gnms 2.1.0.rc1

data/lib/monitor/custom_plugin.rb

@@ -0,0 +1,50 @@
+class CustomPlugin
+
+  def initialize(node=nil)
+	#index in $status
+	  @event_state=nil
+	  @event_description=nil
+	  @node=node
+	  monitor()
+  end
+
+   def get_node()
+	   return @node
+   end
+
+  def get_event_state()
+	  return $status[@event_state]
+  end
+
+  def get_event_state_raw()
+	  return @event_state
+  end
+
+  def get_event_description()
+	  return @event_description
+  end
+
+#
+# state is one of "CRITICAL", "MAJOR", "MINOR","WARNING", 
+# "NORMAL", "UNMANAGED", "UNKNOWN"
+#
+  def set_state(state, description=nil)
+		@event_state=$status.index(state)
+		if @event_state == nil
+			#init @event_state to UNKNOWN
+			@event_state=$status.size()-1
+		end
+		if description != nil
+			@event_description=description
+		end
+  end
+
+  def CustomPlugin::show_description()
+		dialog = Gtk::MessageDialog.new($win, Gtk::Dialog::MODAL,
+                           	 Gtk::MessageDialog::INFO,
+                           	 Gtk::MessageDialog::BUTTONS_OK,
+                           	 description())
+		dialog.signal_connect('response') { dialog.destroy }
+		dialog.show
+  end
+end

data/lib/monitor/server/msg_buffer.rb

@@ -0,0 +1,39 @@
+class MsgBuffer
+
+  #nitems method does not exist anymore in ruby 1.9.3
+  def nitems_local(arr)
+    cpt = 0
+    arr.each {|val|
+      if val
+         cpt+=1
+      end
+    }
+    return cpt
+  end
+
+  def initialize(size)
+    @buff = Array.new()
+    @size=size
+  end
+  
+  def put(msg)
+    @buff.unshift(msg)
+    #puts "message put nitems=" + nitems_local(@buff).to_s
+  end
+  
+  def get()
+    return @buff.pop
+  end
+  
+  def has_more?
+    nitems_local(@buff) != 0
+  end
+  
+  def full?
+    nitems_local(@buff) >= @size
+  end
+
+  def empty?
+	  return  nitems_local(@buff) == 0
+  end
+end

data/lib/monitor/server/snmp/snmptrap_analyzer.rb

@@ -0,0 +1,81 @@
+
+class SnmpAnalyzer
+
+  def initialize(buff)
+    @buff=buff
+
+	 @mib=SNMP::MIB.new()
+	 libs=["SNMPv2-SMI", "SNMPv2-MIB", "IF-MIB", "IP-MIB", "TCP-MIB", "UDP-MIB"]
+	 libs.each do |lb|
+		@mib.load_module(lb)
+	 end
+    @sender = Thread.start do
+   	 while $config.snmptrap_mon
+      	   send_messages if buff.full?
+      	   sleep(1)
+	   Thread.pass
+   	 end
+    end
+	$log.debug("end of SnmpAnalyzer thread")
+  end
+  
+  def get_thread
+    @sender
+  end
+
+	#
+	#	convert oid_name to oid, return nil if error
+	#
+	def to_oid(oid_name)
+		oid=nil
+		begin
+			oid=@mib.oid(oid_name).to_s
+		rescue
+			$log.error("SNMP trap: dont understand #{oid_name}")
+		end
+		return oid
+	end
+
+  def send_messages
+    while @buff.has_more?
+      snmptrap_msg=@buff.get
+		if snmptrap_msg != nil
+			src=snmptrap_msg.source_ip
+			if $host[src] != nil && $host[src].snmptrap_monitoring.size() > 0
+				find_oid_val=nil
+				snmptrap_vers=0
+			  if snmptrap_msg.class == SNMP::SNMPv2_Trap
+				 snmptrap_vers=2
+				 find_oid_val=snmptrap_msg.trap_oid().join('.')
+			  elsif SNMP::SNMPv1_Trap
+				 snmptrap_vers=1
+				 find_oid_val=snmptrap_msg.enterprise.join('.')
+				 if snmptrap_msg.generic_trap() == :enterpriseSpecific
+			  		 find_oid_val="#{find_oid_val}.6.#{snmptrap_msg.specific_trap}"
+				 else
+					 find_oid_val="#{find_oid_val}."+snmptrap_msg.generic_trap()
+				 end
+			  else 
+				  $log.error("unkwown Snmp Trap version")
+			  end
+			  if find_oid_val != nil
+				 $host[src].snmptrap_monitoring.each_value do |snmptrap_mon|
+					 if snmptrap_mon.active?() 
+					    trap_ref_value=to_oid($snmptrap_refs[snmptrap_mon.get_snmptrap_ref()].get_oid())
+						 find_oid_value=to_oid(find_oid_val)
+						 if (trap_ref_value == find_oid_value) && (find_oid_value!=nil)
+							$event_win.add_event(EventWindow::TRAP_EVENT_TYPE, get_level_from_status($status[snmptrap_mon.raw_severity()-1]), $host[src], "Snmp Trap(v#{snmptrap_vers}): #{$snmptrap_refs[snmptrap_mon.get_snmptrap_ref()].name}")
+							if $status_value[snmptrap_mon.raw_severity()-1] > $host[src].trap_sev
+								$host[src].set_trap_severity(snmptrap_mon.raw_severity()-1)
+							end							
+							break
+						 end
+					 end
+				 end
+			  end
+			end
+		end
+	 end
+  end
+
+end

