spojeni watchdogu a serveru

* zapojeni wardenWatchdog do adresarove struktury serveru * uprava cest * pridani odkazu do dokumentace

spojeni watchdogu a serveru
fd87fec3 · Jakub Cegan · f85462ba · f85462ba · fd87fec3 · fd87fec3
Commit fd87fec3 authored 11 years ago by Jakub Cegan
--- a/src/contrib/wardenWatchdog/wardenWatchdog.pl
+++ b/src/contrib/wardenWatchdog/wardenWatchdog.pl
-#!/usr/bin/perl
-#
-# wardenWatchdog.pl
-#
-# Copyright (C) 2011-2012 Cesnet z.s.p.o
-#
-# Use of this source is governed by a BSD-style license, see LICENSE file.
-
-use strict;
-use warnings;
-
-use Getopt::Long;
-use FindBin;
-FindBin::again();
-
-use lib "$FindBin::Bin";
-use WardenWatchdog;
-
-#-------------------------------------------------------------------------------
-# help
-#
-# Just print help and exit.
-#
-# Input: -
-#
-# Output: -
-#
-# Return:
-#   On Success (1)
-#-------------------------------------------------------------------------------
-sub help
-{
-  my $help ="  USAGE: ./wardenWatchdog.pl -c '/path/WardenWatchdog.conf' -i 7
-
-  OPTIONS
-  -c conf           configuration file name and path
-  -i interval       interval in days from now back to the past
-";
-  print $help;
-  return 1;
-}
-
-my ($help, $config, $interval);
-if (@ARGV < 3  || defined($help) || !GetOptions('help|?|h' => \$help, 'c|conf=s' => \$config, 'i|interval=i' => \$interval)) {
-  help();
-}
-else {
-  my ($rc,$err) = WardenWatchdog::run($config,$interval);
-  if(!$rc) {
-    print "WardenWatchdog error: $err";
-  }
-}
-
-1;
--- a/src/warden-server/bin/wardenWatchdog.pl
+++ b/src/warden-server/bin/wardenWatchdog.pl
 #!/usr/bin/perl
 #
-# WardenWatchdog.pl
+# wardenWatchdog.pl
 #
-# Copyright (C) 2011-2013 Cesnet z.s.p.o
+# Copyright (C) 2011-2012 Cesnet z.s.p.o
 #
 # Use of this source is governed by a BSD-style license, see LICENSE file.

-
-use WardenConf;
 use strict;
 use warnings;
-use DBI;
-use DBD::mysql;
-use DateTime;
-#use Email::Simple;
-use Sys::Hostname;
-use Text::Wrap;
-use Data::Dumper;
-
-sub sendmailWrapper{
-  my $message = shift;

-  if(open(my $sendmail, '|/usr/sbin/sendmail -oi -t')){
-    print $sendmail $message;
-    close $sendmail;
-    return 1;
-  } else {
-    return (0, "Sending email failed: $!");
-  }
-}
+use Getopt::Long;
+use FindBin qw($RealBin);
+FindBin::again();
+use lib "$RealBin/../lib";
+use WardenWatchdog;

