Skip to content
Snippets Groups Projects
Commit 4189ee7e authored by Tomáš Plesník's avatar Tomáš Plesník
Browse files

pridan parametr pro zapnuti logovani pomoci syslogu a zapnuti vypnuti verbose mode (vypis stacku)

parent 7b7af66c
No related branches found
No related tags found
No related merge requests found
...@@ -74,6 +74,21 @@ my @status = WardenStatus::getStatus($warden_path); ...@@ -74,6 +74,21 @@ my @status = WardenStatus::getStatus($warden_path);
my $server_status_ref = shift(@status); my $server_status_ref = shift(@status);
my @server_status = @$server_status_ref; my @server_status = @$server_status_ref;
my $syslog;
my $syslog_verbose;
if ($server_status[7] == 1) {
$syslog = "enabled";
} else {
$syslog = "disabled";
}
if ($server_status[8] == 1) {
$syslog_verbose = "enabled";
} else {
$syslog_verbose = "disabled";
}
print "Warden server variables:\n"; print "Warden server variables:\n";
print "========================\n"; print "========================\n";
print "SERVER_VERSION:\t\t$server_status[0]\n"; print "SERVER_VERSION:\t\t$server_status[0]\n";
...@@ -83,21 +98,23 @@ print "PORT:\t\t\t$server_status[3]\n"; ...@@ -83,21 +98,23 @@ print "PORT:\t\t\t$server_status[3]\n";
print "DB_NAME:\t\t$server_status[4]\n"; print "DB_NAME:\t\t$server_status[4]\n";
print "DB_USER:\t\t$server_status[5]\n"; print "DB_USER:\t\t$server_status[5]\n";
print "DB_HOST:\t\t$server_status[6]\n"; print "DB_HOST:\t\t$server_status[6]\n";
print "SYSLOG_FACILITY:\t$server_status[7]\n"; print "SYSLOG:\t\t\t$syslog\n";
print "SYSLOG_VERBOSE:\t\t$syslog_verbose\n";
print "SYSLOG_FACILITY:\t$server_status[9]\n";
print "\n"; print "\n";
print "Warden server status:\n"; print "Warden server status:\n";
print "=====================\n"; print "=====================\n";
print "Database size:\t\t\t$server_status[8]\n"; print "Database size:\t\t\t$server_status[10]\n";
print "Count of saved events:\t\t$server_status[9]\n"; print "Count of saved events:\t\t$server_status[11]\n";
print "Last ID in events table:\t$server_status[10]\n"; print "Last ID in events table:\t$server_status[12]\n";
print "Time of first inserted event:\t$server_status[11] (UTC)\n"; print "Time of first inserted event:\t$server_status[13] (UTC)\n";
print "Time of latest inserted event:\t$server_status[12] (UTC)\n"; print "Time of latest inserted event:\t$server_status[14] (UTC)\n";
print "Count of registered clients:\t$server_status[13]\n"; print "Count of registered clients:\t$server_status[15]\n";
print "\n"; print "\n";
# check if sum of registered client isn't 0 # check if sum of registered client isn't 0
if ($server_status[13] != 0) { if ($server_status[15] != 0) {
print "Statistics of registered senders:\n"; print "Statistics of registered senders:\n";
print "+----------------------------------------------------------------------------------------------------------------+\n"; print "+----------------------------------------------------------------------------------------------------------------+\n";
print "| Client ID | Hostname | Service | Stored events | Last insertion (UTC) |\n"; print "| Client ID | Hostname | Service | Stored events | Last insertion (UTC) |\n";
......
...@@ -5,42 +5,53 @@ ...@@ -5,42 +5,53 @@
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# BASEDIR - base directory of Warden server # BASEDIR - base directory of Warden server
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$BASEDIR = "/opt/warden-server"; $BASEDIR = '/opt/warden-server';
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# FACILITY - syslog facility # SYSLOG - enable/disable syslog logging
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$FACILITY = "local7"; $SYSLOG = 1;
#-------------------------------------------------------------------------------
# SYSLOG - enable/disable syslog logging in verbose mode (with stack information)
#-------------------------------------------------------------------------------
$SYSLOG_VERBOSE = 1;
#-------------------------------------------------------------------------------
# SYSLOG - syslog facility
#-------------------------------------------------------------------------------
$SYSLOG_FACILITY = 'local7';
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# DB_NAME - database name of Warden server # DB_NAME - database name of Warden server
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$DB_NAME = "warden"; $DB_NAME = 'warden';
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# DB_USER - user of Warden server database # DB_USER - user of Warden server database
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$DB_USER = "root"; $DB_USER = 'root';
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# DB_PASS - password of Warden server database # DB_PASS - password of Warden server database
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$DB_PASS = ""; $DB_PASS = '';
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# DB_HOST - what IP address to listen on of Warden server # DB_HOST - what IP address to listen on of Warden server
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$DB_HOST = "localhost"; $DB_HOST = 'localhost';
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# MAX_EVENTS_LIMIT - maximum number of events that can be downloaded from # MAX_EVENTS_LIMIT - maximum number of events that can be downloaded from
# Warden server in a single getNewEvents client function call # Warden server in a single getNewEvents client function call
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
$MAX_EVENTS_LIMIT = "1000000"; $MAX_EVENTS_LIMIT = '1000000';
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# VALID_STRINGS - validation hash containing allowed event attributes # VALID_STRINGS - validation hash containing allowed event attributes
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
%VALID_STRINGS = ( %VALID_STRINGS = (
"type" => ["portscan", "bruteforce", "probe", "spam", "phishing", "botnet_c_c", "dos", "malware", "copyright", "webattack", "test", "other"], 'type' => ['portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other'],
'source_type' => ['IP', 'URL', 'Reply-To:']
); );
...@@ -20,6 +20,7 @@ use DateTime; ...@@ -20,6 +20,7 @@ use DateTime;
use MIME::Base64; use MIME::Base64;
use Crypt::X509; use Crypt::X509;
use SOAP::Lite; use SOAP::Lite;
use Carp;
our $VERSION = "2.1"; our $VERSION = "2.1";
...@@ -29,11 +30,13 @@ our $VERSION = "2.1"; ...@@ -29,11 +30,13 @@ our $VERSION = "2.1";
################################################################################ ################################################################################
my $conf_file = "/opt/warden-server/etc/warden-server.conf"; # path is updated by install.sh my $conf_file = "/opt/warden-server/etc/warden-server.conf"; # path is updated by install.sh
our $FACILITY = undef; our $SYSLOG = undef;
our $DB_NAME = undef; our $SYSLOG_VERBOSE = undef;
our $DB_USER = undef; our $SYSLOG_FACILITY = undef;
our $DB_PASS = undef; our $DB_NAME = undef;
our $DB_HOST = undef; our $DB_USER = undef;
our $DB_PASS = undef;
our $DB_HOST = undef;
our $MAX_EVENTS_LIMIT = 1000000; # default value our $MAX_EVENTS_LIMIT = 1000000; # default value
our %VALID_STRINGS = undef; our %VALID_STRINGS = undef;
...@@ -68,8 +71,12 @@ sub sendMsg ...@@ -68,8 +71,12 @@ sub sendMsg
my $soap_msg = shift; my $soap_msg = shift;
my $filename = File::Basename::basename($0); my $filename = File::Basename::basename($0);
if (defined $severity && defined $syslog_msg) { if ($SYSLOG_VERBOSE == 1) {
Sys::Syslog::openlog($filename, "cons,pid", $FACILITY); $syslog_msg .= "\nStack info: " . Carp::longmess();
}
if ($SYSLOG == 1 && defined $severity && defined $syslog_msg) {
Sys::Syslog::openlog($filename, "cons,pid", $SYSLOG_FACILITY);
Sys::Syslog::syslog("$severity", "$syslog_msg"); Sys::Syslog::syslog("$severity", "$syslog_msg");
Sys::Syslog::closelog(); Sys::Syslog::closelog();
} }
...@@ -764,7 +771,9 @@ sub getStatus ...@@ -764,7 +771,9 @@ sub getStatus
SOAP::Data->name(HOSTNAME => $hostname), SOAP::Data->name(HOSTNAME => $hostname),
SOAP::Data->name(IP_ADDRESS => $ip_address), SOAP::Data->name(IP_ADDRESS => $ip_address),
SOAP::Data->name(PORT => $port), SOAP::Data->name(PORT => $port),
SOAP::Data->name(FACILITY => $FACILITY), SOAP::Data->name(SYSLOG => $SYSLOG),
SOAP::Data->name(SYSLOG_VERBOSE => $SYSLOG_VERBOSE),
SOAP::Data->name(SYSLOG_FACILITY => $SYSLOG_FACILITY),
SOAP::Data->name(DB_NAME => $DB_NAME), SOAP::Data->name(DB_NAME => $DB_NAME),
SOAP::Data->name(DB_USER => $DB_USER), SOAP::Data->name(DB_USER => $DB_USER),
SOAP::Data->name(DB_HOST => $DB_HOST), SOAP::Data->name(DB_HOST => $DB_HOST),
......
...@@ -146,7 +146,9 @@ sub getStatus ...@@ -146,7 +146,9 @@ sub getStatus
my $db_name = $response_data->{'DB_NAME'}; my $db_name = $response_data->{'DB_NAME'};
my $db_user = $response_data->{'DB_USER'}; my $db_user = $response_data->{'DB_USER'};
my $db_host = $response_data->{'DB_HOST'}; my $db_host = $response_data->{'DB_HOST'};
my $facility = $response_data->{'FACILITY'}; my $syslog = $response_data->{'SYSLOG'};
my $syslog_verbose = $response_data->{'SYSLOG_VERBOSE'};
my $syslog_facility = $response_data->{'SYSLOG_FACILITY'};
my $db_size = $response_data->{'DB_SIZE'}; my $db_size = $response_data->{'DB_SIZE'};
my $events_sum = $response_data->{'EVENTS_SUM'}; my $events_sum = $response_data->{'EVENTS_SUM'};
my $events_last_id = $response_data->{'EVENTS_LAST_ID'}; my $events_last_id = $response_data->{'EVENTS_LAST_ID'};
...@@ -154,7 +156,7 @@ sub getStatus ...@@ -154,7 +156,7 @@ sub getStatus
my $events_last_timestamp = $response_data->{'EVENTS_LAST_TIMESTAMP'}; my $events_last_timestamp = $response_data->{'EVENTS_LAST_TIMESTAMP'};
my $clients_sum = $response_data->{'CLIENTS_SUM'}; my $clients_sum = $response_data->{'CLIENTS_SUM'};
my @server_status = ($version, $server_hostname, $ip_address, $port, $db_name, $db_user, $db_host, $facility, $db_size, $events_sum, $events_last_id, $events_first_timestamp, $events_last_timestamp, $clients_sum); my @server_status = ($version, $server_hostname, $ip_address, $port, $db_name, $db_user, $db_host, $syslog, $syslog_verbose, $syslog_facility, $db_size, $events_sum, $events_last_id, $events_first_timestamp, $events_last_timestamp, $clients_sum);
my @status; my @status;
push(@status, \@server_status); push(@status, \@server_status);
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment