gnms 2.1.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of gnms might be problematic. Click here for more details.
- data/LICENSE +459 -0
- data/README +29 -0
- data/bin/gnms +11 -0
- data/gnms.gemspec +70 -0
- data/lib/cmd_parse.rb +747 -0
- data/lib/config_global.rb +414 -0
- data/lib/contact.rb +171 -0
- data/lib/external/crypt/blowfish-tables.rb +190 -0
- data/lib/external/crypt/blowfish.rb +110 -0
- data/lib/external/crypt/cbc.rb +123 -0
- data/lib/external/crypt/stringxor.rb +27 -0
- data/lib/external/fog.rb +41 -0
- data/lib/external/jjmx.rb +45 -0
- data/lib/external/sms.rb +282 -0
- data/lib/external/xmpp4r-simple.rb +497 -0
- data/lib/format.rb +85 -0
- data/lib/gnms.rb +329 -0
- data/lib/gui/about_window.rb +177 -0
- data/lib/gui/adddelnode.rb +799 -0
- data/lib/gui/base_window.rb +789 -0
- data/lib/gui/canvas_map.rb +498 -0
- data/lib/gui/charts/gruff.rb +51 -0
- data/lib/gui/color_macro.rb +145 -0
- data/lib/gui/config_window.rb +2151 -0
- data/lib/gui/custom_plugin_window.rb +90 -0
- data/lib/gui/debug_window.rb +46 -0
- data/lib/gui/event_window.rb +469 -0
- data/lib/gui/find_node_window.rb +438 -0
- data/lib/gui/help_window.rb +47 -0
- data/lib/gui/ipcalculator.rb +147 -0
- data/lib/gui/jmx_ref_window.rb +309 -0
- data/lib/gui/link_view.rb +46 -0
- data/lib/gui/mib_browser.rb +585 -0
- data/lib/gui/node_host_property.rb +3712 -0
- data/lib/gui/node_host_view.rb +270 -0
- data/lib/gui/node_network_property.rb +1059 -0
- data/lib/gui/node_network_view.rb +186 -0
- data/lib/gui/node_view.rb +672 -0
- data/lib/gui/oid_ref_window.rb +288 -0
- data/lib/gui/snmptrap_ref_window.rb +288 -0
- data/lib/gui/sub/account_frame.rb +196 -0
- data/lib/gui/sub/contact_frame.rb +519 -0
- data/lib/gui/syslog_ref_window.rb +288 -0
- data/lib/gui/treenode_window.rb +320 -0
- data/lib/gui/update_window.rb +124 -0
- data/lib/gui/widgets.rb +169 -0
- data/lib/gui/wmi_ref_window.rb +286 -0
- data/lib/interface.rb +16 -0
- data/lib/ipcalc.rb +266 -0
- data/lib/link.rb +45 -0
- data/lib/main.rb +1091 -0
- data/lib/monitor/client/custom/custom_monitoring.rb +40 -0
- data/lib/monitor/client/jmx/jmx_attr_monitoring.rb +36 -0
- data/lib/monitor/client/jmx/jmx_monitoring.rb +83 -0
- data/lib/monitor/client/jmx/jmx_ref.rb +114 -0
- data/lib/monitor/client/snmp/mibs/SNMPv2-MIB.txt +854 -0
- data/lib/monitor/client/snmp/mibs/SNMPv2-SMI.txt +344 -0
- data/lib/monitor/client/snmp/oid_ref.rb +141 -0
- data/lib/monitor/client/snmp/snmp.rb +178 -0
- data/lib/monitor/client/snmp/snmp_monitoring.rb +58 -0
- data/lib/monitor/client/wmi/wmi.rb +139 -0
- data/lib/monitor/client/wmi/wmi_monitoring.rb +60 -0
- data/lib/monitor/client/wmi/wmi_ref.rb +141 -0
- data/lib/monitor/custom_plugin.rb +50 -0
- data/lib/monitor/server/msg_buffer.rb +39 -0