data/lib/monitor/server/snmp/snmptrap_capture.rb

@@ -0,0 +1,26 @@
+require "#{GNMSLIB}"+'/monitor/server/snmp/snmptrap_server'
+require "#{GNMSLIB}"+'/monitor/server/msg_buffer'
+require "#{GNMSLIB}"+'/monitor/server/snmp/snmptrap_analyzer'
+
+class SnmpTrapCapture
+  def initialize()
+	 if $config.snmptrap_mon
+		buff=MsgBuffer.new(1)
+		begin
+			@input = SnmpTrapServer.new(buff)
+			@output = SnmpAnalyzer.new(buff)
+		rescue Errno::EADDRINUSE => msg
+		rescue Errno::EACCES => msg
+		   $log.error "SNMP Trap Server: not started"
+		end
+	 end
+	end
+
+	def stop()
+		if @input != nil
+			@input.close_socket()
+		end
+		$log.debug("end of SyslogServer thread")
+		#output thread will be done auto
+	end
+end

data/lib/monitor/server/snmp/snmptrap_monitoring.rb

@@ -0,0 +1,32 @@
+class SnmpTrapMonitoring
+
+   def initialize (st, snmptp_ref, sev)
+		@state=st
+	   @snmptrap_ref=snmptp_ref
+		#index of $status
+	   @severity=sev
+   end
+
+	def get_snmptrap_ref()
+		return @snmptrap_ref
+	end
+	
+	def get_state()
+		return @state
+	end
+	
+	def active?()
+		return @state==1
+	end  
+	
+	def raw_severity()
+		return @severity
+	end
+
+	def severity()
+		if @severity > 0
+			return $status[@severity-1]
+		end
+		return nil
+	end
+end #class