-# Array of hashes
-#{query => ; text => ; contact => }

-# Get clients admins
-sub sendReport{
-
-  my $input_data  = shift;
-  my $contact    = $$input_data{'contact'};
-  my $domain     = $$input_data{'domain'};
-  my $text       = $$input_data{'text'};
-
-  my $from_hostname;
-  my $message;
-
-  if(!($contact)){
-    return (0, "Empty 'To' email header!\n");
-  }
-
-  $domain =~ s/\./\./;
-
-  eval{
-    $from_hostname = hostname();
-    if(!($from_hostname =~ m/$domain/gi)){
-      $from_hostname .= $domain;
-    }
-  };
-  if($@){
-    return (0, "Can't retrive hostname for 'From' header!\n");
-  }
-
-  eval{
-  #$message = Email::Simple->create(
-    #header => [
-      #To                    => $contact,
-      #From                  => 'warden_watchdog@'.$from_hostname,
-      #Subject               => 'Kotrola stavu udalosti na Wardenu'],
-      #body => fill('','',$text));
-  };
-  if($@){
-    return (0, "Can't create email message\n");
-  }
-
-  print "== $contact ==\n$text\n";
-  my ($rc, $err) = 1;#sendmailWrapper($message->as_string);
-  if(!$rc){
-    return (0, $err);
-  }
-  return 1;
-}
-
-sub connect_to_DB {
-
-  my $dbPlatform = 'mysql';
-  my $dbName     = 'warden';
-  my $dbHostname = 'localhost';
-  my $dbUser     = 'root';
-  my $dbPasswd   = 'w4rd3n&r00t';
-
-  my $dbhRef = shift;
-  my $dbh;
-
-  if($dbh = DBI->connect( "dbi:$dbPlatform:database=$dbName;host=$dbHostname", $dbUser, $dbPasswd, {RaiseError => 1, mysql_auto_reconnect => 1})){
-    $$dbhRef = $dbh;
+#-------------------------------------------------------------------------------
+# help
+#
+# Just print help and exit.
+#
+# Input: -
+#
+# Output: -
+#
+# Return:
+#   On Success (1)
+#-------------------------------------------------------------------------------
+sub help
+{
+  my $help ="  USAGE: ./wardenWatchdog.pl -c /path/WardenWatchdog.conf -i 7
+
+  OPTIONS
+  -c conf           configuration file name and path
+  -i interval       interval in days from now back to the past
+";
+  print $help;
  return 1;
 }
-  else{
-    return (0,"Cannot connect to database! ".DBI->errstr);
-  }
-}
-
-sub sendQuery{
-
-  my $configRef = shift;
-  my $eventsRef = shift;
-
-  my @config = @{$configRef};
-  my %bad_events;
-  my ($rc,$err);
-  my $dbh;
-
-  my $i = 0;
-  # connect to DB
-  ($rc,$err) = connect_to_DB(\$dbh);
-  if (!$rc){
-    return (0, $err);
-  }
-
-  while ($i < scalar(@config)) {
-    my $contact;

-    # run DB query -> requestor, client name
-    my $sth;
-    if (defined($config[$i]{query})){
-      $sth = $dbh->prepare($config[$i]{query});
+my ($help, $config, $interval);
+if (@ARGV < 3  || defined($help) || !GetOptions('help|?|h' => \$help, 'c|conf=s' => \$config, 'i|interval=i' => \$interval)) {
+  help();
 }
 else {
-      return (0, "No query availble\n");
-    }
-
-    if (!($sth->execute)){
-      return (0, "Couldn't get data from my database: $sth->errstr\n");
-    };
-
-    my @result;
-    while(@result = $sth->fetchrow()){
-      if (defined($config[$i]{contact})){
-        $contact = $config[$i]{contact};
-      }
-      else{
-        $contact = "from_db\@$result[0]";
-      }
-      $bad_events{$contact} .= $config[$i]{text} . "DB INFO: ". join(', ',@result) ."\n";
-    }
-    $sth->finish;
-    $i++;
-  }
-  # disconnect to DB
-  $dbh->disconnect;
-
-  %$eventsRef = %bad_events;
-
-  return 1;
-}
-
-
-sub run{
-
-  my $domain = shift;
-  my $period = shift;
-
-  my $date;
-
-  eval{
-    my $dt = DateTime->now();
-    $dt = DateTime->now()->subtract(days => $period);
-    $date = $dt->date();
-  };
-  if($@){
-    print "Warden watchdog - can't work with date\n";
-    #syslog("err|Warden watchdog - can't work with date\n");
-  }
-
-  my @configuration = (
-  {query => "SELECT hostname, service, MAX(received) FROM events WHERE valid = 't' GROUP BY hostname, service ORDER BY MAX(received) ASC;", text => "Hey, this is test of warning for admin!\n"},
-  {query => "SELECT requestor FROM clients WHERE service IN (SELECT service FROM events WHERE detected > '$date' AND type NOT IN ('portscan', 'bruteforce', 'probe', 'spam', 'phishing', 'botnet_c_c', 'dos', 'malware', 'copyright', 'webattack', 'test', 'other') AND valid = 't' GROUP BY service) GROUP BY requestor;", text => "Hey, this is test of warning!\n", contact => 'warden-administrator@cesnet.cz'});
-
-  $Text::Wrap::columns = 80;
-
-
-  my %bad_events;
-
-  my $i = 0;
-  while ($i < scalar(@configuration)) {
-    my ($rc,$err) = sendQuery(\@configuration,\%bad_events);
-    if (!$rc){
-      print "Warden watchdog - $err\n";
-      #syslog("err|Warden watchdog - $err\n");
-    }
-    $i++;
-  }
-
-  while (my ($contact, $text) = each(%bad_events)){
-    my %input = (contact => $contact, domain => $domain, text => $text);
-    my ($rc,$err) = sendReport(\%input);
+  my ($rc,$err) = WardenWatchdog::run($config,$interval);
  if(!$rc) {
-      # TODO syslog
-      print $err;
-      #syslog("err|Warden client - networkReporter $err\n");
-    }
-    print "\n\n";
+    print "WardenWatchdog error: $err";
  }
 }