- data/lib/monitor/server/snmp/snmptrap_analyzer.rb +81 -0
- data/lib/monitor/server/snmp/snmptrap_capture.rb +26 -0
- data/lib/monitor/server/snmp/snmptrap_monitoring.rb +32 -0
- data/lib/monitor/server/snmp/snmptrap_ref.rb +135 -0
- data/lib/monitor/server/snmp/snmptrap_server.rb +50 -0
- data/lib/monitor/server/syslog/syslog_analyzer.rb +141 -0
- data/lib/monitor/server/syslog/syslog_capture.rb +28 -0
- data/lib/monitor/server/syslog/syslog_monitoring.rb +32 -0
- data/lib/monitor/server/syslog/syslog_ref.rb +136 -0
- data/lib/monitor/server/syslog/syslog_server.rb +43 -0
- data/lib/node.rb +1020 -0
- data/lib/node_db.rb +2668 -0
- data/lib/node_host.rb +215 -0
- data/lib/node_listener.rb +639 -0
- data/lib/node_network.rb +269 -0
- data/lib/node_property.rb +39 -0
- data/lib/notify/alarm.rb +247 -0
- data/lib/notify/irc_bot.rb +167 -0
- data/lib/notify/xmpp_bot.rb +107 -0
- data/lib/service.rb +36 -0
- data/lib/version.rb +8 -0
- data/pixmap/bg/map_bg.jpg +0 -0
- data/pixmap/bg/map_bg2.jpg +0 -0
- data/pixmap/logo.jpg +0 -0
- data/pixmap/logo_icon.png +0 -0
- data/pixmap/os/3com.png +0 -0
- data/pixmap/os/aix.gif +0 -0
- data/pixmap/os/amiga.png +0 -0
- data/pixmap/os/beos.png +0 -0
- data/pixmap/os/cisco.png +0 -0
- data/pixmap/os/freebsd.png +0 -0
- data/pixmap/os/hp.png +0 -0
- data/pixmap/os/hurd.gif +0 -0
- data/pixmap/os/irix.gif +0 -0
- data/pixmap/os/linux.png +0 -0
- data/pixmap/os/mac.png +0 -0
- data/pixmap/os/netbsd.gif +0 -0
- data/pixmap/os/netware.png +0 -0
- data/pixmap/os/openbsd.png +0 -0
- data/pixmap/os/os2warp.gif +0 -0
- data/pixmap/os/qnx.gif +0 -0
- data/pixmap/os/sco.gif +0 -0
- data/pixmap/os/sgi.xpm +111 -0
- data/pixmap/os/solaris.gif +0 -0
- data/pixmap/os/unix.gif +0 -0
- data/pixmap/os/unknown.png +0 -0
- data/pixmap/os/vms.xpm +345 -0
- data/pixmap/os/windows.png +0 -0
- data/pixmap/type/cloud.png +0 -0
- data/pixmap/type/device.png +0 -0
- data/pixmap/type/firewall.png +0 -0
- data/pixmap/type/gateway.png +0 -0
- data/pixmap/type/home.png +0 -0
- data/pixmap/type/host.png +0 -0
- data/pixmap/type/network.png +0 -0
- data/pixmap/type/printer.png +0 -0
- data/pixmap/type/router.png +0 -0
- data/pixmap/type/server.png +0 -0
- data/pixmap/type/switch.png +0 -0
- data/pixmap/type/vm.png +0 -0
- data/plugins/Defaultme.rb +7 -0
- data/plugins/DnsCheck.rb +46 -0
- data/plugins/FooMonitor.rb +26 -0
- data/plugins/HttpVirtualHostMonitor.rb +43 -0
- data/plugins/MysqlShowStatusMonitor.rb +64 -0
- data/plugins/PgsqlPercentConnectionMonitor.rb +72 -0
- data/plugins/SshCpuLoadMonitor.rb +85 -0
- data/plugins/SshDiskMonitor.rb +69 -0
- data/plugins/SshFgtAvExpiredMonitor.rb +75 -0
- data/plugins/SshPercentUsedRamMonitor.rb +74 -0
- data/plugins/TelnetCpuLoadMonitor.rb +69 -0
