim(io_safe_output((string) get_parameter('name')))));
$description = io_safe_input(strip_tags(io_safe_output((string) get_parameter('description'))));
$icon = get_parameter('icon', 0);
}
@ -87,9 +87,16 @@ if ($is_management_allowed === true) {
if (in_array($file_ext, $allowed_extensions) === false) {
$message = 9;
} else if (exif_imagetype($file_tmp) === false && $file_ext !== 'svg') {
$message = 10;
} else {
$message = 8;
move_uploaded_file($file_tmp, $config['homedir'].'/images/os_icons/'.$file_name);
$file_uploaded = move_uploaded_file($file_tmp, $config['homedir'].'/images/os_icons/'.$file_name);
if ($file_uploaded !== true) {
$message = 10;
}
}
}
} else {
@ -108,7 +115,7 @@ if ($is_management_allowed === true) {
if ($resultOrId === false) {
$message = 2;
$tab = 'builder';
$tab = 'manage_os';
$actionHidden = 'save';
$textButton = __('Create');
$classButton = ['icon' => 'wand'];
@ -144,13 +151,19 @@ if ($is_management_allowed === true) {
if (in_array($file_ext, $allowed_extensions) === false) {
$message = 9;
} else if (exif_imagetype($file_tmp) === false) {
$message = 10;
} else {
$message = 8;
move_uploaded_file($file_tmp, $config['homedir'].'/images/os_icons/'.$file_name);
$file_uploaded = move_uploaded_file($file_tmp, $config['homedir'].'/images/os_icons/'.$file_name);
if ($file_uploaded !== true) {
$message = 10;
}
}
}
} else {
$name = io_safe_input(strip_tags(io_safe_output((string) get_parameter('name'))));
$name = io_safe_input(strip_tags(trim(io_safe_output((string) get_parameter('name')))));
$description = io_safe_input(strip_tags(io_safe_output((string) get_parameter('description'))));
$icon = get_parameter('icon', 0);
@ -254,7 +267,7 @@ $table->class = 'databox filter-table-adv';
$table->data[0][] = html_print_label_input_block(
__('Name'),
html_print_input_text('name', $name, __('Name'), 20, 30, true, false, false, '', 'w250px')
html_print_input_text('name', $name, __('Name'), 20, 30, true, false, true, '', 'w250px')
);
$table->data[0][] = html_print_label_input_block(
@ -290,6 +303,28 @@ html_print_action_buttons(
echo '</form>';
$id_message = get_parameter('id_message', 0);
if ($id_message !== 0) {
switch ($id_message) {
case 8:
echo ui_print_success_message(__('Icon successfuly uploaded'), '', true);
break;
case 9:
echo ui_print_error_message(__('File must be of type JPG, JPEG, PNG or SVG'), '', true);
break;
case 10:
echo ui_print_error_message(__('An error ocurrered to upload icon'), '', true);
break;
default:
// Nothing to do.
break;
}
}
function get_list_os_icons_dir()
{

8
pandora_console/godmode/setup/os.php
View File

@ -162,11 +162,15 @@ if (empty($id_message) === false) {
break;
case 8:
echo ui_print_success_message(__('Icon successfuly uploaded'), '', true);
header('Location: index.php?sec=gagente&sec2=godmode/setup/os&tab=manage_os&action=edit&id_message=8');
break;
case 9:
echo ui_print_error_message(__('File must be of type JPG, JPEG, PNG or SVG'), '', true);
header('Location: index.php?sec=gagente&sec2=godmode/setup/os&tab=manage_os&action=edit&id_message=9');
break;
case 10:
header('Location: index.php?sec=gagente&sec2=godmode/setup/os&tab=manage_os&action=edit&id_message=10');
break;
default:

9
pandora_console/godmode/setup/performance.php
View File

@ -154,8 +154,7 @@ if ($update_config == 1 && $config['history_db_enabled'] == 1) {
$performance_variables_control = (array) json_decode(io_safe_output($config['performance_variables_control']));
$total_agents = db_get_value('count(*)', 'tagente');
$disable_agentaccess = ($total_agents >= 200 && $config['agentaccess'] == 0) ? true : false;
// $disable_agentaccess = ($total_agents >= 200 && $config['agentaccess'] == 0) ? true : false;
$table_status = new StdClass();
$table_status->width = '100%';
$table_status->class = 'databox filters';
@ -666,7 +665,7 @@ $table_other->data[2][1] = html_print_label_input_block(
true
)
);
/*
$table_other->data[3][0] = html_print_label_input_block(
__('Use agent access graph'),
html_print_checkbox_switch(
@ -677,8 +676,8 @@ $table_other->data[3][0] = html_print_label_input_block(
$disable_agentaccess
)
);
$table_other->data[3][1] = html_print_label_input_block(
*/
$table_other->data[3][0] = html_print_label_input_block(
__('Max. recommended number of files in attachment directory'),
html_print_input_text(
'num_files_attachment',

12
pandora_console/godmode/setup/setup.php
View File

@ -93,7 +93,7 @@ $buttons['general'] = [
'images/setup.png',
true,
[
'title' => __('General'),
'title' => __('General setup'),
'class' => 'invert_filter',
]
@ -265,7 +265,7 @@ if (enterprise_installed()) {
switch ($section) {
case 'general':
$buttons['general']['active'] = true;
$subpage = __('General');
$subpage = __('General setup');
$help_header = 'setup_general_tab';
break;
@ -370,14 +370,14 @@ switch ($section) {
break;
default:
$subpage = 'seccion: '.$section;
$subpage = 'seccion: ';
// Default.
break;
}
// Header.
ui_print_standard_header(
$subpage,
__('Setup').' &raquo; '.$subpage,
'',
false,
$help_header,
@ -388,6 +388,10 @@ ui_print_standard_header(
'link' => '',
'label' => __('Setup'),
],
[
'link' => '',
'label' => $subpage,
],
]
);

3
pandora_console/godmode/setup/setup_ITSM.php
View File

@ -187,7 +187,8 @@ $button_test .= '&nbsp;<span id="ITSM-message" class="invisible"></span>';
$row['control'] = html_print_label_input_block(
__('Test connection pandora to ITSM'),
$button_test
$button_test,
['div_class' => 'ITSM-remote-setup-ITSM_token']
);
$table_remote->data['ITSM_test'] = $row;

33
pandora_console/godmode/setup/setup_auth.php
View File

@ -535,16 +535,47 @@ html_print_action_buttons(
__('Update'),
'update_button',
false,
[ 'icon' => 'update' ],
[
'icon' => 'update',
'onclick' => 'onFormSubmit()',
],
true
)
);
echo '</form>';
echo ui_print_warning_message(
[
'message' => __('Session timeout must be a number'),
'force_class' => 'invisible js_warning_msg',
],
'',
true
);
?>
<script type="text/javascript">
function onFormSubmit() {
const isNumber = n => $.isNumeric(n);
let session_timeout = $('#text-session_timeout').val()
if(isNumber(session_timeout)) {
if (session_timeout < 0) {
session_timeout = -1;
}
if (session_timeout > 604800) {
session_timeout = 604800;
}
$('#text-session_timeout').val(session_timeout);
} else {
$('.js_warning_msg').removeClass('invisible');
event.preventDefault();
return false;
}
}
function showAndHide() {
if ($('input[type=checkbox][name=double_auth_enabled]:checked').val() == 1) {
$('#table1-2FA_all_users').removeClass('invisible');

12
pandora_console/godmode/setup/setup_general.php
View File

@ -733,7 +733,7 @@ $table->data[$i++][] = html_print_label_input_block(
);
$help_tip = ui_print_help_tip(
__('If there are any &#x22;In process&#x22; events with a specific Extra ID and a New event with that Extra ID is received, it will be created as &#x22;In process&#x22; instead.'),
__('If there are any &#x22;In process&#x22; events with a specific Extra ID and a New event with that Extra ID is received, it will be created as &#x22;In process&#x22; instead. The new events also inherit Event Custom ID'),
true
);
@ -766,6 +766,16 @@ $table->data[$i][] = html_print_label_input_block(
true
)
);
$table->data[$i++][] = html_print_label_input_block(
__('Number of modules in queue'),
html_print_input_number(
[
'name' => 'number_modules_queue',
'min' => 0,
'value' => $config['number_modules_queue'],
]
)
);
echo '<form class="max_floating_element_size" id="form_setup" method="post" action="index.php?sec=gsetup&sec2=godmode/setup/setup&amp;section=general&amp;pure='.$config['pure'].'">';

1
pandora_console/godmode/snmpconsole/snmp_alert.php
View File

@ -1952,6 +1952,7 @@ if ($create_alert || $update_alert) {
[
'border' => '0',
'alt' => __('Delete'),
'class' => 'invert_filter main_menu_icon',
]
).'</a> </td>';
$data[1] .= '</tr>';

283
pandora_console/godmode/users/configure_user.php
View File

@ -155,14 +155,92 @@ if (is_ajax() === true) {
return;
}
if ($delete_profile === true) {
// Get parameters.
$result = false;
$id_user = (string) get_parameter('id_user');
$id_up = (int) get_parameter('id_user_profile');
$delete_user = (bool) get_parameter('delete_user', false);
$user_is_global_admin = users_is_admin($id_user);
$perfilUser = db_get_row('tusuario_perfil', 'id_up', $id_up);
$id_perfil = $perfilUser['id_perfil'];
db_pandora_audit(
AUDIT_LOG_USER_MANAGEMENT,
'Deleted profile for user '.io_safe_output($id_user),
false,
false,
'The profile with id '.$id_perfil.' in the group '.$perfilUser['id_grupo']
);
// Delete profile.
$profile_deleted = profile_delete_user_profile($id_user, $id_up);
// Check if exists more profiles.
$has_profile = db_get_row('tusuario_perfil', 'id_usuario', $id_user);
if ($profile_deleted === true) {
if ($has_profile === false && $user_is_global_admin === false && $delete_user === true) {
if (is_metaconsole() === true) {
$servers = metaconsole_get_servers();
foreach ($servers as $server) {
// Connect to the remote console.
metaconsole_connect($server);
// Delete the user.
$result = delete_user($id_user);
if ($result === true) {
db_pandora_audit(
AUDIT_LOG_USER_MANAGEMENT,
__('Deleted user %s from metaconsole', io_safe_output($id_user))
);
}
// Restore the db connection.
metaconsole_restore_db();
// Log to the metaconsole too.
if ($result === true) {
db_pandora_audit(
AUDIT_LOG_USER_MANAGEMENT,
__(
'Deleted user %s from %s',
io_safe_input($id_user),
io_safe_input($server['server_name'])
)
);
}
}
$result = delete_user((string) $id_user);
if ($result === true) {
db_pandora_audit(
AUDIT_LOG_USER_MANAGEMENT,
__('Deleted user %s', io_safe_output($id_user))
);
}
} else {
$result = delete_user((string) $id_user);
if ($result === true) {
db_pandora_audit(
AUDIT_LOG_USER_MANAGEMENT,
__('Deleted user %s', io_safe_output($id_user))
);
}
}
} else {
$result = $profile_deleted;
}
}
return $result;
}
}
$tab = get_parameter('tab', 'user');
// Save autorefresh list.
$autorefresh_list = (array) get_parameter_post('autorefresh_list');
$autorefresh_white_list = (($autorefresh_list[0] === '') || ($autorefresh_list[0] === '0')) ? '' : json_encode($autorefresh_list);
// Header.
if (is_metaconsole() === true) {
user_meta_print_header();
@ -195,11 +273,11 @@ if (is_metaconsole() === true) {
).'</a>',
],
];
$buttons[$tab]['active'] = true;
}
$edit_user = get_parameter('edit_user');
ui_print_standard_header(
($edit_user) ? sprintf('%s [ %s ]', __('Update User'), $id) : __('Create User'),
'images/gm_users.png',
@ -222,11 +300,9 @@ if (is_metaconsole() === true) {
],
]
);
$sec = 'gusuarios';
}
if ((bool) $config['user_can_update_info'] === true) {
$view_mode = false;
} else {
@ -348,8 +424,10 @@ if ($create_user === true) {
$values['data_section'] = $dashboard;
} else if (io_safe_output($values['section']) === HOME_SCREEN_VISUAL_CONSOLE) {
$values['data_section'] = $visual_console;
} else if ($values['section'] === HOME_SCREEN_OTHER || io_safe_output($values['section']) === HOME_SCREEN_EXTERNAL_LINK) {
$values['data_section'] = get_parameter('data_section');
} else if ($values['section'] === HOME_SCREEN_OTHER) {
$values['data_section'] = get_parameter('data_section_other');
} else if (io_safe_output($values['section']) === HOME_SCREEN_EXTERNAL_LINK) {
$values['data_section'] = get_parameter('data_section_external');
}
// $values['section'] = $homeScreenValues[$values['section']];
@ -596,8 +674,11 @@ if ($update_user) {
$values['email'] = (string) get_parameter('email');
$values['phone'] = (string) get_parameter('phone');
$values['comments'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('comments'))));
if (users_is_admin($config['id_user']) === true || (bool) check_acl($config['id_user'], 0, 'PM') === true) {
$values['allowed_ip_active'] = ((int) get_parameter('allowed_ip_active', -1) === 0);
$values['allowed_ip_list'] = io_safe_input(strip_tags(io_safe_output((string) get_parameter('allowed_ip_list'))));
}
$values['is_admin'] = (get_parameter('is_admin', 0) === 0) ? 0 : 1;
$values['language'] = (string) get_parameter('language');
$values['timezone'] = (string) get_parameter('timezone');
@ -643,8 +724,10 @@ if ($update_user) {
$values['data_section'] = $dashboard;
} else if (io_safe_output($values['section']) === HOME_SCREEN_VISUAL_CONSOLE) {
$values['data_section'] = $visual_console;
} else if ($values['section'] === HOME_SCREEN_OTHER || io_safe_output($values['section']) === HOME_SCREEN_EXTERNAL_LINK) {
$values['data_section'] = get_parameter('data_section');
} else if ($values['section'] === HOME_SCREEN_OTHER) {
$values['data_section'] = get_parameter('data_section_other');
} else if (io_safe_output($values['section']) === HOME_SCREEN_EXTERNAL_LINK) {
$values['data_section'] = get_parameter('data_section_external');
}
// $values['section'] = $homeScreenValues[$values['section']];
@ -686,6 +769,9 @@ if ($update_user) {
$id_user = (string) get_parameter('id_user', '');
if ($password_new != '') {
if ($config['auth'] !== 'mysql') {
ui_print_error_message(__('It is not possible to change the password because external authentication is being used'));
} else {
$correct_password = false;
$user_credentials_check = process_user_login($id_user, $own_password_confirm, true);
@ -778,6 +864,7 @@ if ($update_user) {
);
ui_print_error_message(__('Passwords does not match'));
}
}
} else {
$has_skin = false;
$has_wizard = false;
@ -862,89 +949,6 @@ if ($update_user) {
$user_info = $values;
}
if ($delete_profile) {
$id2 = (string) get_parameter('id_user');
$id_up = (int) get_parameter('id_user_profile');
$perfilUser = db_get_row('tusuario_perfil', 'id_up', $id_up);
$id_perfil = $perfilUser['id_perfil'];
$perfil = db_get_row('tperfil', 'id_perfil', $id_perfil);
db_pandora_audit(
AUDIT_LOG_USER_MANAGEMENT,
'Deleted profile for user '.io_safe_output($id2),
false,
false,
'The profile with id '.$id_perfil.' in the group '.$perfilUser['id_grupo']
);
$return = profile_delete_user_profile($id2, $id_up);
ui_print_result_message(
$return,
__('Successfully deleted'),
__('Could not be deleted')
);
$has_profile = db_get_row('tusuario_perfil', 'id_usuario', $id2);
$user_is_global_admin = users_is_admin($id2);
if ($has_profile === false && $user_is_global_admin === false) {
$result = delete_user($id2);
if ($result === true) {
db_pandora_audit(
AUDIT_LOG_USER_MANAGEMENT,
__('Deleted user %s', io_safe_output($id_user))
);
}
ui_print_result_message(
$result,
__('Successfully deleted'),
__('There was a problem deleting the user')
);
// Delete the user in all the consoles.
if (is_metaconsole() === true) {
$servers = metaconsole_get_servers();
foreach ($servers as $server) {
// Connect to the remote console.
metaconsole_connect($server);
// Delete the user.
$result = delete_user($id_user);
if ($result === true) {
db_pandora_audit(
AUDIT_LOG_USER_MANAGEMENT,
__('Deleted user %s from metaconsole', io_safe_output($id_user))
);
}
// Restore the db connection.
metaconsole_restore_db();
// Log to the metaconsole too.
if ($result === true) {
db_pandora_audit(
AUDIT_LOG_USER_MANAGEMENT,
__(
'Deleted user %s from %s',
io_safe_input($id_user),
io_safe_input($server['server_name'])
)
);
}
ui_print_result_message(
$result,
__('Successfully deleted from %s', io_safe_input($server['server_name'])),
__('There was a problem deleting the user from %s', io_safe_input($server['server_name']))
);
}
}
}
}
if ((int) $status !== -1) {
ui_print_result_message(
$status,
@ -1155,6 +1159,13 @@ if (is_user_admin($id) === true) {
);
}
html_print_div(
[
'id' => 'delete_profile_modal',
'content' => '',
]
);
$full_name = ' <div class="label_select_simple">'.html_print_input_text_extended(
'fullname',
$user_info['fullname'],
@ -1929,22 +1940,85 @@ if (is_metaconsole() === false) {
});
$('input:image[name="del"]').click(function(e) {
if ($(json_profile).length > 0) return;
if (!confirm('Are you sure?')) return;
e.preventDefault();
var rows = $("#table_profiles tr").length;
if (((is_metaconsole === '1' && rows <= 4) || (is_metaconsole === '' && rows <= 3)) && user_is_global_admin !== '1') {
if (!confirm('<?php echo __('Deleting last profile will delete this user'); ?>' + '. ' + '<?php echo __('Are you sure?'); ?>')) {
return;
}
}
var rows = $("#table_profiles tr").length;
let deleteuser = 0;
e.preventDefault();
var id_user_profile = $(this).siblings();
id_user_profile = id_user_profile[1].value;
var row = $(this).closest('tr');
if (((is_metaconsole === '1' && rows <= 3) || (is_metaconsole !== '1' && rows <= 3)) && user_is_global_admin !== '1') {
$("#delete_profile_modal")
.empty()
.html("<?php echo __('Deleting this profile will leave your user without a profile or group. You can continue by deleting the user or preserving it.'); ?>");
// Set the title.
$("#delete_profile_modal").prop("title", "<?php echo __('Are you sure?'); ?>");
// Build the dialog for show the mesage.
$("#delete_profile_modal").dialog({
resizable: true,
draggable: true,
modal: true,
width: 500,
buttons: [
{
text: "Cancel",
click: function() {
$(this).dialog("close");
return false;
}
},
{
text: "Delete",
click: function() {
$(this).dialog("close");
deleteuser = 1;
delete_user_profile(id_user_profile, row, id_user, deleteuser);
}
},
{
text: "Preserve",
click: function() {
$(this).dialog("close");
deleteuser = 0;
delete_user_profile(id_user_profile, row, id_user, deleteuser)
}
}
],
overlay: {
opacity: 0.5,
background: "black"
},
closeOnEscape: false,
open: function(event, ui) {
$(".ui-dialog-titlebar-close").hide();
}
});
} else {
if (((is_metaconsole === '1' && rows <= 3) || (is_metaconsole === '' && rows <= 3)) && user_is_global_admin !== '1') {
if (!confirm('<?php echo __('Deleting last profile will delete this user'); ?>' + '. ' + '<?php echo __('Are you sure?'); ?>')) {
return false;
} else {
delete_user_profile(id_user_profile, row, id_user, deleteuser);
}
} else {
if (!confirm('Are you sure?')) {
return false;
} else {
delete_user_profile(id_user_profile, row, id_user, deleteuser);
}
}
}
if ($(json_profile).length > 0) return;
});
function delete_user_profile(id_user_profile, row, id_user, deleteuser){
var params = [];
params.push("delete_profile=1");
params.push("edit_user=1");
params.push("delete_user=" + deleteuser);
params.push("id_user=" + id_user);
params.push("id_user_profile=" + id_user_profile);
params.push("page=godmode/users/configure_user");
@ -1955,15 +2029,14 @@ if (is_metaconsole() === false) {
success: function(data) {
row.remove();
var rows = $("#table_profiles tr").length;
if (is_metaconsole === '' && rows <= 2 && user_is_global_admin !== '1') {
if (is_metaconsole === '' && rows <= 2 && user_is_global_admin !== '1' && deleteuser == '1') {
window.location.replace("<?php echo ui_get_full_url('index.php?sec=gusuarios&sec2=godmode/users/user_list&tab=user&pure=0', false, false, false); ?>");
} else if (is_metaconsole === '1' && rows <= 3 && user_is_global_admin !== '1') {
} else if (is_metaconsole === '1' && rows <= 2 && user_is_global_admin !== '1' && deleteuser == '1') {
window.location.replace("<?php echo ui_get_full_url('index.php?sec=advanced&sec2=advanced/users_setup', false, false, true); ?>");
}
}
});
});
}
function checkProfiles(e) {
e.preventDefault();

