$name) { if ($i == 0) { $str_user_groups .= $id; } else { $str_user_groups .= ','.$id; } $i++; } $url = 'index.php?sec=estado&sec2=operation/snmpconsole/snmp_view&filter_severity='.$filter_severity.'&filter_fired='.$filter_fired.'&free_search_string='.$free_search_string.'&pagination='.$pagination.'&offset='.$offset.'&trap_type='.$trap_type.'&group_by='.$group_by.'&date_from_trap='.$date_from_trap.'&date_to_trap='.$date_to_trap.'&time_from_trap='.$time_from_trap.'&time_to_trap='.$time_to_trap; $statistics['text'] = ''.html_print_image('images/op_reporting.png', true, ['title' => __('Statistics')]).''; $list['text'] = ''.html_print_image('images/op_snmp.png', true, ['title' => __('List')]).''; $list['active'] = true; if ($config['pure']) { $fullscreen['text'] = ''.html_print_image('images/normal_screen.png', true, ['title' => __('Normal screen')]).''; } else { // Fullscreen. $fullscreen['text'] = ''.html_print_image('images/full_screen.png', true, ['title' => __('Full screen')]).''; } // OPERATIONS // Delete SNMP Trap entry Event (only incident management access). if (isset($_GET['delete'])) { $id_trap = (int) get_parameter_get('delete', 0); if ($id_trap > 0 && check_acl($config['id_user'], 0, 'IM')) { if ($group_by) { $sql_ids_traps = 'SELECT id_trap, source FROM ttrap WHERE oid IN (SELECT oid FROM ttrap WHERE id_trap = '.$id_trap.') AND source IN (SELECT source FROM ttrap WHERE id_trap = '.$id_trap.')'; $ids_traps = db_get_all_rows_sql($sql_ids_traps); foreach ($ids_traps as $key => $value) { $result = db_process_sql_delete('ttrap', ['id_trap' => $value['id_trap']]); enterprise_hook('snmp_update_forwarded_modules', [$value]); } } else { $forward_info = db_get_row('ttrap', 'id_trap', $id_trap); $result = db_process_sql_delete('ttrap', ['id_trap' => $id_trap]); enterprise_hook('snmp_update_forwarded_modules', [$forward_info]); ui_print_result_message( $result, __('Successfully deleted'), __('Could not be deleted') ); } } else { db_pandora_audit( 'ACL Violation', 'Trying to delete SNMP event ID #'.$id_trap ); } } // Check Event (only incident write access). if (isset($_GET['check'])) { $id_trap = (int) get_parameter_get('check', 0); if (check_acl($config['id_user'], 0, 'IW')) { $values = [ 'status' => 1, 'id_usuario' => $config['id_user'], ]; $result = db_process_sql_update('ttrap', $values, ['id_trap' => $id_trap]); enterprise_hook('snmp_update_forwarded_modules', [$id_trap]); ui_print_result_message( $result, __('Successfully updated'), __('Could not be updated') ); } else { db_pandora_audit( 'ACL Violation', 'Trying to checkout SNMP Trap ID'.$id_trap ); } } // Mass-process DELETE. if (isset($_POST['deletebt'])) { $trap_ids = get_parameter_post('snmptrapid', []); if (is_array($trap_ids) && check_acl($config['id_user'], 0, 'IW')) { if ($group_by) { foreach ($trap_ids as $key => $value) { $sql_ids_traps = 'SELECT id_trap, source FROM ttrap WHERE oid IN (SELECT oid FROM ttrap WHERE id_trap = '.$value.') AND source IN (SELECT source FROM ttrap WHERE id_trap = '.