WardenClientSend.pm

#!/usr/bin/perl -w
#
# WardenClientSend.pm
#
# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.  

package WardenClientSend;

use strict;
use SOAP::Lite;
use IO::Socket::SSL qw(debug1);
use SOAP::Transport::HTTP;
use Sys::Syslog;

our $VERSION = "2.2";

#-------------------------------------------------------------------------------
# saveNewEvent - send new event from detection scripts to warden server
#-------------------------------------------------------------------------------
sub saveNewEvent
{
  my $result;

    my $warden_path = shift;
    my $event_ref = shift;

    my $etcdir = $warden_path . "/etc/";
    my $libdir = $warden_path . "/lib/";

    require $libdir . "WardenClientConf.pm";
    require $libdir . "WardenClientCommon.pm";  

    # read the config file
    my $conf_file = $etcdir . "warden-client.conf";
    WardenClientConf::loadConf($conf_file);

    # prepare variables of event 
    my @event        = @{$event_ref};
    my $service      = $event[0];
    my $detected     = $event[1];
    my $type         = $event[2];
    my $source_type  = $event[3];
    my $source       = $event[4];
    my $target_proto = $event[5];
    my $target_port  = $event[6];
    my $attack_scale = $event[7];
    my $note         = $event[8];
    my $priority     = $event[9];
    my $timeout      = $event[10];

    # Issue #596 - Should be removed in Warden client 3.0.
    # Checking for obsolete attributes priority or timeout. If not default or 'undef' values are found, print out warning.

    # check if obsolete event attribute Priority is used
    if ((defined $priority) && ($priority >= 1)) {
      # print warning
      WardenClientCommon::errMsg('Event attribute "Priority" is now obsolete and will be removed in Warden client 3.0', 'warn');
    }

    # check if obsolete event attribute Timeout is used
    if ((defined $timeout) && ($timeout >= 0)) {
      # print warning
      WardenClientCommon::errMsg('Event attribute "Timeout" is now obsolete and will be removed in Warden client 3.0', 'warn');
    }
   
    # end of Issue #596 
    

  my $event;
  eval {
    # create SOAP data object
    $event = SOAP::Data->name(
      event => \SOAP::Data->value(
        SOAP::Data->name(SERVICE      => $service),
        SOAP::Data->name(DETECTED     => $detected),
        SOAP::Data->name(TYPE         => $type),
        SOAP::Data->name(SOURCE_TYPE  => $source_type),
        SOAP::Data->name(SOURCE       => $source),
        SOAP::Data->name(TARGET_PROTO => $target_proto),
        SOAP::Data->name(TARGET_PORT  => $target_port),
        SOAP::Data->name(ATTACK_SCALE => $attack_scale),
        SOAP::Data->name(NOTE         => $note),
        SOAP::Data->name(PRIORITY     => $priority),
        SOAP::Data->name(TIMEOUT      => $timeout)
      )
    );
  } # end of eval
  or WardenClientCommon::errMsg('Unknown error when creating SOAP data object, ' . $@);

  # c2s() returns undef on fail.
  $result = WardenClientCommon::c2s($WardenClientConf::URI, $WardenClientConf::SSL_KEY_FILE, $WardenClientConf::SSL_CERT_FILE, $WardenClientConf::SSL_CA_FILE, "saveNewEvent", $event);

  defined $result ? return 1 : return 0;  
 
} # End of saveNewEvent

1;