tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Discovery review advanced

This commit is contained in:
fbsanchez 2020-03-25 18:02:58 +01:00
parent e1d233453f
commit fecff8aa93
16 changed files with 525 additions and 1246 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pandora_console/extras/mr/37.sql
View File

@ -1,8 +1,10 @@
START TRANSACTION;
ALTER TABLE trecon_task MODIFY COLUMN `id_network_profile` TEXT;
ALTER TABLE `trecon_task` CHANGE COLUMN `create_incident` `direct_report` TINYINT(1) UNSIGNED DEFAULT 0;
UPDATE `trecon_task` SET `direct_report` = 1;
ALTER TABLE `trecon_task` CHANGE COLUMN `create_incident` `review_mode` TINYINT(1) UNSIGNED DEFAULT 0;
UPDATE `trecon_task` SET `review_mode` = 1;
ALTER TABLE trecon_task add column `auto_monitor` TINYINT(1) UNSIGNED DEFAULT 1 AFTER `auth_strings`;
UPDATE `trecon_task` SET `auto_monitor` = 0;
CREATE TABLE `tdiscovery_tmp_agents` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
@ -18,6 +20,7 @@ CREATE TABLE `tdiscovery_tmp_agents` (
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tdiscovery_tmp_connections` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`id_rt` int(10) unsigned NOT NULL,
`id1` int(10) unsigned NOT NULL AUTO_INCREMENT,
`id2` int(10) unsigned NOT NULL,

23
pandora_console/extras/pandoradb_migrate_6.0_to_7.0.mysql.sql
View File

@ -1671,10 +1671,10 @@ ALTER TABLE `trecon_task` ADD COLUMN `type` int(11) NOT NULL DEFAULT '0',
MODIFY COLUMN `autoconfiguration_enabled` tinyint(1) unsigned NULL DEFAULT '0',
MODIFY COLUMN `summary` text NULL,
MODIFY COLUMN `id_network_profile` text,
CHANGE COLUMN `create_incident` `direct_report` TINYINT(1) UNSIGNED DEFAULT 0;
CHANGE COLUMN `create_incident` `review_mode` TINYINT(1) UNSIGNED DEFAULT 0;
-- Old recon always report.
UPDATE `trecon_task` SET `direct_report` = 1;
UPDATE `trecon_task` SET `review_mode` = 1;
-- ----------------------------------------------------------------------
-- Table `tdiscovery_tmp`
@ -1693,18 +1693,13 @@ CREATE TABLE `tdiscovery_tmp_agents` (
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tdiscovery_tmp_connections` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`id_rt` int(10) unsigned NOT NULL,
`id1` int(10) unsigned NOT NULL AUTO_INCREMENT,
`id2` int(10) unsigned NOT NULL,
`if1` text,
`if2` text,
PRIMARY KEY (`id1`,`id2`),
CONSTRAINT `tdtc_trt` FOREIGN KEY (`id_rt`)
REFERENCES `trecon_task` (`id_rt`) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT `tdtc_tdta1` FOREIGN KEY (`id1`)
REFERENCES `tdiscovery_tmp_agents` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT `tdtc_tdta2` FOREIGN KEY (`id2`)
REFERENCES `tdiscovery_tmp_agents` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
`dev_1` text,
`dev_2` text,
`if_1` text,
`if_2` text,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- ---------------------------------------------------------------------
@ -2172,6 +2167,8 @@ ALTER TABLE `trecon_task` ADD COLUMN `snmp_auth_method` varchar(25) NOT NULL def
ALTER TABLE `trecon_task` ADD COLUMN `snmp_privacy_method` varchar(25) NOT NULL default '';
ALTER TABLE `trecon_task` ADD COLUMN `snmp_privacy_pass` varchar(255) NOT NULL default '';
ALTER TABLE `trecon_task` ADD COLUMN `snmp_security_level` varchar(25) NOT NULL default '';
ALTER TABLE trecon_task add column `auto_monitor` TINYINT(1) UNSIGNED DEFAULT 1 AFTER `auth_strings`;
UPDATE `trecon_task` SET `auto_monitor` = 0;
-- ---------------------------------------------------------------------
-- Table `tagent_custom_fields_filter`