87
pandora_console/godmode/users/user_management.php
View File

@ -81,6 +81,11 @@ $customHomeScreenAddition[HOME_SCREEN_DASHBOARD] = html_print_select(
false,
'width: 100%'
);
// Home screen. Visual consoles.
$customHomeScreenAddition[HOME_SCREEN_VISUAL_CONSOLE] = html_print_select($layouts_aux, 'visual_console', $user_info['data_section'], '', '', '', true, false, true, 'w100p', false, 'width: 100%');
// Home screen. External link and Other.
$customHomeScreenAddition[HOME_SCREEN_EXTERNAL_LINK] = html_print_input_text('data_section_external', $user_info['data_section'], '', 60, 255, true);
$customHomeScreenAddition[HOME_SCREEN_OTHER] = html_print_input_text('data_section_other', $user_info['data_section'], '', 60, 255, true);
$layouts = visual_map_get_user_layouts($config['id_user'], true);
$layouts_aux = [];
@ -327,7 +332,7 @@ $passwordManageTable->data = [];
$passwordManageTable->data['captions_newpassword'][0] = __('New password');
$passwordManageTable->rowclass['fields_newpassword'] = 'w540px';
$passwordManageTable->data['fields_newpassword'][0] = html_print_input_text_extended(
$passwordManageTable->data['fields_newpassword'][0] = '<div class="relative container-div-input-password ">'.html_print_input_text_extended(
'password_new',
'',
'password_new',
@ -337,16 +342,17 @@ $passwordManageTable->data['fields_newpassword'][0] = html_print_input_text_exte
$view_mode,
'',
[
'class' => 'input w100p',
'class' => 'input',
'placeholder' => __('Password'),
'style' => 'width: 540px',
],
true,
true
);
).'</div>';
$passwordManageTable->data['captions_repeatpassword'][0] = __('Repeat new password');
$passwordManageTable->rowclass['fields_repeatpassword'] = 'w540px';
$passwordManageTable->data['fields_repeatpassword'][0] = html_print_input_text_extended(
$passwordManageTable->data['fields_repeatpassword'][0] = '<div class="relative container-div-input-password ">'.html_print_input_text_extended(
'password_confirm',
'',
'password_conf',
@ -358,10 +364,11 @@ $passwordManageTable->data['fields_repeatpassword'][0] = html_print_input_text_e
[
'class' => 'input w100p',
'placeholder' => __('Password confirmation'),
'style' => 'width: 540px',
],
true,
true
);
).'</div>';
if ($new_user === false && users_is_admin() === false) {
$passwordManageTable->data['captions_currentpassword'][0] = __('Current password');
@ -857,10 +864,35 @@ $userManagementTable->data['fields_addSettings'][0] = html_print_textarea(
''
);
$userManagementTable->data['captions_addSettings'][1] = __('Login allowed IP list');
$userManagementTable->data['fields_addSettings'][1] = html_print_div(
if (users_is_admin($config['id_user']) === true || (bool) check_acl($config['id_user'], 0, 'PM') === true) {
$allowAllIpsContent = [];
$allowAllIpsContent[] = '<span>'.__('Enable IP allowlist').'</span>';
$allowAllIpsContent[] = html_print_div(
[
'class' => 'edit_user_allowed_ip',
'content' => html_print_checkbox_switch(
'allowed_ip_active',
0,
($user_info['allowed_ip_active'] ?? 0),
true,
false,
'handleIpAllowlist(this)'
),
],
true
);
$userManagementTable->data['captions_addSettings'][1] = html_print_div(
[
'class' => 'margin-top-10',
'style' => 'display: flex; flex-direction: row-reverse; align-items: center;',
'content' => implode('', $allowAllIpsContent),
],
true
);
$userManagementTable->data['fields_addSettings'][1] .= html_print_div(
[
'class' => 'edit_user_allowed_ip '.(((int) $user_info['allowed_ip_active'] === 1) ? '' : 'invisible'),
'content' => html_print_textarea(
'allowed_ip_list',
5,
@ -875,32 +907,13 @@ $userManagementTable->data['fields_addSettings'][1] = html_print_div(
$userManagementTable->data['fields_addSettings'][1] .= ui_print_input_placeholder(
__('Add the source IPs that will allow console access. Each IP must be separated only by comma. * allows all.'),
true
);
$allowAllIpsContent = [];
$allowAllIpsContent[] = '<span>'.__('Allow all IPs').'</span>';
$allowAllIpsContent[] = html_print_div(
true,
[
'content' => html_print_checkbox_switch(
'allowed_ip_active',
0,
($user_info['allowed_ip_active'] ?? 0),
true
),
],
true
'id' => 'info_allowed_ip',
'class' => ((int) $user_info['allowed_ip_active'] === 1) ? 'input_sub_placeholder' : 'input_sub_placeholder invisible',
]
);
$userManagementTable->data['fields_addSettings'][1] .= html_print_div(
[
'class' => 'margin-top-10',
'style' => 'display: flex; flex-direction: row-reverse; align-items: center;',
'content' => implode('', $allowAllIpsContent),
],
true
);
}
if ($config['ITSM_enabled'] && $config['ITSM_user_level_conf']) {
// Pandora ITSM user remote login.
@ -1038,4 +1051,14 @@ $(document).ready(function () {
}
})
});
function handleIpAllowlist(e){
if(e.checked === true) {
$('.edit_user_allowed_ip').show();
$('#info_allowed_ip').show();
} else {
$('.edit_user_allowed_ip').hide();
$('#info_allowed_ip').hide();
}
}
</script>

14
pandora_console/images/desacoplar-ventana.svg Normal file
View File

@ -0,0 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg width="24px" height="24px" viewBox="0 0 24 24" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<title>Icons/Dark/20/desacoplar-ventana</title>
<g id="Icons/Dark/20/desacoplar-ventana" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
<g id="Back" transform="translate(3, 1)">
<rect id="Rectangle-2" stroke="#3F3F3F" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" x="0" y="0" width="20" height="16" rx="1"></rect>
<path d="M3,4 C3.55228475,4 4,3.55228475 4,3 C4,2.44771525 3.55228475,2 3,2 C2.44771525,2 2,2.44771525 2,3 C2,3.55228475 2.44771525,4 3,4 Z M6,4 C6.55228475,4 7,3.55228475 7,3 C7,2.44771525 6.55228475,2 6,2 C5.44771525,2 5,2.44771525 5,3 C5,3.55228475 5.44771525,4 6,4 Z M9,4 C9.55228475,4 10,3.55228475 10,3 C10,2.44771525 9.55228475,2 9,2 C8.44771525,2 8,2.44771525 8,3 C8,3.55228475 8.44771525,4 9,4 Z" id="Oval-2" fill="#3F3F3F"></path>
</g>
<g id="Front" transform="translate(0, 8)">
<rect id="Rectangle-2" fill="#3F3F3F" x="0" y="0" width="20" height="16" rx="1"></rect>
<path d="M3,4 C3.55228475,4 4,3.55228475 4,3 C4,2.44771525 3.55228475,2 3,2 C2.44771525,2 2,2.44771525 2,3 C2,3.55228475 2.44771525,4 3,4 Z M6,4 C6.55228475,4 7,3.55228475 7,3 C7,2.44771525 6.55228475,2 6,2 C5.44771525,2 5,2.44771525 5,3 C5,3.55228475 5.44771525,4 6,4 Z M9,4 C9.55228475,4 10,3.55228475 10,3 C10,2.44771525 9.55228475,2 9,2 C8.44771525,2 8,2.44771525 8,3 C8,3.55228475 8.44771525,4 9,4 Z" id="Oval-2" fill="#FFFFFF"></path>
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.6 KiB

7
pandora_console/images/minimizar.svg Normal file
View File

@ -0,0 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg width="24px" height="24px" viewBox="0 0 24 24" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<title>Icons/Dark/20/minimizar</title>
<g id="Icons/Dark/20/minimizar" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
<rect id="Rectangle" fill="#3F3F3F" x="2" y="18" width="20" height="4" rx="2"></rect>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 436 B

20
pandora_console/include/ajax/dashboard.ajax.php
View File

@ -99,10 +99,26 @@ if ($method === 'draw') {
$table->data = [];
$where_name = '';
if (strlen($filter['free_search']) > 0) {
$where = 'WHERE name LIKE "%'.$filter['free_search'].'%"';
} else {
$where_name = 'name LIKE "%'.$filter['free_search'].'%"';
}
$where_group = '';
if (empty($filter['group']) === false && $filter['group'] !== '0') {
$where_group = sprintf('id_group = %s', $filter['group']);
if (empty($where_name) === false) {
$where_group = 'AND '.$where_group;
}
}
$where = '';
if (empty($where_name) === false || empty($where_group) === false) {
$where = sprintf(
'WHERE %s %s',
$where_name,
$where_group
);
}
$sql = 'SELECT * FROM tdashboard '.$where.' ORDER BY id '.$pagination;

58
pandora_console/include/ajax/events.php
View File

@ -92,6 +92,9 @@ $get_id_source_event = get_parameter('get_id_source_event');
$node_id = (int) get_parameter('node_id', 0);
$settings_modal = get_parameter('settings', 0);
$parameters_modal = get_parameter('parameters', 0);
$update_event_custom_id = get_parameter('update_event_custom_id', 0);
$draw_events_graph = get_parameter('drawEventsGraph', false);
// User private filter.
$current_filter = get_parameter('current_filter', 0);
$private_filter_event = get_parameter('private_filter_event', 0);
@ -2642,6 +2645,8 @@ if ($get_events_fired) {
$filter['date_to'] = date('Y-m-d', $end);
$filter['time_from'] = date('H:i:s', $start);
$filter['time_to'] = date('H:i:s', $end);
$filter['severity'] = explode(',', $filter['severity']);
$data = events_get_all(
['te.*'],
$filter
@ -2751,3 +2756,56 @@ if ($draw_row_response_info === true) {
echo $output;
return;
}
if ($update_event_custom_id) {
$event_custom_id = get_parameter('event_custom_id');
$event_id = get_parameter('event_id');
$server_id = 0;
if (is_metaconsole() === true) {
$server_id = (int) get_parameter('server_id');
}
// Safe custom fields for hacks.
if (preg_match('/script/i', io_safe_output($event_custom_id))) {
$return = false;
} else {
try {
if (is_metaconsole() === true
&& $server_id > 0
) {
$node = new Node($server_id);
$node->connect();
}
$return = events_event_custom_id(
$event_id,
$event_custom_id
);
} catch (\Exception $e) {
// Unexistent agent.
if (is_metaconsole() === true
&& $server_id > 0
) {
$node->disconnect();
}
$return = false;
} finally {
if (is_metaconsole() === true
&& $server_id > 0
) {
$node->disconnect();
}
}
}
echo ($return === true) ? 'update_ok' : 'update_error';
return;
}
if ((bool) $draw_events_graph === true) {
$filter = get_parameter('filter');
$output = event_print_graph($filter);
echo $output;
return;
}

22
pandora_console/include/ajax/module.php
View File

@ -35,6 +35,7 @@ if (check_login()) {
include_once $config['homedir'].'/include/functions_agents.php';
include_once $config['homedir'].'/include/functions_modules.php';
include_once $config['homedir'].'/include/functions_ui.php';
include_once $config['homedir'].'/include/functions_macros.php';
enterprise_include_once('include/functions_metaconsole.php');
$get_plugin_macros = get_parameter('get_plugin_macros');
@ -1168,7 +1169,9 @@ if (check_login()) {
);
}
$data[2] .= '<a href ="index.php?sec=gagente&amp;sec2=godmode/agentes/configurar_agente&amp;id_agente='.$id_agente.'&amp;tab=module&amp;id_agent_module='.$module['id_agente_modulo'].'&amp;edit_module='.$module['id_modulo'].'">';
$data[2] .= ui_print_truncate_text($module['nombre'], 'module_medium', false, true, true, '&hellip;', 'font-size: 9pt;');
$data[2] .= '</a>';
if (empty($module['extended_info']) === false) {
$data[2] .= ui_print_help_tip($module['extended_info'], true, '/images/default_list.png');
}
@ -1204,8 +1207,24 @@ if (check_login()) {
);
if (strlen($module['ip_target']) !== 0) {
// Check if value is custom field.
if ($module['ip_target'][0] == '_' && $module['ip_target'][(strlen($module['ip_target']) - 1)] == '_') {
$custom_field_name = substr($module['ip_target'], 1, -1);
$custom_value = agents_get_agent_custom_field($id_agente, $custom_field_name);
if (isset($custom_value) && $custom_value !== false) {
$title .= '<br/>IP: '.$custom_value;
} else {
$array_macros = return_agent_macros($id_agente);
if (isset($array_macros[$module['ip_target']])) {
$title .= '<br/>IP: '.$array_macros[$module['ip_target']];
} else {
$title .= '<br/>IP: '.$module['ip_target'];
}
}
} else {
$title .= '<br/>IP: '.$module['ip_target'];
}
}
$last_status_change_text = __('Time elapsed since last status change: ');
$last_status_change_text .= (empty($module['last_status_change']) === false) ? human_time_comparation($module['last_status_change']) : __('N/A');
@ -1361,10 +1380,12 @@ if (check_login()) {
$additionalLinkAction = '&amp;flag=1';
$linkCaption = __('Force checks');
$imgaction = 'images/force@svg.svg';
$visibility = '';
} else {
$additionalLinkAction = '';
$linkCaption = __('Refresh');
$imgaction = 'images/go-back@svg.svg';
$visibility = 'visibility: initial;';
}
$moduleActionButtons[] = html_print_anchor(
@ -1376,6 +1397,7 @@ if (check_login()) {
[
'title' => __('Force remote check'),
'class' => 'main_menu_icon forced_title',
'style' => $visibility,
]
),
],

4
pandora_console/include/ajax/notifications.ajax.php
View File

@ -38,6 +38,10 @@ if ($change_label === '1') {
$source = get_parameter('source', 0);
$user = get_parameter('user', '');
$value = get_parameter('value', 0) ? 1 : 0;
$user_info = get_user_info($config['id_user']);
if ((bool) $user_info['is_admin'] === false && $config['id_user'] !== $user) {
return false;
}
// Update the label value.
ob_clean();

2
pandora_console/include/ajax/tree.ajax.php
View File

@ -59,6 +59,7 @@ if (is_ajax() === true) {
$metaID = (int) get_parameter('metaID', 0);
$childrenMethod = get_parameter('childrenMethod', 'on_demand');
$default_filters = [
'searchAgent' => '',
'statusAgent' => AGENT_STATUS_ALL,
@ -69,6 +70,7 @@ if (is_ajax() === true) {
];
$filter = get_parameter('filter', $default_filters);
$agent_a = check_acl($config['id_user'], 0, 'AR');
$agent_w = check_acl($config['id_user'], 0, 'AW');
$access = ($agent_a === true) ? 'AR' : (($agent_w === true) ? 'AW' : 'AR');

3
pandora_console/include/api.php
View File

@ -70,8 +70,7 @@ $otherSerialize = get_parameter('other');
$otherMode = get_parameter('other_mode', 'url_encode');
$returnType = get_parameter('return_type', 'string');
$info = get_parameter('info', '');
$raw_decode = (bool) get_parameter('raw_decode', false);
$raw_decode = (bool) get_parameter('raw_decode', true);
$other = parseOtherParameter($otherSerialize, $otherMode, $raw_decode);
$apiPassword = io_output_password(
db_get_value_filter(

37
pandora_console/include/class/AgentWizard.class.php
View File

@ -829,7 +829,35 @@ class AgentWizard extends HTML
];
}
$create_modules_button = '';
if ($this->actionType === 'snmp' && $this->version !== null && $this->message['type'][0] !== 'error') {
$create_modules_button = html_print_submit_button(
__('Create modules'),
'create-modules-action',
false,
[
'icon' => 'next',
'onclick' => 'processListModules()',
],
true
);
} else if ($this->actionType === 'wmi' && $this->protocol === 'wmi' && $this->message['type'][0] !== 'error') {
$create_modules_button = html_print_submit_button(
__('Create modules'),
'create-modules-action',
false,
[
'icon' => 'next',
'onclick' => 'processListModules()',
],
true
);
} else {
$create_modules_button = '';
}
html_print_action_buttons(
[
html_print_submit_button(
$this->actionLabel,
'sub-protocol',
@ -839,7 +867,9 @@ class AgentWizard extends HTML
'onclick' => '$("#form-main-wizard").submit();',
],
true
)
),
$create_modules_button,
]
);
// Prints main form.
@ -3765,7 +3795,10 @@ class AgentWizard extends HTML
'label' => __('Create modules'),
'name' => 'create-modules-action',
'type' => 'button',
'attributes' => [ 'icon' => 'next' ],
'attributes' => [
'icon' => 'next',
'style' => 'display: none;',
],
'script' => 'processListModules();',
'return' => true,
],

4
pandora_console/include/class/AgentsAlerts.class.php
View File

@ -457,9 +457,7 @@ class AgentsAlerts extends HTML
$template2 = get_parameter('template');
$module_action_threshold = get_parameter('module_action_threshold');
$action_select = get_parameter('action_select', 0);
$id_alert = alerts_create_alert_agent_module($this->create_alert, $template2);
$id_alert = alerts_create_alert_agent_module($this->createAlert, $template2);
if ($id_alert !== false) {
if ($action_select != 0) {
$values = [];

18
pandora_console/include/class/ConsoleSupervisor.php
View File

@ -269,13 +269,6 @@ class ConsoleSupervisor
$this->checkSyncQueueStatus();
}
/*
* Check number of agents is equals and more than 200.
* NOTIF.ACCESSSTASTICS.PERFORMANCE
*/
$this->checkAccessStatisticsPerformance();
/*
* Checkc agent missing libraries.
* NOTIF.AGENT.LIBRARY
@ -573,13 +566,6 @@ class ConsoleSupervisor
$this->checkSyncQueueStatus();
}
/*
* Check number of agents is equals and more than 200.
* NOTIF.ACCESSSTASTICS.PERFORMANCE
*/
$this->checkAccessStatisticsPerformance();
/*
* Checkc agent missing libraries.
* NOTIF.AGENT.LIBRARY
@ -732,6 +718,8 @@ class ConsoleSupervisor
'url' => '__url__/index.php?sec=general&sec2=godmode/setup/setup&section=perf',
]
);
} else {
$this->cleanNotifications('NOTIF.ACCESSSTASTICS.PERFORMANCE');
}
} else {
$this->cleanNotifications('NOTIF.ACCESSSTASTICS.PERFORMANCE');
@ -2390,6 +2378,7 @@ class ConsoleSupervisor
include_once $config['homedir'].'/include/functions_update_manager.php';
$login = get_parameter('login', false);
if ($config['autoupdate'] === '1' || $_GET['sec2'] === 'godmode/update_manager/update_manager') {
if (update_manager_verify_registration() === false) {
$this->notify(
[
@ -2403,6 +2392,7 @@ class ConsoleSupervisor
$this->cleanNotifications('NOTIF.UPDATEMANAGER.REGISTRATION');
}
}
}
/**

13
pandora_console/include/class/Diagnostics.class.php
View File

@ -580,9 +580,6 @@ class Diagnostics extends Wizard
$countModuleData = db_get_value_sql(
'SELECT COUNT(*) FROM tagente_datos'
);
$countAgentAccess = db_get_value_sql(
'SELECT COUNT(*) FROM tagent_access'
);
$countEvents = db_get_value_sql('SELECT COUNT(*) FROM tevento');
if (enterprise_installed() === true) {
@ -611,10 +608,6 @@ class Diagnostics extends Wizard
'name' => __('Total module data records'),
'value' => $countModuleData,
],
'countAgentAccess' => [
'name' => __('Total agent access record'),
'value' => $countAgentAccess,
],
'countEvents' => [
'name' => __('Total events'),
'value' => $countEvents,
@ -744,7 +737,7 @@ class Diagnostics extends Wizard
$cpuModelName = 'cat /proc/cpuinfo | grep "model name" | tail -1 | cut -f 2 -d ":"';
$cpuProcessor = 'cat /proc/cpuinfo | grep "processor" | wc -l';
$ramMemTotal = 'cat /proc/meminfo | grep "MemTotal"';
$distroInfo = 'cat /etc/os-release | grep "PRETTY_NAME" | cut -f 2 -d "="';
exec(
"ifconfig | awk '{ print $2}' | grep -E -o '([0-9]{1,3}[\.]){3}[0-9]{1,3}'",
$output
@ -763,6 +756,10 @@ class Diagnostics extends Wizard
'name' => __('RAM'),
'value' => exec($ramMemTotal),
],
'distroInfo' => [
'name' => __('Distro'),
'value' => str_replace('"', '', exec($distroInfo)),
],
'osInfo' => [
'name' => __('Os'),
'value' => exec('uname -a'),

19
pandora_console/include/class/TipsWindow.class.php
View File

@ -47,6 +47,7 @@ class TipsWindow
'renderPreview',
'setShowTipsAtStartup',
'getTips',
'getTipById',
];
/**
@ -221,8 +222,13 @@ class TipsWindow
*
* @return array $tip
*/
public function getTipById($idTip)
public function getTipById($idTip=false, $return=false)
{
if ($idTip === false) {
$idTip = get_parameter('idTip');
}
$return = get_parameter('return', false);
$tip = db_get_row(
'twelcome_tip',
'id',
@ -232,10 +238,21 @@ class TipsWindow
$tip['title'] = io_safe_output($tip['title']);
$tip['text'] = io_safe_output($tip['text']);
$tip['url'] = io_safe_output($tip['url']);
$tip['files'] = $this->getFilesFromTip($tip['id']);
}
if ($return !== false) {
if (empty($tip) === false) {
echo json_encode(['success' => true, 'data' => $tip]);
return;
} else {
echo json_encode(['success' => false]);
return;
}
} else {
return $tip;
}
}
/**

94
pandora_console/include/class/TreeGroupEdition.class.php
View File

@ -106,6 +106,9 @@ class TreeGroupEdition extends TreeGroup
}
// Build the group hierarchy.
if (isset($this->filter['show_full_hirearchy']) === false
|| (isset($this->filter['show_full_hirearchy']) === true && (bool) $this->filter['show_full_hirearchy'] === true)
) {
foreach ($groups as $id => $group) {
if (isset($groups[$id]['parent']) === true
&& ($groups[$id]['parent'] != 0)
@ -122,6 +125,7 @@ class TreeGroupEdition extends TreeGroup
$groups[$id]['have_parent'] = true;
}
}
}
// Sort the children groups.
foreach ($groups as $id => $group) {
@ -167,6 +171,92 @@ class TreeGroupEdition extends TreeGroup
];
$group_acl = '';
$search_agent = '';
$status_agent = '';
$inner_agent = '';
if ((bool) is_metaconsole() === true) {
if (users_can_manage_group_all('AR') === false) {
$user_groups_str = implode(',', $this->userGroupsArray);
$group_acl = sprintf(
' AND tgrupo.id_grupo IN (%s) ',
$user_groups_str
);
}
if (isset($this->filter['searchAgent']) === true && empty($this->filter['searchAgent']) === false
|| isset($this->filter['statusAgent']) === true && strlen($this->filter['statusAgent']) > 0
) {
$inner_agent = 'INNER JOIN tmetaconsole_agent ON tgrupo.id_grupo = tmetaconsole_agent.id_grupo';
}
if (isset($this->filter['searchAgent']) === true && empty($this->filter['searchAgent']) === false) {
$search_agent = ' AND tmetaconsole_agent.alias LIKE "%'.$this->filter['searchAgent'].'%" ';
}
if (isset($this->filter['statusAgent']) === true && strlen($this->filter['statusAgent']) > 0) {
switch ($this->filter['statusAgent']) {
case AGENT_STATUS_NORMAL:
$status_agent = ' AND (
tmetaconsole_agent.critical_count = 0
AND tmetaconsole_agent.warning_count = 0
AND tmetaconsole_agent.unknown_count = 0
AND tmetaconsole_agent.normal_count > 0)';
break;
case AGENT_STATUS_WARNING:
$status_agent = ' AND (
tmetaconsole_agent.critical_count = 0
AND tmetaconsole_agent.warning_count > 0
AND tmetaconsole_agent.total_count > 0)';
break;
case AGENT_STATUS_CRITICAL:
$status_agent = ' AND tmetaconsole_agent.critical_count > 0';
break;
case AGENT_STATUS_UNKNOWN:
$status_agent = ' AND (
tmetaconsole_agent.critical_count = 0
AND tmetaconsole_agent.warning_count = 0
AND tmetaconsole_agent.unknown_count > 0)';
break;
case AGENT_STATUS_NOT_NORMAL:
$status_agent = ' AND (
tmetaconsole_agent.normal_count <> total_count
OR tmetaconsole_agent.total_count = notinit_count)';
break;
case AGENT_STATUS_NOT_INIT:
$status_agent = ' AND (
tmetaconsole_agent.total_count = 0
OR tmetaconsole_agent.total_count = notinit_count)';
break;
default:
// Nothing to do.
break;
}
}
$sql = sprintf(
'SELECT tgrupo.id_grupo AS gid,
tgrupo.nombre as name,
tgrupo.parent,
tgrupo.icon
FROM tgrupo
%s
WHERE 1=1
%s
%s
%s ',
$inner_agent,
$search_agent,
$status_agent,
$group_acl
);
} else {
if (users_can_manage_group_all('AR') === false) {
$user_groups_str = implode(',', $this->userGroupsArray);
$group_acl = sprintf(
@ -181,9 +271,11 @@ class TreeGroupEdition extends TreeGroup
parent,
icon
FROM tgrupo
WHERE 1=1 %s',
WHERE 1=1
%s ',
$group_acl
);
}
$stats = db_get_all_rows_sql($sql);
$group_stats = [];