-run('warden-dev.cesnet.cz',7);
 1;
--- a/src/warden-server/doc/README
+++ b/src/warden-server/doc/README
@@ -265,6 +265,12 @@ F. Miscellaneous

    No issues are known.

+ 5. Database checks
+
+    If you want apply an offline checks to your received data health, you can use
+    the wardenWatchdog.pl script. You can found the documentation in a separate
+    README.wardenWatchdog file.
+

 --------------------------------------------------------------------------------
 G. Registration of Clients

--- a/src/contrib/wardenWatchdog/README.wardenWatchdog
+++ b/src/contrib/wardenWatchdog/README.wardenWatchdog
@@ -75,7 +75,11 @@ D. Application run
  from now to the past. Warden database check from config will be then run in
  this defined time interval.

-  USAGE: ./wardenWatchdog.pl -c '/path/WardenWatchdog.conf' -i 7
+  USAGE:
+    ./wardenWatchdog.pl -c /path/WardenWatchdog.conf -i 7
+
+  CRON USAGE:
+    33  00  * * * /full/path/watchdog/wardenWatchdog.pl -c /path/WardenWatchdog.conf -i 7 >> err.txt

 --------------------------------------------------------------------------------


--- a/src/contrib/wardenWatchdog/WardenWatchdog.conf
+++ b/src/contrib/wardenWatchdog/WardenWatchdog.conf
--- a/src/contrib/wardenWatchdog/WardenWatchdog.pm
+++ b/src/contrib/wardenWatchdog/WardenWatchdog.pm
@@ -140,14 +140,14 @@ sub connectToDB
  my $db_conf = shift;
  my $dbh_ref = shift;

-  my $dn_platform = $$db_conf{'platform'};
+  my $db_platform = $$db_conf{'platform'};
  my $db_name     = $$db_conf{'name'};
  my $db_hostname = $$db_conf{'hostname'};
  my $db_user     = $$db_conf{'user'};
  my $db_passwd   = $$db_conf{'passwd'};

  my $dbh;
-  if($dbh = DBI->connect( "dbi:$dn_platform:database=$db_name;host=$db_hostname", $db_user, $db_passwd, {mysql_auto_reconnect => 1})) {
+  if($dbh = DBI->connect( "dbi:$db_platform:database=$db_name;host=$db_hostname", $db_user, $db_passwd, {mysql_auto_reconnect => 1})) {
    $$dbh_ref = $dbh;
    return (1);
  }

--- a/src/contrib/wardenWatchdog/WardenWatchdog.t
+++ b/src/contrib/wardenWatchdog/WardenWatchdog.t