Skip to content
Snippets Groups Projects
Commit b1b86b83 authored by Tomáš Plesník's avatar Tomáš Plesník
Browse files

Merged master fixed conflict

parents 3f29a9cc bae03db1
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 344 additions and 448 deletions
src/contrib/wardenWatchdog/wardenWatchdog.pl deleted 100755 → 0
+ 0
54
View file @ 3f29a9cc
#!/usr/bin/perl
#
# wardenWatchdog.pl
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use strict;
use warnings;
use Getopt::Long;
use FindBin;
FindBin::again();
use lib "$FindBin::Bin";
use WardenWatchdog;
#-------------------------------------------------------------------------------
# help
#
# Just print help and exit.
#
# Input: -
#
# Output: -
#
# Return:
# On Success (1)
#-------------------------------------------------------------------------------
sub help {
my $help =" USAGE: ./wardenWatchdog.pl -c '/path/WardenWatchdog.conf' -i 7
OPTIONS
-c conf configuration file name and path
-i interval interval in days from now back to the past
";
print $help;
return 1;
}
my ($help, $config, $interval);
if (@ARGV < 3 || defined($help) || !GetOptions('help|?|h' => \$help, 'c|conf=s' => \$config, 'i|interval=i' => \$interval)){
help();
}
else{
my ($rc,$err) = WardenWatchdog::run($config,$interval);
if(!$rc){
print "WardenWatchdog error: $err";
}
}
1;
src/warden-server/bin/wardenWatchdog.pl
+ 35
188
View file @ b1b86b83
#!/usr/bin/perl
#
# WardenWatchdog.pl
# wardenWatchdog.pl
#
# Copyright (C) 2011-2013 Cesnet z.s.p.o
# Copyright (C) 2011-2012 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use WardenConf;
use strict;
use warnings;
use DBI;
use DBD::mysql;
use DateTime;
#use Email::Simple;
use Sys::Hostname;
use Text::Wrap;
use Data::Dumper;
sub sendmailWrapper{
my $message = shift;
if(open(my $sendmail, '|/usr/sbin/sendmail -oi -t')){
print $sendmail $message;
close $sendmail;
return 1;
} else {
return (0, "Sending email failed: $!");
}
}
# Array of hashes
#{query => ; text => ; contact => }
# Get clients admins
sub sendReport{
my $input_data = shift;
my $contact = $$input_data{'contact'};
my $domain = $$input_data{'domain'};
my $text = $$input_data{'text'};
my $from_hostname;
my $message;
if(!($contact)){
return (0, "Empty 'To' email header!\n");
}
$domain =~ s/\./\./;
eval{
$from_hostname = hostname();
if(!($from_hostname =~ m/$domain/gi)){
$from_hostname .= $domain;
}
};
if($@){
return (0, "Can't retrive hostname for 'From' header!\n");
}
use Getopt::Long;
use FindBin qw($RealBin);
FindBin::again();
use lib "$RealBin/../lib";
use WardenWatchdog;
eval{
#$message = Email::Simple->create(
#header => [
#To => $contact,
#From => 'warden_watchdog@'.$from_hostname,
#Subject => 'Kotrola stavu udalosti na Wardenu'],
#body => fill('','',$text));
};
if($@){
return (0, "Can't create email message\n");
}
print "== $contact ==\n$text\n";
my ($rc, $err) = 1;#sendmailWrapper($message->as_string);
if(!$rc){
return (0, $err);