19
pandora_console/include/class/WelcomeWindow.class.php
View File

@ -372,7 +372,7 @@ class WelcomeWindow extends Wizard
$flag_um = true;
}
if (empty($config['welcome_mail_configured']) === false) {
if (empty($config['email_username']) === false && empty($config['email_password']) === false) {
$btn_configure_mail_class = '';
$li_configure_mail_class = 'row_green';
$flag_cm = true;
@ -702,7 +702,7 @@ class WelcomeWindow extends Wizard
<?php
echo html_print_input_hidden('check_connectivity', 1);
echo html_print_label_input_block(
__('Ip target'),
__('IP address target'),
html_print_input_text(
'ip_target',
'',
@ -717,7 +717,7 @@ class WelcomeWindow extends Wizard
)
);
echo html_print_label_input_block(
__('Agent name'),
__('Agent alias'),
html_print_input_text(
'agent_name',
'',
@ -732,7 +732,7 @@ class WelcomeWindow extends Wizard
)
);
echo html_print_label_input_block(
__('Module group'),
__('Agent group'),
html_print_select_from_sql(
'SELECT * FROM tgrupo ORDER BY nombre',
'id_group',
@ -747,7 +747,6 @@ class WelcomeWindow extends Wizard
'width: 100%;'
)
);
echo html_print_submit_button(__('Create'), 'create_conectivity', false, ['icon' => 'next', 'style' => 'margin-top:15px; float:right;']);
?>
</div>
@ -1136,7 +1135,7 @@ class WelcomeWindow extends Wizard
}
function configureEmail() {
window.location = '<?php echo ui_get_full_url('index.php?sec=general&sec2=godmode/setup/setup&section=general#table3'); ?>';
window.location = '<?php echo ui_get_full_url('index.php?sec=general&sec2=godmode/setup/setup&section=general#table4'); ?>';
}
function serversUp() {
@ -1263,14 +1262,18 @@ class WelcomeWindow extends Wizard
});
});
$('#button-create_conectivity').click(function(){
$('#button-create_conectivity').click(function(e){
if($("#text-ip_target")[0].checkValidity() == false) {
$("#text-ip_target")[0].reportValidity();
return false;
}
$.ajax({
async: false,
type: "POST",
url: "include/ajax/task_to_perform.php",
data: {
check_connectivity: 1,
id_group: $('#id_group :selected').val(),
id_group: $('#id_group1 option:selected').val(),
ip_target: $('#text-ip_target').val(),
agent_name: $('#text-agent_name').val(),
},

2
pandora_console/include/config_process.php
View File

@ -20,7 +20,7 @@
/**
* Pandora build version and version
*/
$build_version = 'PC231124';
$build_version = 'PC231130';
$pandora_version = 'v7.0NG.774';
// Do not overwrite default timezone set if defined.

1
pandora_console/include/constants.php
View File

@ -45,6 +45,7 @@ define('EVENT_NEW', 0);
define('EVENT_VALIDATE', 1);
define('EVENT_PROCESS', 2);
define('EVENT_NO_VALIDATED', 3);
define('EVENT_NO_PROCESS', 4);
// Events group by constants.
define('EVENT_GROUP_REP_ALL', 0);

64
pandora_console/include/functions.php
View File

@ -990,6 +990,70 @@ function get_parameter($name, $default='')
}
function get_parameter_date($name, $default='', $date_format='Y/m/d')
{
$date_end = get_parameter('date_end', 0);
$time_end = get_parameter('time_end');
$datetime_end = strtotime($date_end.' '.$time_end);
$custom_date = get_parameter('custom_date', 0);
$range = get_parameter('range', SECONDS_1DAY);
$date_text = get_parameter('range_text', SECONDS_1DAY);
$date_init_less = (strtotime(date('Y/m/d')) - SECONDS_1DAY);
$date_init = get_parameter('date_init', date(DATE_FORMAT, $date_init_less));
$time_init = get_parameter('time_init', date(TIME_FORMAT, $date_init_less));
$datetime_init = strtotime($date_init.' '.$time_init);
if ($custom_date === '1') {
if ($datetime_init >= $datetime_end) {
$datetime_init = $date_init_less;
}
$date_init = date('Y/m/d H:i:s', $datetime_init);
$date_end = date('Y/m/d H:i:s', $datetime_end);
$period = ($datetime_end - $datetime_init);
} else if ($custom_date === '2') {
$date_units = get_parameter('range_units');
$date_end = date('Y/m/d H:i:s');
$date_init = date('Y/m/d H:i:s', (strtotime($date_end) - ((int) $date_text * (int) $date_units)));
$period = (strtotime($date_end) - strtotime($date_init));
} else if (in_array($range, ['this_week', 'this_month', 'past_week', 'past_month'])) {
if ($range === 'this_week') {
$monday = date('Y/m/d', strtotime('last monday'));
$sunday = date('Y/m/d', strtotime($monday.' +6 days'));
$period = (strtotime($sunday) - strtotime($monday));
$date_init = $monday;
$date_end = $sunday;
} else if ($range === 'this_month') {
$date_end = date('Y/m/d', strtotime('last day of this month'));
$first_of_month = date('Y/m/d', strtotime('first day of this month'));
$date_init = $first_of_month;
$period = (strtotime($date_end) - strtotime($first_of_month));
} else if ($range === 'past_month') {
$date_end = date('Y/m/d', strtotime('last day of previous month'));
$first_of_month = date('Y/m/d', strtotime('first day of previous month'));
$date_init = $first_of_month;
$period = (strtotime($date_end) - strtotime($first_of_month));
} else if ($range === 'past_week') {
$date_end = date('Y/m/d', strtotime('sunday', strtotime('last week')));
$first_of_week = date('Y/m/d', strtotime('monday', strtotime('last week')));
$date_init = $first_of_week;
$period = (strtotime($date_end) - strtotime($first_of_week));
}
} else {
$date_end = date('Y/m/d H:i:s');
$date_init = date('Y/m/d H:i:s', (strtotime($date_end) - $range));
$period = (strtotime($date_end) - strtotime($date_init));
}
return [
'date_init' => date($date_format, strtotime($date_init)),
'date_end' => date($date_format, strtotime($date_end)),
'period' => $period,
];
}
/**
* Get a parameter from a get request.
*

150
pandora_console/include/functions_agents.php
View File

@ -4752,7 +4752,7 @@ function get_resume_agent_concat($id_agente, $all_groups, $agent)
$secondary_groups = enterprise_hook('agents_get_secondary_groups', [$id_agente]);
$secondaryLinks = [];
if (empty($secondary_groups['for_select']) === true) {
$secondaryLinks[] = '<em>'.__('N/A').'</em>';
$secondaryLinks = [];
} else {
foreach ($secondary_groups['for_select'] as $id => $name) {
$secondaryLinks[] = html_print_anchor(
@ -4811,22 +4811,22 @@ function get_resume_agent_concat($id_agente, $all_groups, $agent)
'content' => groups_get_name($agent['id_grupo']),
],
true
);
).' '.ui_print_group_icon($agent['id_grupo'], true, '', 'margin-left: 2%;', true, false, false, '', true);
$table_contact->data[] = $data;
// Secondary groups.
$data = [];
if (!empty($secondaryLinks) === true) {
$data[0] = '<b>'.__('Secondary groups').'</b>';
$data[1] = implode(', ', $secondaryLinks);
$table_contact->data[] = $data;
}
// Parent agent line.
if (enterprise_installed() === true) {
if ((int) $agent['id_parent'] !== 0) {
$data = [];
$data[0] = '<b>'.__('Parent').'</b>';
if ((int) $agent['id_parent'] === 0) {
$data[1] = '<em>'.__('N/A').'</em>';
} else {
$data[1] = html_print_anchor(
[
'href' => 'index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;id_agente='.$agent['id_parent'],
@ -4834,10 +4834,10 @@ function get_resume_agent_concat($id_agente, $all_groups, $agent)
],
true
);
}
$table_contact->data[] = $data;
}
}
// Last status change line.
$data = [];
@ -4845,6 +4845,123 @@ function get_resume_agent_concat($id_agente, $all_groups, $agent)
$data[1] = $time_elapsed;
$table_contact->data[] = $data;
$has_remote_conf = enterprise_hook(
'config_agents_has_remote_configuration',
[$agent['id_agente']]
);
if ((bool) $has_remote_conf) {
$data = [];
$data[0] = __('Remote configuration');
$data[1] = '<spam style="position: relative;top: -10%; margin-right: 10px;">'.__('Enabled').'</spam>';
$data[1] .= html_print_menu_button(
[
'href' => ui_get_full_url('index.php?sec=gagente&sec2=godmode/agentes/configurar_agente&tab=remote_configuration&id_agente='.$agent['id_agente'].'&disk_conf=1'),
'image' => 'images/remote-configuration@svg.svg',
'title' => __('Edit remote config'),
],
true
);
$satellite_server = (int) db_get_value_filter(
'satellite_server',
'tagente',
['id_agente' => $id_agente]
);
if (empty($satellite_server) === false) {
$satellite_name = db_get_value_filter(
'name',
'tserver',
['id_server' => $satellite_server]
);
$data[0] = __('Satellite server');
$data[1] = $satellite_name;
}
$table_contact->data[] = $data;
}
if (enterprise_installed() === true) {
// SecurityMon line.
$id_module_group = db_get_value('id_mg', 'tmodule_group', 'name', 'Security');
$modules = db_get_all_rows_filter(
'tagente_modulo',
[
'id_agente' => $agent['id_agente'],
'id_module_group' => $id_module_group,
]
);
if (is_array($modules) === true && count($modules) > 0) {
$secmon_status = secmon_status($agent['id_agente']);
$data = [];
$data[0] = '<b>'.__('SecurityMon').'</b>';
$data[1] = ui_print_status_secmon_div($secmon_status, __('Total security modules: %s', count($modules)));
$table_contact->data[] = $data;
}
// Hardening line.
$module_score = modules_get_agentmodule_id(io_safe_input('Hardening - Score'), $agent['id_agente']);
$hardening = '';
if (is_array($module_score) === true && key_exists('id_agente_modulo', $module_score) == true) {
$raw_data_score = modules_get_raw_data($module_score['id_agente_modulo'], 0, time());
$hardening = format_numeric($raw_data_score[0]['datos'], 2);
$data = [];
$data[0] = '<b>'.__('Hardening').'</b>';
$data[1] = $hardening.' %';
$table_contact->data[] = $data;
}
// Vulnerabilities line.
$vuls = get_vulnerabilities($agent['id_agente']);
if (is_array($vuls) === true && count($vuls) > 0) {
$score = get_score($vuls);
$data = [];
$data[0] = '<b>'.__('Vulnerability').'</b>';
$data[1] = ui_print_status_vulnerability_div($score);
$table_contact->data[] = $data;
}
}
// Optional data
// Position Information.
if ((bool) $config['activate_gis'] === true) {
$data = [];
$dataPositionAgent = gis_get_data_last_position_agent(
$agent['id_agente']
);
if (is_array($dataPositionAgent) === true && $dataPositionAgent['stored_longitude'] !== '' && $dataPositionAgent['stored_latitude'] !== '') {
$data[0] = __('Position (Long, Lat)');
$dataOptionalOutput = html_print_anchor(
[
'href' => 'index.php?sec=estado&amp;sec2=operation/agentes/ver_agente&amp;tab=gis&amp;id_agente='.$id_agente,
'content' => $dataPositionAgent['stored_longitude'].', '.$dataPositionAgent['stored_latitude'],
],
true
);
if (empty($dataPositionAgent['description']) === false) {
$dataOptionalOutput .= ' ('.$dataPositionAgent['description'].')';
}
$data[1] = $dataOptionalOutput;
}
$table_contact->data[] = $data;
}
// Timezone Offset.
if ((int) $agent['timezone_offset'] !== 0) {
$data = [];
$data[0] = __('Timezone Offset');
$data[1] = $agent['timezone_offset'];
$table_contact->data[] = $data;
}
$agent_contact = html_print_div(
[
'class' => 'agent_details_header',
@ -4857,3 +4974,24 @@ function get_resume_agent_concat($id_agente, $all_groups, $agent)
return $agent_contact;
}
/**
* Return an array with a list of status agents
*
* @return array.
*/
function agents_status_list()
{
$status_list = [];
$status_list[AGENT_STATUS_NORMAL] = __('Normal');
$status_list[AGENT_STATUS_WARNING] = __('Warning');
$status_list[AGENT_STATUS_CRITICAL] = __('Critical');
$status_list[AGENT_STATUS_UNKNOWN] = __('Unknown');
$status_list[AGENT_STATUS_NOT_NORMAL] = __('Not normal');
$status_list[AGENT_STATUS_NOT_INIT] = __('Not init');
return $status_list;
}

50
pandora_console/include/functions_api.php
View File

@ -12952,7 +12952,7 @@ function api_set_create_event($id, $trash1, $other, $returnType)
$values = [];
if ($other['data'][0] != '') {
$values['event'] = $other['data'][0];
$values['event'] = io_safe_input(io_safe_output($other['data'][0]));
} else {
returnError('Event text required.');
return;
@ -13132,7 +13132,7 @@ function api_set_create_event($id, $trash1, $other, $returnType)
if ($other['data'][18] != '') {
$values['id_extra'] = $other['data'][18];
$sql_validation = 'SELECT id_evento,estado,ack_utimestamp,id_usuario
$sql_validation = 'SELECT id_evento,estado,ack_utimestamp,id_usuario,event_custom_id
FROM tevento
WHERE estado IN (0,2) AND id_extra ="'.$other['data'][18].'";';
@ -13147,6 +13147,7 @@ function api_set_create_event($id, $trash1, $other, $returnType)
$values['status'] = 2;
$ack_utimestamp = $val['ack_utimestamp'];
$values['id_usuario'] = $val['id_usuario'];
$values['event_custom_id'] = $val['event_custom_id'];
}
api_set_validate_event_by_id($val['id_evento']);
@ -13177,7 +13178,8 @@ function api_set_create_event($id, $trash1, $other, $returnType)
$custom_data,
$values['server_id'],
$values['id_extra'],
$ack_utimestamp
$ack_utimestamp,
$values['event_custom_id'] ?? null
);
if ($other['data'][12] != '') {
@ -17787,6 +17789,48 @@ function api_token_check(string $token)
}
/**
* Set custom field value in tevento
*
* @param mixed $id_event Event id.
* @param mixed $custom_field Custom field to set.
* @return void
*/
function api_set_event_custom_id($id, $value)
{
// Get the event
$event = events_get_event($id, false, is_metaconsole());
// If event not exists, end the execution.
if ($event === false) {
returnError(
'event_not_exists',
'Event not exists'
);
$result = false;
}
// Safe custom fields for hacks.
if (preg_match('/script/i', io_safe_output($value))) {
$result = false;
}
$result = events_event_custom_id(
$id,
$value
);
// If update results failed
if (empty($result) === true || $result === false) {
returnError(
'The event could not be updated'
);
return false;
} else {
returnData('string', ['data' => 'Event updated.']);
}
}
/**
* Extract info Agents for inventories ITSM.
*

