diff --git a/src/warden-server/lib/Warden.pm b/src/warden-server/lib/Warden.pm
index d2d11164de4410dad3f67301e527809c29a5be0d..86722b8bc42180f1b923b22eac881a3394357327 100755
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -207,17 +207,17 @@ sub saveNewEvent
my $received = DateTime->now; # time of event delivery (UTC)
# parse object (event) item
- my $service = $data->{'SERVICE'};
- my $detected = $data->{'DETECTED'};
- my $type = $data->{'TYPE'};
- my $source_type = $data->{'SOURCE_TYPE'};
- my $source = $data->{'SOURCE'};
- my $target_proto = $data->{'TARGET_PROTO'};
- my $target_port = $data->{'TARGET_PORT'};
- my $attack_scale = $data->{'ATTACK_SCALE'};
- my $note = $data->{'NOTE'};
- my $priority = $data->{'PRIORITY'};
- my $timeout = $data->{'TIMEOUT'};
+ my $service = $data->{'SERVICE'} || ""; # tested
+ my $detected = $data->{'DETECTED'} || ""; # tested
+ my $type = $data->{'TYPE'} || ""; # tested
+ my $source_type = $data->{'SOURCE_TYPE'} || ""; # tested
+ my $source = $data->{'SOURCE'} || ""; # untested
+ my $target_proto = $data->{'TARGET_PROTO'} || ""; # untested
+ my $target_port = $data->{'TARGET_PORT'} || ""; # tested
+ my $attack_scale = $data->{'ATTACK_SCALE'} || ""; # tested
+ my $note = $data->{'NOTE'} || ""; # untested
+ my $priority = $data->{'PRIORITY'} || ""; # tested
+ my $timeout = $data->{'TIMEOUT'} || ""; # tested
# authorize incoming client
my %client = authorizeClient($alt_names, $ip, $service, $client_type, $function_name);
@@ -227,7 +227,20 @@ sub saveNewEvent
"Incoming event: [client_id: '$client{'client_id'}', service: '$service', detected: '$detected', type: '$type', source_type: '$source_type', source: '$source', target_proto: '$target_proto', target_port: '$target_port', attack_scale: '$attack_scale', note: '$note', priority: '$priority', timeout: '$timeout']",
undef);
- # check event item: 'detected'
+ # MySQL optimalization - replace empty string to undef
+ $service = undef if $service eq "";
+ $detected = undef if $detected eq "";
+ $type = undef if $type eq "";
+ $source_type = undef if $source_type eq "";
+ $source = undef if $source eq "";
+ $target_proto = undef if $target_proto eq "";
+ $target_port = undef if $target_port eq "";
+ $attack_scale = undef if $attack_scale eq "";
+ $note = undef if $note eq "";
+ $priority = undef if $priority eq "";
+ $timeout = undef if $timeout eq "";
+
+ # test event item: 'detected'
# http://my.safaribooksonline.com/book/programming/regular-expressions/9780596802837/4dot-validation-and-formatting/id2983571
if ($detected !~ /^((?:[1-9][0-9]*)?[0-9]{4})-(1[0-2]|0[1-9])-(3[0-1]|0[1-9]|[1-2][0-9])T(2[0-3]|[0-1][0-9]):([0-5][0-9]):([0-5][0-9])(\.[0-9]+)?(Z|[+-](?:2[0-3]|[0-1][0-9]):[0-5][0-9])?/) {
sendMsg("err",
@@ -235,7 +248,7 @@ sub saveNewEvent
"Unknown detected time format: '$detected'");
}
- # check event item: 'event_type' and 'source_type' (based on VALIDATION HASH)
+ # test event item: 'event_type', 'source_type' (based on VALIDATION HASH)
if (%WardenCommon::VALID_STRINGS) {
if (!(exists $WardenCommon::VALID_STRINGS{'type'} && grep $type eq $_, @{$WardenCommon::VALID_STRINGS{'type'}})) {
sendMsg("err",
@@ -248,7 +261,7 @@ sub saveNewEvent
}
}
- # check event items: target_port, attack_scale, priority, timeout
+ # test event items: 'target_port', 'attack_scale', 'priority', 'timeout'
my @change_list;
if (defined $target_port && $target_port !~ /^\d+\z/) {
push(@change_list, "target_port: '$target_port'");