2008-04-16 Ramon Novoa <rnovoa@artica.es>
* lib/PandoraFMS/DB.pm: Rewrote the alert engine. Small fixes. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@807 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
parent
6f89778e2b
commit
fff2f95e2d
|
@ -1,3 +1,7 @@
|
||||||
|
2008-04-16 Ramon Novoa <rnovoa@artica.es>
|
||||||
|
|
||||||
|
* lib/PandoraFMS/DB.pm: Rewrote the alert engine. Small fixes.
|
||||||
|
|
||||||
2008-04-09 Sancho Lerena <slerena@gmail.com>
|
2008-04-09 Sancho Lerena <slerena@gmail.com>
|
||||||
|
|
||||||
* AUTHORS, README: Updated.
|
* AUTHORS, README: Updated.
|
||||||
|
|
|
@ -57,9 +57,11 @@ our @EXPORT = qw(
|
||||||
pandora_lastagentcontact
|
pandora_lastagentcontact
|
||||||
pandora_writedata
|
pandora_writedata
|
||||||
pandora_writestate
|
pandora_writestate
|
||||||
pandora_calcula_alerta
|
pandora_evaluate_alert
|
||||||
pandora_evaluate_compound_alert
|
pandora_evaluate_compound_alert
|
||||||
pandora_evaluate_compound_alerts
|
pandora_generate_alerts
|
||||||
|
pandora_generate_compound_alerts
|
||||||
|
pandora_process_alert
|
||||||
module_generic_proc
|
module_generic_proc
|
||||||
module_generic_data
|
module_generic_data
|
||||||
module_generic_data_inc
|
module_generic_data_inc
|
||||||
|
@ -77,231 +79,247 @@ our @EXPORT = qw(
|
||||||
# 'Dame' in spanish means 'give'
|
# 'Dame' in spanish means 'give'
|
||||||
|
|
||||||
##########################################################################
|
##########################################################################
|
||||||
## SUB pandora_calcula_alerta
|
## SUB pandora_generate_alerts
|
||||||
## (paconfig, timestamp,nombre_agente,tipo_modulo,nombre_modulo,datos,dbh)
|
## (paconfig, timestamp, agent_name, $id_agent, id_agent_module,
|
||||||
## Given a datamodule, generate alert if needed
|
## id_module_type, id_group, module_data, module_type, dbh)
|
||||||
|
## Generate alerts for a given module.
|
||||||
##########################################################################
|
##########################################################################
|
||||||
|
|
||||||
sub pandora_calcula_alerta (%$$$$$$) {
|
sub pandora_generate_alerts (%$$$$$$$$) {
|
||||||
my $pa_config = $_[0];
|
my $pa_config = $_[0];
|
||||||
my $timestamp = $_[1];
|
my $timestamp = $_[1];
|
||||||
my $nombre_agente = $_[2];
|
my $agent_name = $_[2];
|
||||||
my $tipo_modulo = $_[3];
|
my $id_agent = $_[3];
|
||||||
my $nombre_modulo = $_[4];
|
my $id_agent_module = $_[4];
|
||||||
my $datos = $_[5];
|
my $id_module_type = $_[5];
|
||||||
my $dbh = $_[6];
|
my $id_group = $_[6];
|
||||||
|
my $module_data = $_[7];
|
||||||
|
my $dbh = $_[8];
|
||||||
|
|
||||||
my $id_modulo;
|
# Do not generate alerts for disabled groups
|
||||||
my $id_agente;
|
|
||||||
my $id_agente_modulo;
|
|
||||||
my $alert_name;
|
|
||||||
my $max;
|
|
||||||
my $min; # for calculate max & min to generate ALERTS
|
|
||||||
my $alert_text="";
|
|
||||||
|
|
||||||
# Get IDs from data packet
|
|
||||||
$id_agente = dame_agente_id($pa_config, $nombre_agente, $dbh);
|
|
||||||
my $id_group = dame_grupo_agente ($pa_config, $id_agente, $dbh);
|
|
||||||
|
|
||||||
# If this group is disabled (not in production, alert will not be checked)
|
|
||||||
if (give_group_disabled ($pa_config, $id_group, $dbh) == 1) {
|
if (give_group_disabled ($pa_config, $id_group, $dbh) == 1) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$id_modulo = dame_modulo_id($pa_config, $tipo_modulo, $dbh);
|
|
||||||
$id_agente_modulo = dame_agente_modulo_id ($pa_config, $id_agente, $id_modulo, $nombre_modulo, $dbh);
|
|
||||||
logger($pa_config, "DEBUG: calcula_alerta() Calculado id_agente_modulo a $id_agente_modulo", 6);
|
|
||||||
|
|
||||||
# If any alert from this combinatio of agent/module
|
# Get enabled alerts associated with this module
|
||||||
my $query_idag1 = "SELECT * FROM talerta_agente_modulo WHERE id_agente_modulo = '$id_agente_modulo' AND disable = 0";
|
my $query_alert = "SELECT * FROM talerta_agente_modulo WHERE
|
||||||
my $s_idag = $dbh->prepare($query_idag1);
|
id_agente_modulo = '$id_agent_module' AND disable = 0";
|
||||||
$s_idag ->execute;
|
my $handle_alert = $dbh->prepare($query_alert);
|
||||||
my @data;
|
|
||||||
# If exists a defined alert for this module then continue
|
|
||||||
if ($s_idag->rows != 0) {
|
|
||||||
while (@data = $s_idag->fetchrow_array()) {
|
|
||||||
my $id_aam = $data[0];
|
|
||||||
my $id_alerta = $data[2];
|
|
||||||
$id_agente_modulo = $data[1];
|
|
||||||
$id_agente = dame_agente_id ($pa_config, dame_nombreagente_agentemodulo ($pa_config, $id_agente_modulo, $dbh), $dbh);
|
|
||||||
my $id_grupo = dame_grupo_agente ($pa_config, $id_agente, $dbh);
|
|
||||||
my $campo1 = $data[3];
|
|
||||||
my $campo2 = $data[4];
|
|
||||||
my $campo3 = $data[5];
|
|
||||||
my $descripcion = $data[6];
|
|
||||||
my $dis_max = $data[7];
|
|
||||||
my $dis_min = $data[8];
|
|
||||||
my $threshold = $data[9];
|
|
||||||
my $last_fired = $data[10];
|
|
||||||
my $max_alerts = $data[11];
|
|
||||||
my $times_fired = $data[12];
|
|
||||||
my $min_alerts = $data[14];
|
|
||||||
my $internal_counter = $data[15];
|
|
||||||
my $alert_text = $data[16];
|
|
||||||
my $alert_disable = $data[17];
|
|
||||||
my $alert_timefrom = $data[18];
|
|
||||||
my $alert_timeto = $data[19];
|
|
||||||
my $ahora_hour = &UnixDate("today","%H");
|
|
||||||
my $ahora_min = &UnixDate("today","%M");
|
|
||||||
my $ahora_time = $ahora_hour.":".$ahora_min;