16
pandora_console/include/functions_config.php
View File

@ -371,6 +371,10 @@ function config_update_config()
$error_update[] = __('show_experimental_features');
}
if (config_update_value('number_modules_queue', get_parameter('number_modules_queue'), true) === false) {
$error_update[] = __('number_modules_queue');
}
if (config_update_value('console_log_enabled', get_parameter('console_log_enabled'), true) === false) {
$error_update[] = __('Console log enabled');
}
@ -917,10 +921,6 @@ function config_update_config()
$error_update[] = __('Batch statistics period (secs)');
}
if (config_update_value('agentaccess', (int) get_parameter('agentaccess'), true) === false) {
$error_update[] = __('Use agent access graph');
}
if (config_update_value('num_files_attachment', (int) get_parameter('num_files_attachment'), true) === false) {
$error_update[] = __('Max. recommended number of files in attachment directory');
}
@ -2237,10 +2237,6 @@ function config_process_config()
config_update_value('show_qr_code_header', false);
}
if (!isset($config['agentaccess'])) {
config_update_value('agentaccess', true);
}
if (!isset($config['timezone'])) {
config_update_value('timezone', 'Europe/Berlin');
}
@ -2449,6 +2445,10 @@ function config_process_config()
config_update_value('show_experimental_features', 0);
}
if (!isset($config['number_modules_queue'])) {
config_update_value('number_modules_queue', 500);
}
if (!isset($config['agent_vulnerabilities'])) {
config_update_value('agent_vulnerabilities', 1);
}

293
pandora_console/include/functions_events.php
View File

@ -219,6 +219,7 @@ function events_get_all_fields()
$columns['module_status'] = __('Module status');
$columns['module_custom_id'] = __('Module custom id');
$columns['custom_data'] = __('Custom data');
$columns['event_custom_id'] = __('Event Custom ID');
return $columns;
}
@ -322,6 +323,9 @@ function events_get_column_name($field, $table_alias=false)
case 'custom_data':
return __('Custom data');
case 'event_custom_id':
return __('Event Custom ID');
default:
return __($field);
}
@ -982,6 +986,9 @@ function events_get_all(
case EVENT_NO_VALIDATED:
$filter['status'][$key] = (EVENT_NEW.', '.EVENT_PROCESS);
case EVENT_NO_PROCESS:
$filter['status'][$key] = (EVENT_NEW.', '.EVENT_VALIDATE);
default:
// Ignore.
break;
@ -1027,6 +1034,24 @@ function events_get_all(
$validatedState
);
break;
case EVENT_NO_PROCESS:
// Show comments in validated events.
$validatedState = '';
if ($validatedEvents === true) {
$validatedState = sprintf(
'OR estado = %d',
EVENT_VALIDATE
);
}
$sql_filters[] = sprintf(
' AND (estado = %d OR estado = %d %s)',
EVENT_NEW,
EVENT_VALIDATE,
$validatedState
);
break;
}
}
}
@ -2335,7 +2360,8 @@ function events_create_event(
$custom_data='',
$server_id=0,
$id_extra='',
$ack_utimestamp=0
$ack_utimestamp=0,
$event_custom_id=null
) {
if ($source === false) {
$source = get_product_name();
@ -2367,6 +2393,7 @@ function events_create_event(
'custom_data' => $custom_data,
'data' => '',
'module_status' => 0,
'event_custom_id' => $event_custom_id,
];
return (int) db_process_sql_insert('tevento', $values);
@ -3204,12 +3231,14 @@ function events_get_all_status($report=false)
$fields[1] = __('Only validated');
$fields[2] = __('Only in process');
$fields[3] = __('Only not validated');
$fields[4] = __('Only not in process');
} else {
$fields[-1] = __('All event');
$fields[0] = __('New');
$fields[1] = __('Validated');
$fields[2] = __('In process');
$fields[3] = __('Not Validated');
$fields[4] = __('Not in process');
}
return $fields;
@ -4039,8 +4068,14 @@ function events_get_response_target(
if (empty($event['custom_data']) === false) {
$custom_data = json_decode($event['custom_data']);
foreach ($custom_data as $key => $value) {
if (is_array($value) === true) {
foreach ($value as $k => $v) {
$target = str_replace('_customdata_'.$k.'_', $v, $target);
}
} else {
$target = str_replace('_customdata_'.$key.'_', $value, $target);
}
}
if (strpos($target, '_customdata_json_') !== false) {
$target = str_replace('_customdata_json_', json_encode($custom_data), $target);
@ -4629,6 +4664,30 @@ function events_page_details($event, $server_id=0)
$data[1] = '<i>'.__('N/A').'</i>';
}
$table_details->data[] = $data;
$readonly = true;
if (check_acl($config['id_user'], 0, 'EW')) {
$readonly = false;
}
$data = [];
$data[0] = __('Event Custom ID');
$data[1] = '<div class="flex-row-center">'.html_print_input_text('event_custom_id', $event['event_custom_id'], '', false, 255, true, $readonly, false, '', 'w60p');
if ($readonly === false) {
$data[1] .= html_print_button(
__('Update'),
'update_event_custom_id',
false,
'update_event_custom_id('.$event['id_evento'].', '.$event['server_id'].');',
[
'icon' => 'next',
'mode' => 'link',
],
true
);
}
$data[1] .= '</div>';
$table_details->data[] = $data;
$details = '<div id="extended_event_details_page" class="extended_event_pages">'.html_print_table($table_details, true).'</div>';
@ -5999,8 +6058,38 @@ function get_count_event_criticity(
}
$status = ' ';
if ((int) $eventStatus !== -1) {
$status = 'AND estado = '.$eventStatus;
if (empty($eventStatus) === false) {
switch ($eventStatus) {
case EVENT_ALL:
default:
// Do not filter.
break;
case EVENT_NEW:
case EVENT_VALIDATE:
case EVENT_PROCESS:
$status = sprintf(
' AND estado = %d',
$eventStatus
);
break;
case EVENT_NO_VALIDATED:
$status = sprintf(
' AND (estado = %d OR estado = %d)',
EVENT_NEW,
EVENT_PROCESS
);
break;
case EVENT_NO_PROCESS:
$status = sprintf(
' AND (estado = %d OR estado = %d)',
EVENT_NEW,
EVENT_VALIDATE
);
break;
}
}
$criticity = ' ';
@ -6199,3 +6288,201 @@ function event_get_counter_extraId(array $event, ?array $filters)
return $counters;
}
/**
* Update event detail custom field
*
* @param mixed $id_event Event ID or array of events.
* @param string $event_custom_id Event custom ID to be update.
*
* @return boolean Whether or not it was successful
*/
function events_event_custom_id(
$id_event,
$event_custom_id,
) {
global $config;
// Cleans up the selection for all unwanted values also casts any single
// values as an array.
if (![$id_event]) {
$id_event = (array) safe_int($id_event, 1);
}
// Check ACL.
foreach ($id_event as $k => $id) {
$event_group = events_get_group($id);
if (check_acl($config['id_user'], $event_group, 'EW') == 0) {
db_pandora_audit(
AUDIT_LOG_ACL_VIOLATION,
'Attempted updating event #'.$id
);
unset($id_event[$k]);
}
}
if (empty($id_event) === true) {
return false;
}
// Get the current event comments.
$first_event = $id_event;
if (is_array($id_event) === true) {
$first_event = reset($id_event);
}
// Update comment.
$ret = db_process_sql_update(
'tevento',
['event_custom_id' => $event_custom_id],
['id_evento' => $first_event]
);
if (($ret === false) || ($ret === 0)) {
return false;
}
return true;
}
function event_print_graph(
$filter,
$graph_height=100,
) {
global $config;
$show_all_data = false;
$events = events_get_all(['te.id_evento', 'te.timestamp', 'te.utimestamp'], $filter, null, null, 'te.utimestamp', true);
if (empty($filter['date_from']) === false
&& empty($filter['time_from']) === false
&& empty($filter['date_to']) === false
&& empty($filter['time_to']) === false
) {
$start_utimestamp = strtotime($filter['date_from'].' '.$filter['time_from']);
$end_utimestamp = strtotime($filter['date_to'].' '.$filter['time_to']);
} else if ($filter['event_view_hr'] !== '') {
$start_utimestamp = strtotime('-'.$filter['event_view_hr'].' hours');
$end_utimestamp = strtotime('now');
} else {
$show_all_data = true;
$start_utimestamp = $events[0]['utimestamp'];
$end_utimestamp = $events[array_key_last($events)]['utimestamp'];
}
$data_events = [];
$control_timestamp = $start_utimestamp;
$count = 0;
foreach ($events as $event) {
if ($event['utimestamp'] === $control_timestamp) {
$count++;
} else {
$control_timestamp = $event['utimestamp'];
$count = 1;
}
$data_events[$control_timestamp] = $count;
}
$num_data = count($data_events);
$num_intervals = $num_data;
$period = ($end_utimestamp - $start_utimestamp);
if ($period <= SECONDS_6HOURS) {
$chart_time_format = 'H:i:s';
} else if ($period < SECONDS_1DAY) {
$chart_time_format = 'H:i';
} else if ($period < SECONDS_15DAYS) {
$chart_time_format = 'M d H:i';
} else if ($period < SECONDS_1MONTH) {
$chart_time_format = 'M d H\h';
} else {
$chart_time_format = 'M d H\h';
}
$chart = [];
$labels = [];
$color = [];
$count = 0;
if ($show_all_data === true) {
foreach ($events as $event) {
if ($event['utimestamp'] === $control_timestamp) {
$count++;
} else {
$control_timestamp = $event['utimestamp'];
$count = 1;
}
$data_events[$control_timestamp] = $count;
}
$data_events = array_reverse($data_events, true);
foreach ($data_events as $utimestamp => $count) {
$labels[] = date($chart_time_format, $utimestamp);
$chart[] = [
'y' => $count,
'x' => date($chart_time_format, $utimestamp),
];
$color[] = '#82b92f';
}
} else {
$interval_length = (int) ($period / $num_intervals);
$intervals = [];
$intervals[0] = $start_utimestamp;
for ($i = 0; $i < $num_intervals; $i++) {
$intervals[($i + 1)] = ($intervals[$i] + $interval_length);
}
$control_data = [];
foreach ($data_events as $utimestamp => $count_event) {
for ($i = 0; $i < $num_intervals; $i++) {
if ((int) $utimestamp > (int) $intervals[$i] && (int) $utimestamp < (int) $intervals[($i + 1)]) {
$control_data[(string) $intervals[$i]] += $count_event;
}
}
}
for ($i = 0; $i < $num_intervals; $i++) {
$labels[] = date($chart_time_format, $intervals[$i]);
$chart[] = [
'y' => $control_data[$intervals[$i]],
'x' => date($chart_time_format, $intervals[$i]),
];
$color[] = '#82b92f';
}
}
$water_mark = [
'file' => $config['homedir'].'/images/logo_vertical_water.png',
'url' => ui_get_full_url('/images/logo_vertical_water.png'),
];
$options = [
'height' => $graph_height,
'waterMark' => $water_mark,
'legend' => ['display' => false],
'colors' => $color,
'border' => false,
'scales' => [
'x' => [
'grid' => ['display' => false],
],
'y' => [
'grid' => ['display' => false],
],
],
'labels' => $labels,
];
$graph = '<div style="width:100%; height: '.$graph_height.'px;">';
$graph .= vbar_graph($chart, $options);
$graph .= '</div>';
return $graph;
}

86
pandora_console/include/functions_graph.php
View File

@ -2525,92 +2525,6 @@ function combined_graph_summatory_average(
}
/**
* Print a graph with access data of agents.
*
* @param integer $id_agent Agent Id.
* @param integer $period Timestamp period graph.
* @param boolean|null $return Type return.
*
* @return string
*/
function graphic_agentaccess(
int $id_agent,
int $period=0,
?bool $return=false,
?bool $agent_view=false
) {
global $config;
// Dates.
$date = get_system_time();
$datelimit = ($date - $period);
$interval = 3600;
// Query.
$sql = sprintf(
'SELECT utimestamp, count(*) as data
FROM tagent_access
WHERE id_agent = %d
AND utimestamp >= %d
AND utimestamp <= %d
GROUP BY TRUNCATE(utimestamp/%d,0)',
$id_agent,
$datelimit,
$date,
$interval
);
$data = db_get_all_rows_sql($sql);
// Array data.
$data_array = [];
$colors = [];
if (isset($data) === true && is_array($data) === true) {
foreach ($data as $value) {
$time = io_safe_output(date('H:m', $value['utimestamp']));
$labels[] = $time;
$data_array[] = [
'y' => (int) $value['data'],
'x' => $time,
];
$colors[] = '#82b92f';
}
}
$options = [];
$options['grid']['hoverable'] = true;
if ($agent_view === true) {
$options['agent_view'] = true;
}
$options = [
'height' => 125,
'colors' => $colors,
'legend' => ['display' => false],
'scales' => [
'x' => [
'grid' => ['display' => false],
'ticks' => [
'fonts' => ['size' => 8],
],
],
'y' => [
'grid' => ['display' => false],
'ticks' => [
'fonts' => ['size' => 8],
],
],
],
'labels' => $labels,
];
return vbar_graph($data_array, $options);
}
/**
* Print a pie graph with alerts defined/fired data
*