80
pandora_console/godmode/wizards/DiscoveryTaskList.class.php
View File

@ -272,24 +272,24 @@ class DiscoveryTaskList extends HTML
if (isset($_GET['force'])) {
$id = (int) get_parameter_get('force', 0);
// Schedule execution.
$direct_report = db_get_value(
'direct_report',
$review_mode = db_get_value(
'review_mode',
'trecon_task',
'id_rt',
$id
);
if ($direct_report != DISCOVERY_STANDARD) {
if ($review_mode != DISCOVERY_STANDARD) {
// Force re-scan for supervised tasks.
$direct_report = DISCOVERY_SEARCH;
$review_mode = DISCOVERY_REVIEW;
}
db_process_sql_update(
'trecon_task',
[
'utimestamp' => 0,
'status' => 1,
'direct_report' => $direct_report,
'utimestamp' => 0,
'status' => 1,
'review_mode' => $review_mode,
],
['id_rt' => $id]
);
@ -523,7 +523,7 @@ class DiscoveryTaskList extends HTML
$data[4] = '-';
}
if ($task['direct_report'] == 1) {
if ($task['review_mode'] == DISCOVERY_STANDARD) {
if ($task['status'] <= 0
&& empty($task['summary']) === false
) {
@ -547,7 +547,11 @@ class DiscoveryTaskList extends HTML
) {
$data[5] = __('Not started');
} else {
$data[5] = __('Searching');
if ($task['review_mode'] == DISCOVERY_RESULTS) {
$data[5] = __('Processing');
} else {
$data[5] = __('Searching');
}
}
}
@ -622,14 +626,7 @@ class DiscoveryTaskList extends HTML
true,
['title' => __('Discovery NetScan')]
).'&nbsp;&nbsp;';
$str = network_profiles_get_name(
$task['id_network_profile']
);
if (!empty($str)) {
$data[6] .= $str;
} else {
$data[6] .= __('Discovery.NetScan');
}
$data[6] .= __('Discovery.NetScan');
} else {
// APP or external script recon task.
$data[6] = html_print_image(
@ -918,13 +915,16 @@ class DiscoveryTaskList extends HTML
);
$result .= '</div>';
if ($task['status'] > 0) {
switch ($task['stats']['step']) {
case STEP_SCANNING:
$str = __('Scanning network');
break;
case STEP_CAPABILITIES:
$str = __('Checking');
break;
case STEP_AFT:
$str = __('Finding AFT connectivity');
break;
@ -958,14 +958,14 @@ class DiscoveryTaskList extends HTML
break;
default:
$str = '';
$str = __('Processing...');
break;
}
$result .= '</div>';
$result .= '<div class="subtitle">';
$result .= '<span>'.$str.' ';
if (!empty($str)) {
if (empty($str) === false) {
$result .= $task['stats']['c_network_name'];
}
@ -986,6 +986,16 @@ class DiscoveryTaskList extends HTML
$result .= '</div></div>';
}
if ($task['review_mode'] == DISCOVERY_REVIEW) {
if ($task['status'] <= 0
&& empty($task['summary']) === false
) {
$result .= '<span class="link review" onclick="show_review('.$task['id_rt'].',\''.$task['name'].'\')">';
$result .= '&raquo;'.__('Review');
$result .= '</span>';
}
}
$result .= '</div></div>';
return $result;
@ -1039,15 +1049,17 @@ class DiscoveryTaskList extends HTML
$table->data[$i][1] .= $task['stats']['summary']['not_alive'];
$table->data[$i++][1] .= '</span>';
$table->data[$i][0] = '<b>'.__('Responding SNMP').'</b>';
$table->data[$i][1] = '<span id="SNMP">';
$table->data[$i][1] .= $task['stats']['summary']['SNMP'];
$table->data[$i++][1] .= '</span>';
if ($task['type'] == DISCOVERY_HOSTDEVICES) {
$table->data[$i][0] = '<b>'.__('Responding SNMP').'</b>';
$table->data[$i][1] = '<span id="SNMP">';
$table->data[$i][1] .= $task['stats']['summary']['SNMP'];
$table->data[$i++][1] .= '</span>';
$table->data[$i][0] = '<b>'.__('Responding WMI').'</b>';
$table->data[$i][1] = '<span id="WMI">';
$table->data[$i][1] .= $task['stats']['summary']['WMI'];
$table->data[$i++][1] .= '</span>';
$table->data[$i][0] = '<b>'.__('Responding WMI').'</b>';
$table->data[$i][1] = '<span id="WMI">';
$table->data[$i][1] .= $task['stats']['summary']['WMI'];
$table->data[$i++][1] .= '</span>';
}
$output = '<div class="subtitle"><span>'.__('Summary').'</span></div>';
$output .= html_print_table($table, true).'</div>';
@ -1156,6 +1168,10 @@ class DiscoveryTaskList extends HTML
continue;
}
if (is_array($data['agent']) === false) {
continue;
}
$id = $data['agent']['nombre'];
// Partial.
@ -1201,7 +1217,7 @@ class DiscoveryTaskList extends HTML
'checked' => $item['checked'],
];
$agentmodule_id = $agentmodule_id = modules_get_agentmodule_id(
$agentmodule_id = modules_get_agentmodule_id(
io_safe_input($item['name']),
$agent_id
);
@ -1342,9 +1358,9 @@ class DiscoveryTaskList extends HTML
db_process_sql_update(
'trecon_task',
[
'utimestamp' => 0,
'status' => 1,
'direct_report' => DISCOVERY_RESULTS,
'utimestamp' => 0,
'status' => 1,
'review_mode' => DISCOVERY_RESULTS,
],
['id_rt' => $id_task]
);

70
pandora_console/godmode/wizards/HostDevices.class.php
View File

@ -138,6 +138,8 @@ class HostDevices extends Wizard
// Load styles.
parent::run();
ui_require_css_file('hostdevices');
$mode = get_parameter('mode', null);
if ($mode === null) {
@ -421,6 +423,8 @@ class HostDevices extends Wizard
}
$id_network_profile = get_parameter('id_network_profile', []);
$review_results = get_parameter_switch('review_results');
$auto_monitor = get_parameter_switch('auto_monitor');
$autoconf_enabled = get_parameter_switch(
'autoconfiguration_enabled'
);
@ -457,6 +461,15 @@ class HostDevices extends Wizard
);
}
if ($review_results) {
if ($this->task['review_mode'] != DISCOVERY_RESULTS) {
$this->task['review_mode'] = DISCOVERY_REVIEW;
}
} else {
$this->task['review_mode'] = DISCOVERY_STANDARD;
}
$this->task['auto_monitor'] = $auto_monitor;
$this->task['snmp_enabled'] = $snmp_enabled;
$this->task['os_detect'] = $os_detect;
$this->task['parent_detection'] = $parent_detection;
@ -893,6 +906,22 @@ class HostDevices extends Wizard
).'</b></h3></p>',
];
$form['inputs'][] = [
'label' => __('Auto discover known hardware').ui_print_help_tip(
__(
'Targets will be monitorized based on its <i>Private Enterprise Number</i>. Requires SNMP.'
),
true
),
'arguments' => [
'name' => 'auto_monitor',
'type' => 'switch',
'return' => true,
'value' => (isset($this->task['auto_monitor'])) ? $this->task['auto_monitor'] : 1,
'onclick' => 'toggleTemplatesSelection();',
],
];
$form['inputs'][] = [
'label' => __('Module templates').ui_print_help_tip(
__(
@ -917,6 +946,21 @@ class HostDevices extends Wizard
],
];
$form['inputs'][] = [
'label' => __('Review results').ui_print_help_tip(
__(
'Targets must be validated by user before create agents.'
),
true
),
'arguments' => [
'name' => 'review_results',
'type' => 'switch',
'return' => true,
'value' => ($this->task['review_mode'] == DISCOVERY_STANDARD) ? 0 : 1,
],
];
if (enterprise_installed() === true) {
// Input: Enable auto configuration.
$form['inputs'][] = [
@ -948,6 +992,32 @@ class HostDevices extends Wizard
}
}
$form['js'] .= '
function toggleTemplatesSelection() {
if (document.getElementsByName("auto_monitor")[0].checked) {
document.getElementById("templates_selection").style["display"] = "none";
var snmp = document.getElementsByName("snmp_enabled");
if (snmp[0] != undefined) {
if(snmp[0].checked != 1) {
snmp[0].click();
}
} else {
// Not found.
document.getElementById("templates_selection").style["display"] = "block";
document.getElementsByName("auto_monitor")[0].checked = false;
}
} else {
document.getElementById("templates_selection").style["display"] = "block";
}
}
$(document).ready(function () {
toggleTemplatesSelection();
});
';
// Submit button.
$form['inputs'][] = [
'arguments' => [