}
#-------------------------------------------------------------------------------
# help
#
# Just print help and exit.
#
# Input: -
#
# Output: -
#
# Return:
# On Success (1)
#-------------------------------------------------------------------------------
sub help
{
my $help =" USAGE: ./wardenWatchdog.pl -c /path/WardenWatchdog.conf -i 7
OPTIONS
-c conf configuration file name and path
-i interval interval in days from now back to the past
";
print $help;
return 1;
}
sub connect_to_DB {
my $dbPlatform = 'mysql';
my $dbName = 'warden';
my $dbHostname = 'localhost';
my $dbUser = 'root';
my $dbPasswd = 'w4rd3n&r00t';
my $dbhRef = shift;
my $dbh;
if($dbh = DBI->connect( "dbi:$dbPlatform:database=$dbName;host=$dbHostname", $dbUser, $dbPasswd, {RaiseError => 1, mysql_auto_reconnect => 1})){
$$dbhRef = $dbh;
return 1;
}
else{
return (0,"Cannot connect to database! ".DBI->errstr);
}
my ($help, $config, $interval);
if (@ARGV < 3 || defined($help) || !GetOptions('help|?|h' => \$help, 'c|conf=s' => \$config, 'i|interval=i' => \$interval)) {
help();
}
sub sendQuery{
my $configRef = shift;
my $eventsRef = shift;
my @config = @{$configRef};
my %bad_events;
my ($rc,$err);
my $dbh;
my $i = 0;
# connect to DB
($rc,$err) = connect_to_DB(\$dbh);
if (!$rc){
return (0, $err);
}
while ($i < scalar(@config)) {
my $contact;
# run DB query -> requestor, client name
my $sth;
if (defined($config[$i]{query})){
$sth = $dbh->prepare($config[$i]{query});
}
else{
return (0, "No query availble\n");
}
if (!($sth->execute)){
return (0, "Couldn't get data from my database: $sth->errstr\n");
};
my @result;
while(@result = $sth->fetchrow()){
if (defined($config[$i]{contact})){
$contact = $config[$i]{contact};
}
else{
$contact = "from_db\@$result[0]";
}
$bad_events{$contact} .= $config[$i]{text} . "DB INFO: ". join(', ',@result) ."\n";
}
$sth->finish;
$i++;
}
# disconnect to DB
$dbh->disconnect;
%$eventsRef = %bad_events;
return 1;
}
sub run{
my $domain = shift;
my $period = shift;
my $date;
eval{
my $dt = DateTime->now();
$dt = DateTime->now()->subtract(days => $period);
$date = $dt->date();
};
if($@){
print "Warden watchdog - can't work with date\n";
#syslog("err|Warden watchdog - can't work with date\n");
}
my @configuration = (
{query => "SELECT hostname, service, MAX(received) FROM events WHERE valid = 't' GROUP BY hostname, service ORDER BY MAX(received) ASC;", text => "Hey, this is test of warning for admin!\n"},
{query => "SELECT requestor FROM clients WHERE service IN (SELECT service FROM events WHERE detected > '$date' AND type NOT IN ('portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other') AND valid = 't' GROUP BY service) GROUP BY requestor;", text => "Hey, this is test of warning!\n", contact => 'warden-administrator@cesnet.cz'});
$Text::Wrap::columns = 80;
my %bad_events;
my $i = 0;
while ($i < scalar(@configuration)) {
my ($rc,$err) = sendQuery(\@configuration,\%bad_events);
if (!$rc){
print "Warden watchdog - $err\n";
#syslog("err|Warden watchdog - $err\n");
}
$i++;
}
while (my ($contact, $text) = each(%bad_events)){
my %input = (contact => $contact, domain => $domain, text => $text);
my ($rc,$err) = sendReport(\%input);
if (!$rc){
# TODO syslog
print $err;
#syslog("err|Warden client - networkReporter $err\n");
}
print "\n\n";
else {
my ($rc,$err) = WardenWatchdog::run($config,$interval);
if(!$rc) {
print "WardenWatchdog error: $err";
}
}
run('warden-dev.cesnet.cz',7);
1;
src/warden-server/doc/README
+ 109
99
View file @ b1b86b83
......@@ -4,57 +4,61 @@
Content
A. Overall Information
B. Installation Dependencies
C. Installation
D. Update
E. Uninstallation
F. Miscellaneous
G. Registration of Clients
H. Status Info
A. Overall Information
B. Installation Dependencies
C. Installation
D. Update
E. Uninstallation
F. Miscellaneous
G. Registration of Clients
H. Status Info
--------------------------------------------------------------------------------
A. Overall Information
1. About Warden System
1. About Warden System
Warden is a client-server architecture service designed to share detected
security events (issues) among CSIRT and CERT teams in a simple and fast way.
