pridan parametr pro zapnuti logovani pomoci syslogu a zapnuti vypnuti verbose mode (vypis stacku)

4189ee7e · Tomáš Plesník · 7b7af66c · 4189ee7e · 4189ee7e · 4189ee7e
Commit 4189ee7e authored Oct 8, 2012 by Tomáš Plesník
--- a/src/warden-server/bin/getStatus.pl
+++ b/src/warden-server/bin/getStatus.pl
@@ -74,6 +74,21 @@ my @status = WardenStatus::getStatus($warden_path);
 my $server_status_ref = shift(@status);
 my @server_status = @$server_status_ref;

+my $syslog;
+my $syslog_verbose;
+
+if ($server_status[7] == 1) {
+  $syslog = "enabled";
+} else {
+  $syslog = "disabled";
+}
+
+if ($server_status[8] == 1) {
+  $syslog_verbose = "enabled";
+} else {
+  $syslog_verbose = "disabled";
+}
+
 print "Warden server variables:\n";
 print "========================\n";
 print "SERVER_VERSION:\t\t$server_status[0]\n";
@@ -83,21 +98,23 @@ print "PORT:\t\t\t$server_status[3]\n";
 print "DB_NAME:\t\t$server_status[4]\n";
 print "DB_USER:\t\t$server_status[5]\n";
 print "DB_HOST:\t\t$server_status[6]\n";
-print "SYSLOG_FACILITY:\t$server_status[7]\n";
+print "SYSLOG:\t\t\t$syslog\n";
+print "SYSLOG_VERBOSE:\t\t$syslog_verbose\n";
+print "SYSLOG_FACILITY:\t$server_status[9]\n";
 print "\n";

 print "Warden server status:\n";
 print "=====================\n";
-print "Database size:\t\t\t$server_status[8]\n";
-print "Count of saved events:\t\t$server_status[9]\n";
-print "Last ID in events table:\t$server_status[10]\n";
-print "Time of first inserted event:\t$server_status[11] (UTC)\n";
-print "Time of latest inserted event:\t$server_status[12] (UTC)\n";
-print "Count of registered clients:\t$server_status[13]\n";
+print "Database size:\t\t\t$server_status[10]\n";
+print "Count of saved events:\t\t$server_status[11]\n";
+print "Last ID in events table:\t$server_status[12]\n";
+print "Time of first inserted event:\t$server_status[13] (UTC)\n";
+print "Time of latest inserted event:\t$server_status[14] (UTC)\n";
+print "Count of registered clients:\t$server_status[15]\n";
 print "\n";

 # check if sum of registered client isn't 0
-if ($server_status[13] != 0) {
+if ($server_status[15] != 0) {
  print "Statistics of registered senders:\n";
  print "+----------------------------------------------------------------------------------------------------------------+\n";
  print "| Client ID  | Hostname                       | Service                   | Stored events | Last insertion (UTC) |\n";

--- a/src/warden-server/etc/warden-server.conf
+++ b/src/warden-server/etc/warden-server.conf
@@ -5,42 +5,53 @@
 #-------------------------------------------------------------------------------
 # BASEDIR - base directory of Warden server
 #-------------------------------------------------------------------------------
-$BASEDIR = "/opt/warden-server";
+$BASEDIR = '/opt/warden-server';

 #-------------------------------------------------------------------------------
-# FACILITY - syslog facility
+# SYSLOG - enable/disable syslog logging
 #-------------------------------------------------------------------------------
-$FACILITY = "local7";
+$SYSLOG	= 1;
+
+#-------------------------------------------------------------------------------
+# SYSLOG - enable/disable syslog logging in verbose mode (with stack information)
+#-------------------------------------------------------------------------------
+$SYSLOG_VERBOSE = 1;
+
+#-------------------------------------------------------------------------------
+# SYSLOG - syslog facility
+#-------------------------------------------------------------------------------
+$SYSLOG_FACILITY = 'local7';

 #-------------------------------------------------------------------------------
 # DB_NAME - database name of Warden server
 #-------------------------------------------------------------------------------
-$DB_NAME = "warden";
+$DB_NAME = 'warden';

 #-------------------------------------------------------------------------------
 # DB_USER - user of Warden server database
 #-------------------------------------------------------------------------------
-$DB_USER = "root";
+$DB_USER = 'root';

 #-------------------------------------------------------------------------------
 # DB_PASS - password of Warden server database
 #-------------------------------------------------------------------------------
-$DB_PASS = "";
+$DB_PASS = '';

 #-------------------------------------------------------------------------------
 # DB_HOST - what IP address to listen on of Warden server
 #-------------------------------------------------------------------------------
-$DB_HOST = "localhost";
+$DB_HOST = 'localhost';

 #-------------------------------------------------------------------------------
 # MAX_EVENTS_LIMIT - maximum number of events that can be downloaded from
 # 		    Warden server in a single getNewEvents client function call
 #-------------------------------------------------------------------------------
-$MAX_EVENTS_LIMIT = "1000000";
+$MAX_EVENTS_LIMIT = '1000000';

 #-------------------------------------------------------------------------------
 # VALID_STRINGS - validation hash containing allowed event attributes
 #-------------------------------------------------------------------------------
 %VALID_STRINGS = (
-"type" => ["portscan", "bruteforce", "probe", "spam", "phishing", "botnet_c_c", "dos", "malware", "copyright", "webattack", "test", "other"],
+	'type'		=> ['portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other'],
+	'source_type'	=> ['IP', 'URL', 'Reply-To:']
 );
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -20,6 +20,7 @@ use DateTime;
 use MIME::Base64;
 use Crypt::X509;
 use SOAP::Lite;
+use Carp;

 our $VERSION = "2.1";

@@ -29,7 +30,9 @@ our $VERSION = "2.1";
 ################################################################################

 my $conf_file = "/opt/warden-server/etc/warden-server.conf"; # path is updated by install.sh
-our $FACILITY	= undef;
+our $SYSLOG		= undef;
+our $SYSLOG_VERBOSE	= undef;
+our $SYSLOG_FACILITY	= undef;
 our $DB_NAME		= undef;
 our $DB_USER		= undef;
 our $DB_PASS		= undef;
@@ -68,8 +71,12 @@ sub sendMsg
  my $soap_msg		= shift;
  my $filename		= File::Basename::basename($0);

-  if (defined $severity && defined $syslog_msg) {
-    Sys::Syslog::openlog($filename, "cons,pid", $FACILITY);
+  if ($SYSLOG_VERBOSE == 1) {
+    $syslog_msg .= "\nStack info: " . Carp::longmess();
+  }
+
+  if ($SYSLOG == 1 && defined $severity && defined $syslog_msg) {
+    Sys::Syslog::openlog($filename, "cons,pid", $SYSLOG_FACILITY);
    Sys::Syslog::syslog("$severity", "$syslog_msg");
    Sys::Syslog::closelog();
  }
@@ -764,7 +771,9 @@ sub getStatus
      SOAP::Data->name(HOSTNAME			=> $hostname),
      SOAP::Data->name(IP_ADDRESS		=> $ip_address),
      SOAP::Data->name(PORT			=> $port),
-      SOAP::Data->name(FACILITY			=> $FACILITY),
+      SOAP::Data->name(SYSLOG			=> $SYSLOG),
+      SOAP::Data->name(SYSLOG_VERBOSE		=> $SYSLOG_VERBOSE),
+      SOAP::Data->name(SYSLOG_FACILITY		=> $SYSLOG_FACILITY),
      SOAP::Data->name(DB_NAME			=> $DB_NAME),
      SOAP::Data->name(DB_USER			=> $DB_USER),
      SOAP::Data->name(DB_HOST			=> $DB_HOST),

--- a/src/warden-server/lib/WardenStatus.pm
+++ b/src/warden-server/lib/WardenStatus.pm
@@ -146,7 +146,9 @@ sub getStatus
  my $db_name			= $response_data->{'DB_NAME'};
  my $db_user			= $response_data->{'DB_USER'};
  my $db_host			= $response_data->{'DB_HOST'};
-  my $facility			= $response_data->{'FACILITY'};
+  my $syslog			= $response_data->{'SYSLOG'};
+  my $syslog_verbose		= $response_data->{'SYSLOG_VERBOSE'};
+  my $syslog_facility		= $response_data->{'SYSLOG_FACILITY'};
  my $db_size			= $response_data->{'DB_SIZE'};
  my $events_sum		= $response_data->{'EVENTS_SUM'};
  my $events_last_id		= $response_data->{'EVENTS_LAST_ID'};
@@ -154,7 +156,7 @@ sub getStatus
  my $events_last_timestamp	= $response_data->{'EVENTS_LAST_TIMESTAMP'};
  my $clients_sum	 	= $response_data->{'CLIENTS_SUM'};

-  my @server_status = ($version, $server_hostname, $ip_address, $port, $db_name, $db_user, $db_host, $facility, $db_size, $events_sum, $events_last_id, $events_first_timestamp, $events_last_timestamp, $clients_sum);
+  my @server_status = ($version, $server_hostname, $ip_address, $port, $db_name, $db_user, $db_host, $syslog, $syslog_verbose, $syslog_facility, $db_size, $events_sum, $events_last_id, $events_first_timestamp, $events_last_timestamp, $clients_sum);
  my @status;
  push(@status, \@server_status);