$value.')'; $ids_traps = db_get_all_rows_sql($sql_ids_traps); foreach ($ids_traps as $key2 => $value2) { $result = db_process_sql_delete('ttrap', ['id_trap' => $value2['id_trap']]); enterprise_hook('snmp_update_forwarded_modules', [$value2]); } } } else { foreach ($trap_ids as $id_trap) { $forward_info = db_get_row('ttrap', 'id_trap', $id_trap); db_process_sql_delete('ttrap', ['id_trap' => $id_trap]); enterprise_hook('snmp_update_forwarded_modules', [$forward_info]); } } } else { db_pandora_audit( 'ACL Violation', 'Trying to mass-delete SNMP Trap ID' ); } } // Mass-process UPDATE. if (isset($_POST['updatebt'])) { $trap_ids = get_parameter_post('snmptrapid', []); if (is_array($trap_ids) && check_acl($config['id_user'], 0, 'IW')) { foreach ($trap_ids as $id_trap) { $sql = sprintf("UPDATE ttrap SET status = 1, id_usuario = '%s' WHERE id_trap = %d", $config['id_user'], $id_trap); db_process_sql($sql); enterprise_hook('snmp_update_forwarded_modules', [$id_trap]); } } else { db_pandora_audit( 'ACL Violation', 'Trying to mass-delete SNMP Trap ID' ); } } // All traps. $all_traps = db_get_all_rows_sql('SELECT DISTINCT source FROM ttrap'); if (empty($all_traps)) { $all_traps = []; } // Set filters. $agents = []; $oids = []; $severities = get_priorities(); $alerted = [ __('Not fired'), __('Fired'), ]; foreach ($all_traps as $trap) { $agent = agents_get_agent_with_ip($trap['source']); $agents[$trap['source']] = $agent !== false ? ($agent['alias'] ? $agent['alias'] : $agent['nombre']) : $trap['source']; $oid = enterprise_hook('get_oid', [$trap]); if ($oid === ENTERPRISE_NOT_HOOK) { $oid = $trap['oid']; } $oids[$oid] = $oid; } $prea = array_keys($user_groups); $ids = join(',', $prea); // Cuantos usuarios hay operadores con un grupo que exista y no lo tenga ningun usuario. $user_in_group_wo_agents = db_get_value_sql('select count(DISTINCT(id_usuario)) from tusuario_perfil where id_usuario ="'.$config['id_user'].'" and id_perfil = 1 and id_grupo in (select id_grupo from tgrupo where id_grupo in ('.$ids.') and id_grupo not in (select id_grupo from tagente))'); switch ($config['dbtype']) { case 'mysql': case 'postgresql': if ($user_in_group_wo_agents == 0) { $rows = db_get_all_rows_filter( 'tagente', ['id_grupo' => array_keys($user_groups)], ['id_agente'] ); $id_agents = []; foreach ($rows as $row) { $id_agents[] = $row['id_agente']; } $address_by_user_groups = agents_get_addresses($id_agents); foreach ($address_by_user_groups as $i => $a) { $address_by_user_groups[$i] = '"'.$a.'"'; } } else { $rows = db_get_all_rows_filter( 'tagente', [], ['id_agente'] ); $id_agents = []; foreach ($rows as $row) { $id_agents[] = $row['id_agente']; } $all_address_agents = agents_get_addresses($id_agents); foreach ($all_address_agents as $i => $a) { $all_address_agents[$i] = '"'.$a.'"'; } } break; default: // Default. break; } if (empty($address_by_user_groups)) { $address_by_user_groups = []; array_unshift($address_by_user_groups, '""'); } if (empty($all_address_agents)) { $all_address_agents = []; array_unshift($all_address_agents, '""'); } // Make query to extract traps of DB. switch ($config['dbtype']) { case 'mysql': $sql = 'SELECT * FROM ttrap WHERE ( `source` IN ('.implode(',', $address_by_user_groups).") OR `source`='' OR `source` NOT IN (".implode(',', $all_address_agents).') ) %s ORDER BY timestamp DESC LIMIT %d,%d'; break; case 'postgresql': $sql = 'SELECT * FROM ttrap WHERE ( source IN ('.implode(',', $address_by_user_groups).") OR source='' OR source NOT IN (".implode(',', $all_address_agents).') ) %s ORDER BY timestamp DESC LIMIT %d OFFSET %d'; break; case 'oracle': $sql = "SELECT * FROM ttrap WHERE (source IN ( SELECT direccion FROM tagente WHERE id_grupo IN ($str_user_groups) ) OR source='' OR source NOT IN (SELECT direccion FROM tagente WHERE direccion IS NOT NULL)) %s ORDER BY timestamp DESC"; break; default: // Default. break; } switch ($config['dbtype']) { case 'mysql': case 'postgresql': $sql_all = 'SELECT * FROM ttrap WHERE ( source IN ('.implode(',', $address_by_user_groups).") OR source='' OR source NOT IN (".implode(',', $all_address_agents).') ) %s ORDER BY timestamp DESC'; $sql_count = 'SELECT COUNT(id_trap) FROM ttrap WHERE ( source IN ('.implode(',', $address_by_user_groups).") OR source='' OR source NOT IN (".implode(',', $all_address_agents).') ) %s'; break; case 'oracle': $sql_all = "SELECT * FROM ttrap WHERE (source IN ( SELECT direccion FROM tagente WHERE id_grupo IN ($str_user_groups) ) OR source='' OR source NOT IN (SELECT direccion FROM tagente WHERE direccion IS NOT NULL)) %s ORDER BY timestamp DESC"; $sql_count = "SELECT COUNT(id_trap) FROM ttrap WHERE ( source IN ( SELECT direccion FROM tagente WHERE id_grupo IN ($str_user_groups) ) OR source='' OR source NOT IN (SELECT direccion FROM tagente WHERE direccion IS NOT NULL)) %s"; break; default: // Default. break; } // $whereSubquery = 'WHERE 1=1'; $whereSubquery = ''; if ($filter_fired != -1) { $whereSubquery .= ' AND alerted = '.$filter_fired; } if ($free_search_string != '') { switch ($config['dbtype']) { case 'mysql': $whereSubquery .= ' AND (source LIKE "%'.$free_search_string.'%" OR oid LIKE "%'.$free_search_string.'%" OR oid_custom LIKE "%'.$free_search_string.'%" OR type_custom LIKE "%'.$free_search_string.'%" OR value LIKE "%'.$free_search_string.'%" OR value_custom LIKE "%'.$free_search_string.'%" OR id_usuario LIKE "%'.$free_search_string.'%" OR text LIKE "%'.$free_search_string.'%" OR description LIKE "%'.$free_search_string.'%")'; break; case 'postgresql': case 'oracle': $whereSubquery .= ' AND (source LIKE \'%'.$free_search_string.'%\' OR oid LIKE \'%'.$free_search_string.'%\' OR oid_custom LIKE \'%'.$free_search_string.'%\' OR type_custom LIKE \'%'.$free_search_string.'%\' OR value LIKE \'%'.$free_search_string.'%\' OR value_custom LIKE \'%'.$free_search_string.'%\' OR id_usuario LIKE \'%'.$free_search_string.'%\' OR text LIKE \'%'.$free_search_string.'%\' OR description LIKE \'%'.$free_search_string.'%\')'; break; default: // Default. break; } } if ($date_from_trap != '') { if ($time_from_trap != '') { $whereSubquery .= ' AND (UNIX_TIMESTAMP(timestamp) > UNIX_TIMESTAMP("'.$date_from_trap.' '.$time_from_trap.'")) '; } else { $whereSubquery .= ' AND (UNIX_TIMESTAMP(timestamp) > UNIX_TIMESTAMP("'.$date_from_trap.' 23:59:59")) '; } } if ($date_to_trap != '') { if ($time_to_trap) { $whereSubquery .= ' AND (UNIX_TIMESTAMP(timestamp) < UNIX_TIMESTAMP("'.$date_to_trap.' '.$time_to_trap.'")) '; } else { $whereSubquery .= ' AND (UNIX_TIMESTAMP(timestamp) < UNIX_TIMESTAMP("'.$date_to_trap.' 23:59:59")) '; } } if ($filter_severity != -1) { // There are two special severity values aimed to match two different trap standard severities in database: warning/critical and critical/normal. if ($filter_severity != EVENT_CRIT_OR_NORMAL && $filter_severity != EVENT_CRIT_WARNING_OR_CRITICAL) { // Test if enterprise is installed to search oid in text or oid field in ttrap. if ($config['enterprise_installed']) { $whereSubquery .= ' AND ( (alerted = 0 AND severity = '.$filter_severity.') OR (alerted = 1 AND priority = '.$filter_severity.'))'; } else { $whereSubquery .= ' AND ( (alerted = 0 AND 1 = '.$filter_severity.') OR (alerted = 1 AND priority = '.$filter_severity.'))'; } } else if ($filter_severity === EVENT_CRIT_WARNING_OR_CRITICAL) { // Test if enterprise is installed to search oid in text or oid field in ttrap. if ($config['enterprise_installed']) { $whereSubquery .= ' AND ( (alerted = 0 AND (severity = '.EVENT_CRIT_WARNING.' OR severity = '.EVENT_CRIT_CRITICAL.')) OR (alerted = 1 AND (priority = '.EVENT_CRIT_WARNING.' OR priority = '.EVENT_CRIT_CRITICAL.')))'; } else { $whereSubquery .= ' AND ( (alerted = 1 AND (priority = '.EVENT_CRIT_WARNING.' OR priority = '.EVENT_CRIT_CRITICAL.')))'; } } else if ($filter_severity === EVENT_CRIT_OR_NORMAL) { // Test if enterprise is installed to search oid in text or oid field in ttrap. if ($config['enterprise_installed']) { $whereSubquery .= ' AND ( (alerted = 0 AND (severity = '.EVENT_CRIT_NORMAL.' OR severity = '.EVENT_CRIT_CRITICAL.')) OR (alerted = 1 AND (priority = '.EVENT_CRIT_NORMAL.' OR priority = '.EVENT_CRIT_CRITICAL.')))'; } else { $whereSubquery .= ' AND ( (alerted = 1 AND (priority = '.EVENT_CRIT_NORMAL.' OR priority = '.EVENT_CRIT_CRITICAL.')))'; } } } if ($filter_status != -1) { $whereSubquery .= ' AND status = '.$filter_status; } if ($trap_type == 5) { $whereSubquery .= ' AND type NOT IN (0, 1, 2, 3, 4)'; } else if ($trap_type != -1) { $whereSubquery .= ' AND type = '.$trap_type; } // Disable this feature (time will decide if temporarily) in Oracle cause the group by is very confictive. if ($group_by && $config['dbtype'] != 'oracle') { $where_without_group = $whereSubquery; $whereSubquery .= ' GROUP BY source,oid'; } switch ($config['dbtype']) { case 'mysql': $sql = sprintf($sql, $whereSubquery, $offset, $pagination); break; case 'postgresql': $sql = sprintf($sql, $whereSubquery, $pagination, $offset); break; case 'oracle': $set = []; $set['limit'] = $pagination; $set['offset'] = $offset; $sql = sprintf($sql, $whereSubquery); $sql = oracle_recode_query($sql, $set); break; default: // Default. break; } $sql_all = sprintf($sql_all, $whereSubquery); $sql_count = sprintf($sql_count, $whereSubquery); $table = new stdClass(); $table->width = '100%'; $table->cellpadding = 0; $table->cellspacing = 0; $table->class = 'databox filters'; $table->size = []; $table->size[0] = '120px'; $table->data = []; // Alert status select. $table->data[1][0] = ''.__('Alert').''; $table->data[1][1] = html_print_select( $alerted, 'filter_fired', $filter_fired, '', __('All'), '-1', true ); // Block size for pagination select. $table->data[2][0] = ''.__('Block size for pagination').''; $paginations[25] = 25; $paginations[50] = 50; $paginations[100] = 100; $paginations[200] = 200; $paginations[500] = 500; $table->data[2][1] = html_print_select( $paginations, 'pagination', $pagination, '', __('Default'), $config['block_size'], true ); // Severity select. $table->data[1][2] = ''.__('Severity').''; $table->data[1][3] = html_print_select( $severities, 'filter_severity', $filter_severity, '', __('All'), -1, true ); // Status. $table->data[3][0] = ''.__('Status').''; $status_array[-1] = __('All'); $status_array[0] = __('Not validated'); $status_array[1] = __('Validated'); $table->data[3][1] = html_print_select( $status_array, 'filter_status', $filter_status, '', '', '', true ); // Free search (search by all alphanumeric fields). $table->data[2][3] = ''.