This package contains the Warden server.
2. Version
2. Version
2.2 (2013-??-??)
3. Package structure
3. Package structure
warden-server/
bin/
getClients.pl
getStatus.pl
registerReceiver.pl
registerSender.pl
unregisterClients.pl
getClients.pl
getStatus.pl
registerReceiver.pl
registerSender.pl
unregisterClients.pl
wardenWatchdog.pl
doc/
AUTHORS
AUTHORS
CHANGELOG
INSTALL
LICENSE
README
UNINSTALL
UPDATE
warden.mysql
warden21to22.patch
INSTALL
LICENSE
README
README.wardenWatchdog
UNINSTALL
UPDATE
warden.mysql
warden21to22.patch
etc/
package_version
package_version
warden-apache.conf
warden-server.conf
warden-server.conf
WardenWatchdog.conf
lib/
Warden.pm
WardenCommon.pm
Warden/
ApacheDispatch.pm
Warden.pm
WardenCommon.pm
WardenWatchdog.pm
Warden/
ApacheDispatch.pm
uninstall.sh
......@@ -91,11 +95,11 @@ B. Installation Dependencies
--------------------------------------------------------------------------------
C. Installation
1. Check SHA1 checksum of the Warden server package archive.
1. Check SHA1 checksum of the Warden server package archive.
$ sha1sum -c warden-server-2.2.tar.gz.sig
2. Untar it.
2. Untar it.
$ tar xzvf warden-server-2.2.tar.gz
......@@ -118,12 +122,12 @@ C. Installation
-a /etc/ssl/certs/bundle.pem
4. Configuration files
You are advised to check configuration file warden-apache.conf and
warden-server.conf in warden-server/etc/ directory after installation.
For more information about post-installation steps see INSTALL file in
'doc' directory.
SOAP protocol is used for handling communication between server and clients.
Therefore, correct URI of Warden server must be set.
......@@ -137,40 +141,40 @@ C. Installation
The Warden server configuration file contains:
BASEDIR - base directory of the Warden server
e.g. /opt/warden-server/
BASEDIR - base directory of the Warden server
e.g. /opt/warden-server/
SYSLOG - enable/disable syslog logging
e.g. 1
SYSLOG - enable/disable syslog logging
e.g. 1
SYSLOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
e.g. 1
SYSLOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
e.g. 1
SYSLOG_FACILITY - syslog facility
e.g. local7
SYSLOG_FACILITY - syslog facility
e.g. local7
DB_NAME - MySQL database name of Warden server
e.g. warden
DB_NAME - MySQL database name of Warden server
e.g. warden
DB_USER - MySQL database user of Warden server
e.g. warden
DB_USER - MySQL database user of Warden server
e.g. warden
DB_PASS - MySQL database password of Warden server
DB_PASS - MySQL database password of Warden server
DB_HOST - MySQL database host
e.g. localhost
DB_HOST - MySQL database host
e.g. localhost
MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
delivered to one client in one batch
e.g. 1000000
e.g. 1000000
VALID_STRINGS - validation hash containing allowed event attributes
e.g.
e.g.
%VALID_STRINGS = (
'type' => ['portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other'],
'source_type' => ['IP', 'URL', 'Reply-To:']
);
%VALID_STRINGS = (
'type' => ['portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other'],
'source_type' => ['IP', 'URL', 'Reply-To:']
);
b) warden-apache.conf
......@@ -185,15 +189,15 @@ C. Installation
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile <path_to_server_certificate>
SSLCertificateKeyFile <path_to_server_certificate_key>
SSLCACertificateFile <path_to_CA_certificate>
SSLCertificateFile <path_to_server_certificate>
SSLCertificateKeyFile <path_to_server_certificate_key>
SSLCACertificateFile <path_to_CA_certificate>
PerlOptions +Parent
PerlSwitches -I <path_to_warden_server_libs>
<Location /Warden>
SetHandler perl-script
SetHandler perl-script
PerlHandler Warden::ApacheDispatch
SSLOptions +StdEnvVars
</Location>
......@@ -213,8 +217,8 @@ D. Update
Example: # ./update.sh -d /opt/warden-server
For more information about post-update steps see UPDATE file in 'doc'
directory.