data/lib/monitor/server/snmp/snmptrap_ref.rb

@@ -0,0 +1,135 @@
+class SnmpTrapRef
+   attr_accessor :name, :description
+
+	TABLENAME='snmptrap_ref'
+#############global management###############
+#
+#	add an snmptrap_ref
+#	arg n for uniq name, descr the description and calc the calcul to do
+#	return true if deleted otherwise false
+#
+def SnmpTrapRef::add_snmptrap_ref(n, descr, calc)
+	if $snmptrap_refs[n] == nil
+		$snmptrap_refs[n] = SnmpTrapRef.new(n, descr, calc)
+		return true
+	end
+	return false
+end
+
+#
+#	delete an snmptrap_ref
+#	return true is entry delete otherwise false
+#
+def SnmpTrapRef::del_snmptrap_ref(n)
+	if !$snmptrap_refs[n].used?()
+		$snmptrap_refs.delete(n)
+		return true
+	end
+	return false
+end
+
+def  SnmpTrapRef::write_db_snmptrapref()
+	if defined?($db) && ($db !=nil)
+		$db.transaction
+		db_delete_all_prp(TABLENAME).execute()
+		stmt=db_insert_ref_prp(TABLENAME)
+		$snmptrap_refs.each_value do |snmptrap_ref|
+			stmt.execute(snmptrap_ref.name, snmptrap_ref.description, snmptrap_ref.value)
+		end
+		$db.commit
+	end
+end
+
+def SnmpTrapRef::write_snmptrapref_conf_file(fic_name=SNMPTRAPREFS_CONF_FILE)
+ 	   field_separator='~'
+  		fic=Tempfile.new(File.basename(fic_name))
+		$snmptrap_refs.each_value do |snmptrap_ref|
+			fic.puts "#{snmptrap_ref.name}#{field_separator}#{snmptrap_ref.description}#{field_separator}#{snmptrap_ref.value}"
+		end
+		fic.close()		
+		if !FileUtils.move(fic.path, fic_name)
+			$log.error("Can not save snmp trap ref conf file")
+		end
+end
+
+def SnmpTrapRef::read_db_snmptrapref()
+	if defined?($db) && ($db !=nil)
+		db_select_all_prp(TABLENAME).execute do |rs|
+			rs.each do |name, description, value|
+				add_snmptrap_ref(name,description,value)
+			end
+		end
+	end
+end
+
+def SnmpTrapRef::read_snmptrapref_conf_file(fic=SNMPTRAPREFS_CONF_FILE)
+	field_separator='~'
+	if FileTest.exist?(fic)
+		fic = File.new(fic,'r')
+		lign=fic.gets
+		while lign
+			lign_t = lign.split(field_separator)
+			if lign_t.size() == 3
+				add_snmptrap_ref(lign_t[0],lign_t[1],lign_t[2].chomp())
+			end
+			lign=fic.gets
+		end
+		fic.close
+	else
+		puts "SnmpTrapRefs conf file not found"
+	end
+end
+
+#
+#	return a table of all SnmpTrapRef name
+#
+def SnmpTrapRef::get_snmptrap_refs_name()
+	name_t=[]
+	$snmptrap_refs.each_key {|name|
+		name_t.push name
+	}
+	return name_t
+end
+
+def SnmpTrapRef::snmptrap_ref_exist?(name)
+	return $snmptrap_refs[name] != nil
+end
+#############end global management###############
+
+   def initialize (n, descr, oid)
+		#name is the identifier, it must be uniq
+      @name=n
+      @description=descr
+      @value=oid
+		@nb_use=0
+	end
+
+	def add_use()
+		@nb_use+=1
+	end
+
+	def del_use()
+		@nb_use-=1
+	end
+
+	def used?()
+		return @nb_use>0 
+	end
+	
+	def to_str()
+		print "SnmpTrapRef: ", @name, " ", @description, " ", @value
+	end
+
+	def get_oid()
+		return @value
+	end
+
+	def value()
+		return @value
+	end
+
+	def set_value(oid)
+		 @value=oid
+	end
+
+end #class

data/lib/monitor/server/snmp/snmptrap_server.rb

@@ -0,0 +1,50 @@
+#
+#Could not find default MIB directory, tried:
+#  /usr/share/ruby/snmp/mibs
+#  /usr/lib/ruby/data/ruby/snmp/mibs
+#
+#
+
+class SnmpTrapServer
+  #check if snmp lib support traps
+  def snmp_traps_supported?
+    begin
+      SNMP::UDPServerTransport.new('localhost', 9999)
+      return true
+    rescue ArgumentError
+      return false
+    end
+  end
+
+  def initialize(buff)
+    @buff=buff
+    begin
+      if !snmp_traps_supported?()
+        $log.error("Ruby SNMP lib version is too old, you must at least upgrade to 1.0.1")
+      end
+      @server = SNMP::TrapListener.new(:Host=>'', :Port => $config.snmptrap_port, :Community => $config.snmptrap_community) do |manager|
+        $log.info("SNMP trap Server: listening on udp port #{$config.snmptrap_port}")
+        manager.on_trap_default do |trap|
+          @buff.put trap
+          $log.debug("Trap received: #{trap.inspect}")
+        end
+      end
+    rescue Errno::EADDRINUSE => msg
+      $log.fatal("Syslog Server: #{msg}, socket in use")
+      raise Errno::EADDRINUSE
+    rescue Errno::EACCES => msg
+      $log.fatal("Syslog Server: #{msg}, need root perms")
+      raise Errno::EACCES
+    rescue Exception => e
+      raise e
+    end
+  end
+
+  def close_socket()
+    @server.exit() unless @server == nil
+  end
+
+  def get_thread
+    @server
+  end
+end