|
|
||||||
|
|
||||||
# time check !
|
$handle_alert->execute;
|
||||||
if ((($ahora_time le $alert_timeto) && ($ahora_time ge $alert_timefrom)) || ($alert_timefrom eq $alert_timeto)){
|
if ($handle_alert->rows == 0) {
|
||||||
my $comando ="";
|
return;
|
||||||
logger($pa_config, "Found an alert defined for $nombre_modulo, its ID $id_alerta",4);
|
|
||||||
# Here we process alert if conditions are ok
|
|
||||||
# Get data for defined alert given as $id_alerta
|
|
||||||
my $query_idag2 = "select * from talerta where id_alerta = '$id_alerta'";
|
|
||||||
my $s2_idag = $dbh->prepare($query_idag2);
|
|
||||||
$s2_idag ->execute;
|
|
||||||
my @data2;
|
|
||||||
if ($s2_idag->rows != 0) {
|
|
||||||
while (@data2 = $s2_idag->fetchrow_array()) {
|
|
||||||
$comando = $data2[2];
|
|
||||||
$alert_name = $data2[1];
|
|
||||||
}
|
}
|
||||||
}
|
|
||||||
$s2_idag->finish();
|
|
||||||
# Get MAX and MIN value for this Alert. Only generate alerts if value is ABOVE MIN and BELOW MAX.
|
|
||||||
my @data_max;
|
|
||||||
my $query_idag_max = "select * from tagente_modulo where id_agente_modulo = ".$id_agente_modulo;
|
|
||||||
my $s_idag_max = $dbh->prepare($query_idag_max);
|
|
||||||
$s_idag_max ->execute;
|
|
||||||
if ($s_idag_max->rows == 0) {
|
|
||||||
logger($pa_config, "ERROR Cannot find agenteModulo $id_agente_modulo",3);
|
|
||||||
logger($pa_config, "ERROR: SQL Query is $query_idag_max ",10);
|
|
||||||
} else {
|
|
||||||
@data = $s_idag_max->fetchrow_array();
|
|
||||||
}
|
|
||||||
$max = $data_max[5];
|
|
||||||
$min = $data_max[6];
|
|
||||||
$s_idag_max->finish();
|
|
||||||
# Init values for alerts
|
|
||||||
my $alert_prefired = 0;
|
|
||||||
my $alert_fired = 0;
|
|
||||||
my $update_counter =0;
|
|
||||||
my $should_check_alert = 0;
|
|
||||||
my $id_tipo_modulo = dame_id_tipo_modulo ($pa_config, $id_agente_modulo, $dbh);
|
|
||||||
if (($id_tipo_modulo == 3) || ($id_tipo_modulo == 10) || ($id_tipo_modulo == 17)){
|
|
||||||
if ( $datos =~ m/$alert_text/i ){
|
|
||||||
$should_check_alert = 1;
|
|
||||||
}
|
|
||||||
} elsif (($datos > $dis_max) || ($datos < $dis_min)) {
|
|
||||||
$should_check_alert = 1;
|
|
||||||
}
|
|
||||||
if ($should_check_alert == 1){
|
|
||||||
# Check timegap
|
|
||||||
my $fecha_ultima_alerta = ParseDate($last_fired);
|
|
||||||
my $fecha_actual = ParseDate( $timestamp );
|
|
||||||
my $ahora_mysql = &UnixDate("today","%Y-%m-%d %H:%M:%S"); # If we need to update MYSQL ast_fired will use $ahora_mysql
|
|
||||||
my $time_threshold = $threshold;
|
|
||||||
my $err; my $flag;
|
|
||||||
my $fecha_limite = DateCalc ($fecha_ultima_alerta, "+ $time_threshold seconds", \$err);
|
|
||||||
$flag = Date_Cmp ($fecha_actual, $fecha_limite);
|
|
||||||
# Check timer threshold for this alert
|
|
||||||
if ( $flag >= 0 ) { # Out limits !, reset $times_fired, but do not write to
|
|
||||||
# database until a real alarm was fired
|
|
||||||
if ($times_fired > 0){
|
|
||||||
$times_fired = 0;
|
|
||||||
$internal_counter=0;
|
|
||||||
}
|
|
||||||
logger ($pa_config, "Alarm out of timethreshold limits, resetting counters", 10);