2
pandora_console/include/config_process.php
View File

@ -209,7 +209,7 @@ if (!isset($config['inventory_changes_blacklist'])) {
if (!isset($config['url_update_manager'])) {
config_update_value(
'url_update_manager',
'https://licensing.artica.es/pandoraupdate7/server.php'
'https://taldarim.artica.lan/pandoraupdate7/server.php'
);
}

3
pandora_console/include/constants.php
View File

@ -524,6 +524,7 @@ define('ARROW_TYPE', 1);
// Discovery task steps.
define('STEP_SCANNING', 1);
define('STEP_CAPABILITIES', 7);
define('STEP_AFT', 2);
define('STEP_TRACEROUTE', 3);
define('STEP_GATEWAY', 4);
@ -600,7 +601,7 @@ define('DISCOVERY_APP_SAP', 10);
// Force task build tmp results.
define('DISCOVERY_SEARCH', 0);
define('DISCOVERY_REVIEW', 0);
define('DISCOVERY_STANDARD', 1);
define('DISCOVERY_RESULTS', 2);

4
pandora_console/include/functions_config.php
View File

@ -3087,10 +3087,10 @@ function get_um_url()
$url = $config['url_update_manager'];
$url = substr($url, 0, (strlen($url) - strpos(strrev($url), '/')));
} else {
$url = 'https://licensing.artica.es/pandoraupdate7/';
$url = 'https://taldarim.artica.lan/pandoraupdate7/';
config_update_value(
'url_update_manager',
'https://licensing.artica.es/pandoraupdate7/server.php'
'https://taldarim.artica.lan/pandoraupdate7/server.php'
);
}

4
pandora_console/include/styles/hostdevices.css
View File

@ -1,3 +1,7 @@
/*
* TODO: This may be at hostdevices.css
*/
#id_network_profile {
width: 300px;
}

6
pandora_console/include/styles/task_list.css
View File

@ -63,6 +63,12 @@ div.subtitle div.manage button {
text-align: left;
}
div.subtitle .link.review {
margin: 15px 0 -30px;
display: block;
font-weight: bold;
}
#msg ul li {
margin-left: 3em;
}

1127
pandora_console/install.php
View File

File diff suppressed because it is too large Load Diff

32
pandora_console/pandoradb.sql
View File

@ -771,7 +771,7 @@ CREATE TABLE IF NOT EXISTS `trecon_task` (
`description` varchar(250) NOT NULL default '',
`subnet` text NOT NULL,
`id_network_profile` text,
`direct_report` tinyint(1) unsigned NOT NULL default 0,
`review_mode` tinyint(1) unsigned NOT NULL default 0,
`id_group` int(10) unsigned NOT NULL default 1,
`utimestamp` bigint(20) unsigned NOT NULL default 0,
`status` tinyint(4) NOT NULL default 0,
@ -803,6 +803,7 @@ CREATE TABLE IF NOT EXISTS `trecon_task` (
`snmp_security_level` varchar(25) NOT NULL default '',
`wmi_enabled` tinyint(1) unsigned DEFAULT 0,
`auth_strings` text,
`auto_monitor` TINYINT(1) UNSIGNED DEFAULT 1,
`autoconfiguration_enabled` tinyint(1) unsigned default 0,
`summary` text,
`type` int NOT NULL default 0,
@ -827,18 +828,13 @@ CREATE TABLE `tdiscovery_tmp_agents` (
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `tdiscovery_tmp_connections` (
`id_rt` int(10) unsigned NOT NULL,
`id1` int(10) unsigned NOT NULL AUTO_INCREMENT,
`id2` int(10) unsigned NOT NULL,
`if1` text,
`if2` text,
PRIMARY KEY (`id1`,`id2`),
CONSTRAINT `tdtc_trt` FOREIGN KEY (`id_rt`)
REFERENCES `trecon_task` (`id_rt`) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT `tdtc_tdta1` FOREIGN KEY (`id1`)
REFERENCES `tdiscovery_tmp_agents` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT `tdtc_tdta2` FOREIGN KEY (`id2`)
REFERENCES `tdiscovery_tmp_agents` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`id_rt` int(10) unsigned NOT NULL,
`dev_1` text,
`dev_2` text,
`if_1` text,
`if_2` text,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- ----------------------------------------------------------------------
@ -945,6 +941,16 @@ CREATE TABLE IF NOT EXISTS `tnetwork_profile` (
PRIMARY KEY (`id_np`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- ----------------------------------------------------------------------
-- Table `tpen`
-- ----------------------------------------------------------------------
CREATE TABLE `tpen` (
`id_np` int(10) unsigned NOT NULL,
`pen` int(10) unsigned NOT NULL,
PRIMARY KEY (`id_np`,`pen`),
CONSTRAINT `fk_np_id` FOREIGN KEY (`id_np`) REFERENCES `tnetwork_profile` (`id_np`) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- ----------------------------------------------------------------------
-- Table `tnetwork_profile_component`
-- ----------------------------------------------------------------------