__('Free search').''.ui_print_help_tip( __( 'Search by any alphanumeric field in the trap. REMEMBER trap sources need to be searched by IP Address' ), true ); $table->data[2][4] = html_print_input_text( 'free_search_string', $free_search_string, '', 40, 0, true ); $table->data[4][0] = ''.__('From (Date)').''; $table->data[4][1] = html_print_input_text('date_from_trap', $date_from_trap, '', 15, 10, true); $table->data[4][2] = ''.__('To (Date)').''; $table->data[4][3] = html_print_input_text('date_to_trap', $date_to_trap, '', 15, 10, true); $table->data[5][0] = ''.__('From (Time)').''; $table->data[5][1] = html_print_input_text('time_from_trap', $time_from_trap, false, 15, 10, true); $table->data[5][2] = ''.__('To (Time)').''; $table->data[5][3] = html_print_input_text('time_to_trap', $time_to_trap, false, 15, 10, true); // Type filter (ColdStart, WarmStart, LinkDown, LinkUp, authenticationFailure, Other). $table->data[6][1] = ''.__('Trap type').''.ui_print_help_tip(__('Search by trap type'), true); $trap_types = [ -1 => __('None'), 0 => __('Cold start (0)'), 1 => __('Warm start (1)'), 2 => __('Link down (2)'), 3 => __('Link up (3)'), 4 => __('Authentication failure (4)'), 5 => __('Other'), ]; $table->data[6][2] = html_print_select( $trap_types, 'trap_type', $trap_type, '', '', '', true, false, false ); // Disable this feature (time will decide if temporarily) in Oracle cause the group by is very confictive. if ($config['dbtype'] != 'oracle') { $table->data[3][3] = ''.__('Group by Enterprise String/IP').''; $table->data[3][4] = __('Yes').' '.html_print_radio_button('group_by', 1, '', $group_by, true).' '; $table->data[3][4] .= __('No').' '.html_print_radio_button('group_by', 0, '', $group_by, true); } $filter = '
'; $filter_resume = []; $filter_resume['filter_fired'] = $alerted[$filter_fired]; $filter_resume['filter_severity'] = $severities[$filter_severity]; $filter_resume['pagination'] = $paginations[$pagination]; $filter_resume['free_search_string'] = $free_search_string; $filter_resume['filter_status'] = $status_array[$filter_status]; $filter_resume['group_by'] = $group_by; $filter_resume['date_from_trap'] = $date_from_trap; $filter_resume['time_from_trap'] = $time_from_trap; $filter_resume['date_to_trap'] = $date_to_trap; $filter_resume['time_to_trap'] = $time_to_trap; $filter_resume['trap_type'] = $trap_types[$trap_type]; $traps = db_get_all_rows_sql($sql); $trapcount = (int) db_get_value_sql($sql_count); // No traps. if (empty($traps)) { // Header. ui_print_page_header( __('SNMP Console'), 'images/op_snmp.png', false, 'snmp_console', false, [ $list, $statistics, ] ); $sql2 = 'SELECT * FROM ttrap WHERE ( `source` IN ('.implode(',', $address_by_user_groups).") OR `source`='' OR `source` NOT IN (".implode(',', $all_address_agents).') ) AND status = 0 ORDER BY timestamp DESC'; $traps2 = db_get_all_rows_sql($sql2); if (!empty($traps2)) { ui_toggle($filter, __('Toggle filter(s)')); print_snmp_tags_active_filters($filter_resume); ui_print_info_message(['no_close' => true, 'message' => __('There are no SNMP traps in database that contains this filter') ]); } else { ui_print_info_message(['no_close' => true, 'message' => __('There are no SNMP traps in database') ]); } return; } else { if ($config['pure']) { echo '