|
|
||||||
}
|
|
||||||
# We are between limits marked by time_threshold or running a new time-alarm-interval
|
|
||||||
# Caution: MIN Limit is related to triggered (in time-threshold limit) alerts
|
|
||||||
# but MAX limit is related to executed alerts, not only triggered. Because an alarm to be
|
|
||||||
# executed could be triggered X (min value) times to be executed.
|
|
||||||
if (($internal_counter >= $min_alerts) && ($times_fired < $max_alerts)){
|
|
||||||
# The new alert is between last valid time + threshold and between max/min limit to alerts in this gap of time.
|
|
||||||
$times_fired++;
|
|
||||||
if ($internal_counter == 0){
|
|
||||||
$internal_counter++;
|
|
||||||
}
|
|
||||||
$dbh->do("UPDATE talerta_agente_modulo SET times_fired = $times_fired, last_fired = '$ahora_mysql', internal_counter = $internal_counter WHERE id_aam = $id_aam");
|
|
||||||
my $nombre_agente = dame_nombreagente_agentemodulo ($pa_config, $id_agente_modulo, $dbh);
|
|
||||||
# --------------------------------------
|
|
||||||
# Now call to execute_alert to real exec
|
|
||||||
execute_alert ($pa_config, $id_alerta, $campo1, $campo2, $campo3,
|
|
||||||
$nombre_agente, $timestamp, $datos, $comando, $alert_name, $descripcion, 1, $dbh);
|
|
||||||
# --------------------------------------
|
|
||||||
|
|
||||||
# Evaluate compound alerts, since an alert has changed its status.
|
while (my $alert_data = $handle_alert->fetchrow_hashref()) {
|
||||||
pandora_evaluate_compound_alerts ($pa_config, $timestamp, $id_aam, $nombre_agente, 0, $dbh);
|
|
||||||
} else {
|
|
||||||
# Alert is in valid timegap but has too many alerts
|
|
||||||
# or too many little
|
|
||||||
if ($internal_counter < $min_alerts){
|
|
||||||
$internal_counter++;
|
|
||||||
# Now update new value for times_fired & last_fired
|
|
||||||
# if we are below minlimit for triggering this alert
|
|
||||||
}
|
|
||||||
$dbh->do("UPDATE talerta_agente_modulo SET internal_counter = $internal_counter WHERE id_aam = $id_aam");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else { # This block is executed because actual data is OUTSIDE
|
|
||||||
# limits that trigger alert (so, it is valid data)
|
|
||||||
# Check timegap
|
|
||||||
my $fecha_ultima_alerta = ParseDate($last_fired);
|
|
||||||
my $fecha_actual = ParseDate( $timestamp );
|
|
||||||
my $ahora_mysql = &UnixDate("today","%Y-%m-%d %H:%M:%S");
|
|
||||||
# If we need to update MYSQL ast_fired will use $ahora_mysql
|
|
||||||
my $time_threshold = $threshold;
|
|
||||||
my $err; my $flag;
|
|
||||||
my $fecha_limite = DateCalc($fecha_ultima_alerta,"+ $time_threshold seconds",\$err);
|
|
||||||
$flag = Date_Cmp ($fecha_actual, $fecha_limite);
|
|
||||||
# Check timer threshold for this alert
|
|
||||||
if ( $flag >= 0 ) {
|
|
||||||
# This is late, we need to reset alert NOW
|
|
||||||
# Create event for alert ceased only if has been fired.
|
|
||||||
# If not, simply restore counters to 0
|
|
||||||
if ($times_fired > 0){
|
|
||||||
my $evt_descripcion = "Alert ceased - Expired ($descripcion)";
|
|
||||||
pandora_event ($pa_config, $evt_descripcion, $id_grupo, $id_agente, $dbh);
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
# We're running on timegap, so check if we're above
|
|
||||||
# limit or below. If we don't have any alert fired,
|
|
||||||
# skip other checks
|
|
||||||
if ($times_fired > 0){
|
|
||||||
my $evt_descripcion = "Alert ceased - Recovered ($descripcion)";
|
|
||||||
pandora_event ($pa_config, $evt_descripcion, $id_grupo, $id_agente, $dbh);
|
|
||||||
# Specific patch for F. Corona
|
|
||||||
# This enable alert recovery notification by using the same alert definition but
|
|
||||||
# inserting WORD "RECOVERED" in second and third field of
|
|
||||||
# alert. To activate setup your .conf with new token
|
|
||||||
# "alert_recovery" and set to 1 (disabled by default)
|
|
||||||
if ($pa_config->{"alert_recovery"} eq "1"){
|
|
||||||
execute_alert ($pa_config, $id_alerta, $campo1,
|
|
||||||
"[RECOVERED ] - ".$campo2, "[ALERT CEASED - RECOVERED] - ".$campo3, $nombre_agente, $timestamp, $datos, $comando,
|
|
||||||
$alert_name, $descripcion, 0, $dbh);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (($times_fired > 0) || ($internal_counter > 0)){
|
|
||||||
$dbh->do("UPDATE talerta_agente_modulo SET internal_counter = 0, times_fired =0 WHERE id_aam = $id_aam");
|
|
||||||
|
|
||||||
# Evaluate compound alerts, since an alert has changed its status.
|
my $rc = pandora_evaluate_alert($pa_config, $timestamp, $alert_data,
|
||||||
pandora_evaluate_compound_alerts ($pa_config, $timestamp, $id_aam, $nombre_agente, 0, $dbh);
|
$module_data, $id_module_type, $dbh);
|
||||||
}
|
pandora_process_alert ($pa_config, $timestamp, $rc, $agent_name,
|
||||||
}
|
$id_agent, $id_group, $alert_data, $module_data,
|
||||||
} # timecheck (outside time limits for this alert)
|
$dbh);
|
||||||
else { # Outside operative alert timeslot
|
|
||||||
if ($times_fired > 0){
|
|
||||||
my $evt_descripcion2 = "Alert ceased - Run out of valid alert timegap ($descripcion)";
|
|
||||||
pandora_event ($pa_config, $evt_descripcion2, $id_grupo, $id_agente, $dbh);
|
|
||||||
}
|
|
||||||
$dbh->do("UPDATE talerta_agente_modulo SET internal_counter = 0, times_fired =0 WHERE id_aam = $id_aam");