For more information about post-update steps see UPDATE file in 'doc'
directory.
--------------------------------------------------------------------------------
......@@ -231,55 +235,61 @@ E. Uninstallation
Example: # ./uninstall.sh -d /opt/warden-server
For more information about post-uninstallation steps see UNINSTALL file in 'doc'
directory.
For more information about post-uninstallation steps see UNINSTALL file in 'doc'
directory.
--------------------------------------------------------------------------------
F. Miscellaneous
1. Error Messages
1. Error Messages
Error messages of the server functions are sent via Syslog.
Default is local7 facility.
2. Firewall Settings
2. Firewall Settings
Make sure that the TCP port listed in /etc/apache2/sites-enables/default(-ssl)
is allowed on your firewall.
3. Privileges
3. Privileges
The Warden server runs only under root privileges.
4. Known Issues
4. Known Issues
No issues are known.
5. Database checks
If you want apply an offline checks to your received data health, you can use
the wardenWatchdog.pl script. You can found the documentation in a separate
README.wardenWatchdog file.
--------------------------------------------------------------------------------
G. Registration of Clients
The Warden server administrator is responsible for registering new clients or
removing those already registered. Both registration or unregistration scripts
are provided in the Warden server package. Those scripts should be run from
the same machine the Warden server is installed and running on.
The Warden server administrator is responsible for registering new clients or
removing those already registered. Both registration or unregistration scripts
are provided in the Warden server package. Those scripts should be run from
the same machine the Warden server is installed and running on.
Members of Warden community who would like to have their client registered must
contact the Warden server administrator with the requirement. This is usually
done via secured e-mail. Requestor should provide all important data to the
Warden server administrator so that the client can be successfully registered.
Members of Warden community who would like to have their client registered must
contact the Warden server administrator with the requirement. This is usually
done via secured e-mail. Requestor should provide all important data to the
Warden server administrator so that the client can be successfully registered.
1. Register Sender
1. Register Sender
New sender clients are registered in Warden system via registerSender.pl.
New sender clients are registered in Warden system via registerSender.pl.
Following attributes must be provided in order to register new client
successfully:
hostname - hostname of the client,
requestor - organization or authorized person who demands new
client registration,
client registration,
service - name of the service of a new registered client,
description_tags - tags describing the nature of the service,
ip_net_client - CIDR the client is only allowed to communicate from,
......@@ -287,19 +297,19 @@ G. Registration of Clients
One can run registerSender.pl with -h argument to see a help.
2. Register Receiver
2. Register Receiver
New receiver clients are registered in Warden system via
New receiver clients are registered in Warden system via
registerReceiver.pl.
Following attributes must be provided in order to register new client
successfully:
hostname - hostname of the client,
requestor - organization or authorized person who demands new
client registration,
client registration,
type - the type of events the client wish to receive or '_any_'
for receiving of all types of events,
for receiving of all types of events,
receive_own_events - boolean value describing if events originating from
the same CIDR will be sent to the client,
ip_net_client - CIDR the client is only allowed to communicate from,
......@@ -307,9 +317,9 @@ G. Registration of Clients
One can run registerReceiver.pl with -h argument to see a help.
3. Unregister Client
3. Unregister Client
In the Warden system, already registered clients can be unregistered
In the Warden system, already registered clients can be unregistered
via unregisterClient.pl.
Following attribute must be provided in order to unregister existing client
......@@ -335,13 +345,13 @@ H. Status Info
1. Get Status
Function getStatus is accessible via getStatus.pl. Function has no input
Function getStatus is accessible via getStatus.pl. Function has no input
parameters and returns info about the Warden server, its DB status and
event's statistics of active registered senders.
2. Get Clients
Function getClients is accessible via getClients.pl. Function has no input
Function getClients is accessible via getClients.pl. Function has no input
parameters and returns detailed information about all registered clients.