56
pandora_console/include/functions_html.php
View File

@ -774,6 +774,7 @@ function html_print_select(
$select2_multiple_enable_all=false,
$form='',
$order=false,
$custom_id=null
) {
$output = "\n";
@ -789,6 +790,10 @@ function html_print_select(
$id = preg_replace('/[^a-z0-9\:\;\-\_]/i', '', $name.($idcounter[$name] ? $idcounter[$name] : ''));
if ($custom_id !== null) {
$id = $custom_id;
}
$attributes = '';
if (!empty($script)) {
$attributes .= ' onchange="'.$script.'"';
@ -1740,12 +1745,13 @@ function html_print_select_multiple_modules_filtered(array $data):string
}
}
if (is_metaconsole() === true) {
$output .= html_print_input(
[
'label' => __('Agents'),
'label_class' => 'font-title-font',
'type' => 'select_from_sql',
'sql' => 'SELECT `id_agente`,`nombre` FROM tagente',
'type' => 'select',
'fields' => $agents,
'name' => 'filtered-module-agents-'.$uniqId,
'selected' => explode(',', $data['mAgents']),
'return' => true,
@ -1754,6 +1760,22 @@ function html_print_select_multiple_modules_filtered(array $data):string
'script' => 'fmModuleChange(\''.$uniqId.'\', '.(int) is_metaconsole().')',
]
);
} else {
$output .= html_print_input(
[
'label' => __('Agents'),
'label_class' => 'font-title-font',
'type' => 'select_from_sql',
'sql' => 'SELECT `id_agente`,`alias` FROM tagente',
'name' => 'filtered-module-agents-'.$uniqId,
'selected' => explode(',', $data['mAgents']),
'return' => true,
'multiple' => true,
'style' => 'min-width: 200px;max-width:200px;',
'script' => 'fmModuleChange(\''.$uniqId.'\', '.(int) is_metaconsole().')',
]
);
}
$commonModules = 0;
if (empty($data['mShowCommonModules']) === false) {
@ -4939,8 +4961,8 @@ function html_print_input_file($name, $return=false, $options=false, $inline_upl
$inline_upload_anchor_to_form
),
[
'mode' => 'link',
'style' => 'min-width: initial;',
'class' => 'secondary',
'style' => 'min-width: initial; position: relative; margin-left: 5%; ',
],
true,
);
@ -7305,8 +7327,10 @@ function html_print_select_date_range(
$time_end='',
$date_text=SECONDS_1DAY,
$class='w100p',
$date_format='Y/m/d',
$time_format='H:i:s'
$date_format_php='Y/m/d',
$time_format_php='H:i:s',
$date_format_js='yy/mm/dd',
$time_format_js='HH:mm:ss'
) {
global $config;
@ -7328,21 +7352,21 @@ function html_print_select_date_range(
}
if ($date_end === '') {
$date_end = date($date_format);
$date_end = date($date_format_php);
}
if ($date_init === '') {
$date_init = date($date_format, strtotime($date_end.' -1 days'));
$date_init = date($date_format_php, strtotime($date_end.' -1 days'));
}
$date_init = date($date_format, strtotime($date_init));
$date_init = date($date_format_php, strtotime($date_init));
if ($time_init === '') {
$time_init = date($time_format);
$time_init = date($time_format_php);
}
if ($time_end === '') {
$time_end = date($time_format);
$time_end = date($time_format_php);
}
$fields[SECONDS_1DAY] = __('Last 24hr');
@ -7508,7 +7532,7 @@ function html_print_select_date_range(
}
$('#text-date').datepicker({
dateFormat: '".DATE_FORMAT_JS."',
dateFormat: '".$date_format_js."',
changeMonth: true,
changeYear: true,
showAnim: 'slideDown'
@ -7516,7 +7540,7 @@ function html_print_select_date_range(
$('[id^=text-time_init]').timepicker({
showSecond: true,
timeFormat: '".TIME_FORMAT_JS."',
timeFormat: '".$time_format_js."',
timeOnlyTitle: '".__('Choose time')."',
timeText: '".__('Time')."',
hourText: '".__('Hour')."',
@ -7527,7 +7551,7 @@ function html_print_select_date_range(
});
$('[id^=text-date_init]').datepicker ({
dateFormat: '".DATE_FORMAT_JS."',
dateFormat: '".$date_format_js."',
changeMonth: true,
changeYear: true,
showAnim: 'slideDown',
@ -7549,7 +7573,7 @@ function html_print_select_date_range(
});
$('[id^=text-date_end]').datepicker ({
dateFormat: '".DATE_FORMAT_JS."',
dateFormat: '".$date_format_js."',
changeMonth: true,
changeYear: true,
showAnim: 'slideDown',
@ -7572,7 +7596,7 @@ function html_print_select_date_range(
$('[id^=text-time_end]').timepicker({
showSecond: true,
timeFormat: '".TIME_FORMAT_JS."',
timeFormat: '".$time_format_js."',
timeOnlyTitle: '".__('Choose time')."',
timeText: '".__('Time')."',
hourText: '".__('Hour')."',

61
pandora_console/include/functions_macros.php Normal file
View File

@ -0,0 +1,61 @@
<?php
// Pandora FMS - https://pandorafms.com
// ==================================================
// Copyright (c) 2005-2023 Pandora FMS
// Please see https://pandorafms.com/community/ for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
/**
* Return array with macros of agent like core.pm
*
* @param interger $id_agente Id agent to return data.
*
* @return array Array with all macros.
*/
function return_agent_macros($id_agente)
{
global $config;
$array_macros = [];
$grupo = [];
$agente = db_get_row_sql(
'SELECT * FROM tagente WHERE id_agente = '.$id_agente
);
if (isset($agente['id_grupo'])) {
$grupo = db_get_row_sql(
'SELECT * FROM tgrupo WHERE id_grupo = '.$agente['id_grupo']
);
}
if (isset($agente['server_name'])) {
$server_ip = db_get_row_sql(
'SELECT ip_address FROM tserver WHERE name = "'.$agente['server_name'].'"'
)['id_address'];
}
$array_macros = [
'_agentname_' => ($agente['nombre']) ?: '',
'_agentalias_' => ($agente['alias']) ?: '',
'_agent_' => ($agente['alias']) ?: (($agente['nombre']) ?: ''),
'_agentcustomid_' => ($agente['custom_id']) ?: '',
'_agentdescription_' => ($agente['comentarios']) ?: '',
'_agentgroup_' => ($grupo['nombre']) ?: '',
'_agentos_' => ($agente['id_os']) ?: '',
'_address_' => ($agente['direccion']) ?: '',
'_homeurl_' => ($config['public_url']) ?: '',
'_groupcontact_' => ($agente['contact']) ?: '',
'_groupcustomid_' => ($agente['custom_id']) ?: '',
'_groupother_' => ($agente['other']) ?: '',
'_server_ip_' => ($server_ip) ?: '',
'_server_name_' => ($agente['server_name']) ?: '',
];
return $array_macros;
}

8
pandora_console/include/functions_menu.php
View File

@ -1170,6 +1170,14 @@ if (is_ajax()) {
<p style="font-size: 10pt;">'.$sys_info->data->ramInfo->value.'</p>
</th>
</tr>
<tr>
<th style="width: 15%;">
<p><span>'.$sys_info->data->distroInfo->name.'</span></p>
</th>
<th style="width: 85%;">
<p style="font-size: 10pt;">'.$sys_info->data->distroInfo->value.'</p>
</th>
</tr>
<tr>
<th style="width: 15%;">
<p><span>'.$sys_info->data->osInfo->name.'</span></p>

1
pandora_console/include/functions_messages.php
View File

@ -122,6 +122,7 @@ function messages_create_message(
'id_usuario_origen' => $usuario_origen,
'subject' => $subject,
'mensaje' => $mensaje,
'subtype' => 'NOTIF.MESSAGE',
'id_source' => get_notification_source_id('message'),
'timestamp' => get_system_time(),
]

2
pandora_console/include/functions_modules.php
View File

@ -4735,7 +4735,7 @@ function export_agents_module_csv($filters)
$query_filter .= ' AND tam.nombre IN '.$module_filter.' ';
} else {
$module_filter = '('.implode(', ', $filter).')';
$query_filter .= ' AND tam.id_tipo_modulo IN '.$module_filter.' ';
$query_filter .= ' AND tam.id_agente_modulo IN '.$module_filter.' ';
}
}
break;

9
pandora_console/include/functions_notifications.php
View File

@ -142,7 +142,6 @@ function notifications_get_subtypes(?string $source=null)
'NOTIF.PANDORADB.HISTORICAL',
'NOTIF.HISTORYDB.MR',
'NOTIF.EXT.ELASTICSEARCH',
'NOTIF.EXT.LOGSTASH',
'NOTIF.METACONSOLE.DB_CONNECTION',
'NOTIF.DOWNTIME',
'NOTIF.UPDATEMANAGER.REGISTRATION',
@ -659,7 +658,15 @@ function notifications_get_user_label_status($source, $user, $label)
*/
function notifications_set_user_label_status($source, $user, $label, $value)
{
global $config;
$user_info = get_user_info($config['id_user']);
if ((bool) $user_info['is_admin'] === false && $config['id_user'] !== $user) {
return false;
}
$source_info = notifications_get_all_sources(['id' => $source]);
if (!isset($source_info[0])
|| !$source_info[0]['enabled']
|| !$source_info[0]['user_editable']

22
pandora_console/include/functions_profile.php
View File

@ -308,7 +308,7 @@ function profile_print_profile_table($id, $json_profile=false, $return=false, $c
'del',
'images/delete.svg',
1,
'',
'background-color: transparent !important;',
true,
[
'onclick' => 'delete_profile(event, this)',
@ -316,8 +316,15 @@ function profile_print_profile_table($id, $json_profile=false, $return=false, $c
]
);
} else {
$data['actions'] = '<form method="post" onsubmit="if (!confirm (\''.__('Are you sure?').'\')) return false">';
$data['actions'] .= html_print_input_image('del', 'images/delete.svg', 1, '', true, ['class' => 'main_menu_icon invert_filter']);
$data['actions'] = '<form method="post" onsubmit="">';
$data['actions'] .= html_print_input_image(
'del',
'images/delete.svg',
1,
'background-color: transparent !important;',
true,
['class' => 'main_menu_icon invert_filter']
);
$data['actions'] .= html_print_input_hidden('delete_profile', 1, true);
$data['actions'] .= html_print_input_hidden('id_user_profile', $profile['id_up'], true);
$data['actions'] .= html_print_input_hidden('id_user', $id, true);
@ -391,7 +398,14 @@ function profile_print_profile_table($id, $json_profile=false, $return=false, $c
$data['last_hierarchy'] = html_print_checkbox('no_hierarchy', 1, false, true);
$data['last_actions'] = html_print_input_image('add', 'images/validate.svg', 1, '', true, ['class' => 'main_menu_icon invert_filter']);
$data['last_actions'] = html_print_input_image(
'add',
'images/validate.svg',
1,
'background-color: transparent !important;',
true,
['class' => 'main_menu_icon invert_filter']
);
$data['last_actions'] .= html_print_input_hidden('id', $id, true);
$data['last_actions'] .= html_print_input_hidden('add_profile', 1, true);
$data['last_actions'] .= '</form>';

74
pandora_console/include/functions_reporting.php
View File

@ -42,6 +42,7 @@ require_once $config['homedir'].'/include/functions_users.php';
enterprise_include_once('include/functions_reporting.php');
enterprise_include_once('include/functions_metaconsole.php');
enterprise_include_once('include/functions_inventory.php');
require_once $config['homedir'].'/include/functions_inventory.php';
enterprise_include_once('include/functions_cron.php');
require_once $config['homedir'].'/include/functions_forecast.php';
require_once $config['homedir'].'/include/functions_ui.php';
@ -1023,6 +1024,62 @@ function reporting_make_reporting_data(
);
break;
case 'vuls_severity_graph':
$report['contents'][] = reporting_vuls_severity_graph(
$report,
$content,
$type
);
break;
case 'vuls_attack_complexity':
$report['contents'][] = reporting_vuls_attack_complexity_graph(
$report,
$content,
$type
);
break;
case 'vuls_by_packages':
$report['contents'][] = reporting_vuls_by_packages_graph(
$report,
$content,
$type
);
break;
case 'vuls_by_agent':
$report['contents'][] = reporting_vuls_by_agent(
$report,
$content,
$type
);
break;
case 'vuls_info_agent':
$report['contents'][] = reporting_vuls_info_agent(
$report,
$content,
$type
);
break;
case 'top_n_agents_vuls':
$report['contents'][] = reporting_top_n_agents_vuls(
$report,
$content,
$type
);
break;
case 'top_n_vuls_count':
$report['contents'][] = reporting_top_n_vuls_count(
$report,
$content,
$type
);
break;
default:
// Default.
break;
@ -11294,7 +11351,7 @@ function reporting_simple_graph(
),
'ttl' => $ttl,
'compare' => $time_compare_overlapped,
'show_unknown' => true,
'show_unknown' => $content['check_unknowns_graph'],
'percentil' => ($content['style']['percentil'] == 1) ? $config['percentil'] : null,
'fullscale' => $fullscale,
'server_id' => $id_meta,
@ -13641,38 +13698,47 @@ function reporting_tiny_stats(
}
if ($modern === true) {
$out .= '<div id="bullets_modules">';
if (isset($fired_count) && $fired_count > 0) {
$out .= '<div class="bullets_modules">';
$out .= '<div><div id="fired_count_'.$uniq_id.'" class="forced_title bullet_modules orange_background"></div>';
$out .= '<span class="font_12pt">'.$fired_count.'</span></div>';
$out .= '</div>';
}
if (isset($critical_count) && $critical_count > 0) {
$out .= '<div class="bullets_modules">';
$out .= '<div><div id="critical_count_'.$uniq_id.'" class="forced_title bullet_modules red_background"></div>';
$out .= '<span class="font_12pt">'.$critical_count.'</span></div>';
$out .= '</div>';
}
if (isset($warning_count) && $warning_count > 0) {
$out .= '<div class="bullets_modules">';
$out .= '<div><div id="warning_count_'.$uniq_id.'" class="forced_title bullet_modules yellow_background"></div>';
$out .= '<span class="font_12pt">'.$warning_count.'</span></div>';
$out .= '</div>';
}
if (isset($unknown_count) && $unknown_count > 0) {
$out .= '<div class="bullets_modules">';
$out .= '<div><div id="unknown_count_'.$uniq_id.'" class="forced_title bullet_modules grey_background"></div>';
$out .= '<span class="font_12pt">'.$unknown_count.'</span></div>';
$out .= '</div>';
}
if (isset($not_init_count) && $not_init_count > 0) {
$out .= '<div class="bullets_modules">';
$out .= '<div><div id="not_init_count_'.$uniq_id.'" class="forced_title bullet_modules blue_background"></div>';
$out .= '<span class="font_12pt">'.$not_init_count.'</span></div>';
$out .= '</div>';
}
if (isset($normal_count) && $normal_count > 0) {
$out .= '<div class="bullets_modules">';
$out .= '<div><div id="normal_count_'.$uniq_id.'" class="forced_title bullet_modules green_background"></div>';
$out .= '<span class="font_12pt">'.$normal_count.'</span></div>';
}
$out .= '</div>';
}
} else {
// Classic ones.
$out .= '<b><span id="total_count_'.$uniq_id.'" class="forced_title" >'.$total_count.'</span>';

324
pandora_console/include/functions_reporting_html.php
View File

@ -507,6 +507,34 @@ function reporting_html_print_report($report, $mini=false, $report_info=1, $cust
case 'evolution':
reporting_evolution_graph($table, $item);
break;
case 'vuls_severity_graph':
reporting_html_vuls_severity_graph($table, $item);
break;
case 'vuls_attack_complexity':
reporting_html_vuls_attack_complexity($table, $item);
break;
case 'vuls_by_packages':
reporting_html_vuls_by_packages($table, $item);
break;
case 'vuls_by_agent':
reporting_html_vuls_by_agent($table, $item);
break;
case 'vuls_info_agent':
reporting_html_vuls_info_agent($table, $item);
break;
case 'top_n_agents_vuls':
reporting_html_top_n_agents_vuls($table, $item);
break;
case 'top_n_vuls_count':
reporting_html_top_n_vuls_count($table, $item);
break;
}
if ($item['type'] == 'agent_module') {
@ -522,6 +550,300 @@ function reporting_html_print_report($report, $mini=false, $report_info=1, $cust
}
/**
* Function to print top vulnerabiries more common.
*
* @param object $table Head table or false if it comes from pdf.
* @param array $item Items data.
* @param integer $pdf Flag for return table.
*
* @return mixed
*/
function reporting_html_top_n_vuls_count($table, $item, $pdf=0)
{
global $config;
$table->width = '99%';
$table->styleTable = 'border: 0px;';
$table->colspan[2][0] = 3;
$table1 = new stdClass();
$table1->headstyle = [];
$table1->width = '99%';
$table1->class = 'info_table';
$table1->titleclass = 'title_table_pdf';
$table1->rowclass[0] = '';
$table1->head[0] = __('Vulnerability');
$table1->head[2] = __('Total');
$row = 2;
foreach ($item['data'] as $key => $vul) {
$table1->data[$row][0] = $vul['cve_id'];
$table1->data[$row][2] = $vul['count'];
$row++;
}
if ($pdf === 1) {
$table1->title = $item['title'];
$table1->titleclass = 'title_table_pdf';
$table1->titlestyle = 'text-align:left;';
}
$table->data[2][0] = html_print_table($table1, true);
if ($pdf === 1) {
return html_print_table($table, true);
}
}
/**
* Function to print top agents with worst score.
*
* @param object $table Head table or false if it comes from pdf.
* @param array $item Items data.
* @param integer $pdf Flag for return table.
*
* @return mixed
*/
function reporting_html_top_n_agents_vuls($table, $item, $pdf=0)
{
global $config;
$table->width = '99%';
$table->styleTable = 'border: 0px;';
$table->colspan[2][0] = 3;
$table1 = new stdClass();
$table1->headstyle = [];
$table1->width = '99%';
$table1->class = 'info_table';
$table1->titleclass = 'title_table_pdf';
$table1->rowclass[0] = '';
$table1->head[0] = __('Agent');
$table1->head[2] = __('Risk');
$row = 2;
foreach ($item['data'] as $key => $agent) {
$table1->data[$row][0] = $agent['alias'];
$table1->data[$row][2] = $agent['score'];
$row++;
}
if ($pdf === 1) {
$table1->title = $item['title'];
$table1->titleclass = 'title_table_pdf';
$table1->titlestyle = 'text-align:left;';
}
$table->data[2][0] = html_print_table($table1, true);
if ($pdf === 1) {
return html_print_table($table, true);
}
}
/**
* Function to print vulnerabilities of agent.
*
* @param object $table Head table or false if it comes from pdf.
* @param array $item Items data.
* @param integer $pdf Flag for return table.
*
* @return mixed
*/
function reporting_html_vuls_info_agent($table, $item, $pdf=0)
{
$table->width = '99%';
$table->styleTable = 'border: 0px;';
$table->colspan[2][0] = 3;
$table1 = new stdClass();
$table1->headstyle[0] = 'text-align: left';
$table1->headstyle[1] = 'text-align: left';
$table1->headstyle[2] = 'text-align: left';
$table1->width = '99%';
$table1->class = 'info_table';
$table1->titleclass = 'title_table_pdf';
$table1->rowclass[0] = '';
$table1->head[0] = __('Name');
$table1->head[1] = __('CVE');
$table1->head[2] = __('Version');
$table1->head[3] = __('Score');
$table1->head[4] = __('Detection time');
$table1->head[5] = __('Severity');
$table1->head[6] = __('Version');
$table1->head[7] = __('Attack Vector');
$table1->head[8] = __('Attack Complexity');
$table1->head[9] = __('Privileges Required');
$table1->head[10] = __('User Interaction');
$table1->head[11] = __('Scope');
$table1->head[12] = __('Confidentiality');
$table1->head[13] = __('Integrity');
$table1->head[14] = __('Availability');
$row = 1;
foreach ($item['data'] as $key => $vul) {
$table1->data[$row][0] = (key_exists('name', $vul) === true) ? $vul['name'] : '';
$table1->data[$row][1] = (key_exists('cve', $vul) === true) ? $vul['cve'] : '';
$table1->data[$row][2] = (key_exists('version', $vul) === true) ? $vul['version'] : '';
$table1->data[$row][3] = (key_exists('score', $vul) === true) ? $vul['score'] : '';
$table1->data[$row][4] = (key_exists('detection_time', $vul) === true) ? $vul['detection_time'] : '';
$table1->data[$row][5] = (key_exists('severity', $vul) === true) ? $vul['severity'] : '';
$table1->data[$row][6] = (key_exists('CVSS', $vul) === true) ? $vul['CVSS'] : '';
$table1->data[$row][7] = (key_exists('AV', $vul) === true) ? $vul['AV'] : '';
$table1->data[$row][8] = (key_exists('AC', $vul) === true) ? $vul['AC'] : '';
$table1->data[$row][9] = (key_exists('PR', $vul) === true) ? $vul['PR'] : '';
$table1->data[$row][10] = (key_exists('UI', $vul) === true) ? $vul['UI'] : '';
$table1->data[$row][11] = (key_exists('S', $vul) === true) ? $vul['S'] : '';
$table1->data[$row][12] = (key_exists('C', $vul) === true) ? $vul['C'] : '';
$table1->data[$row][13] = (key_exists('I', $vul) === true) ? $vul['I'] : '';
$table1->data[$row][14] = (key_exists('A', $vul) === true) ? $vul['A'] : '';
$row++;
}
$table->data[2][0] = html_print_table($table1, true);
if ($pdf === 1) {
$table1->title = $item['title'];
$table1->titleclass = 'title_table_pdf';
$table1->titlestyle = 'text-align:left;';
return html_print_table($table1, true);
}
}
/**
* Function to print total vulnerabilities by packages in graph.
*
* @param object $table Head table or false if it comes from pdf.
* @param array $item Items data.
* @param integer $pdf Flag for return table.
*
* @return mixed
*/
function reporting_html_vuls_by_packages($table, $item, $pdf=0)
{
$table->rowclass[0] = '';
$table->colspan['chart']['cell'] = 3;
$table->cellstyle['chart']['cell'] = 'text-align: center;';
$table->data['chart']['cell'] = $item['chart'];
if ($pdf === 1) {
return html_print_table($table, true);
}
}
/**
* Function to print attack complexity in graph
*
* @param object $table Head table or false if it comes from pdf.
* @param array $item Items data.
* @param integer $pdf Flag for return table.
*
* @return mixed
*/
function reporting_html_vuls_attack_complexity($table, $item, $pdf=0)
{
$table->rowclass[0] = '';
$table->colspan['chart']['cell'] = 3;
$table->cellstyle['chart']['cell'] = 'text-align: center;';
$table->data['chart']['cell'] = html_print_div(
[
'content' => $item['chart'],
'style' => 'width: 450px; height: 300px; margin: 0 auto;',
],
true
);
if ($pdf === 1) {
return html_print_table($table, true);
}
}
/**
* Function to print the severity vuls in graph.
*
* @param object $table Head table or false if it comes from pdf.
* @param array $item Items data.
* @param integer $pdf Flag for return table.
*
* @return mixed
*/
function reporting_html_vuls_severity_graph($table, $item, $pdf=0)
{
$table->rowclass[0] = '';
$table->colspan['chart']['cell'] = 3;
$table->cellstyle['chart']['cell'] = 'text-align: center;';
$table->data['chart']['cell'] = $item['chart'];
if ($pdf === 1) {
return html_print_table($table, true);
}
}
/**
* Function to print the all vulnerabilities by agent.
*
* @param object $table Head table or false if it comes from pdf.
* @param array $item Items data.
* @param integer $pdf Flag for return table.
*
* @return mixed
*/
function reporting_html_vuls_by_agent($table, $item, $pdf=0)
{
$table->width = '99%';
$table->styleTable = 'border: 0px;';
$table->colspan[2][0] = 3;
$table1 = new stdClass();
$table1->headstyle[0] = 'text-align: left';
$table1->headstyle[1] = 'text-align: left';
$table1->headstyle[2] = 'text-align: left';
$table1->width = '99%';
$table1->class = 'info_table';
$table1->titleclass = 'title_table_pdf';
$table1->rowclass[0] = '';
$table1->head[0] = __('Agent');
$table1->head[1] = __('OS');
$table1->head[2] = __('OS Version');
$table1->head[3] = __('Group');
$table1->head[4] = __('Ip');
$table1->head[5] = __('Status');
$table1->head[6] = __('SecMon');
$table1->head[7] = __('Hardening');
$table1->head[8] = __('Vulnerability');
$table1->head[9] = __('Last contact');
$table1->head[10] = __('L.S. Change');
$row = 1;
foreach ($item['data'] as $key => $vul) {
$table1->data[$row][0] = $vul['alias'];
$table1->data[$row][2] = $vul['name'];
$table1->data[$row][3] = $vul['os_version'];
$table1->data[$row][4] = $vul['nombre_gr'];
$table1->data[$row][5] = $vul['direccion'];
$table1->data[$row][6] = $vul['status'];
$table1->data[$row][7] = $vul['secmon'];
$table1->data[$row][8] = $vul['hardening'];
$table1->data[$row][9] = $vul['vulnerabilities'];
$table1->data[$row][10] = $vul['ultimo_contacto'];
$table1->data[$row][11] = $vul['last_status_c'];
$row++;
}
if ($pdf === 1) {
$table1->title = $item['title'];
$table1->titleclass = 'title_table_pdf';
$table1->titlestyle = 'text-align:left;';
}
$table->data[2][0] = html_print_table($table1, true);
if ($pdf === 1) {
return html_print_table($table1, true);
}
}
/**
* Function to print the security hardening evolution.
*
@ -3249,7 +3571,7 @@ function reporting_html_group_report($table, $item, $pdf=0)
$out .= '</tr>';
$out .= '<tr>';
$out .= '</td>';
$out .= '<td><fieldset><legend>'.__('Events per agent').'</legend>';
$out .= '<td><fieldset><legend>'.__('Events by agent').'</legend>';
$data = [];
$options = [];
$labels = [];

35
pandora_console/include/functions_reports.php
View File

@ -1003,6 +1003,41 @@ function reports_get_report_types($template=false, $not_editor=false)
'optgroup' => __('Security hardening'),
'name' => __('Evolution'),
];
$types['vuls_severity_graph'] = [
'optgroup' => __('Vulnerabilities'),
'name' => __('Severity graph bar'),
];
$types['vuls_attack_complexity'] = [
'optgroup' => __('Vulnerabilities'),
'name' => __('Attack complexity graph donut'),
];
$types['vuls_by_packages'] = [
'optgroup' => __('Vulnerabilities'),
'name' => __('By packages in graph pie'),
];
$types['vuls_by_agent'] = [
'optgroup' => __('Vulnerabilities'),
'name' => __('Detailed security report'),
];
$types['vuls_info_agent'] = [
'optgroup' => __('Vulnerabilities'),
'name' => __('Vulnerabilities of agent'),
];
$types['top_n_agents_vuls'] = [
'optgroup' => __('Vulnerabilities'),
'name' => __('Top-N agents with more risk'),
];
$types['top_n_vuls_count'] = [
'optgroup' => __('Vulnerabilities'),
'name' => __('Top-N common vulnerabilities'),
];
}
return $types;

27
pandora_console/include/functions_servers.php
View File

@ -665,6 +665,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'data';
$id_modulo = 1;
$server['name'] = __('Data server');
break;
case SERVER_TYPE_NETWORK:
@ -678,6 +679,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'network';
$id_modulo = 2;
$server['name'] = __('Network server');
break;
case SERVER_TYPE_SNMP:
@ -691,6 +693,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'snmp';
$id_modulo = 0;
$server['name'] = __('SNMP Trap server');
break;
case SERVER_TYPE_DISCOVERY:
@ -704,6 +707,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'recon';
$id_modulo = 0;
$server['name'] = __('Discovery server');
break;
case SERVER_TYPE_PLUGIN:
@ -717,6 +721,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'plugin';
$id_modulo = 4;
$server['name'] = __('Plugin server');
break;
case SERVER_TYPE_PREDICTION:
@ -730,6 +735,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'prediction';
$id_modulo = 5;
$server['name'] = __('Prediction server');
break;
case SERVER_TYPE_WMI:
@ -743,6 +749,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'wmi';
$id_modulo = 6;
$server['name'] = __('WMI server');
break;
case SERVER_TYPE_EXPORT:
@ -756,6 +763,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'export';
$id_modulo = 0;
$server['name'] = __('Export server');
break;
case SERVER_TYPE_INVENTORY:
@ -769,6 +777,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'inventory';
$id_modulo = 0;
$server['name'] = __('Inventory server');
break;
case SERVER_TYPE_WEB:
@ -782,6 +791,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'web';
$id_modulo = 0;
$server['name'] = __('Web server');
break;
case SERVER_TYPE_EVENT:
@ -795,6 +805,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'event';
$id_modulo = 2;
$server['name'] = __('Event server');
break;
case SERVER_TYPE_CORRELATION:
@ -808,6 +819,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'correlation';
$id_modulo = 0;
$server['name'] = __('Correlation server');
break;
case SERVER_TYPE_ENTERPRISE_ICMP:
@ -821,6 +833,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'enterprise icmp';
$id_modulo = 2;
$server['name'] = __('Enterprise ICMP server');
break;
case SERVER_TYPE_ENTERPRISE_SNMP:
@ -834,6 +847,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'enterprise snmp';
$id_modulo = 2;
$server['name'] = __('Enterprise SNMP server');
break;
case SERVER_TYPE_ENTERPRISE_SATELLITE:
@ -847,6 +861,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'enterprise satellite';
$id_modulo = 0;
$server['name'] = __('Enterprise Satellite server');
break;
case SERVER_TYPE_ENTERPRISE_TRANSACTIONAL:
@ -860,6 +875,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'enterprise transactional';
$id_modulo = 0;
$server['name'] = __('Enterprise Transactional server');
break;
case SERVER_TYPE_MAINFRAME:
@ -873,6 +889,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'mainframe';
$id_modulo = 0;
$server['name'] = __('Mainframe server');
break;
case SERVER_TYPE_SYNC:
@ -886,6 +903,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'sync';
$id_modulo = 0;
$server['name'] = __('Sync server');
break;
case SERVER_TYPE_WUX:
@ -899,6 +917,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'wux';
$id_modulo = 0;
$server['name'] = __('Wux server');
break;
case SERVER_TYPE_SYSLOG:
@ -912,6 +931,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'syslog';
$id_modulo = 0;
$server['name'] = __('Syslog server');
break;
case SERVER_TYPE_NCM:
@ -925,6 +945,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'ncm';
$id_modulo = 0;
$server['name'] = __('NCM server');
break;
case SERVER_TYPE_AUTOPROVISION:
@ -938,6 +959,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'autoprovision';
$id_modulo = 0;
$server['name'] = __('Autoprovision server');
break;
case SERVER_TYPE_MIGRATION:
@ -951,6 +973,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'migration';
$id_modulo = 0;
$server['name'] = __('Migration server');
break;
case SERVER_TYPE_ALERT:
@ -964,6 +987,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'alert';
$id_modulo = 0;
$server['name'] = __('Alert server');
break;
case SERVER_TYPE_NETFLOW:
@ -977,6 +1001,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'netflow';
$id_modulo = 0;
$server['name'] = __('Netflow server');
break;
case SERVER_TYPE_LOG:
@ -990,6 +1015,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'log';
$id_modulo = 0;
$server['name'] = __('Log server');
break;
case SERVER_TYPE_MADE:
@ -1003,6 +1029,7 @@ function servers_get_info($id_server=-1, $sql_limit=-1)
);
$server['type'] = 'made';
$id_modulo = 0;
$server['name'] = __('MADE server');
break;
default:

4
pandora_console/include/functions_snmp_browser.php
View File

@ -644,6 +644,7 @@ function snmp_browser_print_oid(
if (isset($_POST['print_create_agent_module'])) {
// Hidden by default.
if (is_metaconsole() === false) {
$output .= html_print_button(
__('Create agent module'),
'create_module_agent_single',
@ -653,6 +654,7 @@ function snmp_browser_print_oid(
true
);
}
}
if (isset($_POST['print_copy_oid'])) {
// Hidden by default.
@ -1238,6 +1240,7 @@ function snmp_browser_print_container(
if ($show_massive_buttons) {
$output .= '<div id="snmp_create_buttons" style="display:none">';
if (is_metaconsole() === false) {
$output .= html_print_submit_button(
__('Create agent modules'),
'create_modules_agent',
@ -1245,6 +1248,7 @@ function snmp_browser_print_container(
['class' => 'sub add'],
true
);
}
if (is_management_allowed() === true && enterprise_installed()) {
$output .= html_print_submit_button(