|
|
||||||
|
|
||||||
# Evaluate compound alerts, since an alert has changed its status.
|
# Evaluate compound alerts even if the alert status did not change in
|
||||||
pandora_evaluate_compound_alerts ($pa_config, $timestamp, $id_aam, $nombre_agente, 0, $dbh);
|
# case the compound alert does not recover
|
||||||
|
pandora_generate_compound_alerts ($pa_config, $timestamp,
|
||||||
|
$agent_name, $id_agent,
|
||||||
|
$alert_data->{'id_aam'},
|
||||||
|
$id_group, 0, $dbh);
|
||||||
|
}
|
||||||
|
|
||||||
|
$handle_alert->finish();
|
||||||
|
}
|
||||||
|
|
||||||
|
##########################################################################
|
||||||
|
## SUB pandora_evaluate_alert
|
||||||
|
## (paconfig, timestamp, alert_data, module_data, id_module_type, dbh)
|
||||||
|
## Evaluate trigger conditions for a given alert. Returns:
|
||||||
|
## 0 Execute the alert.
|
||||||
|
## 1 Do not execute the alert.
|
||||||
|
## 2 Do not execute the alert, but increment its internal counter.
|
||||||
|
## 3 Cease the alert.
|
||||||
|
## 4 Recover the alert.
|
||||||
|
##########################################################################
|
||||||
|
|
||||||
|
sub pandora_evaluate_alert (%$%$$$) {
|
||||||
|
my $pa_config = $_[0];
|
||||||
|
my $timestamp = $_[1];
|
||||||
|
my $alert_data = $_[2];
|
||||||
|
my $module_data = $_[3];
|
||||||
|
my $id_module_type = $_[4];
|
||||||
|
my $dbh = $_[5];
|
||||||
|
|
||||||
|
my $status = 1; # Value returned on valid data
|
||||||
|
my $err;
|
||||||
|
|
||||||
|
# Check weekday
|
||||||
|
if ($alert_data->{lc(&UnixDate("today","%A"))} != 1) {
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Check time slot
|
||||||
|
my $time = &UnixDate("today","%H:%M");
|
||||||
|
|
||||||
|
if (($alert_data->{'time_to'} ne $alert_data->{'time_from'}) &&
|
||||||
|
(($time ge $alert_data->{'time_to'}) ||
|
||||||
|
($time le $alert_data->{'time_from'}))) {
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Check time threshold
|
||||||
|
my $last_fired_date = ParseDate($alert_data->{'last_fired'});
|
||||||
|
my $limit_date = DateCalc ($last_fired_date, "+ " .
|
||||||
|
$alert_data->{'time_threshold'} . " seconds",
|
||||||
|
\$err);
|
||||||
|
my $date = ParseDate($timestamp);
|
||||||
|
|
||||||
|
if ($alert_data->{'times_fired'} > 0) {
|
||||||
|
|
||||||
|
# Reset fired alerts
|
||||||
|
if (Date_Cmp ($date, $limit_date) >= 0) {
|
||||||
|
|
||||||
|
# Cease on valid data
|
||||||
|
$status = 3;
|
||||||
|
|
||||||
|
# Always reset
|
||||||
|
$alert_data->{'internal_counter'} = 0;
|
||||||
|
$alert_data->{'times_fired'} = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Recover takes precedence over cease
|
||||||
|
if ($alert_data->{'recovery_notify'} == 1) {
|
||||||
|
$status = 4;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Check for valid data
|
||||||
|
if ($id_module_type == 3 ||
|
||||||
|
$id_module_type == 10 ||
|
||||||
|
$id_module_type == 17) {
|
||||||
|
if ($module_data !~ m/$alert_data->{'alert_text'}/i) {
|
||||||
|
return $status;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
elsif ($id_module_type == -1) {
|
||||||
|
if (pandora_evaluate_compound_alert($pa_config,
|
||||||
|
$alert_data->{'id_aam'},
|
||||||
|
$dbh) == 0) {
|
||||||
|
return $status
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
if ($module_data <= $alert_data->{'dis_max'} &&
|
||||||
|
$module_data >= $alert_data->{'dis_min'}) {
|
||||||
|
return $status;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Check min and max alert limits
|
||||||
|
if (($alert_data->{'internal_counter'} < $alert_data->{'min_alerts'}) ||
|
||||||
|
($alert_data->{'times_fired'} >= $alert_data->{'max_alerts'})) {
|
||||||
|
return 2;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
##########################################################################
|
||||||
|
## SUB pandora_process_alert
|
||||||
|
## ($pa_config, $timestamp, $rc, $agent_name, $id_agent, $id_group,
|
||||||
|
## $alert_data, $module_data, $dbh)
|
||||||
|
## Process an alert given the status returned by pandora_evaluate_alert.
|
||||||
|
##########################################################################
|
||||||
|
|
||||||
|
sub pandora_process_alert (%$$$$$%$$) {
|
||||||
|
my $pa_config = $_[0];
|
||||||
|
my $timestamp = $_[1];
|
||||||
|
my $rc = $_[2];
|
||||||
|
my $agent_name = $_[3];
|
||||||
|
my $id_agent = $_[4];
|
||||||
|
my $id_group = $_[5];
|
||||||
|
my $alert_data = $_[6];
|
||||||
|
my $module_data = $_[7];
|
||||||
|
my $dbh = $_[8];
|
||||||
|
|
||||||
|
# Do not execute
|
||||||
|
if ($rc == 1) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Cease
|
||||||
|
if ($rc == 3) {
|
||||||
|
|
||||||
|
# Update alert status
|
||||||
|
$dbh->do("UPDATE talerta_agente_modulo SET times_fired = 0,
|
||||||
|
internal_counter = 0 WHERE id_aam = " .
|
||||||
|
$alert_data->{'id_aam'});
|
||||||
|
|
||||||
|
# Generate an event
|
||||||
|
pandora_event ($pa_config, "Alert ceased (" .
|
||||||
|
$alert_data->{'descripcion'} . ")", $id_group,
|
||||||
|
$id_agent, $dbh);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Recover
|
||||||
|
if ($rc == 4) {
|
||||||
|
|
||||||
|
# Update alert status
|
||||||
|
$dbh->do("UPDATE talerta_agente_modulo SET times_fired = 0,
|
||||||
|
internal_counter = 0 WHERE id_aam = " .
|
||||||
|
$alert_data->{'id_aam'});
|
||||||
|
|
||||||
|
execute_alert ($pa_config, $timestamp, $alert_data->{'id_alerta'},
|
||||||
|
$id_agent, $id_group, $alert_data->{'al_campo1'},
|
||||||
|
$alert_data->{'al_f2_recovery'},
|
||||||
|
$alert_data->{'al_f3_recovery'}, $agent_name,
|
||||||
|
$module_data, '', '', $alert_data->{'descripcion'}, 1,
|
||||||
|
$dbh);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Increment internal counter
|
||||||
|
if ($rc == 2) {
|
||||||
|
|
||||||
|
# Update alert status
|
||||||
|
$alert_data->{'internal_counter'} += 1;
|
||||||
|
|
||||||
|
# Do not increment times_fired, but set it in case the alert was reset
|
||||||
|
$dbh->do("UPDATE talerta_agente_modulo SET times_fired = " .
|
||||||
|
$alert_data->{'times_fired'} . ", internal_counter = " .
|
||||||
|
$alert_data->{'internal_counter'} . " WHERE id_aam = " .
|
||||||
|
$alert_data->{'id_aam'});
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Execute
|
||||||
|
if ($rc == 0) {
|
||||||
|
|
||||||
|
# Get current date
|
||||||
|
my $date_db = &UnixDate("today","%Y-%m-%d %H:%M:%S");
|
||||||
|
|
||||||
|
# Update alert status
|
||||||
|
|
||||||
|
$alert_data->{'times_fired'} += 1;
|
||||||
|
$alert_data->{'internal_counter'} += 1;
|
||||||
|
$dbh->do("UPDATE talerta_agente_modulo SET times_fired = " .
|
||||||
|
$alert_data->{'times_fired'} . ", last_fired =
|
||||||
|
'$date_db', internal_counter = " .
|
||||||
|
$alert_data->{'internal_counter'} . " WHERE id_aam = " .
|
||||||
|
$alert_data->{'id_aam'});
|
||||||
|
|
||||||
|
execute_alert ($pa_config, $timestamp, $alert_data->{'id_alerta'},
|
||||||
|
$id_agent, $id_group, $alert_data->{'al_campo1'},
|
||||||
|
$alert_data->{'al_campo2'}, $alert_data->{'al_campo3'},
|
||||||
|
$agent_name, $module_data, '', '',
|
||||||
|
$alert_data->{'descripcion'}, 1, $dbh);
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
} # While principal
|
|
||||||
} # if there are valid records
|
|
||||||
$s_idag->finish();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
##########################################################################
|
##########################################################################
|
||||||
## SUB pandora_evaluate_compound_alert
|
## SUB pandora_evaluate_compound_alert
|
||||||
## (paconfig,id,dbh)
|
## (pa_config, id, dbh)
|
||||||
## Evaluate a given compound alert. Returns 1 if the alert should be
|
## Evaluate a given compound alert. Returns 1 if the alert should be
|
||||||
## fired, 0 if not.
|
## fired, 0 if not.
|
||||||
##########################################################################
|
##########################################################################
|
||||||
|
@ -316,45 +334,37 @@ sub pandora_evaluate_compound_alert (%$$) {
|
||||||
my $status = 0;
|
my $status = 0;
|
||||||
|
|
||||||
# Get all the alerts associated with this compound alert
|
# Get all the alerts associated with this compound alert
|
||||||
my $query_id_aam = "SELECT id_aam, operation FROM tcompound_alert
|
my $query_compound = "SELECT id_aam, operation FROM tcompound_alert
|
||||||
WHERE id = '$id' ORDER BY operation";
|
WHERE id = '$id' ORDER BY operation";
|
||||||
my $s_id_aam = $dbh->prepare($query_id_aam);
|
my $handle_compound = $dbh->prepare($query_compound);
|
||||||
$s_id_aam ->execute;
|
$handle_compound ->execute;
|
||||||
|
|
||||||
if ($s_id_aam->rows == 0) {
|
if ($handle_compound->rows == 0) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
while (@data = $s_id_aam->fetchrow_array()) {
|
while (my $data_compound = $handle_compound->fetchrow_hashref()) {
|
||||||
|
|
||||||
# Alert ID
|
# Get alert data if enabled
|
||||||
my $id_aam = $data[0];
|
my $query_alert = "SELECT disable, times_fired FROM
|
||||||
|
talerta_agente_modulo WHERE id_aam = " .
|
||||||
|
$data_compound->{'id_aam'} .