data/lib/monitor/server/syslog/syslog_analyzer.rb

@@ -0,0 +1,141 @@
+require 'resolv'
+
+class SyslogAnalyzer
+
+  def initialize(buff)
+    @buff=buff
+
+    @sender = Thread.start do
+   	while $config.syslog_mon
+      	   send_messages if buff.full?
+      	   sleep(1)
+           Thread.pass
+   	 end
+	$log.debug("end of SyslogAnalyzer thread")
+    end
+  end
+  
+  def get_thread
+    @sender
+  end
+
+		#extract: DATETIME|HOST<PRI>MSG
+  def format_syslog_packet(msg)
+	  msg.scan(/^([^|]+)\|([\d.]+)<(\d+)>(.+)$/) do |date,src,pri,msg|
+		puts "dans format_syslog_packet"
+		  return pri, date, src, msg
+	  end
+  end
+
+#
+#	need syslog sev and return a gnms sev (an index of $status)
+#
+	def map_syslog_sev(sev)
+	  case sev
+	  when "Emergency"
+		  return 0
+	  when "Alert"
+		  return 0
+	  when "Critical"
+		  return 1
+	  when "Error"
+		  return 1
+	  when "Warning"
+		  return 2
+	  when "Notice"
+		  return 3
+	  when "Informational"
+		  return 4
+	  when "Debug"
+		  return 4
+	  end
+	end
+
+  def extract_pri(pri_val)
+
+	#info taken from RFC 3164
+
+	severity=Array.new(8,nil)
+	severity[0]="Emergency"
+	severity[1]="Alert"
+	severity[2]="Critical"
+	severity[3]="Error"
+	severity[4]="Warning"
+	severity[5]="Notice"
+	severity[6]="Informational"
+	severity[7]="Debug"
+
+	facility=Array.new(24,nil)
+	facility[0]="kernel messages"
+	facility[1]="user-level messages"
+   facility[2]="mail system"
+   facility[3]="system daemons"
+   facility[4]="security/authorization messages (note 1)"
+   facility[5]="messages generated internally by syslogd"
+   facility[6]="line printer subsystem"
+   facility[7]="network news subsystem"
+   facility[8]="UUCP subsystem"
+	facility[9]="clock daemon (note 2)"
+	facility[10]="security/authorization messages (note 1)"
+	facility[11]="FTP daemon"
+	facility[12]="NTP subsystem"
+	facility[13]="log audit (note 1)"
+	facility[14]="log alert (note 1)"
+	facility[15]="clock daemon (note 2)"
+   facility[16]="local use 0  (local0)"
+   facility[17]="local use 1  (local1)"
+   facility[18]="local use 2  (local2)"
+   facility[19]="local use 3  (local3)"
+   facility[20]="local use 4  (local4)"
+   facility[21]="local use 5  (local5)"
+   facility[22]="local use 6  (local6)"
+   facility[23]="local use 7  (local7)"
+
+	for i in 0..severity.size()
+		val=(pri_val.to_i()-i) % 8
+		if val==0
+			fsev=i
+			ffacility=(pri_val.to_i()-i) / 8
+			break
+		end
+	end
+	#print "facility: ",facility[ffacility], " severity: ", severity[fsev],"\n"
+	return Array[facility[ffacility], severity[fsev]]
+ end
+
+  private
+  def send_messages
+    while @buff.has_more?
+      syslog_msg=@buff.get
+		if syslog_msg != nil
+			print "dans syslog analyzer ",syslog_msg
+			#extract pri, date, src node, msg
+			pri, date, src, msg=format_syslog_packet(syslog_msg)
+			if msg != nil
+				if $host[src] != nil && $host[src].syslog_monitoring.size() > 0
+					$host[src].syslog_monitoring.each_value do |syslog_mon|
+						if syslog_mon.active?()
+      				  msg.scan($syslog_refs[syslog_mon.get_syslog_ref()].get_regex()) do 
+						  $log.debug "syslog ref: #{syslog_mon.get_syslog_ref()}"
+							  #year,month,day,hour,min,sec=parsedate(date)
+							  #test if we want default sev of syslog msg
+							  if syslog_mon.raw_severity()>0
+								  $event_win.add_event(EventWindow::SYSLOG_EVENT_TYPE, get_level_from_status($status[syslog_mon.raw_severity()-1]), $host[src], "Syslog: #{msg}","#{date}")
+								  $host[src].set_trap_severity(syslog_mon.raw_severity()-1)
+							  else
+								  fac,sev=extract_pri(pri)
+								  map_sev=map_syslog_sev(sev)
+							  	  $event_win.add_event(EventWindow::SYSLOG_EVENT_TYPE, get_level_from_status($status[map_sev]), $host[src], "Syslog: #{msg}","#{date}")
+								  $host[src].set_trap_severity(map_sev)
+							  end
+							break
+      				  end
+						end
+					end
+				end
+			end
+		end
+    end
+  end
+
+end