* Both are similars: * db_get_all_rows_filter ('table', array ('disabled', 0)); * db_get_all_rows_filter ('table', 'disabled = 0'); * * Both are similars: * db_get_all_rows_filter ('table', array ('disabled' => 0, 'history_data' => 0), 'name', 'OR'); * db_get_all_rows_filter ('table', 'disabled = 0 OR history_data = 0', 'name'); * * @param mixed Fields of the table to retrieve. Can be an array or a coma * separated string. All fields are retrieved by default * * @return mixed False in case of error or invalid values passed. Affected rows otherwise */ function events_get_events($filter=false, $fields=false) { if ($filter['criticity'] == EVENT_CRIT_WARNING_OR_CRITICAL) { $filter['criticity'] = [ EVENT_CRIT_WARNING, EVENT_CRIT_CRITICAL, ]; } return db_get_all_rows_filter('tevento', $filter, $fields); } /** * Get the event with the id pass as parameter. * * @param integer $id Event id * @param mixed $fields The fields to show or by default all with false. * * @return mixed False in case of error or invalid values passed. Event row otherwise */ function events_get_event($id, $fields=false, $meta=false, $history=false) { if (empty($id)) { return false; } global $config; if (is_array($fields)) { if (! in_array('id_grupo', $fields)) { $fields[] = 'id_grupo'; } } $table = events_get_events_table($meta, $history); $event = db_get_row($table, 'id_evento', $id, $fields); if (! check_acl($config['id_user'], $event['id_grupo'], 'ER')) { return false; } return $event; } function events_get_events_no_grouped( $sql_post, $offset=0, $pagination=1, $meta=false, $history=false, $total=false, $history_db=false, $order='ASC' ) { global $config; $table = events_get_events_table($meta, $history); $sql = "SELECT * FROM $table te WHERE 1=1 ".$sql_post; $events = db_get_all_rows_sql($sql, $history_db); return $events; } function events_get_events_grouped( $sql_post, $offset=0, $pagination=1, $meta=false, $history=false, $total=false, $history_db=false, $order='down', $sort_field='timestamp' ) { global $config; $table = events_get_events_table($meta, $history); if ($meta) { $groupby_extra = ', server_id'; } else { $groupby_extra = ''; } switch ($config['dbtype']) { case 'mysql': db_process_sql('SET group_concat_max_len = 9999999'); $event_lj = events_get_secondary_groups_left_join($table); if ($total) { $sql = "SELECT COUNT(*) FROM (SELECT * FROM $table te $event_lj WHERE 1=1 ".$sql_post.' GROUP BY estado, evento, id_agente, id_agentmodule'.$groupby_extra.') AS t'; } else { $sql = "SELECT *, MAX(id_evento) AS id_evento, GROUP_CONCAT(DISTINCT user_comment SEPARATOR '
') AS user_comment, GROUP_CONCAT(DISTINCT id_evento SEPARATOR ',') AS similar_ids, COUNT(*) AS event_rep, MAX(utimestamp) AS timestamp_rep, MIN(utimestamp) AS timestamp_rep_min, (SELECT owner_user FROM $table WHERE id_evento = MAX(te.id_evento)) owner_user, (SELECT id_usuario FROM $table WHERE id_evento = MAX(te.id_evento)) id_usuario, (SELECT id_agente FROM $table WHERE id_evento = MAX(te.id_evento)) id_agente, (SELECT criticity FROM $table WHERE id_evento = MAX(te.id_evento)) AS criticity, (SELECT ack_utimestamp FROM $table WHERE id_evento = MAX(te.id_evento)) AS ack_utimestamp, (SELECT nombre FROM tagente_modulo WHERE id_agente_modulo = te.id_agentmodule) AS module_name FROM $table te $event_lj WHERE 1=1 ".$sql_post.' GROUP BY estado, evento, id_agente, id_agentmodule'.$groupby_extra; $sql .= ' '.events_get_sql_order($sort_field, $order, 2); $sql .= ' LIMIT '.$offset.','.$pagination; } break; case 'postgresql': if ($total) { $sql = "SELECT COUNT(*) FROM $table te WHERE 1=1 ".$sql_post.' GROUP BY estado, evento, id_agentmodule, id_evento, id_agente, id_usuario, id_grupo, estado, timestamp, utimestamp, event_type, id_alert_am, criticity, user_comment, tags, source, id_extra'.$groupby_extra; } else { $sql = "SELECT *, MAX(id_evento) AS id_evento, array_to_string(array_agg(DISTINCT user_comment), '
') AS user_comment, array_to_string(array_agg(DISTINCT id_evento), ',') AS similar_ids, COUNT(*) AS event_rep, MAX(utimestamp) AS timestamp_rep, MIN(utimestamp) AS timestamp_rep_min, (SELECT owner_user FROM $table WHERE id_evento = MAX(te.id_evento)) owner_user, (SELECT id_usuario FROM $table WHERE id_evento = MAX(te.id_evento)) id_usuario, (SELECT id_agente FROM $table WHERE id_evento = MAX(te.id_evento)) id_agente, (SELECT criticity FROM $table WHERE id_evento = MAX(te.id_evento)) AS criticity, (SELECT ack_utimestamp FROM $table WHERE id_evento = MAX(te.id_evento)) AS ack_utimestamp FROM $table te WHERE 1=1 ".$sql_post.' GROUP BY estado, evento, id_agentmodule, id_evento, id_agente, id_usuario, id_grupo, estado, timestamp, utimestamp, event_type, id_alert_am, criticity, user_comment, tags, source, id_extra, te.critical_instructions, te.warning_instructions, te.unknown_instructions, te.owner_user, te.ack_utimestamp, te.custom_data '.$groupby_extra.' ORDER BY timestamp_rep ASC LIMIT '.$pagination.' OFFSET '.$offset; } break; case 'oracle': if ($total) { $sql = "SELECT COUNT(*) FROM $table te WHERE 1=1 $sql_post GROUP BY estado, to_char(evento), id_agentmodule".$groupby_extra.') b '; } else { $set = []; $set['limit'] = $pagination; $set['offset'] = $offset; $sql = "SELECT ta.*, tb.event_rep, tb.timestamp_rep, tb.timestamp_rep_min, tb.user_comments, tb.similar_ids FROM $table ta INNER JOIN (SELECT MAX(id_evento) AS id_evento, COUNT(id_evento) AS event_rep, MAX(utimestamp) AS timestamp_rep, MIN(utimestamp) AS timestamp_rep_min, TAB_TO_STRING(CAST(COLLECT(TO_CHAR(user_comment) ORDER BY id_evento ASC) AS t_varchar2_tab), '
') AS user_comments, TAB_TO_STRING(CAST(COLLECT(CAST(id_evento AS VARCHAR2(4000)) ORDER BY id_evento ASC) AS t_varchar2_tab)) AS similar_ids FROM $table te WHERE 1=1 $sql_post GROUP BY estado, to_char(evento), id_agentmodule$groupby_extra) tb ON ta.id_evento = tb.id_evento ORDER BY tb.timestamp_rep ASC"; $sql = oracle_recode_query($sql, $set); } break; } // Extract the events by filter (or not) from db $events = db_get_all_rows_sql($sql, $history_db); if ($total) { return reset($events[0]); } else { // Override the column 'user_comment' with the column 'user_comments' when oracle if (!empty($events) && $config['dbtype'] == 'oracle') { array_walk( $events, function (&$value, $key) { set_if_defined($value['user_comment'], $value['user_comments']); } ); } return $events; } } function events_get_total_events_grouped($sql_post, $meta=false, $history=false) { return events_get_events_grouped($sql_post, 0, 0, $meta, $history, true); } /** * Get all the events ids similar to a given event id. * * An event is similar then the event text (evento) and the id_agentmodule are * the same. * * @param int Event id to get similar events. * @param bool Metaconsole mode flag * @param bool History mode flag * * @return array A list of events ids. */ function events_get_similar_ids($id, $meta=false, $history=false) { $events_table = events_get_events_table($meta, $history); $ids = []; if ($meta) { $event = events_meta_get_event($id, ['evento', 'id_agentmodule'], $history); } else { $event = events_get_event($id, ['evento', 'id_agentmodule']); } if ($event === false) { return $ids; } $events = db_get_all_rows_filter( $events_table, [ 'evento' => $event['evento'], 'id_agentmodule' => $event['id_agentmodule'], ], ['id_evento'] ); if ($events === false) { return $ids; } foreach ($events as $event) { $ids[] = $event['id_evento']; } return $ids; } /** * Delete events in a transresponse * * @param mixed Event ID or array of events * @param bool Whether to delete similar events too. * @param bool Metaconsole mode flag * @param bool History mode flag * * @return boolean Whether or not it was successful */ function events_delete_event($id_event, $similar=true, $meta=false, $history=false) { global $config; $table_event = events_get_events_table($meta, $history); // Cleans up the selection for all unwanted values also casts any single values as an array $id_event = (array) safe_int($id_event, 1); // We must delete all events like the selected if ($similar) { foreach ($id_event as $id) { $id_event = array_merge($id_event, events_get_similar_ids($id, $meta, $history)); } $id_event = array_unique($id_event); } $errors = 0; foreach ($id_event as $event) { if ($meta) { $event_group = events_meta_get_group($event, $history); } else { $event_group = events_get_group($event); } if (check_acl($config['id_user'], $event_group, 'EM') == 0) { // Check ACL db_pandora_audit('ACL Violation', 'Attempted deleting event #'.$event); $errors++; } else { $ret = db_process_sql_delete($table_event, ['id_evento' => $event]); if (!$ret) { $errors++; } else { db_pandora_audit('Event deleted', 'Deleted event #'.$event); // ACL didn't fail nor did return continue; } } break; } if ($errors > 0) { return false; } else { return true; } } /** * Change the status of one or various events * * @param mixed Event ID or array of events * @param int new status of the event * @param bool metaconsole mode flag * @param bool history mode flag * * @return boolean Whether or not it was successful */ function events_change_status($id_event, $new_status, $meta=false, $history=false) { global $config; $event_table = events_get_events_table($meta, $history); // Cleans up the selection for all unwanted values also casts any single values as an array $id_event = (array) safe_int($id_event, 1); // Update ack info if the new status is validated if ($new_status == EVENT_STATUS_VALIDATED) { $ack_utimestamp = time(); $ack_user = $config['id_user']; } else { $acl_utimestamp = 0; $ack_user = ''; } switch ($new_status) { case EVENT_STATUS_NEW: $status_string = 'New'; break; case EVENT_STATUS_VALIDATED: $status_string = 'Validated'; break; case EVENT_STATUS_INPROCESS: $status_string = 'In process'; break; default: $status_string = ''; break; } $alerts = []; foreach ($id_event as $k => $id) { if ($meta) { $event_group = events_meta_get_group($id, $history); $event = events_meta_get_event($id, false, $history); $server_id = $event['server_id']; } else { $event_group = events_get_group($id); $event = events_get_event($id); } if ($event['id_alert_am'] > 0 && !in_array($event['id_alert_am'], $alerts)) { $alerts[] = $event['id_alert_am']; } if (check_acl($config['id_user'], $event_group, 'EW') == 0) { db_pandora_audit('ACL Violation', 'Attempted updating event #'.$id); unset($id_event[$k]); } } if (empty($id_event)) { return false; } $values = [ 'estado' => $new_status, 'id_usuario' => $ack_user, 'ack_utimestamp' => $ack_utimestamp, ]; $ret = db_process_sql_update( $event_table, $values, ['id_evento' => $id_event] ); if (($ret === false) || ($ret === 0)) { return false; } events_comment($id_event, '', "Change status to $status_string", $meta, $history); if ($meta && !empty($alerts)) { $server = metaconsole_get_connection_by_id($server_id); metaconsole_connect($server); } // Put the alerts in standby or not depends the new status foreach ($alerts as $alert) { switch ($new_status) { case EVENT_NEW: case EVENT_VALIDATE: alerts_agent_module_standby($alert, 0); break; case EVENT_PROCESS: alerts_agent_module_standby($alert, 1); break; } } if ($meta && !empty($alerts)) { metaconsole_restore_db(); } return true; } /** * Change the owner of an event if the event hasn't owner * * @param mixed Event ID or array of events * @param string id_user of the new owner. If is false, the current owner will be setted * @param bool flag to force the change or not (not force is change only when it hasn't owner) * @param bool metaconsole mode flag * @param bool history mode flag * * @return boolean Whether or not it was successful */ function events_change_owner($id_event, $new_owner=false, $force=false, $meta=false, $history=false) { global $config; $event_table = events_get_events_table($meta, $history); // Cleans up the selection for all unwanted values also casts any single values as an array $id_event = (array) safe_int($id_event, 1); foreach ($id_event as $k => $id) { if ($meta) { $event_group = events_meta_get_group($id, $history); } else { $event_group = events_get_group($id); } if (check_acl($config['id_user'], $event_group, 'EW') == 0) { db_pandora_audit('ACL Violation', 'Attempted updating event #'.$id); unset($id_event[$k]); } } if (empty($id_event)) { return false; } // If no new_owner is provided, the current user will be the owner // ** Comment this lines because if possible selected None owner in owner event. TIQUET: #2250*** // if (empty($new_owner)) { // $new_owner = $config['id_user']; // } // Only generate comment when is forced (sometimes is changed the owner when comment) if ($force) { events_comment($id_event, '', "Change owner to $new_owner", $meta, $history); } $values = ['owner_user' => $new_owner]; $where = ['id_evento' => $id_event]; // If not force, add to where if owner_user = '' if (!$force) { $where['owner_user'] = ''; } $ret = db_process_sql_update( $event_table, $values, $where, 'AND', false ); if (($ret === false) || ($ret === 0)) { return false; } return true; } function events_get_events_table($meta, $history) { if ($meta) { if ($history) { $event_table = 'tmetaconsole_event_history'; } else { $event_table = 'tmetaconsole_event'; } } else { $event_table = 'tevento'; } return $event_table; } /** * Comment events in a transresponse * * @param mixed Event ID or array of events * @param string comment to be registered * @param string action performed with the comment. Bu default just Added comment * @param bool Flag of metaconsole mode * @param bool Flag of history mode * * @return boolean Whether or not it was successful */ function events_comment($id_event, $comment='', $action='Added comment', $meta=false, $history=false, $similars=true) { global $config; $event_table = events_get_events_table($meta, $history); // Cleans up the selection for all unwanted values also casts any single values as an array $id_event = (array) safe_int($id_event, 1); foreach ($id_event as $k => $id) { if ($meta) { $event_group = events_meta_get_group($id, $history); } else { $event_group = events_get_group($id); } if (check_acl($config['id_user'], $event_group, 'EW') == 0) { db_pandora_audit('ACL Violation', 'Attempted updating event #'.$id); unset($id_event[$k]); } } if (empty($id_event)) { return false; } // If the event hasn't owner, assign the user as owner events_change_owner($id_event); // Get the current event comments $first_event = $id_event; if (is_array($id_event)) { $first_event = reset($id_event); } $event_comments = db_get_value('user_comment', $event_table, 'id_evento', $first_event); $event_comments_array = []; if ($event_comments == '') { $comments_format = 'new'; } else { // If comments are not stored in json, the format is old $event_comments_array = json_decode($event_comments); if (is_null($event_comments_array)) { $comments_format = 'old'; } else { $comments_format = 'new'; } } switch ($comments_format) { case 'new': $comment_for_json['comment'] = $comment; $comment_for_json['action'] = $action; $comment_for_json['id_user'] = $config['id_user']; $comment_for_json['utimestamp'] = time(); $event_comments_array[] = $comment_for_json; $event_comments = io_json_mb_encode($event_comments_array); // Update comment $ret = db_process_sql_update($event_table, ['user_comment' => $event_comments], ['id_evento' => implode(',', $id_event)]); break; case 'old': // Give old ugly format to comment. TODO: Change this method for aux table or json $comment = str_replace(["\r\n", "\r", "\n"], '
', $comment); if ($comment != '') { $commentbox = '
'; } else { $commentbox = ''; } // Don't translate 'by' word because if various users with different languages // make comments in the same console will be a mess $comment = '-- '.$action.' by '.$config['id_user'].' '.'['.date($config['date_format']).'] --
'; // Update comment switch ($config['dbtype']) { // Oldstyle SQL to avoid innecesary PHP foreach case 'mysql': $sql_validation = "UPDATE $event_table SET user_comment = concat('".$comment."', user_comment) WHERE id_evento in (".implode(',', $id_event).')'; $ret = db_process_sql($sql_validation); break; case 'postgresql': case 'oracle': $sql_validation = "UPDATE $event_table SET user_comment='".$comment."' || user_comment) WHERE id_evento in (".implode(',', $id_event).')'; $ret = db_process_sql($sql_validation); break; } break; } if (($ret === false) || ($ret === 0)) { return false; } return true; } /** * Get group id of an event. * * @param integer $id_event Event id * * @return integer Group id of the given event. */ function events_get_group($id_event) { return (int) db_get_value('id_grupo', 'tevento', 'id_evento', (int) $id_event); } /** * Get description of an event. * * @param integer $id_event Event id. * * @return string Description of the given event. */ function events_get_description($id_event) { return (string) db_get_value('evento', 'tevento', 'id_evento', (int) $id_event); } /** * Insert a event in the event log system. * * @param integer $event * @param integer $id_group * @param integer $id_agent * @param integer $status * @param string $id_user * @param string $event_type * @param integer $priority * @param integer $id_agent_module * @param integer $id_aam * * @return integer event id */ function events_create_event( $event, $id_group, $id_agent, $status=0, $id_user='', $event_type='unknown', $priority=0, $id_agent_module=0, $id_aam=0, $critical_instructions='', $warning_instructions='', $unknown_instructions='', $source=false, $tags='', $custom_data='', $server_id=0, $id_extra='' ) { global $config; if ($source === false) { $source = get_product_name(); } $table_events = 'tevento'; if (defined('METACONSOLE')) { $table_events = 'tmetaconsole_event'; switch ($config['dbtype']) { case 'mysql': $sql = sprintf( ' INSERT INTO '.$table_events.' (id_agente, id_grupo, evento, timestamp, estado, utimestamp, id_usuario, event_type, criticity, id_agentmodule, id_alert_am, critical_instructions, warning_instructions, unknown_instructions, source, tags, custom_data, server_id, id_extra, data, module_status) VALUES (%d, %d, "%s", NOW(), %d, UNIX_TIMESTAMP(NOW()), "%s", "%s", %d, %d, %d, "%s", "%s", "%s", "%s", "%s", "%s", %d, "%s", %d, %d)', $id_agent, $id_group, $event, $status, $id_user, $event_type, $priority, $id_agent_module, $id_aam, $critical_instructions, $warning_instructions, $unknown_instructions, $source, $tags, $custom_data, $server_id, $id_extra, $data, $module_status ); break; case 'postgresql': $sql = sprintf( ' INSERT INTO '.$table_events.' (id_agente, id_grupo, evento, timestamp, estado, utimestamp, id_usuario, event_type, criticity, id_agentmodule, id_alert_am, critical_instructions, warning_instructions, unknown_instructions, source, tags, custom_data, server_id, id_extra, data, module_status) VALUES (%d, %d, "%s", NOW(), %d, ceil(date_part(\'epoch\', CURRENT_TIMESTAMP)), "%s", "%s", %d, %d, %d, "%s", "%s", "%s", "%s", "%s", "%s", %d, "%s", %d, %d)', $id_agent, $id_group, $event, $status, $id_user, $event_type, $priority, $id_agent_module, $id_aam, $critical_instructions, $warning_instructions, $unknown_instructions, $source, $tags, $custom_data, $server_id, $id_extra, $data, $module_status ); break; case 'oracle': $sql = sprintf( ' INSERT INTO '.$table_events.' (id_agente, id_grupo, evento, timestamp, estado, utimestamp, id_usuario, event_type, criticity, id_agentmodule, id_alert_am, critical_instructions, warning_instructions, unknown_instructions, source, tags, custom_data, server_id, id_extra, data, module_status) VALUES (%d, %d, "%s", CURRENT_TIMESTAMP, %d, UNIX_TIMESTAMP, "%s", "%s", %d, %d, %d, "%s", "%s", "%s", "%s", "%s", "%s", %d, "%s", %d, %d)', $id_agent, $id_group, $event, $status, $id_user, $event_type, $priority, $id_agent_module, $id_aam, $critical_instructions, $warning_instructions, $unknown_instructions, $source, $tags, $custom_data, $server_id, $id_extra, $data, $module_status ); break; } } else { switch ($config['dbtype']) { case 'mysql': $sql = sprintf( ' INSERT INTO '.$table_events.' (id_agente, id_grupo, evento, timestamp, estado, utimestamp, id_usuario, event_type, criticity, id_agentmodule, id_alert_am, critical_instructions, warning_instructions, unknown_instructions, source, tags, custom_data, id_extra, data, module_status) VALUES (%d, %d, "%s", NOW(), %d, UNIX_TIMESTAMP(NOW()), "%s", "%s", %d, %d, %d, "%s", "%s", "%s", "%s", "%s", "%s", "%s", %d, %d)', $id_agent, $id_group, $event, $status, $id_user, $event_type, $priority, $id_agent_module, $id_aam, $critical_instructions, $warning_instructions, $unknown_instructions, $source, $tags, $custom_data, $id_extra, $data, $module_status ); break; case 'postgresql': $sql = sprintf( ' INSERT INTO '.$table_events.' (id_agente, id_grupo, evento, timestamp, estado, utimestamp, id_usuario, event_type, criticity, id_agentmodule, id_alert_am, critical_instructions, warning_instructions, unknown_instructions, source, tags, custom_data, id_extra, data, module_status) VALUES (%d, %d, "%s", NOW(), %d, ceil(date_part(\'epoch\', CURRENT_TIMESTAMP)), "%s", "%s", %d, %d, %d, "%s", "%s", "%s", "%s", "%s", "%s", "%s", %d, %d)', $id_agent, $id_group, $event, $status, $id_user, $event_type, $priority, $id_agent_module, $id_aam, $critical_instructions, $warning_instructions, $unknown_instructions, $source, $tags, $custom_data, $id_extra, $data, $module_status ); break; case 'oracle': $sql = sprintf( ' INSERT INTO '.$table_events." (id_agente, id_grupo, evento, timestamp, estado, utimestamp, id_usuario, event_type, criticity, id_agentmodule, id_alert_am, critical_instructions, warning_instructions, unknown_instructions, source, tags, custom_data, id_extra, data, module_status) VALUES (%d, %d, '%s', CURRENT_TIMESTAMP, %d, UNIX_TIMESTAMP, '%s', '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d)", $id_agent, $id_group, $event, $status, $id_user, $event_type, $priority, $id_agent_module, $id_aam, $critical_instructions, $warning_instructions, $unknown_instructions, $source, $tags, $custom_data, $id_extra, $data, $module_status ); break; } } return (int) db_process_sql($sql, 'insert_id'); } /** * Prints a small event table * * @param string $filter SQL WHERE clause * @param integer $limit How many events to show * @param integer $width How wide the table should be * @param boolean $return Prints out HTML if false * @param int agent id if is the table of one agent. 0 otherwise * * @return string HTML with table element */ function events_print_event_table($filter='', $limit=10, $width=440, $return=false, $agent_id=0, $tactical_view=false) { global $config; if ($agent_id == 0) { $agent_condition = ''; } else { $agent_condition = " id_agente = $agent_id AND "; } if ($filter == '') { $filter = '1 = 1'; } $secondary_join = 'LEFT JOIN tagent_secondary_group tasg ON tevento.id_agente = tasg.id_agent'; $sql = sprintf( 'SELECT DISTINCT tevento.* FROM tevento %s WHERE %s %s ORDER BY utimestamp DESC LIMIT %d', $secondary_join, $agent_condition, $filter, $limit ); $result = db_get_all_rows_sql($sql); if ($result === false) { if ($return) { $returned = ui_print_info_message(__('No events'), '', true); return $returned; } else { echo ui_print_info_message(__('No events')); } } else { $table = new stdClass(); $table->id = 'latest_events_table'; $table->cellpadding = 0; $table->cellspacing = 0; $table->width = $width; $table->class = 'databox data'; if (!$tactical_view) { $table->title = __('Latest events'); } $table->titleclass = 'tabletitle'; $table->titlestyle = 'text-transform:uppercase;'; $table->headclass = []; $table->head = []; $table->rowclass = []; $table->cellclass = []; $table->data = []; $table->align = []; $table->style[0] = $table->style[1] = $table->style[2] = 'width:25px;'; if ($agent_id == 0) { $table->style[3] = 'word-break: break-all;'; } $table->style[4] = 'width:120px; word-break: break-all;'; $table->head[0] = "".__('V.').''; $table->align[0] = 'center'; $table->head[1] = "".__('S.').''; $table->align[1] = 'center'; $table->head[2] = __('Type'); $table->headclass[2] = 'datos3 f9'; $table->align[2] = 'center'; $table->head[3] = __('Event name'); if ($agent_id == 0) { $table->head[4] = __('Agent name'); $table->size[4] = '15%'; } $table->head[5] = __('Timestamp'); $table->headclass[5] = 'datos3 f9'; $table->align[5] = 'left'; $table->size[5] = '15%'; $all_groups = []; if ($agent_id != 0) { $all_groups = agents_get_all_groups_agent($agent_id); } foreach ($result as $event) { // Copy all groups of the agent and append the event group $check_events = $all_groups; $check_events[] = $event['id_grupo']; if (! check_acl_one_of_groups($config['id_user'], $check_events, 'ER')) { continue; } $data = []; // Colored box switch ($event['estado']) { case 0: $img = 'images/star.png'; $title = __('New event'); break; case 1: $img = 'images/tick.png'; $title = __('Event validated'); break; case 2: $img = 'images/hourglass.png'; $title = __('Event in process'); break; } $data[0] = html_print_image( $img, true, [ 'class' => 'image_status', 'title' => $title, ] ); switch ($event['criticity']) { default: case EVENT_CRIT_MAINTENANCE: $img = 'images/status_sets/default/severity_maintenance.png'; break; case EVENT_CRIT_INFORMATIONAL: $img = 'images/status_sets/default/severity_informational.png'; break; case EVENT_CRIT_NORMAL: $img = 'images/status_sets/default/severity_normal.png'; break; case EVENT_CRIT_WARNING: $img = 'images/status_sets/default/severity_warning.png'; break; case EVENT_CRIT_CRITICAL: $img = 'images/status_sets/default/severity_critical.png'; break; } $data[1] = html_print_image( $img, true, [ 'class' => 'image_status', 'width' => 12, 'height' => 12, 'title' => get_priority_name($event['criticity']), ] ); // Event type $data[2] = events_print_type_img($event['event_type'], true); // Event text $data[3] = ui_print_string_substr(strip_tags(io_safe_output($event['evento'])), 75, true, '7.5'); if ($agent_id == 0) { if ($event['id_agente'] > 0) { // Agent name // Get class name, for the link color... $myclass = get_priority_class($event['criticity']); $data[4] = "".agents_get_alias($event['id_agente']).''; // for System or SNMP generated alerts } else if ($event['event_type'] == 'system') { $data[4] = __('System'); } else { $data[4] = __('Alert').'SNMP'; } } // Timestamp $data[5] = ui_print_timestamp($event['timestamp'], true, ['style' => 'font-size: 7.5pt; letter-spacing: 0.3pt;']); $class = get_priority_class($event['criticity']); $cell_classes[3] = $cell_classes[4] = $cell_classes[5] = $class; array_push($table->cellclass, $cell_classes); // array_push ($table->rowclass, get_priority_class ($event["criticity"])); array_push($table->data, $data); } $events_table = html_print_table($table, true); $out = '
'; $out .= $events_table; if (!$tactical_view) { if ($agent_id != 0) { $out .= ''; $out .= '
'; $out .= '
'.__('Events -by module-').''.graph_event_module(180, 100, $event['id_agente']).'
'; $out .= '
'; } else { $out .= '
'; $out .= '
'; $out .= '
'.__('Event graph').''.grafico_eventos_total('', 180, 60).'
'; $out .= '
'.__('Event graph by agent').''.grafico_eventos_grupo(180, 60).'
'; $out .= '
'; } } $out .= '
'; unset($table); if ($return) { return $out; } else { echo $out; } } } /** * Prints the event type image * * @param string $type Event type from SQL * @param boolean $return Whether to return or print * @param boolean $only_url Flag to return only url of image, by default false. * * @return string HTML with img */ function events_print_type_img($type, $return=false, $only_url=false) { global $config; $output = ''; $urlImage = ui_get_full_url(false); switch ($type) { case 'alert_recovered': $icon = 'bell.png'; break; case 'alert_manual_validation': $icon = 'ok.png'; break; case 'going_down_critical': case 'going_up_critical': // This is to be backwards compatible $icon = 'module_critical.png'; break; case 'going_up_normal': case 'going_down_normal': // This is to be backwards compatible $icon = 'module_ok.png'; break; case 'going_up_warning': case 'going_down_warning': $icon = 'module_warning.png'; break; case 'going_unknown': $icon = 'module_unknown.png'; break; case 'alert_fired': $icon = 'bell_error.png'; break; case 'system': $icon = 'cog.png'; break; case 'recon_host_detected': $icon = 'recon.png'; break; case 'new_agent': $icon = 'agent.png'; break; case 'configuration_change': $icon = 'config.png'; break; case 'unknown': default: $icon = 'lightning_go.png'; break; } if ($only_url) { $output = $urlImage.'/'.'images/'.$icon; } else { $output .= html_print_image( 'images/'.$icon, true, ['title' => events_print_type_description($type, true)] ); } if ($return) { return $output; } echo $output; } /** * Prints the event type description * * @param string $type Event type from SQL * @param boolean $return Whether to return or print * * @return string HTML with img */ function events_print_type_description($type, $return=false) { $output = ''; switch ($type) { case 'going_unknown': $output .= __('Going to unknown'); break; case 'alert_recovered': $output .= __('Alert recovered'); break; case 'alert_manual_validation': $output .= __('Alert manually validated'); break; case 'going_up_warning': $output .= __('Going from critical to warning'); break; case 'going_down_critical': case 'going_up_critical': // This is to be backwards compatible $output .= __('Going up to critical state'); break; case 'going_up_normal': case 'going_down_normal': // This is to be backwards compatible $output .= __('Going up to normal state'); break; case 'going_down_warning': $output .= __('Going down from normal to warning'); break; case 'alert_fired': $output .= __('Alert fired'); break; case 'system'; $output .= __('SYSTEM'); break; case 'recon_host_detected'; $output .= __('Recon server detected a new host'); break; case 'new_agent'; $output .= __('New agent created'); break; case 'configuration_change'; $output .= __('Configuration change'); break; case 'alert_ceased'; $output .= __('Alert ceased'); break; case 'error'; $output .= __('Error'); break; case 'unknown': default: $output .= __('Unknown type:').': '.$type; break; } if ($return) { return $output; } echo $output; } /** * Get all the events happened in a group during a period of time. * * The returned events will be in the time interval ($date - $period, $date] * * @param mixed $id_group Group id to get events for. * @param integer $period Period of time in seconds to get events. * @param integer $date Beginning date to get events. * * @return array An array with all the events happened. */ function events_get_group_events_steps( $begin, &$result, $id_group, $period, $date, $filter_event_validated=false, $filter_event_critical=false, $filter_event_warning=false, $filter_event_no_validated=false ) { global $config; $id_group = groups_safe_acl($config['id_user'], $id_group, 'ER'); if (empty($id_group)) { // An empty array means the user doesn't have access return false; } $datelimit = ($date - $period); $sql_where = ' AND 1 = 1 '; $criticities = []; if ($filter_event_critical) { $criticities[] = 4; } if ($filter_event_warning) { $criticities[] = 3; } if (!empty($criticities)) { $sql_where .= ' AND criticity IN ('.implode(', ', $criticities).')'; } if ($filter_event_validated) { $sql_where .= ' AND estado = 1 '; } if ($filter_event_no_validated) { $sql_where .= ' AND estado = 0 '; } $sql = sprintf( 'SELECT *, (SELECT t2.nombre FROM tagente t2 WHERE t2.id_agente = t3.id_agente) AS agent_name, (SELECT t2.fullname FROM tusuario t2 WHERE t2.id_user = t3.id_usuario) AS user_name FROM tevento t3 WHERE utimestamp > %d AND utimestamp <= %d AND id_grupo IN (%s) '.$sql_where.' ORDER BY utimestamp ASC', $datelimit, $date, implode(',', $id_group) ); return db_get_all_row_by_steps_sql($begin, $result, $sql); } /** * Get all the events happened in an Agent during a period of time. * * The returned events will be in the time interval ($date - $period, $date] * * @param integer $id_agent Agent id to get events. * @param integer $period Period of time in seconds to get events. * @param integer $date Beginning date to get events. * * @return array An array with all the events happened. */ function events_get_agent( $id_agent, $period, $date=0, $history=false, $show_summary_group=false, $filter_event_severity=false, $filter_event_type=false, $filter_event_status=false, $filter_event_filter_search=false, $id_group=false, $events_group=false, $id_agent_module=false, $events_module=false, $id_server=false ) { global $config; if (!is_numeric($date)) { $date = time_w_fixed_tz($date); } if (empty($date)) { $date = get_system_time(); } if ($events_group) { $id_group = groups_safe_acl($config['id_user'], $id_group, 'ER'); if (empty($id_group)) { // An empty array means the user doesn't have access return false; } } $datelimit = ($date - $period); $sql_where = ''; $severity_all = 0; if (!empty($filter_event_severity)) { foreach ($filter_event_severity as $key => $value) { switch ($value) { case -1: $severity_all = 1; break; case 34: $filter_event_severity[$key] = '3, 4'; break; case 20: $filter_event_severity[$key] = '0, 1, 3, 4, 5, 6'; break; case 21: $filter_event_severity[$key] = '4, 2'; break; default: break; } } if (!$severity_all) { $sql_where .= ' AND criticity IN ('.implode(', ', $filter_event_severity).')'; } } $status_all = 0; if (!empty($filter_event_status)) { foreach ($filter_event_status as $key => $value) { switch ($value) { case -1: $status_all = 1; break; case 3: $filter_event_status[$key] = ('0, 2'); default: break; } } if (!$status_all) { $sql_where .= ' AND estado IN ('.implode(', ', $filter_event_status).')'; } } if (!empty($filter_event_type) && $filter_event_type[0] != 'all') { $sql_where .= ' AND ('; $type = []; foreach ($filter_event_type as $event_type) { if ($event_type != '') { // If normal, warning, could be several (going_up_warning, going_down_warning... too complex // for the user so for him is presented only "warning, critical and normal" if ($event_type == 'warning' || $event_type == 'critical' || $event_type == 'normal') { $type[] = " event_type LIKE '%$event_type%' "; } else if ($event_type == 'not_normal') { $type[] = " (event_type LIKE '%warning%' OR event_type LIKE '%critical%' OR event_type LIKE '%unknown%') "; } else if ($event_type != 'all') { $type[] = " event_type = '".$event_type."'"; } } } $sql_where .= implode(' OR ', $type).')'; } if (!empty($filter_event_filter_search)) { $sql_where .= ' AND (evento LIKE "%'.io_safe_input($filter_event_filter_search).'%"'.' OR id_evento LIKE "%'.io_safe_input($filter_event_filter_search).'%")'; } if ($events_group) { $sql_where .= sprintf( ' AND id_grupo IN (%s) AND utimestamp > %d AND utimestamp <= %d ', implode(',', $id_group), $datelimit, $date ); } else if ($events_module) { $sql_where .= sprintf( ' AND id_agentmodule = %d AND utimestamp > %d AND utimestamp <= %d ', $id_agent_module, $datelimit, $date ); } else { $sql_where .= sprintf( ' AND id_agente = %d AND utimestamp > %d AND utimestamp <= %d ', $id_agent, $datelimit, $date ); } if (is_metaconsole() && $id_server) { $sql_where .= ' AND server_id = '.$id_server; } if ($show_summary_group) { return events_get_events_grouped( $sql_where, 0, 1000, is_metaconsole(), false, false, $history ); } else { return events_get_events_no_grouped( $sql_where, 0, 1000, is_metaconsole(), false, false, $history ); } } /** * Decode a numeric type into type description. * * @param integer $type_id Numeric type. * * @return string Type description. */ function events_get_event_types($type_id) { $diferent_types = get_event_types(); $type_desc = ''; switch ($type_id) { case 'unknown': $type_desc = __('Unknown'); break; case 'critical': $type_desc = __('Monitor Critical'); break; case 'warning': $type_desc = __('Monitor Warning'); break; case 'normal': $type_desc = __('Monitor Normal'); break; case 'alert_fired': $type_desc = __('Alert fired'); break; case 'alert_recovered': $type_desc = __('Alert recovered'); break; case 'alert_ceased': $type_desc = __('Alert ceased'); break; case 'alert_manual_validation': $type_desc = __('Alert manual validation'); break; case 'recon_host_detected': $type_desc = __('Recon host detected'); break; case 'system': $type_desc = __('System'); break; case 'error': $type_desc = __('Error'); break; case 'configuration_change': $type_desc = __('Configuration change'); break; case 'not_normal': $type_desc = __('Not normal'); break; default: if (isset($config['text_char_long'])) { foreach ($diferent_types as $key => $type) { if ($key == $type_id) { $type_desc = ui_print_truncate_text($type, $config['text_char_long'], false, true, false); } } } break; } return $type_desc; } /** * Decode a numeric severity into severity description. * * @param integer $severity_id Numeric severity. * * @return string Severity description. */ function events_get_severity_types($severity_id) { $diferent_types = get_priorities(); $severity_desc = ''; switch ($severity_id) { case EVENT_CRIT_MAINTENANCE: $severity_desc = __('Maintenance'); break; case EVENT_CRIT_INFORMATIONAL: $severity_desc = __('Informational'); break; case EVENT_CRIT_NORMAL: $severity_desc = __('Normal'); break; case EVENT_CRIT_WARNING: $severity_desc = __('Warning'); break; case EVENT_CRIT_CRITICAL: $severity_desc = __('Critical'); break; default: if (isset($config['text_char_long'])) { foreach ($diferent_types as $key => $type) { if ($key == $severity_id) { $severity_desc = ui_print_truncate_text( $type, $config['text_char_long'], false, true, false ); } } } break; } return $severity_desc; } /** * Return all descriptions of event status. * * @return array Status description array. */ function events_get_all_status($report=false) { $fields = []; if (!$report) { $fields[-1] = __('All event'); $fields[0] = __('Only new'); $fields[1] = __('Only validated'); $fields[2] = __('Only in process'); $fields[3] = __('Only not validated'); } else { $fields[-1] = __('All event'); $fields[0] = __('New'); $fields[1] = __('Validated'); $fields[2] = __('In process'); $fields[3] = __('Not Validated'); } return $fields; } /** * Decode a numeric status into status description. * * @param integer $status_id Numeric status. * * @return string Status description. */ function events_get_status($status_id) { switch ($status_id) { case -1: $status_desc = __('All event'); break; case 0: $status_desc = __('Only new'); break; case 1: $status_desc = __('Only validated'); break; case 2: $status_desc = __('Only in process'); break; case 3: $status_desc = __('Only not validated'); break; } return $status_desc; } /** * Checks if a user has permissions to see an event filter. * * @param integer $id_filter Id of the event filter. * * @return boolean True if the user has permissions or false otherwise. */ function events_check_event_filter_group($id_filter) { global $config; $id_group = db_get_value('id_group_filter', 'tevent_filter', 'id_filter', $id_filter); $own_info = get_user_info($config['id_user']); // Get group list that user has access $groups_user = users_get_groups($config['id_user'], 'EW', $own_info['is_admin'], true); // Permissions in any group allow to edit "All group" filters if ($id_group == 0 && !empty($groups_user)) { return true; } $groups_id = []; $has_permission = false; foreach ($groups_user as $key => $groups) { if ($groups['id_grupo'] == $id_group) { return true; } } return false; } /** * Get a event filter. * * @param int Filter id to be fetched. * @param array Extra filter. * @param array Fields to be fetched. * * @return array A event filter matching id and filter or false. */ function events_get_event_filter($id_filter, $filter=false, $fields=false) { if (empty($id_filter)) { return false; } if (! is_array($filter)) { $filter = []; $filter['id_filter'] = (int) $id_filter; } return db_get_row_filter('tevent_filter', $filter, $fields); } /** * Get a event filters in select format. * * @param boolean If event filters are used for manage/view operations (non admin users can see group ALL for manage) # Fix * @return array A event filter matching id and filter or false. */ function events_get_event_filter_select($manage=true) { global $config; $strict_acl = db_get_value('strict_acl', 'tusuario', 'id_user', $config['id_user']); if ($strict_acl) { $user_groups = users_get_strict_mode_groups( $config['id_user'], users_can_manage_group_all() ); } else { $user_groups = users_get_groups( $config['id_user'], 'EW', users_can_manage_group_all(), true ); } if (empty($user_groups)) { return []; } $sql = ' SELECT id_filter, id_name FROM tevent_filter WHERE id_group_filter IN ('.implode(',', array_keys($user_groups)).')'; $event_filters = db_get_all_rows_sql($sql); if ($event_filters === false) { return []; } else { $result = []; foreach ($event_filters as $event_filter) { $result[$event_filter['id_filter']] = $event_filter['id_name']; } } return $result; } // Events pages functions to load modal window with advanced view of an event. // Called from include/ajax/events.php function events_page_responses($event, $childrens_ids=[]) { global $config; // // Responses // $table_responses->cellspacing = 2; $table_responses->cellpadding = 2; $table_responses->id = 'responses_table'; $table_responses->width = '100%'; $table_responses->data = []; $table_responses->head = []; $table_responses->style[0] = 'width:35%; font-weight: bold; text-align: left; height: 23px;'; $table_responses->style[1] = 'text-align: left; height: 23px; text-align: right;'; $table_responses->class = 'alternate rounded_cells'; if (tags_checks_event_acl($config['id_user'], $event['id_grupo'], 'EM', $event['clean_tags'], $childrens_ids)) { // Owner $data = []; $data[0] = __('Change owner'); // Owner change can be done to users that belong to the event group with ER permission $profiles_view_events = db_get_all_rows_filter('tperfil', ['event_view' => '1'], 'id_perfil'); foreach ($profiles_view_events as $k => $v) { $profiles_view_events[$k] = reset($v); } // Juanma (05/05/2014) Fix : Propagate ACL hell! $_user_groups = array_keys(users_get_groups($config['id_user'], 'ER', users_can_manage_group_all())); $strict_user = db_get_value('strict_acl', 'tusuario', 'id_user', $config['id_user']); if ($strict_user) { $user_name = db_get_value('fullname', 'tusuario', 'id_user', $config['id_user']); $users = []; $users[0]['id_user'] = $config['id_user']; $users[0]['fullname'] = $user_name; } else { $users = groups_get_users($_user_groups, ['id_perfil' => $profiles_view_events], true); } foreach ($users as $u) { $owners[$u['id_user']] = $u['fullname']; } if ($event['owner_user'] == '') { $owner_name = __('None'); } else { $owner_name = db_get_value('fullname', 'tusuario', 'id_user', $event['owner_user']); $owners[$event['owner_user']] = $owner_name; } $data[1] = html_print_select($owners, 'id_owner', $event['owner_user'], '', __('None'), -1, true); $data[1] .