|
||||||
|
" AND disable = 0";
|
||||||
|
my $handle_alert = $dbh->prepare($query_alert);
|
||||||
|
|
||||||
# Logical operation to perform
|
$handle_alert->execute;
|
||||||
my $operation = $data[1];
|
if ($handle_alert->rows == 0) {
|
||||||
|
$handle_alert->finish();
|
||||||
# Get alert data
|
|
||||||
my $query_times_fired = "SELECT disable, times_fired FROM
|
|
||||||
talerta_agente_modulo WHERE id_aam =
|
|
||||||
'$id_aam'";
|
|
||||||
my $s_times_fired = $dbh->prepare($query_times_fired);
|
|
||||||
$s_times_fired ->execute;
|
|
||||||
if ($s_id_aam->rows == 0) {
|
|
||||||
next;
|
next;
|
||||||
}
|
}
|
||||||
|
|
||||||
my @data2 = $s_times_fired->fetchrow_array();
|
my $data_alert = $handle_alert->fetchrow_hashref();
|
||||||
my $disable = $data2[0];
|
$handle_alert->finish();
|
||||||
|
|
||||||
# Check whether the alert was fired
|
# Check whether the alert was fired
|
||||||
my $fired = $data2[1] > 0 ? 1 : 0;
|
my $fired = $data_alert->{'times_fired'} > 0 ? 1 : 0;
|
||||||
|
|
||||||
$s_times_fired->finish();
|
my $operation = $data_compound->{'operation'};
|
||||||
|
|
||||||
# Skip disabled alerts
|
|
||||||
if ($disable == 1) {
|
|
||||||
next;
|
|
||||||
}
|
|
||||||
|
|
||||||
# Operate...
|
# Operate...
|
||||||
if ($operation eq "AND") {
|
if ($operation eq "AND") {
|
||||||
|
@ -380,106 +390,102 @@ sub pandora_evaluate_compound_alert (%$$) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$s_id_aam->finish();
|
$handle_compound->finish();
|
||||||
return $status;
|
return $status;
|
||||||
}
|
}
|
||||||
|
|
||||||
##########################################################################
|
##########################################################################
|
||||||
## SUB pandora_evaluate_compound_alerts
|
## SUB pandora_generate_compound_alerts
|
||||||
## (paconfig,timestamp,id_aam,nombre_agente,depth,dbh)
|
## (pa_config, timestamp, agent_name, id_agent, id_alert_agent_module, id_group,
|
||||||
## Evaluate compound alerts that depend on a given alert.
|
## module_data, module_type, depth, dbh)
|
||||||
|
## Generate compound alerts that depend on a given alert.
|
||||||
##########################################################################
|
##########################################################################
|
||||||
|
|
||||||
sub pandora_evaluate_compound_alerts (%$$$$$) {
|
sub pandora_generate_compound_alerts (%$$$$$$$) {
|
||||||
my $pa_config = $_[0];
|
my $pa_config = $_[0];
|
||||||
my $timestamp = $_[1];
|
my $timestamp = $_[1];
|
||||||
my $id_aam = $_[2];
|
my $agent_name = $_[2];
|
||||||
my $nombre_agente = $_[3];
|
my $id_agent = $_[3];
|
||||||
my $depth = $_[4];
|
my $id_alert_agent_module = $_[4];
|
||||||
my $dbh = $_[5];
|
my $id_group = $_[5];
|
||||||
|
my $depth = $_[6];
|
||||||
|
my $dbh = $_[7];
|
||||||
|
|
||||||
# Get all compound alerts that depend on this alert
|
# Get all compound alerts that depend on this alert
|
||||||
my $query_id = "SELECT id FROM tcompound_alert WHERE id_aam = '$id_aam'";
|
my $query_compound = "SELECT id FROM tcompound_alert WHERE id_aam = '" .
|
||||||
my $s_id = $dbh->prepare($query_id);
|
$id_alert_agent_module . "'";
|
||||||
|
|
||||||
$s_id ->execute;
|
my $handle_compound = $dbh->prepare($query_compound);
|
||||||
if ($s_id->rows == 0) {
|
|
||||||
$s_id->finish();
|
$handle_compound->execute;
|
||||||
|
|
||||||
|
if ($handle_compound->rows == 0) {
|
||||||
|
$handle_compound->finish();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
while (my @data = $s_id->fetchrow_array()) {
|
while (my $data_compound = $handle_compound->fetchrow_hashref()) {
|
||||||
my $id = $data[0];
|
|
||||||
|
|
||||||
# Get compound alert parameters
|
# Get compound alert parameters
|
||||||
my $query_data = "SELECT al_campo1, al_campo2, al_campo3, descripcion, alert_text, disable FROM talerta_agente_modulo WHERE id_aam = '$id'";
|
my $query_alert = "SELECT * FROM talerta_agente_modulo WHERE id_aam =
|
||||||
my $s_data = $dbh->prepare($query_data);
|
'" . $data_compound->{'id'} . "'";
|
||||||
|
my $handle_alert = $dbh->prepare($query_alert);
|
||||||
|
|
||||||
$s_data ->execute;
|
$handle_alert->execute;
|
||||||
if ($s_data->rows == 0) {
|
if ($handle_alert->rows == 0) {
|
||||||
|
$handle_alert->finish();
|
||||||
next;
|
next;
|
||||||
}
|
}
|
||||||
|
|
||||||
@data = $s_data->fetchrow_array();
|
my $data_alert = $handle_alert->fetchrow_hashref();
|
||||||
|
$handle_alert->finish();
|
||||||
my $field1 = $data[0];
|
|
||||||
my $field2 = $data[1];
|
|
||||||
my $field3 = $data[2];
|
|
||||||
my $description = $data[3];
|
|
||||||
my $text = $data[4];
|
|
||||||
my $disable = $data[5];
|
|
||||||
|
|
||||||
# Skip disabled alerts
|