--------------------------------------------------------------------------------
......
src/warden-server/doc/README.wardenWatchdog 0 → 100644
+ 86
0
View file @ b1b86b83
+----------------------------+
| README - Warden Watchdog |
+----------------------------+
Content
A. Overall Information
B. Dependencies
C. Configuration file
D. Application run
--------------------------------------------------------------------------------
A. Overall Information
Warden Watchdog is a simple script for check of an Warden server DB. You can
create various SQL queries (checks) for an example for events from wrong IPs,
for events with incomplete description or for long quiet reporting clients.
Then you can run watchdog by hand or a repeatedly via Cron.
If one or more events are found by a check, than predefined information
email is sent to a person, who is responsible for a client. You can also set
a different recipient of a notification email for each check with a setting
'contact' field in a configuration file.
--------------------------------------------------------------------------------
B. Installation Dependencies
1. Applications:
Perl >= 5.10.1
MySQL >= 5.1.63
Apache >= 2.2.14
2. Perl modules:
DBI >= 1.612
DBD::mysql >= 4.016
DateTime >= 0.61
Getopt::Long >= 1.06
Email::Simple >= 2.100
Sys::Hostname >= 1.11
FindBin >= 1.50
--------------------------------------------------------------------------------
C. Configuration file
Each configuration file for a Warden Watchdog has four important groups of
settings. First group is clear and contains parameters such as path to Warden
server configuration file, notification email subject and a email server
configuration. Second group called SQL preconditions is an array containing
SQL queries which can be executed before Warden DB check. Last, fourth, group
called SQL postconditions is also an array which can contains SQL queries
useful for a Warden DB clean up after a DB check.
The second group in a configuration file is a different. It is an array of
hashes with a following structure and each one performs one check. In a
query is possible to use a '\$date' variable, which will be expanded by a
Watchdog on a today's date.
@sql_queries = (
{
query => '<SQL query (check) on Warden DB>';
text => 'Text of notification email for this DB check';
contact => '<email address>' # override contact from 'requestor' column
}
)
--------------------------------------------------------------------------------
D. Application run
You will need just a prepared configuration file and a count of days back
from now to the past. Warden database check from config will be then run in
this defined time interval.
USAGE:
./wardenWatchdog.pl -c /path/WardenWatchdog.conf -i 7
CRON USAGE:
33 00 * * * /full/path/watchdog/wardenWatchdog.pl -c /path/WardenWatchdog.conf -i 7 >> err.txt
--------------------------------------------------------------------------------
Copyright (C) 2011-2013 Cesnet z.s.p.o
src/contrib/wardenWatchdog/WardenWatchdog.pm src/warden-server/lib/WardenWatchdog.pm
+ 114
107
View file @ b1b86b83
......@@ -8,10 +8,11 @@
package WardenWatchdog;
#use Data::Dumper;
use WardenConf;
use strict;
use warnings;
#use Data::Dumper;
#use WardenConf;
use DBI;
use DBD::mysql;
use DateTime;
......@@ -19,7 +20,7 @@ use Email::Simple;
use Sys::Hostname;
#-------------------------------------------------------------------------------
# sendmail_wrapper
# sendmailWrapper
#
# Simple wrapper function for an mailserver.
#
......@@ -33,12 +34,13 @@ use Sys::Hostname;
# On Success (1)
# On Failure (0, 'Error message')
#-------------------------------------------------------------------------------
sub sendmail_wrapper{
sub sendmailWrapper
{
my $message = shift;
my $email_conf = shift;
if(open(my $sendmail, $email_conf)){
if(open(my $sendmail, $email_conf)) {
print $sendmail $message;
close $sendmail;
return (1);