- data/plugins/example1.rb +15 -0
- data/plugins/example2.rb +7 -0
- data/sound/beep.wav +0 -0
- metadata +378 -0
@@ -0,0 +1,50 @@
|
|
1
|
+
class CustomPlugin
|
2
|
+
|
3
|
+
def initialize(node=nil)
|
4
|
+
#index in $status
|
5
|
+
@event_state=nil
|
6
|
+
@event_description=nil
|
7
|
+
@node=node
|
8
|
+
monitor()
|
9
|
+
end
|
10
|
+
|
11
|
+
def get_node()
|
12
|
+
return @node
|
13
|
+
end
|
14
|
+
|
15
|
+
def get_event_state()
|
16
|
+
return $status[@event_state]
|
17
|
+
end
|
18
|
+
|
19
|
+
def get_event_state_raw()
|
20
|
+
return @event_state
|
21
|
+
end
|
22
|
+
|
23
|
+
def get_event_description()
|
24
|
+
return @event_description
|
25
|
+
end
|
26
|
+
|
27
|
+
#
|
28
|
+
# state is one of "CRITICAL", "MAJOR", "MINOR","WARNING",
|
29
|
+
# "NORMAL", "UNMANAGED", "UNKNOWN"
|
30
|
+
#
|
31
|
+
def set_state(state, description=nil)
|
32
|
+
@event_state=$status.index(state)
|
33
|
+
if @event_state == nil
|
34
|
+
#init @event_state to UNKNOWN
|
35
|
+
@event_state=$status.size()-1
|
36
|
+
end
|
37
|
+
if description != nil
|
38
|
+
@event_description=description
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
def CustomPlugin::show_description()
|
43
|
+
dialog = Gtk::MessageDialog.new($win, Gtk::Dialog::MODAL,
|
44
|
+
Gtk::MessageDialog::INFO,
|
45
|
+
Gtk::MessageDialog::BUTTONS_OK,
|
46
|
+
description())
|
47
|
+
dialog.signal_connect('response') { dialog.destroy }
|
48
|
+
dialog.show
|
49
|
+
end
|
50
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
class MsgBuffer
|
2
|
+
|
3
|
+
#nitems method does not exist anymore in ruby 1.9.3
|
4
|
+
def nitems_local(arr)
|
5
|
+
cpt = 0
|
6
|
+
arr.each {|val|
|
7
|
+
if val
|
8
|
+
cpt+=1
|
9
|
+
end
|
10
|
+
}
|
11
|
+
return cpt
|
12
|
+
end
|
13
|
+
|
14
|
+
def initialize(size)
|
15
|
+
@buff = Array.new()
|
16
|
+
@size=size
|
17
|
+
end
|
18
|
+
|
19
|
+
def put(msg)
|
20
|
+
@buff.unshift(msg)
|
21
|
+
#puts "message put nitems=" + nitems_local(@buff).to_s
|
22
|
+
end
|
23
|
+
|
24
|
+
def get()
|
25
|
+
return @buff.pop
|
26
|
+
end
|
27
|
+
|
28
|
+
def has_more?
|
29
|
+
nitems_local(@buff) != 0
|
30
|
+
end
|
31
|
+
|
32
|
+
def full?
|
33
|
+
nitems_local(@buff) >= @size
|
34
|
+
end
|
35
|
+
|
36
|
+
def empty?
|
37
|
+
return nitems_local(@buff) == 0
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,81 @@
|
|
1
|
+
|
2
|
+
class SnmpAnalyzer
|
3
|
+
|
4
|
+
def initialize(buff)
|
5
|
+
@buff=buff
|
6
|
+
|
7
|
+
@mib=SNMP::MIB.new()
|
8
|
+
libs=["SNMPv2-SMI", "SNMPv2-MIB", "IF-MIB", "IP-MIB", "TCP-MIB", "UDP-MIB"]
|
9
|
+
libs.each do |lb|
|
10
|
+
@mib.load_module(lb)
|
11
|
+
end
|
12
|
+
@sender = Thread.start do
|
13
|
+
while $config.snmptrap_mon
|
14
|
+
send_messages if buff.full?
|
15
|
+
sleep(1)
|
16
|
+
Thread.pass
|
17
|
+
end
|
18
|
+
end
|
19
|
+
$log.debug("end of SnmpAnalyzer thread")
|
20
|
+
end
|
21
|
+
|
22
|
+
def get_thread
|
23
|
+
@sender
|
24
|
+
end
|
25
|
+
|
26
|
+
#
|
27
|
+
# convert oid_name to oid, return nil if error
|
28
|
+
#
|
29
|
+
def to_oid(oid_name)
|
30
|
+
oid=nil
|
31
|
+
begin
|
32
|
+
oid=@mib.oid(oid_name).to_s
|
33
|
+
rescue
|
34
|
+
$log.error("SNMP trap: dont understand #{oid_name}")
|
35
|
+
end
|
36
|
+
return oid
|
37
|
+
end
|
38
|
+
|
39
|
+
def send_messages
|
40
|
+
while @buff.has_more?
|
41
|
+
snmptrap_msg=@buff.get
|
42
|
+
if snmptrap_msg != nil
|
43
|
+
src=snmptrap_msg.source_ip
|
44
|
+
if $host[src] != nil && $host[src].snmptrap_monitoring.size() > 0
|
45
|
+
find_oid_val=nil
|
46
|
+
snmptrap_vers=0
|
47
|
+
if snmptrap_msg.class == SNMP::SNMPv2_Trap
|
48
|
+
snmptrap_vers=2
|
49
|
+
find_oid_val=snmptrap_msg.trap_oid().join('.')
|
50
|
+
elsif SNMP::SNMPv1_Trap
|
51
|
+
snmptrap_vers=1
|
52
|
+
find_oid_val=snmptrap_msg.enterprise.join('.')
|
53
|
+
if snmptrap_msg.generic_trap() == :enterpriseSpecific
|
54
|
+
find_oid_val="#{find_oid_val}.6.#{snmptrap_msg.specific_trap}"
|
55
|
+
else
|
56
|
+
find_oid_val="#{find_oid_val}."+snmptrap_msg.generic_trap()
|
57
|
+
end
|
58
|
+
else
|
59
|
+
$log.error("unkwown Snmp Trap version")
|
60
|
+
end
|
61
|
+
if find_oid_val != nil
|
62
|
+
$host[src].snmptrap_monitoring.each_value do |snmptrap_mon|
|
63
|
+
if snmptrap_mon.active?()
|
64
|
+
trap_ref_value=to_oid($snmptrap_refs[snmptrap_mon.get_snmptrap_ref()].get_oid())
|
65
|
+
find_oid_value=to_oid(find_oid_val)
|
66
|
+
if (trap_ref_value == find_oid_value) && (find_oid_value!=nil)
|
67
|
+
$event_win.add_event(EventWindow::TRAP_EVENT_TYPE, get_level_from_status($status[snmptrap_mon.raw_severity()-1]), $host[src], "Snmp Trap(v#{snmptrap_vers}): #{$snmptrap_refs[snmptrap_mon.get_snmptrap_ref()].name}")
|
68
|
+
if $status_value[snmptrap_mon.raw_severity()-1] > $host[src].trap_sev
|
69
|
+
$host[src].set_trap_severity(snmptrap_mon.raw_severity()-1)
|
70
|
+
end
|
71
|
+
break
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
require "#{GNMSLIB}"+'/monitor/server/snmp/snmptrap_server'
|
2
|
+
require "#{GNMSLIB}"+'/monitor/server/msg_buffer'
|
3
|
+
require "#{GNMSLIB}"+'/monitor/server/snmp/snmptrap_analyzer'
|
4
|
+
|
5
|
+
class SnmpTrapCapture
|
6
|
+
def initialize()
|
7
|
+
if $config.snmptrap_mon
|
8
|
+
buff=MsgBuffer.new(1)
|
9
|
+
begin
|
10
|
+
@input = SnmpTrapServer.new(buff)
|
11
|
+
@output = SnmpAnalyzer.new(buff)
|
12
|
+
rescue Errno::EADDRINUSE => msg
|
13
|
+
rescue Errno::EACCES => msg
|
14
|
+
$log.error "SNMP Trap Server: not started"
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def stop()
|
20
|
+
if @input != nil
|
21
|
+
@input.close_socket()
|
22
|
+
end
|
23
|
+
$log.debug("end of SyslogServer thread")
|
24
|
+
#output thread will be done auto
|
25
|
+
end
|
26
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
class SnmpTrapMonitoring
|
2
|
+
|
3
|
+
def initialize (st, snmptp_ref, sev)
|
4
|
+
@state=st
|
5
|
+
@snmptrap_ref=snmptp_ref
|
6
|
+
#index of $status
|
7
|
+
@severity=sev
|
8
|
+
end
|
9
|
+
|
10
|
+
def get_snmptrap_ref()
|
11
|
+
return @snmptrap_ref
|
12
|
+
end
|
13
|
+
|
14
|
+
def get_state()
|
15
|
+
return @state
|
16
|
+
end
|
17
|
+
|
18
|
+
def active?()
|
19
|
+
return @state==1
|
20
|
+
end
|
21
|
+
|
22
|
+
def raw_severity()
|
23
|
+
return @severity
|
24
|
+
end
|
25
|
+
|
26
|
+
def severity()
|
27
|
+
if @severity > 0
|
28
|
+
return $status[@severity-1]
|
29
|
+
end
|
30
|
+
return nil
|
31
|
+
end
|
32
|
+
end #class
|
@@ -0,0 +1,135 @@
|
|
1
|
+
class SnmpTrapRef
|
2
|
+
attr_accessor :name, :description
|
3
|
+
|
4
|
+
TABLENAME='snmptrap_ref'
|
5
|
+
#############global management###############
|
6
|
+
#
|
7
|
+
# add an snmptrap_ref
|
8
|
+
# arg n for uniq name, descr the description and calc the calcul to do
|
9
|
+
# return true if deleted otherwise false
|
10
|
+
#
|
11
|
+
def SnmpTrapRef::add_snmptrap_ref(n, descr, calc)
|
12
|
+
if $snmptrap_refs[n] == nil
|
13
|
+
$snmptrap_refs[n] = SnmpTrapRef.new(n, descr, calc)
|
14
|
+
return true
|
15
|
+
end
|
16
|
+
return false
|
17
|
+
end
|
18
|
+
|
19
|
+
#
|
20
|
+
# delete an snmptrap_ref
|
21
|
+
# return true is entry delete otherwise false
|
22
|
+
#
|
23
|
+
def SnmpTrapRef::del_snmptrap_ref(n)
|
24
|
+
if !$snmptrap_refs[n].used?()
|
25
|
+
$snmptrap_refs.delete(n)
|
26
|
+
return true
|
27
|
+
end
|
28
|
+
return false
|
29
|
+
end
|
30
|
+
|
31
|
+
def SnmpTrapRef::write_db_snmptrapref()
|
32
|
+
if defined?($db) && ($db !=nil)
|
33
|
+
$db.transaction
|
34
|
+
db_delete_all_prp(TABLENAME).execute()
|
35
|
+
stmt=db_insert_ref_prp(TABLENAME)
|
36
|
+
$snmptrap_refs.each_value do |snmptrap_ref|
|
37
|
+
stmt.execute(snmptrap_ref.name, snmptrap_ref.description, snmptrap_ref.value)
|
38
|
+
end
|
39
|
+
$db.commit
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
def SnmpTrapRef::write_snmptrapref_conf_file(fic_name=SNMPTRAPREFS_CONF_FILE)
|
44
|
+
field_separator='~'
|
45
|
+
fic=Tempfile.new(File.basename(fic_name))
|
46
|
+
$snmptrap_refs.each_value do |snmptrap_ref|
|
47
|
+
fic.puts "#{snmptrap_ref.name}#{field_separator}#{snmptrap_ref.description}#{field_separator}#{snmptrap_ref.value}"
|
48
|
+
end
|
49
|
+
fic.close()
|
50
|
+
if !FileUtils.move(fic.path, fic_name)
|
51
|
+
$log.error("Can not save snmp trap ref conf file")
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
def SnmpTrapRef::read_db_snmptrapref()
|
56
|
+
if defined?($db) && ($db !=nil)
|
57
|
+
db_select_all_prp(TABLENAME).execute do |rs|
|
58
|
+
rs.each do |name, description, value|
|
59
|
+
add_snmptrap_ref(name,description,value)
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
def SnmpTrapRef::read_snmptrapref_conf_file(fic=SNMPTRAPREFS_CONF_FILE)
|
66
|
+
field_separator='~'
|
67
|
+
if FileTest.exist?(fic)
|
68
|
+
fic = File.new(fic,'r')
|
69
|
+
lign=fic.gets
|
70
|
+
while lign
|
71
|
+
lign_t = lign.split(field_separator)
|
72
|
+
if lign_t.size() == 3
|
73
|
+
add_snmptrap_ref(lign_t[0],lign_t[1],lign_t[2].chomp())
|
74
|
+
end
|
75
|
+
lign=fic.gets
|
76
|
+
end
|
77
|
+
fic.close
|
78
|
+
else
|
79
|
+
puts "SnmpTrapRefs conf file not found"
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
#
|
84
|
+
# return a table of all SnmpTrapRef name
|
85
|
+
#
|
86
|
+
def SnmpTrapRef::get_snmptrap_refs_name()
|
87
|
+
name_t=[]
|
88
|
+
$snmptrap_refs.each_key {|name|
|
89
|
+
name_t.push name
|
90
|
+
}
|
91
|
+
return name_t
|
92
|
+
end
|
93
|
+
|
94
|
+
def SnmpTrapRef::snmptrap_ref_exist?(name)
|
95
|
+
return $snmptrap_refs[name] != nil
|
96
|
+
end
|
97
|
+
#############end global management###############
|
98
|
+
|
99
|
+
def initialize (n, descr, oid)
|
100
|
+
#name is the identifier, it must be uniq
|
101
|
+
@name=n
|
102
|
+
@description=descr
|
103
|
+
@value=oid
|
104
|
+
@nb_use=0
|
105
|
+
end
|
106
|
+
|
107
|
+
def add_use()
|
108
|
+
@nb_use+=1
|
109
|
+
end
|
110
|
+
|
111
|
+
def del_use()
|
112
|
+
@nb_use-=1
|
113
|
+
end
|
114
|
+
|
115
|
+
def used?()
|
116
|
+
return @nb_use>0
|
117
|
+
end
|
118
|
+
|
119
|
+
def to_str()
|
120
|
+
print "SnmpTrapRef: ", @name, " ", @description, " ", @value
|
121
|
+
end
|
122
|
+
|
123
|
+
def get_oid()
|
124
|
+
return @value
|
125
|
+
end
|
126
|
+
|
127
|
+
def value()
|
128
|
+
return @value
|
129
|
+
end
|
130
|
+
|
131
|
+
def set_value(oid)
|
132
|
+
@value=oid
|
133
|
+
end
|
134
|
+
|
135
|
+
end #class
|
@@ -0,0 +1,50 @@
|
|
1
|
+
#
|
2
|
+
#Could not find default MIB directory, tried:
|
3
|
+
# /usr/share/ruby/snmp/mibs
|
4
|
+
# /usr/lib/ruby/data/ruby/snmp/mibs
|
5
|
+
#
|
6
|
+
#
|
7
|
+
|
8
|
+
class SnmpTrapServer
|
9
|
+
#check if snmp lib support traps
|
10
|
+
def snmp_traps_supported?
|
11
|
+
begin
|
12
|
+
SNMP::UDPServerTransport.new('localhost', 9999)
|
13
|
+
return true
|
14
|
+
rescue ArgumentError
|
15
|
+
return false
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def initialize(buff)
|
20
|
+
@buff=buff
|
21
|
+
begin
|
22
|
+
if !snmp_traps_supported?()
|
23
|
+
$log.error("Ruby SNMP lib version is too old, you must at least upgrade to 1.0.1")
|
24
|
+
end
|
25
|
+
@server = SNMP::TrapListener.new(:Host=>'', :Port => $config.snmptrap_port, :Community => $config.snmptrap_community) do |manager|
|
26
|
+
$log.info("SNMP trap Server: listening on udp port #{$config.snmptrap_port}")
|
27
|
+
manager.on_trap_default do |trap|
|
28
|
+
@buff.put trap
|
29
|
+
$log.debug("Trap received: #{trap.inspect}")
|
30
|
+
end
|
31
|
+
end
|
32
|
+
rescue Errno::EADDRINUSE => msg
|
33
|
+
$log.fatal("Syslog Server: #{msg}, socket in use")
|
34
|
+
raise Errno::EADDRINUSE
|
35
|
+
rescue Errno::EACCES => msg
|
36
|
+
$log.fatal("Syslog Server: #{msg}, need root perms")
|
37
|
+
raise Errno::EACCES
|
38
|
+
rescue Exception => e
|
39
|
+
raise e
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
def close_socket()
|
44
|
+
@server.exit() unless @server == nil
|
45
|
+
end
|
46
|
+
|
47
|
+
def get_thread
|
48
|
+
@server
|
49
|
+
end
|
50
|
+
end
|
@@ -0,0 +1,141 @@
|
|
1
|
+
require 'resolv'
|
2
|
+
|
3
|
+
class SyslogAnalyzer
|
4
|
+
|
5
|
+
def initialize(buff)
|
6
|
+
@buff=buff
|
7
|
+
|
8
|
+
@sender = Thread.start do
|
9
|
+
while $config.syslog_mon
|
10
|
+
send_messages if buff.full?
|
11
|
+
sleep(1)
|
12
|
+
Thread.pass
|
13
|
+
end
|
14
|
+
$log.debug("end of SyslogAnalyzer thread")
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
def get_thread
|
19
|
+
@sender
|
20
|
+
end
|
21
|
+
|
22
|
+
#extract: DATETIME|HOST<PRI>MSG
|
23
|
+
def format_syslog_packet(msg)
|
24
|
+
msg.scan(/^([^|]+)\|([\d.]+)<(\d+)>(.+)$/) do |date,src,pri,msg|
|
25
|
+
puts "dans format_syslog_packet"
|
26
|
+
return pri, date, src, msg
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
#
|
31
|
+
# need syslog sev and return a gnms sev (an index of $status)
|
32
|
+
#
|
33
|
+
def map_syslog_sev(sev)
|
34
|
+
case sev
|
35
|
+
when "Emergency"
|
36
|
+
return 0
|
37
|
+
when "Alert"
|
38
|
+
return 0
|
39
|
+
when "Critical"
|
40
|
+
return 1
|
41
|
+
when "Error"
|
42
|
+
return 1
|
43
|
+
when "Warning"
|
44
|
+
return 2
|
45
|
+
when "Notice"
|
46
|
+
return 3
|
47
|
+
when "Informational"
|
48
|
+
return 4
|
49
|
+
when "Debug"
|
50
|
+
return 4
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
def extract_pri(pri_val)
|
55
|
+
|
56
|
+
#info taken from RFC 3164
|
57
|
+
|
58
|
+
severity=Array.new(8,nil)
|
59
|
+
severity[0]="Emergency"
|
60
|
+
severity[1]="Alert"
|
61
|
+
severity[2]="Critical"
|
62
|
+
severity[3]="Error"
|
63
|
+
severity[4]="Warning"
|
64
|
+
severity[5]="Notice"
|
65
|
+
severity[6]="Informational"
|
66
|
+
severity[7]="Debug"
|
67
|
+
|
68
|
+
facility=Array.new(24,nil)
|
69
|
+
facility[0]="kernel messages"
|
70
|
+
facility[1]="user-level messages"
|
71
|
+
facility[2]="mail system"
|
72
|
+
facility[3]="system daemons"
|
73
|
+
facility[4]="security/authorization messages (note 1)"
|
74
|
+
facility[5]="messages generated internally by syslogd"
|
75
|
+
facility[6]="line printer subsystem"
|
76
|
+
facility[7]="network news subsystem"
|
77
|
+
facility[8]="UUCP subsystem"
|
78
|
+
facility[9]="clock daemon (note 2)"
|
79
|
+
facility[10]="security/authorization messages (note 1)"
|
80
|
+
facility[11]="FTP daemon"
|
81
|
+
facility[12]="NTP subsystem"
|
82
|
+
facility[13]="log audit (note 1)"
|
83
|
+
facility[14]="log alert (note 1)"
|
84
|
+
facility[15]="clock daemon (note 2)"
|
85
|
+
facility[16]="local use 0 (local0)"
|
86
|
+
facility[17]="local use 1 (local1)"
|
87
|
+
facility[18]="local use 2 (local2)"
|
88
|
+
facility[19]="local use 3 (local3)"
|
89
|
+
facility[20]="local use 4 (local4)"
|
90
|
+
facility[21]="local use 5 (local5)"
|
91
|
+
facility[22]="local use 6 (local6)"
|
92
|
+
facility[23]="local use 7 (local7)"
|
93
|
+
|
94
|
+
for i in 0..severity.size()
|
95
|
+
val=(pri_val.to_i()-i) % 8
|
96
|
+
if val==0
|
97
|
+
fsev=i
|
98
|
+
ffacility=(pri_val.to_i()-i) / 8
|
99
|
+
break
|
100
|
+
end
|
101
|
+
end
|
102
|
+
#print "facility: ",facility[ffacility], " severity: ", severity[fsev],"\n"
|
103
|
+
return Array[facility[ffacility], severity[fsev]]
|
104
|
+
end
|
105
|
+
|
106
|
+
private
|
107
|
+
def send_messages
|
108
|
+
while @buff.has_more?
|
109
|
+
syslog_msg=@buff.get
|
110
|
+
if syslog_msg != nil
|
111
|
+
print "dans syslog analyzer ",syslog_msg
|
112
|
+
#extract pri, date, src node, msg
|
113
|
+
pri, date, src, msg=format_syslog_packet(syslog_msg)
|
114
|
+
if msg != nil
|
115
|
+
if $host[src] != nil && $host[src].syslog_monitoring.size() > 0
|
116
|
+
$host[src].syslog_monitoring.each_value do |syslog_mon|
|
117
|
+
if syslog_mon.active?()
|
118
|
+
msg.scan($syslog_refs[syslog_mon.get_syslog_ref()].get_regex()) do
|
119
|
+
$log.debug "syslog ref: #{syslog_mon.get_syslog_ref()}"
|
120
|
+
#year,month,day,hour,min,sec=parsedate(date)
|
121
|
+
#test if we want default sev of syslog msg
|
122
|
+
if syslog_mon.raw_severity()>0
|
123
|
+
$event_win.add_event(EventWindow::SYSLOG_EVENT_TYPE, get_level_from_status($status[syslog_mon.raw_severity()-1]), $host[src], "Syslog: #{msg}","#{date}")
|
124
|
+
$host[src].set_trap_severity(syslog_mon.raw_severity()-1)
|
125
|
+
else
|
126
|
+
fac,sev=extract_pri(pri)
|
127
|
+
map_sev=map_syslog_sev(sev)
|
128
|
+
$event_win.add_event(EventWindow::SYSLOG_EVENT_TYPE, get_level_from_status($status[map_sev]), $host[src], "Syslog: #{msg}","#{date}")
|
129
|
+
$host[src].set_trap_severity(map_sev)
|
130
|
+
end
|
131
|
+
break
|
132
|
+
end
|
133
|
+
end
|
134
|
+
end
|
135
|
+
end
|
136
|
+
end
|
137
|
+
end
|
138
|
+
end
|
139
|
+
end
|
140
|
+
|
141
|
+
end
|