|
||||||
if ($disable == 1) {
|
|
||||||
next;
|
|
||||||
}
|
|
||||||
|
|
||||||
# Evaluate the alert
|
# Evaluate the alert
|
||||||
my $status = pandora_evaluate_compound_alert($pa_config, $id, $dbh);
|
my $rc = pandora_evaluate_alert($pa_config, $timestamp, $data_alert,
|
||||||
if ($status != 0) {
|
'', -1, $dbh);
|
||||||
# Update the alert status
|
|
||||||
$dbh->do("UPDATE talerta_agente_modulo SET times_fired = 1 WHERE id_aam = $id");
|
|
||||||
my $command = dame_comando_alerta ($pa_config, $id, $dbh);
|
|
||||||
|
|
||||||
execute_alert ($pa_config, $id, $field1, $field2, $field3, $nombre_agente, $timestamp, $text, $command, '', $description, 1, $dbh);
|
pandora_process_alert ($pa_config, $timestamp, $rc, $agent_name, $id_agent,
|
||||||
}
|
$id_group, $data_alert, '', $dbh);
|
||||||
else {
|
|
||||||
# Update the alert status
|
|
||||||
$dbh->do("UPDATE talerta_agente_modulo SET times_fired = 0 WHERE id_aam = $id");
|
|
||||||
}
|
|
||||||
|
|
||||||
# Evaluate nested compound alerts
|
# Evaluate nested compound alerts
|
||||||
if ($depth < $pa_config->{"compound_max_depth"}) {
|
if ($depth >= $pa_config->{'compound_max_depth'}) {
|
||||||
&pandora_evaluate_compound_alerts ($pa_config, $timestamp, $id, $nombre_agente, $depth + 1, $dbh);
|
logger($pa_config, "ERROR: Error in SUB pandora_generate_compound_
|
||||||
}
|
alerts(): Maximum nested compound alert depth
|
||||||
else {
|
reached.", 2);
|
||||||
logger($pa_config, "ERROR: Error in SUB pandora_evaluate_compound_alerts(): Maximum nested compound alert depth reached.", 2);
|
next;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$s_id->finish();
|
&pandora_generate_compound_alerts ($pa_config, $timestamp, $agent_name,
|
||||||
|
$id_agent, $data_compound->{'id'},
|
||||||
|
$id_group, $depth + 1, $dbh);
|
||||||
|
}
|
||||||
|
|
||||||
|
$handle_compound->finish();
|
||||||
}
|
}
|
||||||
|
|
||||||
##########################################################################
|
##########################################################################
|
||||||
## SUB execute_alert (id_alert, field1, field2, field3, agent, timestamp, data,
|
## SUB execute_alert (pa_config, timestamp, id_alert, id_agent, id_group,
|
||||||
## command, $alert_name, $alert_description, create_event, dbh)
|
## field1, field2, field3, agent, data, command, alert_name, alert_description,
|
||||||
|
## create_event, dbh)
|
||||||
## Do a execution of given alert with this parameters
|
## Do a execution of given alert with this parameters
|
||||||
##########################################################################
|
##########################################################################
|
||||||
|
|
||||||
sub execute_alert (%$$$$$$$$$$$$) {
|
sub execute_alert (%$$$$$$$$$$$$$$$) {
|
||||||
my $pa_config = $_[0];
|
my $pa_config = $_[0];
|
||||||
my $id_alert = $_[1];
|
my $timestamp = $_[1];
|
||||||
my $field1 = $_[2];
|
my $id_alert = $_[2];
|
||||||
my $field2 = $_[3];
|
my $id_agent = $_[3];
|
||||||
my $field3 = $_[4];
|
my $id_group = $_[4];
|
||||||
my $agent = $_[5];
|
my $field1 = $_[5];
|
||||||
my $timestamp = $_[6];
|
my $field2 = $_[6];
|
||||||
my $data = $_[7];
|
my $field3 = $_[7];
|
||||||
my $command = $_[8];
|
my $agent = $_[8];
|
||||||
my $alert_name = $_[9];
|
my $data = $_[9];
|
||||||
my $alert_description = $_[10];
|
my $command = $_[10];
|
||||||
my $create_event = $_[11];
|
my $alert_name = $_[11];
|
||||||
my $dbh = $_[12];
|
my $alert_description = $_[12];
|
||||||
|
my $create_event = $_[13];
|
||||||
|
my $dbh = $_[14];
|
||||||
|
|
||||||
# Compound only
|
# Compound only
|
||||||
if ($id_alert == 1){
|
if ($id_alert == 1){
|
||||||
|
@ -533,9 +539,7 @@ sub execute_alert (%$$$$$$$$$$$$) {
|
||||||
}
|
}
|
||||||
if ($create_event == 1){
|
if ($create_event == 1){
|
||||||
my $evt_descripcion = "Alert fired ($alert_description)";
|
my $evt_descripcion = "Alert fired ($alert_description)";
|
||||||
my $id_agente = dame_agente_id ($pa_config, $agent, $dbh);
|
pandora_event ($pa_config, $evt_descripcion, $id_group, $id_agent, $dbh);
|
||||||
pandora_event ($pa_config, $evt_descripcion, dame_grupo_agente($pa_config, $id_agente, $dbh),
|
|
||||||
$id_agente, $dbh);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -560,7 +564,6 @@ sub pandora_writestate (%$$$$$$$) {
|
||||||
|
|
||||||
my @data;
|
my @data;
|
||||||
my $cambio = 0;
|
my $cambio = 0;
|
||||||
my $id_grupo;
|
|
||||||
|
|
||||||
# Get current timestamp / unix numeric time
|
# Get current timestamp / unix numeric time
|
||||||
my $timestamp = &UnixDate ("today", "%Y-%m-%d %H:%M:%S"); # string timestamp
|
my $timestamp = &UnixDate ("today", "%Y-%m-%d %H:%M:%S"); # string timestamp
|