......@@ -52,7 +54,7 @@ sub sendmail_wrapper{
#-------------------------------------------------------------------------------
# send_report
# sendReport
#
# Function for creating and sending of an Watchdog status report via email to
# administrators of an clients.
......@@ -71,7 +73,8 @@ sub sendmail_wrapper{
# On Success (1)
# On Failure (0, 'Error message')
#-------------------------------------------------------------------------------
sub send_report{
sub sendReport
{
my $input_data = shift;
my $contact = $$input_data{'contact'};
......@@ -81,38 +84,38 @@ sub send_report{
my $email_conf = $$input_data{'email_conf'};
my $message;
if(!($contact)){
if(!($contact)) {
return (0, "Empty 'To' email header!\n");
}
if(!($domain)){
if(!($domain)) {
return (0, "No sender's domain! Can't send email\n");
}
if(!($text)){
if(!($text)) {
return (0, "No text! Nothing to send\n");
}
eval{
$message = Email::Simple->create(
header => [
To => $contact,
From => 'warden_watchdog@'.$domain,
To => $contact,
From => 'warden_watchdog@'.$domain,
Subject => $subject],
body => $text);
body => $text);
} or do {
return (0, "Can't create email message\n");
};
my ($rc, $err) = sendmail_wrapper($message->as_string,$email_conf);
if(!$rc){
my ($rc, $err) = sendmailWrapper($message->as_string,$email_conf);
if(!$rc) {
return (0, $err);
}
return (1);
}
#-------------------------------------------------------------------------------
# connect_to_DB
# connectToDB
#
# Just simple database wrapper for Watchdog which creates db's handler.
#
......@@ -125,26 +128,27 @@ sub send_report{
# passwd => password
#
# Output:
# dbhRef = reference on a database handler
# dbh_ref = reference on a database handler
#
# Return:
# On Success (1)
# On Failure (0, 'Error message')
#-------------------------------------------------------------------------------
sub connect_to_DB {
sub connectToDB
{
my $dbConf = shift;
my $dbhRef = shift;
my $db_conf = shift;
my $dbh_ref = shift;
my $dbPlatform = $$dbConf{'platform'};
my $dbName = $$dbConf{'name'};
my $dbHostname = $$dbConf{'hostname'};
my $dbUser = $$dbConf{'user'};
my $dbPasswd = $$dbConf{'passwd'};
my $db_platform = $$db_conf{'platform'};
my $db_name = $$db_conf{'name'};
my $db_hostname = $$db_conf{'hostname'};
my $db_user = $$db_conf{'user'};
my $db_passwd = $$db_conf{'passwd'};
my $dbh;
if($dbh = DBI->connect( "dbi:$dbPlatform:database=$dbName;host=$dbHostname", $dbUser, $dbPasswd, {mysql_auto_reconnect => 1})){
$$dbhRef = $dbh;
if($dbh = DBI->connect( "dbi:$db_platform:database=$db_name;host=$db_hostname", $db_user, $db_passwd, {mysql_auto_reconnect => 1})) {
$$dbh_ref = $dbh;
return (1);
}
else{
......@@ -153,13 +157,13 @@ sub connect_to_DB {
}
#-------------------------------------------------------------------------------
# update_procedures
# updateProcedures
#
# Function takes DB handler and executes all database procedures in the array.
#
# Input:
# dbhRef = reference on a database handler
# procRef = reference on an array of database procedures
# dbh_ref = reference on a database handler
# proc_ref = reference on an array of database procedures
#
# Output: -
#
......@@ -167,18 +171,19 @@ sub connect_to_DB {
# On Success (1)
# On Failure (0, 'Error message')
#-------------------------------------------------------------------------------
sub update_procedures{
sub updateProcedures
{
my $dbhRef = shift;
my $procRef = shift;
my $dbh_ref = shift;
my $proc_ref = shift;
my $dbh = $$dbhRef;
if(!defined($dbh)){
return (0, "update_procedures: no database handle defined")
my $dbh = $$dbh_ref;
if(!defined($dbh)) {
return (0, "updateProcedures: no database handle defined")
}
my @sqlQueries = @{$procRef};
foreach my $proc (@sqlQueries) {
my @sql_queries = @{$proc_ref};
foreach my $proc (@sql_queries) {
$dbh->do($proc);
