From f0791cbd4f7a120d7f951a550bf51784da801ad6 Mon Sep 17 00:00:00 2001 From: fbsanchez Date: Fri, 27 Aug 2021 15:07:14 +0200 Subject: [PATCH] WIP CorrelationServer --- pandora_console/extras/mr/49.sql | 3 +++ .../extras/pandoradb_migrate_6.0_to_7.0.mysql.sql | 2 ++ pandora_console/pandoradb.sql | 2 ++ pandora_console/pandoradb_data.sql | 4 ++-- pandora_server/conf/pandora_server.conf.new | 12 ++++++++++++ pandora_server/lib/PandoraFMS/Config.pm | 4 ++++ pandora_server/lib/PandoraFMS/Tools.pm | 2 ++ 7 files changed, 27 insertions(+), 2 deletions(-) diff --git a/pandora_console/extras/mr/49.sql b/pandora_console/extras/mr/49.sql index 68de9070ed..6d1108f2e5 100644 --- a/pandora_console/extras/mr/49.sql +++ b/pandora_console/extras/mr/49.sql @@ -3,4 +3,7 @@ START TRANSACTION; UPDATE `tconfig` set value = 'Lato-Regular.ttf' WHERE token LIKE 'custom_report_front_font'; UPDATE `tconfig` set value = 'Lato-Regular.ttf' WHERE token LIKE 'fontpath'; +ALTER TABLE `tevent_alert` ADD COLUMN `last_evaluation` bigint(20) NOT NULL default 0; +ALTER TABLE `tevent_alert` ADD COLUMN `pool_occurrences` int unsigned not null default 0; + COMMIT; diff --git a/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql b/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql index 6c130bd6a5..c1f82a79bc 100644 --- a/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql +++ b/pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql @@ -710,6 +710,8 @@ CREATE TABLE IF NOT EXISTS `tevent_alert` ( ALTER TABLE `tevent_alert` ADD COLUMN `special_days` tinyint(1) default 0; ALTER TABLE `tevent_alert` MODIFY COLUMN `time_threshold` int(10) NOT NULL default 86400; ALTER TABLE `tevent_alert` ADD COLUMN `disable_event` tinyint(1) DEFAULT 0; +ALTER TABLE `tevent_alert` ADD COLUMN `last_evaluation` bigint(20) NOT NULL default 0; +ALTER TABLE `tevent_alert` ADD COLUMN `pool_occurrences` int unsigned not null default 0; -- ----------------------------------------------------- -- Table `tevent_alert_action` diff --git a/pandora_console/pandoradb.sql b/pandora_console/pandoradb.sql index 3b49b2b97e..ea4bd00d56 100644 --- a/pandora_console/pandoradb.sql +++ b/pandora_console/pandoradb.sql @@ -3012,6 +3012,8 @@ CREATE TABLE IF NOT EXISTS `tevent_alert` ( `group_by` enum ('','id_agente','id_agentmodule','id_alert_am','id_grupo') default '', `special_days` tinyint(1) default 0, `disable_event` tinyint(1) default 0, + `last_evaluation` bigint(20) NOT NULL default 0, + `pool_occurrences` int unsigned not null default 0, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; diff --git a/pandora_console/pandoradb_data.sql b/pandora_console/pandoradb_data.sql index 738eb1f5f6..7db6e226df 100644 --- a/pandora_console/pandoradb_data.sql +++ b/pandora_console/pandoradb_data.sql @@ -109,10 +109,10 @@ INSERT INTO `tconfig` (`token`, `value`) VALUES ('custom_report_front_logo', 'images/pandora_logo_white.jpg'), ('custom_report_front_header', ''), ('custom_report_front_footer', ''), -('MR', 48), +('MR', 49), ('identification_reminder', 1), ('identification_reminder_timestamp', 0), -('current_package', 756), +('current_package', 757), ('post_process_custom_values', '{"0.00000038580247":"Seconds to months","0.00000165343915":"Seconds to weeks","0.00001157407407":"Seconds to days","0.01666666666667":"Seconds to minutes","0.00000000093132":"Bytes to Gigabytes","0.00000095367432":"Bytes to Megabytes","0.00097656250000":"Bytes to Kilobytes","0.00000001653439":"Timeticks to weeks","0.00000011574074":"Timeticks to days"}'), ('custom_docs_logo', 'default_docs.png'), ('custom_support_logo', 'default_support.png'), diff --git a/pandora_server/conf/pandora_server.conf.new b/pandora_server/conf/pandora_server.conf.new index 6cc743999b..a3a930c5d6 100644 --- a/pandora_server/conf/pandora_server.conf.new +++ b/pandora_server/conf/pandora_server.conf.new @@ -478,6 +478,18 @@ export_threads 1 eventserver 0 +# Enable (1) or disable (0) Pandora FMS Correlation Server (PANDORA FMS ENTERPRISE ONLY). + +correlationserver 0 + +# Number of threads for Correlation Server (PANDORA FMS ENTERPRISE ONLY). + +correlation_threads 1 + +# Time in seconds to re-evaluate correlation alerts pool (PANDORA FMS ENTERPRISE ONLY). + +correlation_threshold 30 + # Correlated alerts, event window in seconds (3600 by default) (PANDORA FMS ENTERPRISE ONLY). event_window 3600 diff --git a/pandora_server/lib/PandoraFMS/Config.pm b/pandora_server/lib/PandoraFMS/Config.pm index a0b3566581..718b3e6b60 100644 --- a/pandora_server/lib/PandoraFMS/Config.pm +++ b/pandora_server/lib/PandoraFMS/Config.pm @@ -303,6 +303,7 @@ sub pandora_load_config { $pa_config->{"google_maps_description"} = 0; $pa_config->{'openstreetmaps_description'} = 0; $pa_config->{"eventserver"} = 1; # 4.0 + $pa_config->{"correlationserver"} = 1; # 757 $pa_config->{"event_window"} = 3600; # 4.0 $pa_config->{"log_window"} = 3600; # 7.741 $pa_config->{"elastic_query_size"} = 10; # 7.754 Elements per request (ELK) @@ -787,6 +788,9 @@ sub pandora_load_config { elsif ($parametro =~ m/^eventserver\s+([0-9]*)/i) { $pa_config->{'eventserver'}= clean_blank($1); } + elsif ($parametro =~ m/^correlationserver\s+([0-9]*)/i) { + $pa_config->{'correlationserver'}= clean_blank($1); + } elsif ($parametro =~ m/^icmpserver\s+([0-9]*)/i) { $pa_config->{'icmpserver'}= clean_blank($1); } diff --git a/pandora_server/lib/PandoraFMS/Tools.pm b/pandora_server/lib/PandoraFMS/Tools.pm index f499c39f38..7fcca66b85 100755 --- a/pandora_server/lib/PandoraFMS/Tools.pm +++ b/pandora_server/lib/PandoraFMS/Tools.pm @@ -67,6 +67,7 @@ our @EXPORT = qw( INVENTORYSERVER WEBSERVER EVENTSERVER + CORRELATIONSERVER ICMPSERVER SNMPSERVER SATELLITESERVER @@ -191,6 +192,7 @@ use constant SYSLOGSERVER => 18; use constant PROVISIONINGSERVER => 19; use constant MIGRATIONSERVER => 20; use constant ALERTSERVER => 21; +use constant CORRELATIONSERVER => 22; # Module status use constant MODULE_NORMAL => 0;