||||||
|
@ -581,6 +584,8 @@ sub pandora_writestate (%$$$$$$$) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
my $id_grupo = dame_grupo_agente($pa_config, $id_agente,$dbh);
|
||||||
|
|
||||||
# Seek for agent_interval or module_interval
|
# Seek for agent_interval or module_interval
|
||||||
my $query_idag = "SELECT * FROM tagente_modulo WHERE id_agente = $id_agente AND id_agente_modulo = " . $id_agente_modulo;;
|
my $query_idag = "SELECT * FROM tagente_modulo WHERE id_agente = $id_agente AND id_agente_modulo = " . $id_agente_modulo;;
|
||||||
my $s_idag = $dbh->prepare($query_idag);
|
my $s_idag = $dbh->prepare($query_idag);
|
||||||
|
@ -591,6 +596,7 @@ sub pandora_writestate (%$$$$$$$) {
|
||||||
} else {
|
} else {
|
||||||
@data = $s_idag->fetchrow_array();
|
@data = $s_idag->fetchrow_array();
|
||||||
}
|
}
|
||||||
|
my $id_module_type = $data[2];
|
||||||
my $module_interval = $data[7];
|
my $module_interval = $data[7];
|
||||||
if ($module_interval == 0){
|
if ($module_interval == 0){
|
||||||
$module_interval = dame_intervalo ($pa_config, $id_agente, $dbh);
|
$module_interval = dame_intervalo ($pa_config, $id_agente, $dbh);
|
||||||
|
@ -598,7 +604,7 @@ sub pandora_writestate (%$$$$$$$) {
|
||||||
$s_idag->finish();
|
$s_idag->finish();
|
||||||
# Check alert subroutine
|
# Check alert subroutine
|
||||||
eval {
|
eval {
|
||||||
pandora_calcula_alerta ($pa_config, $timestamp, $nombre_agente, $tipo_modulo, $nombre_modulo, $datos, $dbh);
|
pandora_generate_alerts ($pa_config, $timestamp, $nombre_agente, $id_agente, $id_agente_modulo, $id_module_type, $id_grupo, $datos, $dbh);
|
||||||
};
|
};
|
||||||
if ($@) {
|
if ($@) {
|
||||||
logger($pa_config, "ERROR: Error in SUB calcula_alerta(). ModuleName: $nombre_modulo ModuleType: $tipo_modulo AgentName: $nombre_agente", 4);
|
logger($pa_config, "ERROR: Error in SUB calcula_alerta(). ModuleName: $nombre_modulo ModuleType: $tipo_modulo AgentName: $nombre_agente", 4);
|
||||||
|
@ -624,7 +630,6 @@ sub pandora_writestate (%$$$$$$$) {
|
||||||
$cambio = 1;
|
$cambio = 1;
|
||||||
# Este seria el momento oportuno de probar a saltar la alerta si estuviera definida
|
# Este seria el momento oportuno de probar a saltar la alerta si estuviera definida
|
||||||
# Makes an event entry, only if previous state changes, if new state, doesnt give any alert
|
# Makes an event entry, only if previous state changes, if new state, doesnt give any alert
|
||||||
$id_grupo = dame_grupo_agente($pa_config, $id_agente,$dbh);
|
|
||||||
my $descripcion;
|
my $descripcion;
|
||||||
if ( $estado == 0) {
|
if ( $estado == 0) {
|
||||||
$descripcion = "Monitor ($nombre_modulo) goes up ";
|
$descripcion = "Monitor ($nombre_modulo) goes up ";
|
||||||
|
@ -681,6 +686,7 @@ sub pandora_accessupdate (%$$) {
|
||||||
my $pa_config = $_[0];
|
my $pa_config = $_[0];
|
||||||
my $id_agent = $_[1];
|
my $id_agent = $_[1];
|
||||||
my $dbh = $_[2];
|
my $dbh = $_[2];
|
||||||
|
my $err;
|
||||||
|
|
||||||
if ($id_agent != -1){
|
if ($id_agent != -1){
|
||||||
my $intervalo = dame_intervalo ($pa_config, $id_agent, $dbh);
|
my $intervalo = dame_intervalo ($pa_config, $id_agent, $dbh);
|
||||||
|
@ -1149,7 +1155,10 @@ sub pandora_serverkeepaliver (%$$) {
|
||||||
my $version_data;
|
my $version_data;
|
||||||
my $pandorasuffix;
|
my $pandorasuffix;
|
||||||
my @data;
|
my @data;
|
||||||
|
my $err;
|
||||||
|
|
||||||
my $temp = $pa_config->{"keepalive"} - $pa_config->{"server_threshold"};
|
my $temp = $pa_config->{"keepalive"} - $pa_config->{"server_threshold"};
|
||||||
|
|
||||||
if ($temp <= 0){
|
if ($temp <= 0){
|
||||||
my $timestamp = &UnixDate("today","%Y-%m-%d %H:%M:%S");
|
my $timestamp = &UnixDate("today","%Y-%m-%d %H:%M:%S");
|
||||||
$temp = $pa_config->{"keepalive_orig"} * 2; # Down if keepalive x 2 seconds unknown
|
$temp = $pa_config->{"keepalive_orig"} * 2; # Down if keepalive x 2 seconds unknown
|
||||||
|
@ -1726,7 +1735,7 @@ sub give_network_component_profile_name (%$$) {
|
||||||
my $s_idag = $dbh->prepare($query_idag);
|
my $s_idag = $dbh->prepare($query_idag);
|
||||||
$s_idag ->execute;
|
$s_idag ->execute;
|
||||||
if ($s_idag->rows == 0) {
|
if ($s_idag->rows == 0) {
|
||||||
logger($pa_config, "ERROR give_network_component_profile_name(): Cannot find network profile $id_nc",1);
|
logger($pa_config, "ERROR give_network_component_profile_name(): Cannot find network profile $id_np",1);
|
||||||
logger($pa_config, "ERROR: SQL Query is $query_idag ",2);
|
logger($pa_config, "ERROR: SQL Query is $query_idag ",2);
|
||||||
$tipo = 0;
|
$tipo = 0;
|
||||||
} else { @data = $s_idag->fetchrow_array(); }
|
} else { @data = $s_idag->fetchrow_array(); }
|
||||||
|
|
Loading…
Reference in New Issue