}
......@@ -186,13 +191,13 @@ sub update_procedures{
}
#-------------------------------------------------------------------------------
# send_query
# sendQuery
#
#
#
# Input:
# dbhRef = reference on a database handler
# configRef = Hash of parameters:
# dbh_ref = reference on a database handler
# config_ref = Hash of parameters:
# query => sql query of an action (check) on Warden database
# text => body of an email which is send to a admin of an client
# in case of nonempty check result
......@@ -200,7 +205,7 @@ sub update_procedures{
# in a database table.
#
# Output:
# eventsRef = Hash of parameters:
# events_ref = Hash of parameters:
# contact = email address of an client administrator
# 'contact' => predefined email text + information from database obtained
# by a query
......@@ -209,18 +214,19 @@ sub update_procedures{
# On Success (1)
# On Failure (0, 'Error message')
#-------------------------------------------------------------------------------
sub send_query{
sub sendQuery
{
my $dbhRef = shift;
my $configRef = shift;
my $eventsRef = shift;
my $dbh_ref = shift;
my $config_ref = shift;
my $events_ref = shift;
my $dbh = $$dbhRef;
if(!defined($dbh)){
return (0, "send_query: no database handle defined")
my $dbh = $$dbh_ref;
if(!defined($dbh)) {
return (0, "sendQuery: no database handle defined")
}
my @config = @{$configRef};
my @config = @{$config_ref};
my %bad_events;
my ($rc,$err);
my $i = 0;
......@@ -228,22 +234,22 @@ sub send_query{
while ($i < scalar(@config)) {
# run DB query -> requestor, client name
my $sth;
if (defined($config[$i]{query})){
if (defined($config[$i]{query})) {
$sth = $dbh->prepare($config[$i]{query});
}
else{
return (0, "No query available\n");
}
if (!($sth->execute)){
if (!($sth->execute)) {
return (0, "Couldn't get data from my database: $sth->errstr\n");
};
my $contact;
my $msg_text = 1;
while(my $result = $sth->fetchrow_hashref()){
if (defined($config[$i]{contact})){
while(my $result = $sth->fetchrow_hashref()) {
if (defined($config[$i]{contact})) {
# override contact from 'requestor' collumn
$contact = $config[$i]{contact};
}
......@@ -251,14 +257,14 @@ sub send_query{
$contact = $result->{'requestor'};
}
# information header
if($msg_text){
if($msg_text) {
$bad_events{$contact} .= $config[$i]{text} . "\n\n";
$bad_events{$contact} .= join(" | ", map {$_ // "UNKNOWN" } keys %$result) . "\n";
$msg_text = 0;
}
$bad_events{$contact} .= join(" | ", map {$_ // "NULL" } values %$result) . "\n";
}
foreach my $key (keys %bad_events){
foreach my $key (keys %bad_events) {
$bad_events{$key} .= "\n\n";
}
......@@ -266,7 +272,7 @@ sub send_query{
$i++;
}
%$eventsRef = %bad_events;
%$events_ref = %bad_events;
return (1);
}
......@@ -287,43 +293,44 @@ sub send_query{
# On Success (1)
# On Failure (0, 'Error message')
#-------------------------------------------------------------------------------
sub run{
sub run
{
my $conf_file = shift;
my $period = shift;
my $errMsg;
my $err_msg;
# server config
if(!defined($conf_file)){
if(!defined($conf_file)) {
return (0,"No conf file is available");
}
if(!defined($period)){
if(!defined($period)) {
return (0,"No time period is defined");
}
our $server_conf = undef;
our $domain_name = undef;
our $email_subject = undef;
our $email_server_conf = undef;
our @sql_precondition = undef;
our @sql_queries = undef;
our @sql_postcondition = undef;
our $SERVER_CONF = undef;
our $DOMAIN_NAME = undef;
our $EMAIL_SUBJECT = undef;