16
pandora_server/lib/PandoraFMS/Core.pm
View File

@ -3076,7 +3076,7 @@ sub pandora_create_module_from_network_component ($$$$) {
##########################################################################
sub pandora_create_module_from_hash ($$$) {
my ($pa_config, $parameters, $dbh) = @_;
logger($pa_config,
"Creating module '$parameters->{'nombre'}' for agent ID $parameters->{'id_agente'}.", 10);
@ -3107,8 +3107,12 @@ sub pandora_create_module_from_hash ($$$) {
}
# Encrypt SNMP v3 passwords.
if ($parameters->{'id_tipo_modulo'} >= 15 && $parameters->{'id_tipo_modulo'} <= 18 &&
$parameters->{'tcp_send'} eq '3') {
if (defined($parameters->{'tcp_send'})
&& $parameters->{'tcp_send'} eq '3'
&& defined($parameters->{'id_tipo_modulo'})
&& $parameters->{'id_tipo_modulo'} >= 15
&& $parameters->{'id_tipo_modulo'} <= 18
) {
$parameters->{'custom_string_2'} = pandora_input_password($pa_config, $parameters->{'custom_string_2'});
}
@ -3116,7 +3120,11 @@ sub pandora_create_module_from_hash ($$$) {
'tagente_modulo', $parameters);
my $status = 4;
if (defined ($parameters->{'id_tipo_modulo'}) && ($parameters->{'id_tipo_modulo'} == 21 || $parameters->{'id_tipo_modulo'} == 22 || $parameters->{'id_tipo_modulo'} == 23)) {
if (defined ($parameters->{'id_tipo_modulo'})
&& ($parameters->{'id_tipo_modulo'} == 21
|| $parameters->{'id_tipo_modulo'} == 22
|| $parameters->{'id_tipo_modulo'} == 23)
) {
$status = 0;
}

35
pandora_server/lib/PandoraFMS/DB.pm
View File

@ -81,6 +81,8 @@ our @EXPORT = qw(
get_module_id
get_module_name
get_nc_profile_name
get_pen_templates
get_nc_profile_advanced
get_os_id
get_os_name
get_plugin_id
@ -657,6 +659,39 @@ sub get_nc_profile_name ($$) {
return get_db_value ($dbh, "SELECT * FROM tnetwork_profile WHERE id_np = ?", $nc_id);
}
##########################################################################
## Return all network component's profile ids matching given PEN.
##########################################################################
sub get_pen_templates($$) {
my ($dbh, $pen) = @_;
my @results = get_db_rows(
$dbh,
'SELECT t.`id_np`
FROM `tnetwork_profile` t
INNER JOIN `tpen` p ON p.`id_np` = t.`id_np`
WHERE p.`pen` = ?',
$pen
);
return @results;
}
##########################################################################
## Return a network component's profile data and pen list, given its ID.
##########################################################################
sub get_nc_profile_advanced($$) {
my ($dbh, $id_nc) = @_;
return get_db_single_row(
$dbh,
'SELECT t.*,GROUP_CONCAT(p.pen) AS "pen"
FROM `tnetwork_profile` t LEFT JOIN `tpen` p ON t.id_np = p.id_np
WHERE t.`id_np` = ?
GROUP BY t.`id_np`',
$id_nc
);
}
##########################################################################
## Return user profile ID given the user id, group id and profile id.
##########################################################################

322
pandora_server/lib/PandoraFMS/DiscoveryServer.pm
View File

@ -74,7 +74,7 @@ use constant {
DISCOVERY_CLOUD_AZURE_COMPUTE => 8,
DISCOVERY_DEPLOY_AGENTS => 9,
DISCOVERY_APP_SAP => 10,
DISCOVERY_SEARCH => 0,
DISCOVERY_REVIEW => 0,
DISCOVERY_STANDARD => 1,
DISCOVERY_RESULTS => 2,
};
@ -469,7 +469,7 @@ sub PandoraFMS::Recon::Base::test_module($$) {
if ($test->{'id_tipo_modulo'} >= 15 && $test->{'id_tipo_modulo'} <= 18) {
# SNMP
$value = $self->call(
'snmp_get',
'snmp_get_value',
$test->{'ip_target'},
$test->{'snmp_oid'}
);
@ -565,32 +565,194 @@ sub PandoraFMS::Recon::Base::test_module($$) {
}
################################################################################
# Create interface modules for the given agent (if needed).
################################################################################
sub PandoraFMS::Recon::Base::create_interface_modules($$) {
my ($self, $device) = @_;
# Add interfaces to the agent if it responds to SNMP.
return unless ($self->is_snmp_discovered($device));
my $community = $self->get_community($device);
my @output = $self->snmp_get_value_array($device, $PandoraFMS::Recon::Base::IFINDEX);
foreach my $if_index (@output) {
next unless ($if_index =~ /^[0-9]+$/);
# Check the status of the interface.
my $if_status = $self->snmp_get_value($device, "$PandoraFMS::Recon::Base::IFOPERSTATUS.$if_index");
next unless $if_status == 1;
# Fill the module description with the IP and MAC addresses.
my $mac = $self->get_if_mac($device, $if_index);
my $ip = $self->get_if_ip($device, $if_index);
my $if_desc = ($mac ne '' ? "MAC $mac " : '') . ($ip ne '' ? "IP $ip" : '');
# Get the name of the network interface.
my $if_name = $self->snmp_get_value($device, "$PandoraFMS::Recon::Base::IFNAME.$if_index");
$if_name = "if$if_index" unless defined ($if_name);
$if_name =~ s/"//g;
$if_name = clean_blank($if_name);
# Interface status module.
$self->call(
'add_module',
$device,
{
'id_tipo_modulo' => 18,
'id_modulo' => 2,
'name' => $if_name."_ifOperStatus",
'descripcion' => safe_input(
$if_desc
),
'ip_target' => $device,
'tcp_send' => $self->{'task_data'}{'snmp_version'},
'custom_string_1' => $self->{'task_data'}{'snmp_privacy_method'},
'custom_string_2' => $self->{'task_data'}{'snmp_privacy_pass'},
'custom_string_3' => $self->{'task_data'}{'snmp_security_level'},
'plugin_parameter' => $self->{'task_data'}{'snmp_auth_method'},
'plugin_user' => $self->{'task_data'}{'snmp_auth_user'},
'plugin_pass' => $self->{'task_data'}{'snmp_auth_pass'},
'snmp_community' => $community,
'snmp_oid' => "$PandoraFMS::Recon::Base::IFOPERSTATUS.$if_index"
}
);
# Incoming traffic module.
my $if_hc_in_octets = $self->snmp_get_value($device, "$PandoraFMS::Recon::Base::IFHCINOCTECTS.$if_index");
if (defined($if_hc_in_octets)) {
# Use HC counters.
# ifHCInOctets
$self->call(
'add_module',
$device,
{
'id_tipo_modulo' => 16,
'id_modulo' => 2,
'name' => $if_name."_ifHCInOctets",
'descripcion' => safe_input(
'The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifInOctets.'
),
'ip_target' => $device,
'tcp_send' => $self->{'task_data'}{'snmp_version'},
'custom_string_1' => $self->{'task_data'}{'snmp_privacy_method'},
'custom_string_2' => $self->{'task_data'}{'snmp_privacy_pass'},
'custom_string_3' => $self->{'task_data'}{'snmp_security_level'},
'plugin_parameter' => $self->{'task_data'}{'snmp_auth_method'},
'plugin_user' => $self->{'task_data'}{'snmp_auth_user'},
'plugin_pass' => $self->{'task_data'}{'snmp_auth_pass'},
'snmp_community' => $community,
'snmp_oid' => "$PandoraFMS::Recon::Base::IFHCINOCTECTS.$if_index"
}
);
} else {
# Use 32b counters.
# ifInOctets
$self->call(
'add_module',
$device,
{
'id_tipo_modulo' => 16,
'id_modulo' => 2,
'name' => $if_name."_ifInOctets",
'descripcion' => safe_input(
'The total number of octets received on the interface, including framing characters.'
),
'ip_target' => $device,
'tcp_send' => $self->{'task_data'}{'snmp_version'},
'custom_string_1' => $self->{'task_data'}{'snmp_privacy_method'},
'custom_string_2' => $self->{'task_data'}{'snmp_privacy_pass'},
'custom_string_3' => $self->{'task_data'}{'snmp_security_level'},
'plugin_parameter' => $self->{'task_data'}{'snmp_auth_method'},
'plugin_user' => $self->{'task_data'}{'snmp_auth_user'},
'plugin_pass' => $self->{'task_data'}{'snmp_auth_pass'},
'snmp_community' => $community,
'snmp_oid' => "$PandoraFMS::Recon::Base::IFINOCTECTS.$if_index"
}
);
}
# Outgoing traffic module.
my $if_hc_out_octets = $self->snmp_get_value($device, "$PandoraFMS::Recon::Base::IFHCOUTOCTECTS.$if_index");
if (defined($if_hc_out_octets)) {
# Use HC counters.
# ifHCOutOctets
$self->call(
'add_module',
$device,
{
'id_tipo_modulo' => 16,
'id_modulo' => 2,
'name' => $if_name."_ifHCOutOctets",
'descripcion' => safe_input(
'The total number of octets received on the interface, including framing characters. This object is a 64-bit version of ifOutOctets.'
),
'ip_target' => $device,
'tcp_send' => $self->{'task_data'}{'snmp_version'},
'custom_string_1' => $self->{'task_data'}{'snmp_privacy_method'},
'custom_string_2' => $self->{'task_data'}{'snmp_privacy_pass'},
'custom_string_3' => $self->{'task_data'}{'snmp_security_level'},
'plugin_parameter' => $self->{'task_data'}{'snmp_auth_method'},
'plugin_user' => $self->{'task_data'}{'snmp_auth_user'},
'plugin_pass' => $self->{'task_data'}{'snmp_auth_pass'},
'snmp_community' => $community,
'snmp_oid' => "$PandoraFMS::Recon::Base::IFHCOUTOCTECTS.$if_index"
}
);
} else {
# Use 32b counters.
# ifOutOctets
$self->call(
'add_module',
$device,
{
'id_tipo_modulo' => 16,
'id_modulo' => 2,
'name' => $if_name."_ifOutOctets",
'descripcion' => safe_input(
'The total number of octets received on the interface, including framing characters.'
),
'ip_target' => $device,
'tcp_send' => $self->{'task_data'}{'snmp_version'},
'custom_string_1' => $self->{'task_data'}{'snmp_privacy_method'},
'custom_string_2' => $self->{'task_data'}{'snmp_privacy_pass'},
'custom_string_3' => $self->{'task_data'}{'snmp_security_level'},
'plugin_parameter' => $self->{'task_data'}{'snmp_auth_method'},
'plugin_user' => $self->{'task_data'}{'snmp_auth_user'},
'plugin_pass' => $self->{'task_data'}{'snmp_auth_pass'},
'snmp_community' => $community,
'snmp_oid' => "$PandoraFMS::Recon::Base::IFOUTOCTECTS.$if_index"
}
);
}
}
}
################################################################################
# Create network profile modules for the given agent.
################################################################################
sub PandoraFMS::Recon::Base::create_network_profile_modules($$) {
my ($self, $device) = @_;
#
# Plugin
# SNMP
# WMI
# ICMP
#
my @template_ids = ();
return if is_empty($self->{'id_network_profile'});
if (is_enabled($self->{'task_data'}{'auto_monitor'})) {
# Apply PEN monitoring template (HW).
push @template_ids, get_pen_templates($self->{'dbh'}, $self->get_pen($device));
} else {
# Return if no specific templates are selected.
return if is_empty($self->{'id_network_profile'});
}
my @templates = split /,/, $self->{'id_network_profile'};
push @template_ids, split /,/, $self->{'id_network_profile'}
unless is_empty($self->{'id_network_profile'});
my $data = $self->{'agents_found'}{$device};
foreach my $t_id (@templates) {
foreach my $t_id (@template_ids) {
# 1. Retrieve template info.
my $template = get_db_single_row(
$self->{'dbh'},
'SELECT * FROM `tnetwork_profile` WHERE `id_np` = ?',
$t_id
);
my $template = get_nc_profile_advanced($self->{'dbh'}, $t_id);
# 2. Verify Private Enterprise Number matches (PEN)
if (defined($template->{'pen'})) {
@ -599,7 +761,7 @@ sub PandoraFMS::Recon::Base::create_network_profile_modules($$) {
next unless (is_in_array(\@penes, $data->{'pen'}));
}
# 2. retrieve module list from target template.
# 3. Retrieve module list from target template.
my @np_components = get_db_rows(
$self->{'dbh'},
'SELECT * FROM tnetwork_profile_component WHERE id_np = ?',
@ -607,7 +769,7 @@ sub PandoraFMS::Recon::Base::create_network_profile_modules($$) {
);
foreach my $np_component (@np_components) {
# 2. Test each possible module.
# 4. Register each module (candidate). 'add_module' will test them.
my $component = get_db_single_row(
$self->{'dbh'},
'SELECT * FROM tnetwork_component WHERE id_nc = ?',
@ -643,8 +805,8 @@ sub PandoraFMS::Recon::Base::report_scanned_agents($) {
my $force_creation = 0;
if (defined($self->{'task_data'}{'direct_report'})
&& $self->{'task_data'}{'direct_report'} == DISCOVERY_STANDARD
if (defined($self->{'task_data'}{'review_mode'})
&& $self->{'task_data'}{'review_mode'} == DISCOVERY_STANDARD
) {
$force_creation = 1;
}
@ -652,8 +814,8 @@ sub PandoraFMS::Recon::Base::report_scanned_agents($) {
#
# Creation
#
if(defined($self->{'task_data'}{'direct_report'})
&& $self->{'task_data'}{'direct_report'} == DISCOVERY_RESULTS
if(defined($self->{'task_data'}{'review_mode'})
&& $self->{'task_data'}{'review_mode'} == DISCOVERY_RESULTS
) {
# Load cache.
my @rows = get_db_rows(
@ -754,6 +916,7 @@ sub PandoraFMS::Recon::Base::report_scanned_agents($) {
$data->{'agent'}{'agent_id'} = $agent_id;
}
$data->{'agent'}{'modo'} = $agent_learning;
$self->call('message', "Agent id: ".$data->{'agent'}{'agent_id'}, 5);
# Create selected modules.
@ -817,18 +980,24 @@ sub PandoraFMS::Recon::Base::report_scanned_agents($) {
$module->{'__module_component'} = 1;
} else {
# Create module - Direct.
my $name = $module->{'name'};
delete $module->{'name'};
$agentmodule_id = pandora_create_module_from_hash(
$self->{'pa_config'},
{
%{$module},
'id_tipo_modulo' => $id_tipo_modulo,
'id_modulo' => $module->{'id_modulo'},
'nombre' => safe_input($module->{'name'}),
'nombre' => safe_input($name),
'descripcion' => safe_input($description),
'id_agente' => $agent_id,
'ip_target' => $data->{'agent'}{'direccion'}
},
$self->{'dbh'}
);
$module->{'name'} = $name;
}
# Restore.
@ -854,6 +1023,8 @@ sub PandoraFMS::Recon::Base::report_scanned_agents($) {
);
};
push @agents, $data->{'agent'};
# Update.
db_do(
$self->{'dbh'},
@ -868,6 +1039,49 @@ sub PandoraFMS::Recon::Base::report_scanned_agents($) {
}
# Update parent relationships.
foreach my $agent (@agents) {
# Avoid processing if does not exist.
next unless (defined($agent->{'agent_id'}));
# Avoid processing undefined parents.
next unless defined($agent->{'parent'});
# Get parent id.
my $parent = get_agent_from_addr($self->{'dbh'}, $agent->{'parent'});
if (!defined($parent)) {
$parent = get_agent_from_name($self->{'dbh'}, $agent->{'parent'});
}
next unless defined($parent);
# Is the agent in learning mode?
next unless ($agent->{'modo'} == 1);
# Connect the host to its parent.
db_do($self->{'dbh'},
'UPDATE tagente SET id_parent=? WHERE id_agente=?',
$parent->{'id_agente'}, $agent->{'agent_id'}
);
}
# Connect agents.
my @connections = get_db_rows(
$self->{'dbh'},
'SELECT * FROM tdiscovery_tmp_connections WHERE id_rt = ?',
$self->{'task_data'}{'id_rt'}
);
foreach my $cn (@connections) {
$self->call('connect_agents',
$cn->{'dev_1'},
$cn->{'if_1'},
$cn->{'dev_2'},
$cn->{'if_2'},
# Force creation if direct.
$force_creation
);
}
# Data creation finished.
return;
}
@ -876,6 +1090,7 @@ sub PandoraFMS::Recon::Base::report_scanned_agents($) {
#
# Cleanup previous results.
#
$self->call('message', "Cleanup previous results", 6);
db_do(
$self->{'dbh'},
'DELETE FROM tdiscovery_tmp_agents '
@ -887,6 +1102,7 @@ sub PandoraFMS::Recon::Base::report_scanned_agents($) {
# Store and review.
#
$self->call('message', "Storing results", 6);
my @hosts = keys %{$self->{'agents_found'}};
$self->{'step'} = STEP_PROCESSING;
my ($progress, $step) = (90, 10.0 / scalar(@hosts)); # From 90% to 100%.
@ -935,6 +1151,8 @@ sub PandoraFMS::Recon::Base::report_scanned_agents($) {
$encoded
);
}
$self->call('message', "Completed", 5);
}
################################################################################
@ -948,22 +1166,54 @@ sub PandoraFMS::Recon::Base::apply_monitoring($) {
$self->{'step'} = STEP_MONITORING;
# From 80% to 90%.
my ($progress, $step) = (80, 10.0 / scalar(@hosts));
my ($partial, $sub_step) = (0, 100 / scalar(@hosts));
foreach my $label (keys %{$self->{'agents_found'}}) {
$self->{'c_network_percent'} = $partial;
$self->{'c_network_name'} = $label;
$self->call('update_progress', $progress);
$progress += $step;
$partial += $sub_step;
$self->call('message', "Checking modules for $label", 5);
# Monitorization selected.
$self->call('create_network_profile_modules', $label);
# Monitorization - interfaces
$self->call('create_interface_modules', $label);
}
$self->{'c_network_percent'} = 100;
$self->call('update_progress', $progress);
}
################################################################################
# Connect the given devices in the Pandora FMS database.
################################################################################
sub PandoraFMS::Recon::Base::connect_agents($$$$$) {
my ($self, $dev_1, $if_1, $dev_2, $if_2) = @_;
sub PandoraFMS::Recon::Base::connect_agents($$$$$;$) {
my ($self, $dev_1, $if_1, $dev_2, $if_2, $force) = @_;
if($self->{'task_data'}{'review_mode'} == DISCOVERY_REVIEW
|| is_enabled($force)
) {
# Store in tdiscovery_tmp_connections;
db_process_insert(
$self->{'dbh'},
'id',
'tdiscovery_tmp_connections',
{
'id_rt' => $self->{'task_data'}{'id_rt'},
'dev_1' => $dev_1,
'if_1' => $if_1,
'dev_2' => $dev_2,
'if_2' => $if_2,
}
);
return;
}
# Get the agent for the first device.
my $agent_1 = get_agent_from_addr($self->{'dbh'}, $dev_1);
@ -1209,7 +1459,7 @@ sub PandoraFMS::Recon::Base::create_agent($$) {
next unless ($if_index =~ /^[0-9]+$/);
# Check the status of the interface.
if ($self->{'all_ifaces'} == 0) {
if (!is_enabled($self->{'all_ifaces'})) {
my $if_status = $self->snmp_get_value($device, "$PandoraFMS::Recon::Base::IFOPERSTATUS.$if_index");
next unless $if_status == 1;
}
@ -1447,25 +1697,11 @@ sub PandoraFMS::Recon::Base::set_parent($$$) {
return unless ($self->{'parent_detection'} == 1);
# Get the agent for the host.
my $agent = get_agent_from_addr($self->{'dbh'}, $host);
if (!defined($agent)) {
$agent = get_agent_from_name($self->{'dbh'}, $host);
}
return unless defined($agent);
# Do not edit 'not scaned' agents.
return if is_empty($self->{'agents_found'}{$host}{'agent'});
# Check if the parent agent exists.
my $agent_parent = get_agent_from_addr($self->{'dbh'}, $parent);
if (!defined($agent_parent)) {
$agent_parent = get_agent_from_name($self->{'dbh'}, $parent);
}
return unless (defined ($agent_parent));
$self->{'agents_found'}{$host}{'parent'} = $parent;
# Is the agent in learning mode?
return unless ($agent_parent->{'modo'} == 1);
# Connect the host to its parent.
db_do($self->{'dbh'}, 'UPDATE tagente SET id_parent=? WHERE id_agente=?', $agent_parent->{'id_agente'}, $agent->{'id_agente'});
}
################################################################################

3
pandora_server/lib/PandoraFMS/NetworkServer.pm
View File

@ -384,6 +384,7 @@ sub pandora_query_snmp ($$$$) {
my $output; # Command output
# If not defined, always snmp v1 (standard)
$snmp_version = '1' unless defined($snmp_version);
if ($snmp_version ne '1' && $snmp_version ne '2'
&& $snmp_version ne '2c' && $snmp_version ne '3') {
$snmp_version = '1';
@ -591,7 +592,7 @@ sub exec_network_module ($$$$) {
my %data = ("data" => $module_data);
pandora_process_module ($pa_config, \%data, '', $module, '', $timestamp, $utimestamp, $server_id, $dbh);
if ($agent_os_version eq ''){
if (!defined($agent_os_version) || $agent_os_version eq ''){
$agent_os_version = $pa_config->{'servername'}.'_Net';
}

37
pandora_server/lib/PandoraFMS/Recon/Base.pm
View File

@ -19,6 +19,7 @@ use PandoraFMS::Recon::Util;
# Constants.
use constant {
STEP_SCANNING => 1,
STEP_CAPABILITIES => 7,
STEP_AFT => 2,
STEP_TRACEROUTE => 3,
STEP_GATEWAY => 4,
@ -38,7 +39,7 @@ use constant {
DISCOVERY_CLOUD_AZURE_COMPUTE => 8,
DISCOVERY_DEPLOY_AGENTS => 9,
DISCOVERY_APP_SAP => 10,
DISCOVERY_SEARCH => 0,
DISCOVERY_REVIEW => 0,
DISCOVERY_STANDARD => 1,
DISCOVERY_RESULTS => 2,
};
@ -351,7 +352,7 @@ sub aft_connectivity($$) {
# Get the name of the host interface if available.
my $host_if_name = $self->get_iface($aft_mac);
$host_if_name = defined($host_if_name) ? $host_if_name : 'ping';
$host_if_name = defined($host_if_name) ? $host_if_name : 'Host Alive';
# Get the interface associated to the port were we found the MAC address.
my $switch_if_name = $self->get_if_from_aft($switch, $aft_mac);
@ -459,6 +460,9 @@ sub snmp_discovery($$) {
}
}
# Create an agent for the device and add it to the list of known hosts.
push(@{$self->{'hosts'}}, $device);
# Create an agent for the device and add it to the list of known hosts.
$self->add_agent($device);
@ -651,6 +655,17 @@ sub get_connections($) {
return $self->{'connections'};
}
################################################################################
# Return the PEN associated to target host.
################################################################################
sub get_pen($$) {
my ($self, $host) = @_;
return undef unless ref($self->{'pen'}) eq 'HASH';
return $self->{'pen'}->{$host};
}
################################################################################
# Return the parent relationship hash.
################################################################################
@ -1341,7 +1356,8 @@ sub add_module($$$) {
&& $data->{'name'} ne '';
# Test module. Is it success?
return unless $self->call('test_module', $agent, $data);
my $rs = $self->call('test_module', $agent, $data);
return unless is_enabled($rs);
$self->{'agents_found'}->{$agent}->{'modules'}{$data->{'name'}} = $data;
@ -1418,7 +1434,6 @@ sub scan_subnet($) {
my @block = pandora_block_ping(
{
'fping' => $self->{'fping'},
# XXX CAMBIAR POR 0.5
'networktimeout' => 0.5 # use fping defaults
},
@hosts[$block_index .. $to - 1]
@ -1452,9 +1467,12 @@ sub scan_subnet($) {
$total_hosts = scalar keys %hosts_alive;
$step = 25.0 / scalar(@subnets) / $total_hosts;
$subnet_step = 50.0 / $total_hosts;
$self->{'step'} = STEP_CAPABILITIES;
foreach my $addr (keys %hosts_alive) {
# Increase self summary.alive hosts.
$self->call('message', "Scanning host: $addr", 5);
$self->{'c_network_name'} = $addr;
# Update progress.
$progress += $step;
@ -1820,10 +1838,11 @@ sub scan($) {
}
}
if(defined($self->{'task_data'}{'direct_report'})
&& $self->{'task_data'}{'direct_report'} == DISCOVERY_RESULTS
if(defined($self->{'task_data'}{'review_mode'})
&& $self->{'task_data'}{'review_mode'} == DISCOVERY_RESULTS
) {
# Use Cached results.
$self->{'step'} = STEP_PROCESSING;
$self->call('report_scanned_agents');
# Done!
@ -1834,6 +1853,7 @@ sub scan($) {
# Find devices.
$self->call('message', "[1/6] Scanning the network...", 3);
$self->{'c_network_name'} = '';
$self->{'step'} = STEP_SCANNING;
$self->call('update_progress', $progress);
@ -1850,6 +1870,7 @@ sub scan($) {
# Connectivity from address forwarding tables.
$self->call('message', "[2/6] Finding address forwarding table connectivity...", 3);
$self->{'c_network_name'} = '';
$self->{'step'} = STEP_AFT;
($progress, $step) = (50, 10.0 / scalar(@hosts)); # From 50% to 60%.
for (my $i = 0; defined($hosts[$i]); $i++) {
@ -1860,6 +1881,7 @@ sub scan($) {
# Connect hosts that are still unconnected using traceroute.
$self->call('message', "[3/6] Finding traceroute connectivity.", 3);
$self->{'c_network_name'} = '';
$self->{'step'} = STEP_TRACEROUTE;
($progress, $step) = (60, 10.0 / scalar(@hosts)); # From 60% to 70%.
foreach my $host (@hosts) {
@ -1871,6 +1893,7 @@ sub scan($) {
# Connect hosts that are still unconnected using known gateways.
$self->call('message', "[4/6] Finding host to gateway connectivity.", 3);
$self->{'c_network_name'} = '';
$self->{'step'} = STEP_GATEWAY;
($progress, $step) = (70, 10.0 / scalar(@hosts)); # From 70% to 80%.
$self->get_routes(); # Update the route cache.
@ -1941,7 +1964,7 @@ sub snmp_pen($$) {
$self->{'pen'} = {} if ref($self->{'pen'}) ne 'HASH';
$self->{'pen'}{$addr} = $self->snmp_get($addr, $PEN_OID);
$self->{'pen'}{$addr} = $self->snmp_get_value($addr, $PEN_OID);
if(defined($self->{'pen'}{$addr})) {
($self->{'pen'}{$addr}) = $self->{'pen'}{$addr} =~ /\.\d+\.\d+\.\d+\.\d+\.\d+\.\d+\.(\d+?)\./