= html_print_button(__('Update'), 'owner_button', false, 'event_change_owner();', 'class="sub next"', true); $table_responses->data[] = $data; } // Status $data = []; $data[0] = __('Change status'); $status_blocked = false; if (tags_checks_event_acl($config['id_user'], $event['id_grupo'], 'EM', $event['clean_tags'], $childrens_ids)) { // If the user has manager acls, the status can be changed to all possibilities always $status = [ 0 => __('New'), 2 => __('In process'), 1 => __('Validated'), ]; } else { switch ($event['estado']) { case 0: // If the user hasnt manager acls and the event is new. The status can be changed $status = [ 2 => __('In process'), 1 => __('Validated'), ]; break; case 1: // If the user hasnt manager acls and the event is validated. The status cannot be changed $status = [1 => __('Validated')]; $status_blocked = true; break; case 2: // If the user hasnt manager acls and the event is in process. The status only can be changed to validated $status = [1 => __('Validated')]; break; } } // The change status option will be enabled only when is possible change the status $data[1] = html_print_select($status, 'estado', $event['estado'], '', '', 0, true, false, false, '', $status_blocked); if (!$status_blocked) { $data[1] .= html_print_button(__('Update'), 'status_button', false, 'event_change_status(\''.$event['similar_ids'].'\');', 'class="sub next"', true); } $table_responses->data[] = $data; // Comments $data = []; $data[0] = __('Comment'); $data[1] = html_print_button(__('Add comment'), 'comment_button', false, '$(\'#link_comments\').trigger(\'click\');', 'class="sub next"', true); $table_responses->data[] = $data; if (tags_checks_event_acl($config['id_user'], $event['id_grupo'], 'EM', $event['clean_tags'], $childrens_ids)) { // Delete $data = []; $data[0] = __('Delete event'); $data[1] = '
'; $data[1] .= html_print_button(__('Delete event'), 'delete_button', false, 'if(!confirm(\''.__('Are you sure?').'\')) { return false; } this.form.submit();', 'class="sub cancel"', true); $data[1] .= html_print_input_hidden('delete', 1, true); $data[1] .= html_print_input_hidden('validate_ids', $event['id_evento'], true); $data[1] .= '
'; $table_responses->data[] = $data; } // Custom responses $data = []; $data[0] = __('Custom responses'); $id_groups = array_keys(users_get_groups(false, 'EW')); $event_responses = db_get_all_rows_filter( 'tevent_response', ['id_group' => $id_groups] ); if (empty($event_responses)) { $data[1] = ''.__('N/A').''; } else { $responses = []; foreach ($event_responses as $v) { $responses[$v['id']] = $v['name']; } $data[1] = html_print_select( $responses, 'select_custom_response', '', '', '', '', true, false, false ); if (isset($event['server_id'])) { $server_id = $event['server_id']; } else { $server_id = 0; } $data[1] .= html_print_button(__('Execute'), 'custom_response_button', false, 'execute_response('.$event['id_evento'].','.$server_id.')', "class='sub next'", true); } $table_responses->data[] = $data; $responses_js = ""; $responses = '
'.html_print_table($table_responses, true).$responses_js.'
'; return $responses; } // Replace macros in the target of a response and return it // If server_id > 0, is a metaconsole query function events_get_response_target($event_id, $response_id, $server_id, $history=false) { global $config; $event_response = db_get_row('tevent_response', 'id', $response_id); if ($server_id > 0) { $meta = true; } else { $meta = false; } $event_table = events_get_events_table($meta, $history); $event = db_get_row($event_table, 'id_evento', $event_id); $target = io_safe_output($event_response['target']); // Substitute each macro if (strpos($target, '_agent_address_') !== false) { if ($meta) { $agente_table_name = 'tmetaconsole_agent'; $filter = [ 'id_tagente' => $event['id_agente'], 'id_tmetaconsole_setup' => $server_id, ]; } else { $agente_table_name = 'tagente'; $filter = ['id_agente' => $event['id_agente']]; } $ip = db_get_value_filter('direccion', $agente_table_name, $filter); // If agent has not an ip, display N/A if ($ip === false) { $ip = __('N/A'); } $target = str_replace('_agent_address_', $ip, $target); } if (strpos($target, '_agent_id_') !== false) { $target = str_replace('_agent_id_', $event['id_agente'], $target); } if ((strpos($target, '_module_address_') !== false) || (strpos($target, '_module_name_') !== false) ) { if ($event['id_agentmodule'] !== 0) { if ($meta) { $server = metaconsole_get_connection_by_id($server_id); metaconsole_connect($server); } $module = db_get_row('tagente_modulo', 'id_agente_modulo', $event['id_agentmodule']); if (empty($module['ip_target'])) { $module['ip_target'] = __('N/A'); } $target = str_replace('_module_address_', $module['ip_target'], $target); if (empty($module['nombre'])) { $module['nombre'] = __('N/A'); } $target = str_replace( '_module_name_', io_safe_output($module['nombre']), $target ); if ($meta) { metaconsole_restore_db(); } } else { $target = str_replace('_module_address_', __('N/A'), $target); $target = str_replace('_module_name_', __('N/A'), $target); } } if (strpos($target, '_event_id_') !== false) { $target = str_replace('_event_id_', $event['id_evento'], $target); } if (strpos($target, '_user_id_') !== false) { if (!empty($event['id_usuario'])) { $target = str_replace('_user_id_', $event['id_usuario'], $target); } else { $target = str_replace('_user_id_', __('N/A'), $target); } } if (strpos($target, '_group_id_') !== false) { $target = str_replace('_group_id_', $event['id_grupo'], $target); } if (strpos($target, '_group_name_') !== false) { $target = str_replace( '_group_name_', groups_get_name($event['id_grupo'], true), $target ); } if (strpos($target, '_event_utimestamp_') !== false) { $target = str_replace('_event_utimestamp_', $event['utimestamp'], $target); } if (strpos($target, '_event_date_') !== false) { $target = str_replace( '_event_date_', date($config['date_format'], $event['utimestamp']), $target ); } if (strpos($target, '_event_text_') !== false) { $target = str_replace( '_event_text_', events_display_name($event['evento']), $target ); } if (strpos($target, '_event_type_') !== false) { $target = str_replace( '_event_type_', events_print_type_description($event['event_type'], true), $target ); } if (strpos($target, '_alert_id_') !== false) { $target = str_replace( '_alert_id_', empty($event['is_alert_am']) ? __('N/A') : $event['is_alert_am'], $target ); } if (strpos($target, '_event_severity_id_') !== false) { $target = str_replace('_event_severity_id_', $event['criticity'], $target); } if (strpos($target, '_event_severity_text_') !== false) { $target = str_replace( '_event_severity_text_', get_priority_name($event['criticity']), $target ); } if (strpos($target, '_module_id_') !== false) { $target = str_replace('_module_id_', $event['id_agentmodule'], $target); } if (strpos($target, '_event_tags_') !== false) { $target = str_replace('_event_tags_', $event['tags'], $target); } if (strpos($target, '_event_extra_id_') !== false) { if (empty($event['id_extra'])) { $target = str_replace('_event_extra_id_', __('N/A'), $target); } else { $target = str_replace('_event_extra_id_', $event['id_extra'], $target); } } if (strpos($target, '_event_source_') !== false) { $target = str_replace('_event_source_', $event['source'], $target); } if (strpos($target, '_event_instruction_') !== false) { $target = str_replace( '_event_instruction_', events_display_instructions($event['event_type'], $event, false), $target ); } if (strpos($target, '_owner_user_') !== false) { if (empty($event['owner_user'])) { $target = str_replace('_owner_user_', __('N/A'), $target); } else { $target = str_replace('_owner_user_', $event['owner_user'], $target); } } if (strpos($target, '_event_status_') !== false) { $event_st = events_display_status($event['estado']); $target = str_replace('_event_status_', $event_st['title'], $target); } if (strpos($target, '_group_custom_id_') !== false) { $group_custom_id = db_get_value($dbh, 'SELECT custom_id FROM tgrupo WHERE id_grupo=?', $event['id_grupo']); $event_st = events_display_status($event['estado']); $target = str_replace('_group_custom_id_', $group_custom_id, $target); } // Parse the event custom data if (!empty($event['custom_data'])) { $custom_data = json_decode(base64_decode($event['custom_data'])); foreach ($custom_data as $key => $value) { $target = str_replace('_customdata_'.$key.'_', $value, $target); } } return $target; } function events_page_custom_fields($event) { global $config; // // Custom fields // $table->cellspacing = 2; $table->cellpadding = 2; $table->width = '100%'; $table->data = []; $table->head = []; $table->style[0] = 'width:35%; font-weight: bold; text-align: left; height: 23px;'; $table->style[1] = 'text-align: left; height: 23px;'; $table->class = 'alternate rounded_cells'; $all_customs_fields = (bool) check_acl( $config['id_user'], $event['id_grupo'], 'AW' ); if ($all_customs_fields) { $fields = db_get_all_rows_filter('tagent_custom_fields'); } else { $fields = db_get_all_rows_filter( 'tagent_custom_fields', ['display_on_front' => 1] ); } if ($event['id_agente'] == 0) { $fields_data = []; } else { $fields_data = db_get_all_rows_filter('tagent_custom_data', ['id_agent' => $event['id_agente']]); if (is_array($fields_data)) { $fields_data_aux = []; foreach ($fields_data as $fd) { $fields_data_aux[$fd['id_field']] = $fd['description']; } $fields_data = $fields_data_aux; } } foreach ($fields as $field) { // Owner $data = []; $data[0] = $field['name']; if (empty($fields_data[$field['id_field']])) { $data[1] = ''.__('N/A').''; } else { if ($field['is_password_type']) { $data[1] = '••••••••'; } else { $data[1] = ui_bbcode_to_html($fields_data[$field['id_field']]); } } $field['id_field']; $table->data[] = $data; } $custom_fields = '
'.html_print_table($table, true).'
'; return $custom_fields; } function events_page_details($event, $server='') { global $img_sev; global $config; // If server is provided, get the hash parameters if (!empty($server) && defined('METACONSOLE')) { $hashdata = metaconsole_get_server_hashdata($server); $hashstring = '&'.'loginhash=auto&'.'loginhash_data='.$hashdata.'&'.'loginhash_user='.str_rot13($config['id_user']); $serverstring = $server['server_url'].'/'; if (metaconsole_connect($server) !== NOERR) { return ui_print_error_message(__('There was an error connecting to the node'), '', true); } } else { $hashstring = ''; $serverstring = ''; } // // Details // $table_details->width = '100%'; $table_details->data = []; $table_details->head = []; $table_details->cellspacing = 2; $table_details->cellpadding = 2; $table_details->style[0] = 'width:35%; font-weight: bold; text-align: left; height: 23px;'; $table_details->style[1] = 'text-align: left; height: 23px;'; $table_details->class = 'alternate rounded_cells'; switch ($event['event_type']) { case 'going_unknown': case 'going_up_warning': case 'going_down_warning': case 'going_up_critical': case 'going_down_critical': break; } if ($event['id_agente'] != 0) { $agent = db_get_row('tagente', 'id_agente', $event['id_agente']); } else { $agent = []; } $data = []; $data[0] = __('Agent details'); $data[1] = empty($agent) ? ''.__('N/A').'' : ''; $table_details->data[] = $data; if (!empty($agent)) { $data = []; $data[0] = '
'; if (can_user_access_node()) { $data[1] = ui_print_agent_name($event['id_agente'], true, 'agent_medium', '', false, $serverstring, $hashstring, $agent['alias']); } else { $data[1] = ui_print_truncate_text($agent['alias'], 'agent_medium', true, true, true); } $table_details->data[] = $data; $data = []; $data[0] = '
'.__('IP Address').'
'; $data[1] = empty($agent['direccion']) ? ''.__('N/A').'' : $agent['direccion']; $table_details->data[] = $data; $data = []; $data[0] = '
'; $data[1] = ui_print_os_icon($agent['id_os'], true, true); if (!empty($agent['os_version'])) { $data[1] .= ' ('.$agent['os_version'].')'; } $table_details->data[] = $data; $data = []; $data[0] = '
'.__('Last contact').'
'; $data[1] = $agent['ultimo_contacto'] == '1970-01-01 00:00:00' ? ''.__('N/A').'' : date_w_fixed_tz($agent['ultimo_contacto']); $table_details->data[] = $data; $data = []; $data[0] = '
'.__('Last remote contact').'