our $EMAIL_SERVER_CONF = undef;
our @SQL_PRECONDITION = undef;
our @SQL_QUERIES = undef;
our @SQL_POSTCONDITION = undef;
# script config
if (!(do $conf_file)) {
if ($@){
$errMsg = "Errors in config file '$conf_file': $@";
#syslog("err|$errMsg");
print $errMsg;
return (0,"Warden watchdog - $errMsg");
if ($@) {
$err_msg = "Errors in config file '$conf_file': $@";
#syslog("err|$err_msg");
print $err_msg;
return (0,"Warden watchdog - $err_msg");
}
if (!(defined $_)){
$errMsg = "Can't read config file '$conf_file': $!";
#syslog("err|$errMsg");
print $errMsg;
return (0,"Warden watchdog - $errMsg");
if (!(defined $_)) {
$err_msg = "Can't read config file '$conf_file': $!";
#syslog("err|$err_msg");
print $err_msg;
return (0,"Warden watchdog - $err_msg");
}
}
......@@ -336,18 +343,18 @@ sub run{
our $DB_HOST = undef;
# TODO replace with function call from Wardencommon
if (!(do $server_conf)) {
if ($@){
$errMsg = "Errors in config file '$server_conf': $@";
#syslog("err|$errMsg");
print $errMsg;
return (0,"Warden watchdog - $errMsg");
if (!(do $SERVER_CONF)) {
if ($@) {
$err_msg = "Errors in config file '$SERVER_CONF': $@";
#syslog("err|$err_msg");
print $err_msg;
return (0,"Warden watchdog - $err_msg");
}
if (!(defined $_)){
$errMsg = "Can't read config file '$server_conf': $!";
#syslog("err|$errMsg");
print $errMsg;
return (0,"Warden watchdog - $errMsg");
if (!(defined $_)) {
$err_msg = "Can't read config file '$SERVER_CONF': $!";
#syslog("err|$err_msg");
print $err_msg;
return (0,"Warden watchdog - $err_msg");
}
}
......@@ -368,44 +375,44 @@ sub run{
my $dbh;
# connect to DB
my ($rc,$err) = connect_to_DB(\%db_conf,\$dbh);
if (!$rc){
$errMsg = "Warden watchdog can\'t connect do DB: $err";
return (0,"Warden watchdog - $errMsg");
my ($rc,$err) = connectToDB(\%db_conf,\$dbh);
if (!$rc) {
$err_msg = "Warden watchdog can\'t connect do DB: $err";
return (0,"Warden watchdog - $err_msg");
}
if(@sql_precondition){
($rc,$err) = update_procedures(\$dbh,\@sql_precondition);
if (!$rc){
if(@SQL_PRECONDITION) {
($rc,$err) = updateProcedures(\$dbh,\@SQL_PRECONDITION);
if (!$rc) {
#print "Warden watchdog - $err\n";
return (0,"Warden watchdog - $err\n");
}
}
my %bad_events;
if(@sql_queries){
foreach my $query (@sql_queries){
if(@SQL_QUERIES) {
foreach my $query (@SQL_QUERIES) {
$query->{query} =~ s/\$date/$date/;
}
my ($rc,$err) = send_query(\$dbh,\@sql_queries,\%bad_events);
if (!$rc){
my ($rc,$err) = sendQuery(\$dbh,\@SQL_QUERIES,\%bad_events);
if (!$rc) {
#print "Warden watchdog - $err\n";
return (0,"Warden watchdog - $err\n");
}
}
if(@sql_postcondition){
my ($rc,$err) = update_procedures(\$dbh,\@sql_postcondition);
if (!$rc){
if(@SQL_POSTCONDITION) {
my ($rc,$err) = updateProcedures(\$dbh,\@SQL_POSTCONDITION);
if (!$rc) {
#print "Warden watchdog - $err\n";
return (0,"Warden watchdog - $err\n");
}
}
while (my ($contact, $text) = each(%bad_events)){
my %input = (contact => $contact, domain => $domain_name, text => $text, subject => $email_subject, email_conf => $email_server_conf);
my ($rc,$err) = send_report(\%input);
if (!$rc){
while (my ($contact, $text) = each(%bad_events)) {
my %input = (contact => $contact, domain => $DOMAIN_NAME, text => $text, subject => $EMAIL_SUBJECT, email_conf => $EMAIL_SERVER_CONF);
my ($rc,$err) = sendReport(\%input);
if (!$rc) {
#print $err;
return (0,"Warden client - networkReporter $err\n");
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment