mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
b89eb22cd55a5ad2d617b922fccd230da8d873eb
librenms-librenms/LibreNMS/Alert/Transport/Splunk.php
SourceDoctor b89eb22cd5 Enumerate AlertState (#11665) 
* Enumerate AlertState

* fix typo

* add missing use's

* .

* .
2020-05-23 21:14:36 -05:00

142 lines
5.1 KiB
PHP
Raw Blame History

<?php
/* LibreNMS
*
* Copyright (C) 2020 Chris Friesen <chris.friesen@virtechsystems.com>
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>. */
namespace LibreNMS\Alert\Transport;
use LibreNMS\Enum\AlertState;
use LibreNMS\Alert\Transport;
class Splunk extends Transport
{
public function deliverAlert($obj, $opts)
{
if (!empty($this->config)) {
$opts['splunk_host'] = $this->config['Splunk-host'];
$opts['splunk_port'] = $this->config['Splunk-port'];
}
return $this->contactSplunk($obj, $opts);
}
public function contactSplunk($obj, $opts)
{
$splunk_host = '127.0.0.1';
$splunk_port = 514;
$severity = 6; // Default severity is 6 (Informational)
$device = device_by_id_cache($obj['device_id']); // for event logging
if (!empty($opts['splunk_host'])) {
if (preg_match("/[a-zA-Z]/", $opts['splunk_host'])) {
$splunk_host = gethostbyname($opts['splunk_host']);
if ($splunk_host === $opts['splunk_host']) {
log_event("Alphanumeric hostname found but does not resolve to an IP.", $device, 'poller', 5);
return false;
}
} elseif (filter_var($opts['splunk_host'], FILTER_VALIDATE_IP)) {
$splunk_host = $opts['splunk_host'];
} else {
log_event("Splunk host is not a valid IP: " . $opts['splunk_host'], $device, 'poller', 5);
return false;
}
} else {
log_event("Splunk host is empty.", $device, 'poller');
}
if (!empty($opts['splunk_port']) && preg_match("/^\d+$/", $opts['splunk_port'])) {
$splunk_port = $opts['splunk_port'];
} else {
log_event("Splunk port is not an integer.", $device, 'poller', 5);
}
switch ($obj['severity']) {
case "critical":
$severity = 2;
break;
case "warning":
$severity = 4;
break;
}
switch ($obj['state']) {
case AlertState::RECOVERED:
$severity = 6;
break;
case AlertState::ACKNOWLEDGED:
$severity = 6;
break;
}
$ignore = array("template", "contacts", "rule", "string", "debug", "faults", "builder", "transport", "alert", "msg", "transport_name");
$splunk_prefix = '<' . $severity . '> ';
foreach ($obj as $key => $val) {
if (in_array($key, $ignore)) {
continue;
}
$splunk_prefix .= $key . '="' . $val . '", ';
}
$ignore = array("attribs", "vrf_lite_cisco", "community", "authlevel", "authname", "authpass", "authalgo", "cryptopass", "cryptoalgo", "snmpver", "port");
foreach ($device as $key => $val) {
if (in_array($key, $ignore)) {
continue;
}
$splunk_prefix .= 'device_' . $key . '="' . $val . '", ';
}
$splunk_prefix = substr($splunk_prefix, 0, -1);
if (($socket = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP)) === false) {
log_event("socket_create() failed: reason: " . socket_strerror(socket_last_error()), $device, 'poller', 5);
return false;
} else {
if (!empty($obj['faults'])) {
foreach ($obj['faults'] as $k => $v) {
$splunk_msg = $splunk_prefix . ' - ' . $v['string'];
socket_sendto($socket, $splunk_msg, strlen($splunk_msg), 0, $splunk_host, $splunk_port);
}
} else {
$splunk_msg = $splunk_prefix;
socket_sendto($socket, $splunk_msg, strlen($splunk_msg), 0, $splunk_host, $splunk_port);
}
socket_close($socket);
}
return true;
}
public static function configTemplate()
{
return [
'config' => [
[
'title' => 'Host',
'name' => 'Splunk-host',
'descr' => 'Splunk Host',
'type' => 'text'
],
[
'title' => 'UDP Port',
'name' => 'Splunk-port',
'descr' => 'Splunk Port',
'type' => 'text'
]
],
'validation' => [
'Splunk-host' => 'required|string',
'Splunk-port' => 'required|numeric'
]
];
}
}
Reference in New Issue View Git Blame Copy Permalink