mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
53bfb24ef9ca62b0e596f295748da33c29e17e23
librenms-librenms/includes/polling/applications/fail2ban.inc.php
Zane C. Bowers-Hadley 0bbcde1227 add the ability for storing app data to prevent spamming of the event log via via component usage (#14087) 
* initial work on add the ability to save/fetch app data

* update to use get_app_data for ZFS

* update the poller for the new app_data stuff

* ZFS now logs changes to pools

* add schema update for app_data stuff

* small formatting fix

* add a missing \

* now adds a column

* sql-schema is no longer used, so remove the file that was added here

* misc cleanups

* rename the method in database/migrations/2022_07_03_1947_add_app_data.php

* hopefully fix the migration bit

* add the column to misc/db_schema.yaml

* more misc small DB fixes

* update the test as the json column uses collat of utf8mb4_bin

* revert the last change and try manually setting it to what is expected

* remove a extra ;

* update suricata as well

* correct the instance -> instances in one location to prevent the old instance list from being stomped

* remove a extra ;

* update fail2ban to use it as well

* remove two unused functions as suricata and fail2ban no longer use components

* style cleanup

* postgres poller updated to use it

* update html side of the postgres bits

* chronyd now uses app data bits now as well

* portactivity now uses it as well

* style fix

* sort the returned arrays from app_data

* correct log message for port activity

* collocation change

* try re-ordering it

* add in the new data column to the tests

* remove a extra ,

* hmm... ->collate('utf8mb4_unicode_ci') is not usable as apparently collate does not exist

* change the column type from json to longtext

* mv chronyd stuff while I sort out the rest of the tests... damn thing is always buggy

* hmm... fix a missing line then likely move stuff back

* style fix

* add fillable

* add the expexcted data for fail2ban json

* escape a " I missed

* add data for portactivity

* add suricata app data

* add app data to zfs legacy test

* put the moved tests back into place and update zfs-v1 test

* add app data for chronyd test

* add app data for fail2ban legacy test

* update zfs v1 app data

* add some notes on application dev work

* add Developing/Application-Notes.md to mkdocs.yml

* add data column to it

* added various suggestions from bennet-esyoil

* convert from isset to sizeof

* type fix

* fully remove the old save app data function and move it into a helper function... the other still needs cleaned up prior to removal

* update docs

* get_app_data is fully removed now as well

* a few style fixes

* add $casts

* update chronyd test

* attempt to fix the data

* more doc cleanup and try changing the cast

* style fix

* revert the changes to the chronyd test

* apply a few of murrant's suggestions

* document working with ->data as json and non-josn

* remove two no-longer used in this PR exceptions

* ->data now operates transparently

* style fix

* update data tests

* fix json

* test fix

* update the app notes to reflect how app data now works

* app test fix

* app data fix for linux_lsi

* json fix

* minor doc cleanup

* remove duplicate querty and use json_decode instead

* style fix

* modelize the app poller

* use a anon func instead of foreach

* test update

* style cleanup

* style cleanup

* another test cleanup

* more test cleanup

* reverse the test changes and add in some more glue code

* revert one of the test changes

* another small test fix

* Make things use models
Left some array access, but those will still work just fine.

* missed chronyd and portactivity

* rename poll to avoid make it any confusion

* Remove extra save and fix timestamp

* save any changes made to app->data

* nope, that was not it

* What are magic methods and how do they work?

* fix two typos

* update linux_lsi test

* change quote type

Co-authored-by: Tony Murray <murraytony@gmail.com>
2022-07-22 16:01:55 -05:00

78 lines
2.5 KiB
PHP
Raw Blame History

<?php
use LibreNMS\Exceptions\JsonAppException;
use LibreNMS\Exceptions\JsonAppParsingFailedException;
use LibreNMS\RRD\RrdDefinition;
$name = 'fail2ban';
try {
$f2b = json_app_get($device, $name);
} catch (JsonAppParsingFailedException $e) {
// Legacy script, build compatible array
$legacy = explode("\n", $e->getOutput());
$f2b = [
'data' => [
'total' => array_shift($legacy), // total was first line in legacy app
'jails' => [],
],
];
foreach ($legacy as $jail_data) {
[$jail, $banned] = explode(' ', $jail_data);
if (isset($jail) && isset($banned)) {
$f2b['data']['jails'][$jail] = $banned;
}
}
} catch (JsonAppException $e) {
echo PHP_EOL . $name . ':' . $e->getCode() . ':' . $e->getMessage() . PHP_EOL;
update_application($app, $e->getCode() . ':' . $e->getMessage(), []); // Set empty metrics and error message
return;
}
$f2b = $f2b['data'];
$metrics = [];
$rrd_name = ['app', $name, $app->app_id];
$rrd_def = RrdDefinition::make()
->addDataset('banned', 'GAUGE', 0)
->addDataset('firewalled', 'GAUGE', 0);
$fields = ['banned' => $f2b['total']];
$metrics['total'] = $fields; // don't include legacy ds in db
$fields['firewalled'] = 'U'; // legacy ds
$tags = ['name' => $name, 'app_id' => $app->app_id, 'rrd_def' => $rrd_def, 'rrd_name' => $rrd_name];
data_update($device, 'app', $tags, $fields);
$jails = [];
foreach ($f2b['jails'] as $jail => $banned) {
$rrd_name = ['app', $name, $app->app_id, $jail];
$rrd_def = RrdDefinition::make()->addDataset('banned', 'GAUGE', 0);
$fields = ['banned' => $banned];
$metrics["jail_$jail"] = $fields;
$tags = ['name' => $name, 'app_id' => $app->app_id, 'rrd_def' => $rrd_def, 'rrd_name' => $rrd_name];
data_update($device, 'app', $tags, $fields);
$jails[] = $jail;
}
// check for added or removed jails
$old_jails = $app->data['jails'] ?? [];
$added_jails = array_diff($jails, $old_jails);
$removed_jails = array_diff($old_jails, $jails);
// if we have any jail changes, save and log
if (count($added_jails) > 0 || count($removed_jails) > 0) {
$app->data = ['jails' => $jails]; // save jails list
$log_message = 'Fail2ban Jail Change:';
$log_message .= count($added_jails) > 0 ? ' Added ' . implode(',', $added_jails) : '';
$log_message .= count($removed_jails) > 0 ? ' Removed ' . implode(',', $added_jails) : '';
log_event($log_message, $device, 'application');
}
update_application($app, 'ok', $metrics);
Reference in New Issue View Git Blame Copy Permalink