'; $data[1] = $agent['ultimo_contacto_remoto'] == '1970-01-01 00:00:00' ? ''.__('N/A').'' : date_w_fixed_tz($agent['ultimo_contacto_remoto']); $table_details->data[] = $data; $data = []; $data[0] = '
'.__('Custom fields').'
'; $data[1] = html_print_button(__('View custom fields'), 'custom_button', false, '$(\'#link_custom_fields\').trigger(\'click\');', 'class="sub next"', true); $table_details->data[] = $data; } if ($event['id_agentmodule'] != 0) { $module = db_get_row_filter('tagente_modulo', ['id_agente_modulo' => $event['id_agentmodule'], 'delete_pending' => 0]); } else { $module = []; } $data = []; $data[0] = __('Module details'); $data[1] = empty($module) ? ''.__('N/A').'' : ''; $table_details->data[] = $data; if (!empty($module)) { // Module name $data = []; $data[0] = '
'; $data[1] = $module['nombre']; $table_details->data[] = $data; // Module group $data = []; $data[0] = '
'.__('Module group').'
'; $id_module_group = $module['id_module_group']; if ($id_module_group == 0) { $data[1] = __('No assigned'); } else { $module_group = db_get_value('name', 'tmodule_group', 'id_mg', $id_module_group); $data[1] = ''; $data[1] .= $module_group; $data[1] .= ''; } $table_details->data[] = $data; // ACL $acl_graph = false; $strict_user = (bool) db_get_value('strict_acl', 'tusuario', 'id_user', $config['id_user']); if (!empty($agent['id_grupo'])) { $acl_graph = check_acl($config['id_user'], $agent['id_grupo'], 'RR'); } if ($acl_graph) { $data = []; $data[0] = '
'; $module_type = -1; if (isset($module['module_type'])) { $module_type = $module['module_type']; } $graph_type = return_graphtype($module_type); $url = ui_get_full_url('operation/agentes/stat_win.php', false, false, false); $handle = dechex(crc32($module['id_agente_modulo'].$module['nombre'])); $win_handle = "day_$handle"; $graph_params = [ 'type' => $graph_type, 'period' => SECONDS_1DAY, 'id' => $module['id_agente_modulo'], 'label' => base64_encode($module['nombre']), 'refresh' => SECONDS_10MINUTES, ]; if (defined('METACONSOLE')) { // Set the server id $graph_params['server'] = $server['id']; } $graph_params_str = http_build_query($graph_params); $link = "winopeng('$url?$graph_params_str','$win_handle')"; $data[1] = ''; $data[1] .= html_print_image('images/chart_curve.png', true); $data[1] .= ''; $table_details->data[] = $data; } } $data = []; $data[0] = __('Alert details'); $data[1] = $event['id_alert_am'] == 0 ? ''.__('N/A').'' : ''; $table_details->data[] = $data; if ($event['id_alert_am'] != 0) { $data = []; $data[0] = '
'; $data[1] = ''; $standby = db_get_value('standby', 'talert_template_modules', 'id', $event['id_alert_am']); if (!$standby) { $data[1] .= html_print_image( 'images/bell.png', true, ['title' => __('Go to data overview')] ); } else { $data[1] .= html_print_image( 'images/bell_pause.png', true, ['title' => __('Go to data overview')] ); } $sql = 'SELECT name FROM talert_templates WHERE id IN (SELECT id_alert_template FROM talert_template_modules WHERE id = '.$event['id_alert_am'].');'; $templateName = db_get_sql($sql); $data[1] .= $templateName; $data[1] .= ''; $table_details->data[] = $data; $data = []; $data[0] = '
'; $priority_code = db_get_value('priority', 'talert_template_modules', 'id', $event['id_alert_am']); $alert_priority = get_priority_name($priority_code); $data[1] = html_print_image( $img_sev, true, [ 'class' => 'image_status', 'width' => 12, 'height' => 12, 'title' => $alert_priority, ] ); $data[1] .= ' '.$alert_priority; $table_details->data[] = $data; } $data = []; $data[0] = __('Instructions'); $data[1] = events_display_instructions($event['event_type'], $event, true); $table_details->data[] = $data; $data = []; $data[0] = __('Extra id'); if ($event['id_extra'] != '') { $data[1] = $event['id_extra']; } else { $data[1] = ''.__('N/A').''; } $table_details->data[] = $data; $data = []; $data[0] = __('Source'); if ($event['source'] != '') { $data[1] = $event['source']; } else { $data[1] = ''.__('N/A').''; } $table_details->data[] = $data; $details = '
'.html_print_table($table_details, true).'
'; if (!empty($server) && defined('METACONSOLE')) { metaconsole_restore_db(); } return $details; } function events_page_custom_data($event) { global $config; // // Custom data // if ($event['custom_data'] == '') { return ''; } $table->width = '100%'; $table->data = []; $table->head = []; $table->style[0] = 'width:35%; font-weight: bold; text-align: left;'; $table->style[1] = 'text-align: left;'; $table->class = 'alternate rounded_cells'; $json_custom_data = base64_decode($event['custom_data']); $custom_data = json_decode($json_custom_data); if ($custom_data === null) { return '
'.__('Invalid custom data: %s', $json_custom_data).'
'; } $i = 0; foreach ($custom_data as $field => $value) { $table->data[$i][0] = io_safe_output($field); $table->data[$i][1] = io_safe_output($value); $i++; } $custom_data = '
'.html_print_table($table, true).'
'; return $custom_data; } // Get the event name from tevento and display it in console function events_display_name($db_name='') { return io_safe_output(str_replace(' ', '
', $db_name)); } // Get the image and status value of event function events_display_status($status) { switch ($status) { case 0: return [ 'img' => 'images/star.png', 'title' => __('New event'), ]; case 1: return [ 'img' => 'images/tick.png', 'title' => __('Event validated'), ]; case 2: return [ 'img' => 'images/hourglass.png', 'title' => __('Event in process'), ]; } } // Get the instruction of an event // $event_type: Type of event // $inst: Array with unknown warning and critical instructions // $italic: Display N/A between italic html marks if instruction is not found function events_display_instructions($event_type='', $inst, $italic=true) { switch ($event_type) { case 'going_unknown': if ($inst['unknown_instructions'] != '') { return str_replace("\n", '
', io_safe_output($inst['unknown_instructions'])); } break; case 'going_up_warning': case 'going_down_warning': if ($inst['warning_instructions'] != '') { return str_replace("\n", '
', io_safe_output($inst['warning_instructions'])); } break; case 'going_up_critical': case 'going_down_critical': if ($inst['critical_instructions'] != '') { return str_replace("\n", '
', io_safe_output($inst['critical_instructions'])); } break; case 'system': $data = []; if ($inst['critical_instructions'] != '') { return str_replace("\n", '
', io_safe_output($inst['critical_instructions'])); } if ($inst['warning_instructions'] != '') { return str_replace("\n", '
', io_safe_output($inst['warning_instructions'])); } if ($inst['unknown_instructions'] != '') { return str_replace("\n", '
', io_safe_output($inst['unknown_instructions'])); } break; } $na_return = $italic ? ''.__('N/A').'' : __('N/A'); return $na_return; } function events_page_general($event) { global $img_sev; global $config; // $group_rep = $event['similar_ids'] == -1 ? 1 : count(explode(',',$event['similar_ids'])); global $group_rep; // // General // $table_general->cellspacing = 2; $table_general->cellpadding = 2; $table_general->width = '100%'; $table_general->data = []; $table_general->head = []; $table_general->style[0] = 'width:35%; font-weight: bold; text-align: left; height: 23px;'; $table_general->style[1] = 'text-align: left; height: 23px;'; $table_general->class = 'alternate rounded_cells'; $data = []; $data[0] = __('Event ID'); $data[1] = '#'.$event['id_evento']; $table_general->data[] = $data; $data = []; $data[0] = __('Event name'); $data[1] = events_display_name($event['evento']); $table_general->data[] = $data; $data = []; $data[0] = __('Timestamp'); if ($group_rep == 1 && $event['event_rep'] > 1) { $data[1] = __('First event').': '.date($config['date_format'], $event['timestamp_first']).'
'.__('Last event').': '.date($config['date_format'], $event['timestamp_last']); } else { $data[1] = date($config['date_format'], $event['utimestamp']); } $table_general->data[] = $data; $event['owner_user'] = $event['id_usuario']; $data = []; $data[0] = __('Owner'); if (empty($event['owner_user'])) { $data[1] = ''.__('N/A').''; } else { $user_owner = db_get_value('fullname', 'tusuario', 'id_user', $event['owner_user']); if (empty($user_owner)) { $user_owner = $event['owner_user']; } $data[1] = $user_owner; } $table_general->data[] = $data; $data = []; $data[0] = __('Type'); $data[1] = events_print_type_img($event['event_type'], true).' '.events_print_type_description($event['event_type'], true); $table_general->data[] = $data; $data = []; $data[0] = __('Repeated'); if ($group_rep != 0) { if ($event['event_rep'] <= 1) { $data[1] = ''.__('No').''; } else { $data[1] = sprintf('%d Times', $event['event_rep']); } } else { $data[1] = ''.__('No').''; } $table_general->data[] = $data; $data = []; $data[0] = __('Severity'); $event_criticity = get_priority_name($event['criticity']); $data[1] = html_print_image( $img_sev, true, [ 'class' => 'image_status', 'width' => 12, 'height' => 12, 'title' => $event_criticity, ] ); $data[1] .= ' '.$event_criticity; $table_general->data[] = $data; // Get Status $event_st = events_display_status($event['estado']); $data = []; $data[0] = __('Status'); $data[1] = html_print_image($event_st['img'], true).' '.$event_st['title']; $table_general->data[] = $data; // If event is validated, show who and when acknowleded it $data = []; $data[0] = __('Acknowledged by'); if ($event['estado'] == 1) { $user_ack = db_get_value('fullname', 'tusuario', 'id_user', $event['id_usuario']); if (empty($user_ack)) { $user_ack = $event['id_usuario']; } $date_ack = date($config['date_format'], $event['ack_utimestamp']); $data[1] = $user_ack.' ('.$date_ack.')'; } else { $data[1] = ''.__('N/A').''; } $table_general->data[] = $data; $data = []; $data[0] = __('Group'); $data[1] = ''; if (!$config['show_group_name']) { $data[1] = ui_print_group_icon($event['id_grupo'], true); } $data[1] .= groups_get_name($event['id_grupo']); $table_general->data[] = $data; $data = []; $data[0] = __('Tags'); if ($event['tags'] != '') { $tags = tags_get_tags_formatted($event['tags']); $data[1] = $tags; } else { $data[1] = ''.__('N/A').''; } $table_general->data[] = $data; $data = []; $data[0] = __('ID extra'); if ($event['id_extra'] != '') { $data[1] = $event['id_extra']; } else { $data[1] = ''.__('N/A').''; } $table_general->data[] = $data; $general = '
'.html_print_table($table_general, true).'
'; return $general; } function events_page_comments($event, $childrens_ids=[]) { // // Comments // global $config; $table_comments->width = '100%'; $table_comments->data = []; $table_comments->head = []; $table_comments->style[0] = 'width:35%; vertical-align: top; text-align: left;'; $table_comments->style[1] = 'text-align: left;'; $table_comments->class = 'alternate rounded_cells'; $event_comments = $event['user_comment']; $event_comments = str_replace(["\n", ' '], '
', $event_comments); // If comments are not stored in json, the format is old $event_comments_array = json_decode($event_comments, true); // Show the comments more recent first $event_comments_array = array_reverse($event_comments_array); if (is_null($event_comments_array)) { $comments_format = 'old'; } else { $comments_format = 'new'; } switch ($comments_format) { case 'new': if (empty($event_comments_array)) { $table_comments->style[0] = 'text-align:center;'; $table_comments->colspan[0][0] = 2; $data = []; $data[0] = __('There are no comments'); $table_comments->data[] = $data; } foreach ($event_comments_array as $c) { $data[0] = ''.$c['action'].' by '.$c['id_user'].''; $data[0] .= '

'.date($config['date_format'], $c['utimestamp']).''; $data[1] = $c['comment']; $table_comments->data[] = $data; } break; case 'old': $comments_array = explode('
', $event_comments); // Split comments and put in table $col = 0; $data = []; foreach ($comments_array as $c) { switch ($col) { case 0: $row_text = preg_replace('/\s*--\s*/', '', $c); $row_text = preg_replace('/\<\/b\>/', '', $row_text); $row_text = preg_replace('/\[/', '

[', $row_text); $row_text = preg_replace('/[\[|\]]/', '', $row_text); break; case 1: $row_text = preg_replace("/[\r\n|\r|\n]/", '
', io_safe_output(strip_tags($c))); break; } $data[$col] = $row_text; $col++; if ($col == 2) { $col = 0; $table_comments->data[] = $data; $data = []; } } if (count($comments_array) == 1 && $comments_array[0] == '') { $table_comments->style[0] = 'text-align:center;'; $table_comments->colspan[0][0] = 2; $data = []; $data[0] = __('There are no comments'); $table_comments->data[] = $data; } break; } if (((tags_checks_event_acl($config['id_user'], $event['id_grupo'], 'EM', $event['clean_tags'], $childrens_ids)) || (tags_checks_event_acl($config['id_user'], $event['id_grupo'], 'EW', $event['clean_tags'], $childrens_ids))) && $config['show_events_in_local'] == false || $config['event_replication'] == false) { $comments_form = '
'.html_print_textarea('comment', 3, 10, '', 'style="min-height: 15px; width: 100%; disabled"', true); $comments_form .= '
'.html_print_button(__('Add comment'), 'comment_button', false, 'event_comment();', 'class="sub next"', true).'

'; } else { $comments_form = ui_print_message(__('If event replication is ongoing, it won\'t be possible to enter comments here. This option is only to allow local pandora users to see comments, but not to operate with them. The operation, when event replication is enabled, must be done only in the Metaconsole.')); } $comments = '
'.$comments_form.html_print_table($table_comments, true).'
'; return $comments; } function events_clean_tags($tags) { if (empty($tags)) { return []; } $event_tags = tags_get_tags_formatted($tags, false); return explode(',', str_replace(' ', '', $event_tags)); } /** * Get all the events happened in a group during a period of time. * * The returned events will be in the time interval ($date - $period, $date] * * @param mixed $id_group Group id to get events for. * @param integer $period Period of time in seconds to get events. * @param integer $date Beginning date to get events. * * @return array An array with all the events happened. */ function events_get_count_events_by_agent( $id_group, $period, $date, $filter_event_severity=false, $filter_event_type=false, $filter_event_status=false, $filter_event_filter_search=false, $dbmeta=false ) { global $config; // date if (!is_numeric($date)) { $date = time_w_fixed_tz($date); } if (empty($date)) { $date = get_system_time(); } // group $id_group = groups_safe_acl($config['id_user'], $id_group, 'AR'); if (empty($id_group)) { // An empty array means the user doesn't have access return false; } $datelimit = ($date - $period); $sql_where = ''; $severity_all = 0; if (!empty($filter_event_severity)) { foreach ($filter_event_severity as $key => $value) { switch ($value) { case -1: $severity_all = 1; break; case 34: $filter_event_severity[$key] = '3, 4'; break; case 20: $filter_event_severity[$key] = '0, 1, 3, 4, 5, 6'; break; case 21: $filter_event_severity[$key] = '4, 2'; break; default: break; } } if (!$severity_all) { $sql_where .= ' AND criticity IN ('.implode(', ', $filter_event_severity).')'; } } $status_all = 0; if (!empty($filter_event_status)) { foreach ($filter_event_status as $key => $value) { switch ($value) { case -1: $status_all = 1; break; case 3: $filter_event_status[$key] = ('0, 2'); default: break; } } if (!$status_all) { $sql_where .= ' AND estado IN ('.implode(', ', $filter_event_status).')'; } } if (!empty($filter_event_type) && $filter_event_type[0] != 'all') { $sql_where .= ' AND ('; $type = []; foreach ($filter_event_type as $event_type) { if ($event_type != '') { // If normal, warning, could be several (going_up_warning, going_down_warning... too complex // for the user so for him is presented only "warning, critical and normal" if ($event_type == 'warning' || $event_type == 'critical' || $event_type == 'normal') { $type[] = " event_type LIKE '%$event_type%' "; } else if ($event_type == 'not_normal') { $type[] = " (event_type LIKE '%warning%' OR event_type LIKE '%critical%' OR event_type LIKE '%unknown%') "; } else if ($event_type != 'all') { $type[] = " event_type = '".$event_type."'"; } } } $sql_where .= implode(' OR ', $type).')'; } if (!empty($filter_event_filter_search)) { $sql_where .= ' AND (evento LIKE "%'.io_safe_input($filter_event_filter_search).'%"'.' OR id_evento LIKE "%'.io_safe_input($filter_event_filter_search).'%")'; } $tagente = 'tagente'; $tevento = 'tevento'; if ($dbmeta) { $tagente = 'tmetaconsole_agent'; $tevento = 'tmetaconsole_event'; } $sql = sprintf( 'SELECT id_agente, (SELECT t2.alias FROM %s t2 WHERE t2.id_agente = t3.id_agente) AS agent_name, COUNT(*) AS count FROM %s t3 WHERE utimestamp > %d AND utimestamp <= %d AND id_grupo IN (%s) %s GROUP BY id_agente', $tagente, $tevento, $datelimit, $date, implode(',', $id_group), $sql_where ); $rows = db_get_all_rows_sql($sql); if ($rows == false) { $rows = []; } $return = []; foreach ($rows as $row) { $agent_name = $row['agent_name']; if (empty($row['agent_name'])) { $agent_name = __('Pandora System'); } $return[$agent_name] = $row['count']; } return $return; } /** * Get all the events happened in a group during a period of time. * * The returned events will be in the time interval ($date - $period, $date] * * @param mixed $id_group Group id to get events for. * @param integer $period Period of time in seconds to get events. * @param integer $date Beginning date to get events. * * @return array An array with all the events happened. */ function events_get_count_events_validated_by_user( $filter, $period, $date, $filter_event_severity=false, $filter_event_type=false, $filter_event_status=false, $filter_event_filter_search=false, $dbmeta=false ) { global $config; // group $sql_filter = ' AND 1=1 '; if (isset($filter['id_group'])) { $id_group = groups_safe_acl($config['id_user'], $filter['id_group'], 'AR'); if (empty($id_group)) { // An empty array means the user doesn't have access return false; } $sql_filter .= sprintf(' AND id_grupo IN (%s) ', implode(',', $id_group)); } if (!empty($filter['id_agent'])) { $sql_filter .= sprintf(' AND id_agente = %d ', $filter['id_agent']); } if (!empty($filter['id_agentmodule'])) { $sql_filter .= sprintf(' AND id_agentmodule = %d ', $filter['id_agentmodule']); } // date if (!is_numeric($date)) { $date = time_w_fixed_tz($date); } if (empty($date)) { $date = get_system_time(); } $datelimit = ($date - $period); $sql_where = ''; $severity_all = 0; if (!empty($filter_event_severity)) { foreach ($filter_event_severity as $key => $value) { switch ($value) { case -1: $severity_all = 1; break; case 34: $filter_event_severity[$key] = '3, 4'; break; case 20: $filter_event_severity[$key] = '0, 1, 3, 4, 5, 6'; break; case 21: $filter_event_severity[$key] = '4, 2'; break; default: break; } } if (!$severity_all) { $sql_where .= ' AND criticity IN ('.implode(', ', $filter_event_severity).')'; } } $status_all = 0; if (!empty($filter_event_status)) { foreach ($filter_event_status as $key => $value) { switch ($value) { case -1: $status_all = 1; break; case 3: $filter_event_status[$key] = ('0, 2'); default: break; } } if (!$status_all) { $sql_where .= ' AND estado IN ('.implode(', ', $filter_event_status).')'; } } if (!empty($filter_event_type) && $filter_event_type[0] != 'all') { $sql_where .= ' AND ('; $type = []; foreach ($filter_event_type as $event_type) { if ($event_type != '') { // If normal, warning, could be several (going_up_warning, going_down_warning... too complex // for the user so for him is presented only "warning, critical and normal" if ($event_type == 'warning' || $event_type == 'critical' || $event_type == 'normal') { $type[] = " event_type LIKE '%$event_type%' "; } else if ($event_type == 'not_normal') { $type[] = " (event_type LIKE '%warning%' OR event_type LIKE '%critical%' OR event_type LIKE '%unknown%') "; } else if ($event_type != 'all') { $type[] = " event_type = '".$event_type."'"; } } } $sql_where .= implode(' OR ', $type).')'; } if (!empty($filter_event_filter_search)) { $sql_where .= ' AND (evento LIKE "%'.io_safe_input($filter_event_filter_search).'%"'.' OR id_evento LIKE "%'.io_safe_input($filter_event_filter_search).'%")'; } $tevento = 'tevento'; if ($dbmeta) { $tevento = 'tmetaconsole_event'; } $sql = sprintf( 'SELECT id_usuario, (SELECT t2.fullname FROM tusuario t2 WHERE t2.id_user = t3.id_usuario) AS user_name, COUNT(*) AS count FROM %s t3 WHERE utimestamp > %d AND utimestamp <= %d %s %s GROUP BY id_usuario', $tevento, $datelimit, $date, $sql_filter, $sql_where ); $rows = db_get_all_rows_sql($sql); if ($rows == false) { $rows = []; } $return = []; foreach ($rows as $row) { $user_name = $row['user_name']; if (empty($row['user_name'])) { $user_name = __('Unknown'); } $return[$user_name] = $row['count']; } return $return; } /** * Get all the events happened in a group during a period of time. * * The returned events will be in the time interval ($date - $period, $date] * * @param mixed $id_group Group id to get events for. * @param integer $period Period of time in seconds to get events. * @param integer $date Beginning date to get events. * * @return array An array with all the events happened. */ function events_get_count_events_by_criticity( $filter, $period, $date, $filter_event_severity=false, $filter_event_type=false, $filter_event_status=false, $filter_event_filter_search=false, $dbmeta=false ) { global $config; $sql_filter = ' AND 1=1 '; if (isset($filter['id_group'])) { $id_group = groups_safe_acl($config['id_user'], $filter['id_group'], 'AR'); if (empty($id_group)) { // An empty array means the user doesn't have access return false; } $sql_filter .= sprintf(' AND id_grupo IN (%s) ', implode(',', $id_group)); } if (!empty($filter['id_agent'])) { $sql_filter .= sprintf(' AND id_agente = %d ', $filter['id_agent']); } if (!empty($filter['id_agentmodule'])) { $sql_filter .= sprintf(' AND id_agentmodule = %d ', $filter['id_agentmodule']); } if (!is_numeric($date)) { $date = time_w_fixed_tz($date); } if (empty($date)) { $date = get_system_time(); } $datelimit = ($date - $period); $sql_where = ''; $severity_all = 0; if (!empty($filter_event_severity)) { foreach ($filter_event_severity as $key => $value) { switch ($value) { case -1: $severity_all = 1; break; case 34: $filter_event_severity[$key] = '3, 4'; break; case 20: $filter_event_severity[$key] = '0, 1, 3, 4, 5, 6'; break; case 21: $filter_event_severity[$key] = '4, 2'; break; default: break; } } if (!$severity_all) { $sql_where .= ' AND criticity IN ('.implode(', ', $filter_event_severity).')'; } } $status_all = 0; if (!empty($filter_event_status)) { foreach ($filter_event_status as $key => $value) { switch ($value) { case -1: $status_all = 1; break; case 3: $filter_event_status[$key] = ('0, 2'); default: break; } } if (!$status_all) { $sql_where .= ' AND estado IN ('.implode(', ', $filter_event_status).')'; } } if (!empty($filter_event_type) && $filter_event_type[0] != 'all') { $sql_where .= ' AND ('; $type = []; foreach ($filter_event_type as $event_type) { if ($event_type != '') { // If normal, warning, could be several (going_up_warning, going_down_warning... too complex // for the user so for him is presented only "warning, critical and normal" if ($event_type == 'warning' || $event_type == 'critical' || $event_type == 'normal') { $type[] = " event_type LIKE '%$event_type%' "; } else if ($event_type == 'not_normal') { $type[] = " (event_type LIKE '%warning%' OR event_type LIKE '%critical%' OR event_type LIKE '%unknown%') "; } else if ($event_type != 'all') { $type[] = " event_type = '".$event_type."'"; } } } $sql_where .= implode(' OR ', $type).')'; } if (!empty($filter_event_filter_search)) { $sql_where .= ' AND (evento LIKE "%'.io_safe_input($filter_event_filter_search).'%"'.' OR id_evento LIKE "%'.io_safe_input($filter_event_filter_search).'%")'; } $tevento = 'tevento'; if ($dbmeta) { $tevento = 'tmetaconsole_event'; } $sql = sprintf( 'SELECT criticity, COUNT(*) AS count FROM %s WHERE utimestamp > %d AND utimestamp <= %d %s %s GROUP BY criticity', $tevento, $datelimit, $date, $sql_filter, $sql_where ); $rows = db_get_all_rows_sql($sql); if ($rows == false) { $rows = []; } $return = []; foreach ($rows as $row) { $return[get_priority_name($row['criticity'])] = $row['count']; } return $return; } /** * Get all the events happened in a group during a period of time. * * The returned events will be in the time interval ($date - $period, $date] * * @param mixed $id_group Group id to get events for. * @param integer $period Period of time in seconds to get events. * @param integer $date Beginning date to get events. * * @return array An array with all the events happened. */ function events_get_count_events_validated( $filter, $period=null, $date=null, $filter_event_severity=false, $filter_event_type=false, $filter_event_status=false, $filter_event_filter_search=false, $dbmeta=false ) { global $config; // group $sql_filter = ' 1=1 '; if (isset($filter['id_group'])) { $id_group = groups_safe_acl($config['id_user'], $filter['id_group'], 'AR'); if (empty($id_group)) { // An empty array means the user doesn't have access return false; } $sql_filter .= sprintf(' AND id_grupo IN (%s) ', implode(',', $id_group)); } // agent if (!empty($filter['id_agent'])) { $sql_filter .= sprintf(' AND id_agente = %d ', $filter['id_agent']); } // module if (!empty($filter['id_agentmodule'])) { $sql_filter .= sprintf(' AND id_agentmodule = %d ', $filter['id_agentmodule']); } // date if (!is_numeric($date)) { $date = time_w_fixed_tz($date); } if (empty($date)) { $date = get_system_time(); } $date_filter = ''; if (!empty($date) && !empty($period)) { $datelimit = ($date - $period); $date_filter .= sprintf( ' AND utimestamp > %d AND utimestamp <= %d ', $datelimit, $date ); } else if (!empty($period)) { $date = time(); $datelimit = ($date - $period); $date_filter .= sprintf( ' AND utimestamp > %d AND utimestamp <= %d ', $datelimit, $date ); } else if (!empty($date)) { $date_filter .= sprintf(' AND utimestamp <= %d ', $date); } $sql_where = ''; $severity_all = 0; if (!empty($filter_event_severity)) { foreach ($filter_event_severity as $key => $value) { switch ($value) { case -1: $severity_all = 1; break; case 34: $filter_event_severity[$key] = '3, 4'; break; case 20: $filter_event_severity[$key] = '0, 1, 3, 4, 5, 6'; break; case 21: $filter_event_severity[$key] = '4, 2'; break; default: break; } } if (!$severity_all) { $sql_where .= ' AND criticity IN ('.implode(', ', $filter_event_severity).')'; } } $status_all = 0; if (!empty($filter_event_status)) { foreach ($filter_event_status as $key => $value) { switch ($value) { case -1: $status_all = 1; break; case 3: $filter_event_status[$key] = ('0, 2'); default: break; } } if (!$status_all) { $sql_where .= ' AND estado IN ('.implode(', ', $filter_event_status).')'; } } if (!empty($filter_event_type) && $filter_event_type[0] != 'all') { $sql_where .= ' AND ('; $type = []; foreach ($filter_event_type as $event_type) { if ($event_type != '') { // If normal, warning, could be several (going_up_warning, going_down_warning... too complex // for the user so for him is presented only "warning, critical and normal" if ($event_type == 'warning' || $event_type == 'critical' || $event_type == 'normal') { $type[] = " event_type LIKE '%$event_type%' "; } else if ($event_type == 'not_normal') { $type[] = " (event_type LIKE '%warning%' OR event_type LIKE '%critical%' OR event_type LIKE '%unknown%') "; } else if ($event_type != 'all') { $type[] = " event_type = '".$event_type."'"; } } } $sql_where .= implode(' OR ', $type).')'; } if (!empty($filter_event_filter_search)) { $sql_where .= ' AND (evento LIKE "%'.io_safe_input($filter_event_filter_search).'%"'.' OR id_evento LIKE "%'.io_safe_input($filter_event_filter_search).'%")'; } $tevento = 'tevento'; if ($dbmeta) { $tevento = 'tmetaconsole_event'; } $sql = sprintf('SELECT estado, COUNT(*) AS count FROM %s WHERE %s %s GROUP BY estado', $tevento, $sql_filter, $sql_where); $rows = db_get_all_rows_sql($sql); if ($rows == false) { $rows = []; } $return = array_reduce( $rows, function ($carry, $item) { $status = (int) $item['estado']; $count = (int) $item['count']; if ($status === 1) { $carry[__('Validated')] += $count; } else if ($status === 0) { $carry[__('Not validated')] += $count; } return $carry; }, [ __('Validated') => 0, __('Not validated') => 0, ] ); return $return; } function events_checks_event_tags($event_data, $acltags) { global $config; if (empty($acltags[$event_data['id_grupo']])) { return true; } else { $tags_arr_acl = explode(',', $acltags[$event_data['id_grupo']]); $tags_arr_event = explode(',', $event_data['tags']); foreach ($tags_arr_acl as $tag) { $tag_name = tags_get_name($tag); if (in_array($tag_name, $tags_arr_event)) { return true; } else { $has_tag = false; } } if (!$has_tag) { return false; } } return false; } function events_get_events_grouped_by_agent( $sql_post, $offset=0, $pagination=1, $meta=false, $history=false, $total=false ) { global $config; $table = events_get_events_table($meta, $history); if ($meta) { $fields_extra = ', agent_name, server_id'; $groupby_extra = ', server_id'; } else { $groupby_extra = ''; $fields_extra = ''; } $event_lj = events_get_secondary_groups_left_join($table); if ($total) { $sql = "SELECT COUNT(*) FROM (select id_agente from $table $event_lj WHERE 1=1 $sql_post GROUP BY id_agente, event_type$groupby_extra ORDER BY id_agente ) AS t"; } else { $sql = "select id_agente, count(*) as total$fields_extra from $table te $event_lj WHERE id_agente > 0 $sql_post GROUP BY id_agente$groupby_extra ORDER BY id_agente LIMIT $offset,$pagination"; } $result = []; // Extract the events by filter (or not) from db $events = db_get_all_rows_sql($sql); $result = []; if ($events) { foreach ($events as $event) { if ($meta) { $sql = "select event_type from $table te $event_lj WHERE agent_name = '".$event['agent_name']."' $sql_post ORDER BY utimestamp DESC "; $resultado = db_get_row_sql($sql); $id_agente = $event['agent_name']; $result[] = [ 'total' => $event['total'], 'id_server' => $event['server_id'], 'id_agent' => $id_agente, 'event_type' => $resultado['event_type'], ]; } else { $sql = "SELECT event_type FROM $table te $event_lj WHERE id_agente = ".$event['id_agente']." $sql_post ORDER BY utimestamp DESC "; $resultado = db_get_row_sql($sql); $id_agente = $event['id_agente']; $result[] = [ 'total' => $event['total'], 'id_agent' => $id_agente, 'event_type' => $resultado['event_type'], ]; } } } return $result; } function events_sql_events_grouped_agents( $id_agent, $server_id=-1, $event_type='', $severity=-1, $status=3, $search='', $id_agent_module=0, $event_view_hr=8, $id_user_ack=false, $tag_with=[], $tag_without=[], $filter_only_alert=false, $date_from='', $date_to='', $id_user=false, $server_id_search=false ) { global $config; $sql_post = ' 1 = 1 '; $meta = false; if (is_metaconsole()) { $meta = true; } switch ($status) { case 0: case 1: case 2: $sql_post .= ' AND estado = '.$status; break; case 3: $sql_post .= ' AND (estado = 0 OR estado = 2)'; break; } if ($search != '') { $sql_post .= " AND (evento LIKE '%".io_safe_input($search)."%' OR id_evento LIKE '%$search%')"; } if ($event_type != '') { // If normal, warning, could be several (going_up_warning, going_down_warning... too complex // for the user so for him is presented only "warning, critical and normal" if ($event_type == 'warning' || $event_type == 'critical' || $event_type == 'normal') { $sql_post .= " AND event_type LIKE '%$event_type%' "; } else if ($event_type == 'not_normal') { $sql_post .= " AND (event_type LIKE '%warning%' OR event_type LIKE '%critical%' OR event_type LIKE '%unknown%') "; } else if ($event_type != 'all') { $sql_post .= " AND event_type = '".$event_type."'"; } } if ($severity != -1) { switch ($severity) { case EVENT_CRIT_WARNING_OR_CRITICAL: $sql_post .= ' AND (criticity = '.EVENT_CRIT_WARNING.' OR criticity = '.EVENT_CRIT_CRITICAL.')'; break; case EVENT_CRIT_OR_NORMAL: $sql_post .= ' AND (criticity = '.EVENT_CRIT_NORMAL.' OR criticity = '.EVENT_CRIT_CRITICAL.')'; break; case EVENT_CRIT_NOT_NORMAL: $sql_post .= ' AND criticity != '.EVENT_CRIT_NORMAL; break; default: $sql_post .= " AND criticity = $severity"; break; } } // In metaconsole mode the agent search is performed by name if ($meta) { if ($id_agent != __('All')) { $sql_post .= " AND agent_name LIKE '%$id_agent%'"; } } else { switch ($id_agent) { case 0: break; case -1: // Agent doesnt exist. No results will returned $sql_post .= ' AND 1 = 0'; break; default: $sql_post .= ' AND id_agente = '.$id_agent; break; } } if ($meta) { // There is another filter. } else { if (!empty($text_module)) { $sql_post .= " AND id_agentmodule IN ( SELECT id_agente_modulo FROM tagente_modulo WHERE nombre = '$text_module' )"; } } if ($id_user_ack != '0') { $sql_post .= " AND id_usuario = '".$id_user_ack."'"; } if (!isset($date_from)) { $date_from = ''; } if (!isset($date_to)) { $date_to = ''; } if (($date_from == '') && ($date_to == '')) { if ($event_view_hr > 0) { $unixtime = (get_system_time() - ($event_view_hr * SECONDS_1HOUR)); $sql_post .= ' AND (utimestamp > '.$unixtime.')'; } } else { if ($date_from != '') { $udate_from = strtotime($date_from.' 00:00:00'); $sql_post .= ' AND (utimestamp >= '.$udate_from.')'; } if ($date_to != '') { $udate_to = strtotime($date_to.' 23:59:59'); $sql_post .= ' AND (utimestamp <= '.$udate_to.')'; } } // Search by tag if (!empty($tag_with) && (io_safe_output($tag_with) != '[]') && (io_safe_output($tag_with) != '["0"]')) { $sql_post .= ' AND ( '; $first = true; foreach ($tag_with as $id_tag) { if ($first) { $first = false; } else { $sql_post .= ' OR '; } $sql_post .= "tags = '".tags_get_name($id_tag)."'"; } $sql_post .= ' ) '; } if (!empty($tag_without) && (io_safe_output($tag_without) != '[]') && (io_safe_output($tag_with) != '["0"]')) { $sql_post .= ' AND ( '; $first = true; foreach ($tag_without as $id_tag) { if ($first) { $first = false; } else { $sql_post .= ' AND '; } $sql_post .= "tags <> '".tags_get_name($id_tag)."'"; } $sql_post .= ' ) '; } // Filter/Only alerts if (isset($filter_only_alert)) { if ($filter_only_alert == 0) { $sql_post .= " AND event_type NOT LIKE '%alert%'"; } else if ($filter_only_alert == 1) { $sql_post .= " AND event_type LIKE '%alert%'"; } } // Tags ACLS if ($id_group > 0 && in_array($id_group, array_keys($groups))) { $group_array = (array) $id_group; } else { $group_array = array_keys($groups); } $tags_acls_condition = tags_get_acl_tags( $id_user, $group_array, 'ER', 'event_condition', 'AND', '', $meta, [], true ); // FORCE CHECK SQL "(TAG = tag1 AND id_grupo = 1)" if (($tags_acls_condition != ERR_WRONG_PARAMETERS) && ($tags_acls_condition != ERR_ACL) && ($tags_acls_condition != -110000)) { $sql_post .= $tags_acls_condition; } // Metaconsole fitlers if ($meta) { if ($server_id_search) { $sql_post .= ' AND server_id = '.$server_id_search; } else { $enabled_nodes = db_get_all_rows_sql( ' SELECT id FROM tmetaconsole_setup WHERE disabled = 0' ); if (empty($enabled_nodes)) { $sql_post .= ' AND 1 = 0'; } else { if ($strict_user == 1) { $enabled_nodes_id = []; } else { $enabled_nodes_id = [0]; } foreach ($enabled_nodes as $en) { $enabled_nodes_id[] = $en['id']; } $sql_post .= ' AND server_id IN ('.implode(',', $enabled_nodes_id).')'; } } } return $sql_post; } function events_list_events_grouped_agents($sql) { global $config; $table = events_get_events_table(is_metaconsole(), $history); $sql = "select * from $table LEFT JOIN tagent_secondary_group ON tagent_secondary_group.id_agent = tevento.id_agente WHERE $sql"; $result = db_get_all_rows_sql($sql); $group_rep = 0; $meta = is_metaconsole(); // fields that the user has selected to show if ($meta) { $show_fields = events_meta_get_custom_fields_user(); } else { $show_fields = explode(',', $config['event_fields']); } // headers $i = 0; $table = new stdClass(); if (!isset($table->width)) { $table->width = '100%'; } $table->id = 'eventtable'; $table->cellpadding = 4; $table->cellspacing = 4; if (!isset($table->class)) { $table->class = 'databox data'; } $table->head = []; $table->data = []; $table->head[$i] = __('ID'); $table->align[$i] = 'left'; $i++; if (in_array('server_name', $show_fields)) { $table->head[$i] = __('Server'); $table->align[$i] = 'left'; $i++; } if (in_array('estado', $show_fields)) { $table->head[$i] = __('Status'); $table->align[$i] = 'left'; $i++; } if (in_array('id_evento', $show_fields)) { $table->head[$i] = __('Event ID'); $table->align[$i] = 'left'; $i++; } if (in_array('evento', $show_fields)) { $table->head[$i] = __('Event Name'); $table->align[$i] = 'left'; $table->style[$i] = 'min-width: 200px; max-width: 350px; word-break: break-all;'; $i++; } if (in_array('id_agente', $show_fields)) { $table->head[$i] = __('Agent name'); $table->align[$i] = 'left'; $table->style[$i] = 'max-width: 350px; word-break: break-all;'; $i++; } if (in_array('timestamp', $show_fields)) { $table->head[$i] = __('Timestamp'); $table->align[$i] = 'left'; $i++; } if (in_array('id_usuario', $show_fields)) { $table->head[$i] = __('User'); $table->align[$i] = 'left'; $i++; } if (in_array('owner_user', $show_fields)) { $table->head[$i] = __('Owner'); $table->align[$i] = 'left'; $i++; } if (in_array('id_grupo', $show_fields)) { $table->head[$i] = __('Group'); $table->align[$i] = 'left'; $i++; } if (in_array('event_type', $show_fields)) { $table->head[$i] = __('Event type'); $table->align[$i] = 'left'; $table->style[$i] = 'min-width: 85px;'; $i++; } if (in_array('id_agentmodule', $show_fields)) { $table->head[$i] = __('Agent Module'); $table->align[$i] = 'left'; $i++; } if (in_array('id_alert_am', $show_fields)) { $table->head[$i] = __('Alert'); $table->align[$i] = 'left'; $i++; } if (in_array('criticity', $show_fields)) { $table->head[$i] = __('Severity'); $table->align[$i] = 'left'; $i++; } if (in_array('user_comment', $show_fields)) { $table->head[$i] = __('Comment'); $table->align[$i] = 'left'; $i++; } if (in_array('tags', $show_fields)) { $table->head[$i] = __('Tags'); $table->align[$i] = 'left'; $i++; } if (in_array('source', $show_fields)) { $table->head[$i] = __('Source'); $table->align[$i] = 'left'; $i++; } if (in_array('id_extra', $show_fields)) { $table->head[$i] = __('Extra ID'); $table->align[$i] = 'left'; $i++; } if (in_array('ack_utimestamp', $show_fields)) { $table->head[$i] = __('ACK Timestamp'); $table->align[$i] = 'left'; $i++; } if (in_array('instructions', $show_fields)) { $table->head[$i] = __('Instructions'); $table->align[$i] = 'left'; $i++; } if (in_array('data', $show_fields)) { $table->head[$i] = __('Data'); $table->align[$i] = 'left'; $i++; } if (in_array('module_status', $show_fields)) { $table->head[$i] = __('Module status'); $table->align[$i] = 'left'; $i++; } if ($i != 0 && $allow_action) { $table->head[$i] = __('Action'); $table->align[$i] = 'left'; $table->size[$i] = '90px'; $i++; if (check_acl($config['id_user'], 0, 'EW') == 1 && !$readonly) { $table->head[$i] = html_print_checkbox('all_validate_box', '1', false, true); $table->align[$i] = 'left'; } } if ($meta) { // Get info of the all servers to use it on hash auth $servers_url_hash = metaconsole_get_servers_url_hash(); $servers = metaconsole_get_servers(); } $show_delete_button = false; $show_validate_button = false; $idx = 0; // Arrange data. We already did ACL's in the query foreach ($result as $event) { $data = []; if ($meta) { $event['server_url_hash'] = $servers_url_hash[$event['server_id']]; $event['server_url'] = $servers[$event['server_id']]['server_url']; $event['server_name'] = $servers[$event['server_id']]['server_name']; } // Clean url from events and store in array $event['clean_tags'] = events_clean_tags($event['tags']); // First pass along the class of this row $myclass = get_priority_class($event['criticity']); // print status $estado = $event['estado']; // Colored box switch ($estado) { case EVENT_NEW: $img_st = 'images/star.png'; $title_st = __('New event'); break; case EVENT_VALIDATE: $img_st = 'images/tick.png'; $title_st = __('Event validated'); break; case EVENT_PROCESS: $img_st = 'images/hourglass.png'; $title_st = __('Event in process'); break; } $i = 0; $data[$i] = '#'.