6
pandora_console/include/functions_treeview.php
View File

@ -792,7 +792,7 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
false,
false,
'',
'white-box-content mrgn_top_0 mrgn_btn_0px',
'white-box-content-no-height mrgn_top_0 mrgn_btn_0px',
'white_table_flex'
);
@ -812,7 +812,7 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
true,
false,
'',
'white-box-content mrgn_top_0 mrgn_btn_0px border-bottom-gray',
'white-box-content-no-height mrgn_top_0 mrgn_btn_0px border-bottom-gray',
'white_table_flex'
);
}
@ -987,7 +987,7 @@ function treeview_printTable($id_agente, $server_data=[], $no_head=false)
true,
empty($table_advanced->data),
'',
'white-box-content mrgn_top_0 mrgn_btn_0px border-bottom-gray',
'white-box-content-no-height mrgn_top_0 mrgn_btn_0px border-bottom-gray',
'white_table_flex'
);

48
pandora_console/include/functions_ui.php
View File

@ -409,8 +409,7 @@ function ui_print_message($message, $class='', $attributes='', $return=false, $t
$messageTable->colspan[1][0] = 2;
$messageTable->data = [];
$messageTable->data[0][0] = '<b>'.$text_title.'</b>';
$messageTable->data[0][1] = $closeButton;
$messageTable->data[0][0] = '<b>'.$text_title.'</b>'.$closeButton;
$messageTable->data[1][0] = '<span>'.$text_message.'</b>';
// JavaScript help vars.
@ -1802,11 +1801,14 @@ function ui_print_string_substr($string, $cutoff=16, $return=false, $fontsize=0)
*
* @return An HTML string if return was true.
*/
function ui_print_alert_template_example($id_alert_template, $return=false, $print_values=true)
function ui_print_alert_template_example($id_alert_template, $return=false, $print_values=true, $print_icon=true)
{
$output = '';
if ($print_icon === true) {
$output .= html_print_image('images/information.png', true, ['class' => 'invert_filter']);
}
$output .= '<span id="example">';
$template = alerts_get_alert_template($id_alert_template);
@ -8230,3 +8232,43 @@ function ui_update_name_fav_element($id_element, $section, $label)
]
);
}
function ui_print_status_vulnerability_div(float $score)
{
$return = '';
$class = 'status_rounded_rectangles forced_title';
if (((float) $score) <= 5) {
return ui_print_div('group_view_ok '.$class, $score);
}
if (((float) $score) > 5 && ((float) $score) <= 7.5) {
return ui_print_div('group_view_warn '.$class, $score);
}
if (((float) $score) > 7.5) {
return ui_print_div('group_view_crit '.$class, $score);
}
return $return;
}
function ui_print_status_secmon_div($status, $title=false)
{
$class = 'status_rounded_rectangles forced_title';
if (($status) === 'normal') {
$title = ($title === false) ? __('normal') : $title;
return ui_print_div('group_view_ok '.$class, $title);
}
if (($status) === 'warning') {
$title = ($title === false) ? __('warning') : $title;
return ui_print_div('group_view_warn '.$class, $title);
}
if (($status) === 'critical') {
$title = ($title === false) ? __('critical') : $title;
return ui_print_div('group_view_crit '.$class, $title);
}
}

1
pandora_console/include/graphs/export_data.php
View File

@ -45,6 +45,7 @@ if (file_exists('../languages/'.$user_language.'.mo') === true) {
$type = (string) get_parameter('type', 'csv');
$data = (string) get_parameter('data');
$data = strip_tags(io_safe_output($data));
$data = json_decode(io_safe_output($data), true);
$default_filename = 'data_exported - '.date($config['date_format']);

6
pandora_console/include/graphs/fgraph.php
View File

@ -1228,6 +1228,12 @@ function get_build_setup_charts($type, $options, $data)
) {
$colors = $options['colors'];
$borders = $options['colors'];
if (isset($options['border']) === true && (bool) $options['border'] === false) {
$borders = [];
foreach ($colors as $color) {
$borders[] = 'rgba(0, 0, 0, 0)';
}
}
} else {
// Colors.
$defaultColor = [];

3
pandora_console/include/graphs/flot/pandora.flot.js
View File

@ -2223,6 +2223,9 @@ function pandoraFlotArea(
}
var dataInSelection = ranges.xaxis.to - ranges.xaxis.from;
if (dataInSelection < 35000) {
return;
}
var maxticks_zoom = dataInSelection / 3600000 / number_ticks;
if (maxticks_zoom < 0.001) {

6
pandora_console/include/javascript/jquery.pandora.controls.js
View File

@ -331,9 +331,13 @@
id_group: id_group
},
function(data) {
let routeImg =
typeof data.folder === "undefined"
? "images/"
: "images/" + data.folder;
$("img", config.spanPreview).attr(
"src",
"images/" + data["icon"]
routeImg + data["icon"]
);
$("a", config.spanPreview).attr("href", hrefNew);
},

9
pandora_console/include/javascript/pandora.js
View File

@ -305,7 +305,7 @@ function agent_changed_by_multiple_agents(event, id_agent, selected) {
$("<option></option>")
.html(anyText)
.attr("value", 0)
.prop("selected", true)
.prop("selected", false)
);
}
}
@ -1653,6 +1653,10 @@ function paint_graph_status(
max_c = 0;
}
// Remove Error class.
$("#text-max_warning").removeClass("input_error");
$("#text-max_critical").removeClass("input_error");
//if haven't errors
if (error_w == 0 && error_c == 0) {
//parse element
@ -1958,6 +1962,9 @@ function paint_graph_status(
.html(message_error_critical)
.style("text-anchor", "first");
}
if (error_c == 2) {
$("#text-max_critical").addClass("input_error");
}
}
}

25
pandora_console/include/javascript/pandora_dashboards.js
View File

@ -310,8 +310,6 @@ function initialiceLayout(data) {
}
function duplicateWidget(original_cellId, original_widgetId) {
let duplicate_cellId = insertCellLayoutForDuplicate();
$.ajax({
method: "post",
url: data.url,
@ -320,16 +318,14 @@ function initialiceLayout(data) {
method: "duplicateWidget",
dashboardId: data.dashboardId,
widgetId: original_widgetId,
cellId: original_cellId,
duplicateCellId: duplicate_cellId
cellId: original_cellId
},
dataType: "json",
success: function(success) {
console.log(success);
success: function(data) {
addCell(data.cellId, 0, 0, 4, 4, true, 0, 2000, 0, 2000, 0, true);
},
error: function(error) {
console.log(error);
return [];
error: function(xhr, textStatus, errorMessage) {
console.log("ERROR" + errorMessage + textStatus + xhr);
}
});
}
@ -428,8 +424,8 @@ function initialiceLayout(data) {
}
});
}
function insertCellLayoutForDuplicate() {
/*
function insertCellLayoutForDuplicate(original_cell_id) {
let duplicateCellId = 0;
$.ajax({
async: false,
@ -441,7 +437,8 @@ function initialiceLayout(data) {
dashboardId: data.dashboardId,
auth_class: data.auth.class,
auth_hash: data.auth.hash,
id_user: data.auth.user
id_user: data.auth.user,
copy: original_cell_id
},
dataType: "json",
success: function(data) {
@ -449,7 +446,7 @@ function initialiceLayout(data) {
// width and height = 4
// position auto = true.
if (data.cellId !== 0) {
addCell(data.cellId, 0, 0, 4, 4, true, 0, 2000, 0, 2000, 0, true);
addCell(data.cellId, 0, 0, 4, 4, true, 0, 2000, 0, 2000, 0, true, original_cell_id);
duplicateCellId = data.cellId;
}
},
@ -458,7 +455,7 @@ function initialiceLayout(data) {
}
});
return duplicateCellId;
}
}*/
function configurationWidget(cellId, widgetId, size) {
load_modal({

98
pandora_console/include/javascript/pandora_events.js
View File

@ -492,6 +492,37 @@ function event_comment(current_event) {
return false;
}
// Save custom_field into an event.
function update_event_custom_id(event_id, server_id) {
var event_custom_id = $("#text-event_custom_id").val();
var params = {
page: "include/ajax/events",
update_event_custom_id: 1,
event_custom_id: event_custom_id,
event_id: event_id,
server_id: server_id
};
$("#button-update_custom_field").attr("disabled", "disabled");
$("#response_loading").show();
jQuery.ajax({
data: params,
type: "POST",
url: getUrlAjax(),
dataType: "html",
success: function(data) {
if (data === "update_error") {
alert("Event Custom ID not valid");
}
$("#button-update_custom_field").removeAttr("disabled");
$("#response_loading").hide();
$("#button-events_form_search_bt").trigger("click");
}
});
}
var processed = 0;
function update_event(table, id_evento, type, event_rep, row, server_id) {
var inputs = $("#events_form :input");
@ -1004,6 +1035,7 @@ function openSoundEventsDialog(settings, dialog_parameters, reload) {
modal: false,
width: 600,
height: 600,
dialogClass: "modal-sound",
open: function() {
$.ajax({
method: "post",
@ -1064,10 +1096,10 @@ function openSoundEventsDialog(settings, dialog_parameters, reload) {
if (reload == false && dialog_parameters != undefined) {
if ($("#button-start-search").hasClass("play")) {
$("#filter_id").val(dialog_parameters["filter_id"]);
$("#interval").val(dialog_parameters["interval"]);
$("#time_sound").val(dialog_parameters["time_sound"]);
$("#sound_id").val(dialog_parameters["sound_id"]);
$("#filter_id").val(dialog_parameters.filter_id);
$("#interval").val(dialog_parameters.interval);
$("#time_sound").val(dialog_parameters.time_sound);
$("#sound_id").val(dialog_parameters.sound_id);
$("#filter_id").trigger("change");
$("#interval").trigger("change");
@ -1124,14 +1156,15 @@ function openSoundEventsDialog(settings, dialog_parameters, reload) {
}
function openSoundEventModal(settings) {
var win = "";
if ($("#hidden-metaconsole_activated").val() === "1") {
var win = open(
win = open(
"../../operation/events/sound_events.php",
"day_123",
"width=600,height=500"
);
} else {
var win = open(
win = open(
"operation/events/sound_events.php",
"day_123",
"width=600,height=500"
@ -1502,11 +1535,6 @@ $(document).ajaxSend(function(event, jqXHR, ajaxOptions) {
typeof requestBody.includes === "function" &&
requestBody.includes("drawConsoleSound=1")
) {
console.log(
"AJAX request sent with drawConsoleSound=1:",
ajaxOptions.url
);
// Find the dialog element by the aria-describedby attribute
var dialog = $('[aria-describedby="modal-sound"]');
@ -1516,62 +1544,32 @@ $(document).ajaxSend(function(event, jqXHR, ajaxOptions) {
// Add the minimize button before the close button
var minimizeButton = $("<button>", {
class:
"ui-corner-all ui-widget ui-button-icon-only ui-window-minimize ui-dialog-titlebar-minimize",
"ui-corner-all ui-widget ui-button-icon-only ui-window-minimize ui-dialog-titlebar-minimize minimize-buttom-image",
type: "button",
title: "Minimize",
style: "float: right;margin-right: 1.5em;"
title: "Minimize"
}).insertBefore(closeButton);
// Add the minimize icon to the minimize button
$("<span>", {
class: "ui-button-icon ui-icon ui-icon-minusthick",
style: "background-color: #fff;"
}).appendTo(minimizeButton);
$("<span>", {
class: "ui-button-icon-space"
})
.html(" ")
.appendTo(minimizeButton);
// Add the disengage button before the minimize button
var disengageButton = $("<button>", {
class:
"ui-corner-all ui-widget ui-button-icon-only ui-dialog-titlebar-disengage",
"ui-corner-all ui-widget ui-button-icon-only ui-dialog-titlebar-disengage disengage-buttom-image",
type: "button",
title: "Disengage",
style: "float: right;margin-right: 0.5em; position:relative;"
title: "Disengage"
}).insertBefore(minimizeButton);
// Add the disengage icon to the disengage button
$("<span>", {
class: "ui-button-icon ui-icon ui-icon-circle-triangle-n",
style: "background-color: #fff;"
}).appendTo(disengageButton);
$("<span>", {
class: "ui-button-icon-space"
})
.html(" ")
.appendTo(disengageButton);
minimizeButton.click(function(e) {
console.log("here");
if ($("#minimize_arrow_event_sound").hasClass("arrow_menu_up")) {
console.log("arrow_menu_up");
$("#minimize_arrow_event_sound").removeClass("arrow_menu_up");
$("#minimize_arrow_event_sound").addClass("arrow_menu_down");
} else if (
$("#minimize_arrow_event_sound").hasClass("arrow_menu_down")
) {
console.log("arrow_menu_down");
$("#minimize_arrow_event_sound").removeClass("arrow_menu_down");
$("#minimize_arrow_event_sound").addClass("arrow_menu_up");
}
if (!dialog.data("isMinimized")) {
$(".ui-widget-overlay").hide();
console.log("Minimize Window");
dialog.data("originalPos", dialog.position());
dialog.data("originalSize", {
width: dialog.width(),
@ -1582,7 +1580,6 @@ $(document).ajaxSend(function(event, jqXHR, ajaxOptions) {
dialog.animate(
{
height: "40px",
top: 0,
top: $(window).height() - 100
},
200,
@ -1597,17 +1594,13 @@ $(document).ajaxSend(function(event, jqXHR, ajaxOptions) {
},
5
);
//dialog.find(".ui-dialog-content").hide();
} else {
console.log("Restore Window");
$(".ui-widget-overlay").show();
//dialog.find(".ui-dialog-content").show();
dialog.data("isMinimized", false);
dialog.animate(
{
height: "40px",
top: 0,
top: $(window).height() - 100
},
5
@ -1739,3 +1732,8 @@ function loadModal() {
}
}
window.onload = loadModal;
function openEvents(severity) {
$('input[name="filter[severity]"]').val(severity);
$("#event_redirect").submit();
}

27
pandora_console/include/javascript/pandora_modules.js
View File

@ -500,16 +500,25 @@ function configure_modules_form() {
"checked",
data["critical_inverse"]
);
$("#checkbox-warning_inverse").prop("checked", data["warning_inverse"]);
$("#checkbox-percentage_warning").prop(
"uncheck",
data["percentage_warning"]
);
$("#checkbox-percentage_critical").prop(
"uncheck",
data["percentage_critical"]
);
$("#label-radius-normal_warning").trigger("click");
$("#label-radius-normal_critical").trigger("click");
if (data["warning_inverse"] == true) {
$("#label-radius-warning_inverse").trigger("click");
}
if (data["critical_inverse"] == true) {
$("#label-radius-critical_inverse").trigger("click");
}
if (data["percentage_warning"] == true) {
$("#label-radius-percentage_warning").trigger("click");
}
if (data["percentage_critical"] == true) {
$("#label-radius-percentage_critical").trigger("click");
}
$("#component_loading").hide();
$("#id_module_type").change();
if ($("#id_category").is("select")) {

Some files were not shown because too many files have changed in this diff Show More