$event['id_evento']; $table->cellstyle[count($table->data)][$i] = 'background: #F3F3F3; color: #111 !important;'; // Pass grouped values in hidden fields to use it from modal window if ($group_rep) { $similar_ids = $event['similar_ids']; $timestamp_first = $event['timestamp_rep_min']; $timestamp_last = $event['timestamp_rep']; } else { $similar_ids = $event['id_evento']; $timestamp_first = $event['utimestamp']; $timestamp_last = $event['utimestamp']; } // Store group data to show in extended view $data[$i] .= html_print_input_hidden('similar_ids_'.$event['id_evento'], $similar_ids, true); $data[$i] .= html_print_input_hidden('timestamp_first_'.$event['id_evento'], $timestamp_first, true); $data[$i] .= html_print_input_hidden('timestamp_last_'.$event['id_evento'], $timestamp_last, true); $data[$i] .= html_print_input_hidden('childrens_ids', json_encode($childrens_ids), true); // Store server id if is metaconsole. 0 otherwise if ($meta) { $server_id = $event['server_id']; // If meta activated, propagate the id of the event on node (source id) $data[$i] .= html_print_input_hidden('source_id_'.$event['id_evento'], $event['id_source_event'], true); $table->cellclass[count($table->data)][$i] = $myclass; } else { $server_id = 0; } $data[$i] .= html_print_input_hidden('server_id_'.$event['id_evento'], $server_id, true); if (empty($event['event_rep'])) { $event['event_rep'] = 0; } $data[$i] .= html_print_input_hidden('event_rep_'.$event['id_evento'], $event['event_rep'], true); // Store concat comments to show in extended view $data[$i] .= html_print_input_hidden('user_comment_'.$event['id_evento'], base64_encode($event['user_comment']), true); $i++; if (in_array('server_name', $show_fields)) { if ($meta) { if (can_user_access_node()) { $data[$i] = "".$event['server_name'].''; } else { $data[$i] = $event['server_name']; } } else { $data[$i] = db_get_value('name', 'tserver'); } $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('estado', $show_fields)) { $data[$i] = html_print_image( $img_st, true, [ 'class' => 'image_status', 'title' => $title_st, 'id' => 'status_img_'.$event['id_evento'], ] ); $table->cellstyle[count($table->data)][$i] = 'background: #F3F3F3;'; $i++; } if (in_array('id_evento', $show_fields)) { $data[$i] = $event['id_evento']; $table->cellclass[count($table->data)][$i] = $myclass; $i++; } switch ($event['criticity']) { default: case 0: $img_sev = 'images/status_sets/default/severity_maintenance.png'; break; case 1: $img_sev = 'images/status_sets/default/severity_informational.png'; break; case 2: $img_sev = 'images/status_sets/default/severity_normal.png'; break; case 3: $img_sev = 'images/status_sets/default/severity_warning.png'; break; case 4: $img_sev = 'images/status_sets/default/severity_critical.png'; break; case 5: $img_sev = 'images/status_sets/default/severity_minor.png'; break; case 6: $img_sev = 'images/status_sets/default/severity_major.png'; break; } if (in_array('evento', $show_fields)) { // Event description $data[$i] = ''; if ($allow_action) { $data[$i] .= ''; } $data[$i] .= ''.ui_print_truncate_text(io_safe_output($event['evento']), 160).''; if ($allow_action) { $data[$i] .= ''; } $data[$i] .= ''; $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('id_agente', $show_fields)) { $data[$i] = ''; if ($event['id_agente'] > 0) { // Agent name if ($meta) { $agent_link = ''; if (can_user_access_node()) { $data[$i] = ''.$agent_link.$event['agent_name'].''; } else { $data[$i] = $event['agent_name']; } } else { $data[$i] .= ui_print_agent_name($event['id_agente'], true); } } else { $data[$i] .= ''; } $data[$i] .= ''; $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('timestamp', $show_fields)) { // Time $data[$i] = ''; if ($group_rep == 1) { $data[$i] .= ui_print_timestamp($event['timestamp_rep'], true); } else { $data[$i] .= ui_print_timestamp($event['timestamp'], true); } $data[$i] .= ''; $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('id_usuario', $show_fields)) { $user_name = db_get_value('fullname', 'tusuario', 'id_user', $event['id_usuario']); if (empty($user_name)) { $user_name = $event['id_usuario']; } $data[$i] = $user_name; $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('owner_user', $show_fields)) { $owner_name = db_get_value('fullname', 'tusuario', 'id_user', $event['owner_user']); if (empty($owner_name)) { $owner_name = $event['owner_user']; } $data[$i] = $owner_name; $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('id_grupo', $show_fields)) { if ($meta) { $data[$i] = $event['group_name']; } else { $id_group = $event['id_grupo']; $group_name = db_get_value('nombre', 'tgrupo', 'id_grupo', $id_group); if ($id_group == 0) { $group_name = __('All'); } $data[$i] = $group_name; } $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('event_type', $show_fields)) { $data[$i] = events_print_type_description($event['event_type'], true); $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('id_agentmodule', $show_fields)) { if ($meta) { $module_link = ''; if (can_user_access_node()) { $data[$i] = ''.$module_link.$event['module_name'].''; } else { $data[$i] = $event['module_name']; } } else { $module_name = db_get_value('nombre', 'tagente_modulo', 'id_agente_modulo', $event['id_agentmodule']); $data[$i] = ''.$module_name.''; } $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('id_alert_am', $show_fields)) { if ($meta) { $data[$i] = $event['alert_template_name']; } else { if ($event['id_alert_am'] != 0) { $sql = 'SELECT name FROM talert_templates WHERE id IN (SELECT id_alert_template FROM talert_template_modules WHERE id = '.$event['id_alert_am'].');'; $templateName = db_get_sql($sql); $data[$i] = ''.$templateName.''; } else { $data[$i] = ''; } } $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('criticity', $show_fields)) { $data[$i] = get_priority_name($event['criticity']); $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('user_comment', $show_fields)) { $safe_event_user_comment = strip_tags(io_safe_output($event['user_comment'])); $line_breaks = [ "\r\n", "\n", "\r", ]; $safe_event_user_comment = str_replace($line_breaks, '
', $safe_event_user_comment); $event_user_comments = json_decode($safe_event_user_comment, true); $event_user_comment_str = ''; if (!empty($event_user_comments)) { $last_key = key(array_slice($event_user_comments, -1, 1, true)); $date_format = $config['date_format']; foreach ($event_user_comments as $key => $event_user_comment) { $event_user_comment_str .= sprintf( '%s: %s
%s: %s
%s: %s
', __('Date'), date($date_format, $event_user_comment['utimestamp']), __('User'), $event_user_comment['id_user'], __('Comment'), $event_user_comment['comment'] ); if ($key != $last_key) { $event_user_comment_str .= '
'; } } } $comments_help_tip = ''; if (!empty($event_user_comment_str)) { $comments_help_tip = ui_print_help_tip($event_user_comment_str, true); } $data[$i] = ''.$comments_help_tip.''; $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('tags', $show_fields)) { $data[$i] = tags_get_tags_formatted($event['tags']); $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('source', $show_fields)) { $data[$i] = $event['source']; $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('id_extra', $show_fields)) { $data[$i] = $event['id_extra']; $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('ack_utimestamp', $show_fields)) { if ($event['ack_utimestamp'] == 0) { $data[$i] = ''; } else { $data[$i] = date($config['date_format'], $event['ack_utimestamp']); } $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('instructions', $show_fields)) { switch ($event['event_type']) { case 'going_unknown': if (!empty($event['unknown_instructions'])) { $data[$i] = html_print_image('images/page_white_text.png', true, ['title' => str_replace("\n", '
', io_safe_output($event['unknown_instructions']))]); } break; case 'going_up_critical': case 'going_down_critical': if (!empty($event['critical_instructions'])) { $data[$i] = html_print_image('images/page_white_text.png', true, ['title' => str_replace("\n", '
', io_safe_output($event['critical_instructions']))]); } break; case 'going_down_warning': if (!empty($event['warning_instructions'])) { $data[$i] = html_print_image('images/page_white_text.png', true, ['title' => str_replace("\n", '
', io_safe_output($event['warning_instructions']))]); } break; case 'system': if (!empty($event['critical_instructions'])) { $data[$i] = html_print_image('images/page_white_text.png', true, ['title' => str_replace("\n", '
', io_safe_output($event['critical_instructions']))]); } else if (!empty($event['warning_instructions'])) { $data[$i] = html_print_image('images/page_white_text.png', true, ['title' => str_replace("\n", '
', io_safe_output($event['warning_instructions']))]); } else if (!empty($event['unknown_instructions'])) { $data[$i] = html_print_image('images/page_white_text.png', true, ['title' => str_replace("\n", '
', io_safe_output($event['unknown_instructions']))]); } break; } if (!isset($data[$i])) { $data[$i] = ''; } $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('data', $show_fields)) { $data[$i] = $event['data']; if (($data[$i] % 1) == 0) { $data[$i] = number_format($data[$i], 0); } else { $data[$i] = number_format($data[$i], 2); } $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if (in_array('module_status', $show_fields)) { $data[$i] = modules_get_modules_status($event['module_status']); $table->cellclass[count($table->data)][$i] = $myclass; $i++; } if ($i != 0 && $allow_action) { // Actions $data[$i] = ''; if (!$readonly) { // Validate event if (($event['estado'] != 1) && (tags_checks_event_acl($config['id_user'], $event['id_grupo'], 'EW', $event['clean_tags'], $childrens_ids))) { $show_validate_button = true; $data[$i] .= ''; $data[$i] .= html_print_image( 'images/ok.png', true, ['title' => __('Validate event')] ); $data[$i] .= ''; } // Delete event if ((tags_checks_event_acl($config['id_user'], $event['id_grupo'], 'EM', $event['clean_tags'], $childrens_ids) == 1)) { if ($event['estado'] != 2) { $show_delete_button = true; $data[$i] .= ''; $data[$i] .= html_print_image( 'images/cross.png', true, [ 'title' => __('Delete event'), 'id' => 'delete_cross_'.$event['id_evento'], ] ); $data[$i] .= ''; } else { $data[$i] .= html_print_image( 'images/cross.disabled.png', true, ['title' => __('Is not allowed delete events in process')] ).' '; } } } $data[$i] .= ''; $data[$i] .= html_print_input_hidden('event_title_'.$event['id_evento'], '#'.$event['id_evento'].' - '.$event['evento'], true); $data[$i] .= html_print_image( 'images/eye.png', true, ['title' => __('Show more')] ); $data[$i] .= ''; $table->cellstyle[count($table->data)][$i] = 'background: #F3F3F3;'; $i++; if (!$readonly) { if (tags_checks_event_acl($config['id_user'], $event['id_grupo'], 'EM', $event['clean_tags'], $childrens_ids) == 1) { // Checkbox // Class 'candeleted' must be the fist class to be parsed from javascript. Dont change $data[$i] = html_print_checkbox_extended('validate_ids[]', $event['id_evento'], false, false, false, 'class="candeleted chk_val"', true); } else if (tags_checks_event_acl($config['id_user'], $event['id_grupo'], 'EW', $event['clean_tags'], $childrens_ids) == 1) { // Checkbox $data[$i] = html_print_checkbox_extended('validate_ids[]', $event['id_evento'], false, false, false, 'class="chk_val"', true); } else if (isset($table->header[$i]) || true) { $data[$i] = ''; } } $table->cellstyle[count($table->data)][$i] = 'background: #F3F3F3;'; } array_push($table->data, $data); $idx++; } return html_print_table($table, true); } function events_get_sql_order($sort_field='timestamp', $sort='DESC', $group_rep=0) { $sort_field_translated = $sort_field; switch ($sort_field) { case 'event_id': $sort_field_translated = 'id_evento'; break; case 'event_name': $sort_field_translated = 'evento'; break; case 'status': $sort_field_translated = 'estado'; break; case 'agent_id': $sort_field_translated = 'id_agente'; break; case 'timestamp': $sort_field_translated = ($group_rep == 0) ? 'timestamp' : 'timestamp_rep'; break; case 'user_id': $sort_field_translated = 'id_usuario'; break; case 'owner': $sort_field_translated = 'owner_user'; break; case 'group_id': $sort_field_translated = 'id_grupo'; break; case 'alert_id': $sort_field_translated = 'id_alert_am'; break; case 'comment': $sort_field_translated = 'user_comment'; break; case 'extra_id': $sort_field_translated = 'id_extra'; break; } $dir = ($sort == 'up') ? 'ASC' : 'DESC'; return "ORDER BY $sort_field_translated $dir"; } /** * SQL left join of event queries to handle secondary groups * * @param string Table to see if is metaconsole or not * * @return string With the query. */ function events_get_secondary_groups_left_join($table) { if ($table == 'tevento') { return 'LEFT JOIN tagent_secondary_group tasg ON te.id_agente = tasg.id_agent'; } return 'LEFT JOIN tmetaconsole_agent_secondary_group tasg ON te.id_agente = tasg.id_tagente AND te.server_id = tasg.id_tmetaconsole_setup'; }