/** * Run all rules for a device * @param int $device Device-ID * @return void */ function RunRules($device) { global $debug; $chk = dbFetchRow("SELECT id FROM alert_schedule WHERE alert_schedule.device_id = ? AND NOW() BETWEEN alert_schedule.start AND alert_schedule.end", array($device)); if ($chk['id'] > 0) { return false; } foreach (dbFetchRows("SELECT * FROM alert_rules WHERE alert_rules.disabled = 0 && ( alert_rules.device_id = -1 || alert_rules.device_id = ? ) ORDER BY device_id,id", array($device)) as $rule) { echo " #" . $rule['id'] . ":"; $chk = dbFetchRow("SELECT state FROM alerts WHERE rule_id = ? && device_id = ? ORDER BY id DESC LIMIT 1", array($rule['id'], $device)); $sql = GenSQL($rule['rule']); $qry = dbFetchRows($sql, array($device)); if (sizeof($qry) > 0) { if ($chk['state'] === "2") { echo " SKIP "; } elseif ($chk['state'] === "1") { echo " NOCHG "; } else { $extra = gzcompress(json_encode(array('contacts' => GetContacts($qry), 'rule' => $qry)), 9); if (dbInsert(array('state' => 1, 'device_id' => $device, 'rule_id' => $rule['id'], 'details' => $extra), 'alert_log')) { if (!dbUpdate(array('state' => 1, 'open' => 1), 'alerts', 'device_id = ? && rule_id = ?', array($device, $rule['id']))) { dbInsert(array('state' => 1, 'device_id' => $device, 'rule_id' => $rule['id'], 'open' => 1), 'alerts'); } echo " ALERT "; } } } else { if ($chk['state'] === "0") { echo " NOCHG "; } else { if (dbInsert(array('state' => 0, 'device_id' => $device, 'rule_id' => $rule['id']), 'alert_log')) { if (!dbUpdate(array('state' => 0, 'open' => 1), 'alerts', 'device_id = ? && rule_id = ?', array($device, $rule['id']))) { dbInsert(array('state' => 0, 'device_id' => $device, 'rule_id' => $rule['id'], 'open' => 1), 'alerts'); } echo " OK "; } } } } }
/** * Run all rules for a device * @param int $device Device-ID * @return void */ function RunRules($device) { if (IsMaintenance($device) > 0) { echo "Under Maintenance, Skipping alerts.\r\n"; return false; } foreach (GetRules($device) as $rule) { c_echo('Rule %p#' . $rule['id'] . ' (' . $rule['name'] . '):%n '); $inv = json_decode($rule['extra'], true); if (isset($inv['invert'])) { $inv = (bool) $inv['invert']; } else { $inv = false; } d_echo(PHP_EOL); $chk = dbFetchRow("SELECT state FROM alerts WHERE rule_id = ? && device_id = ? ORDER BY id DESC LIMIT 1", array($rule['id'], $device)); $sql = GenSQL($rule['rule']); $qry = dbFetchRows($sql, array($device)); if (isset($qry[0]['ip'])) { $qry[0]['ip'] = inet6_ntop($qry[0]['ip']); } $s = sizeof($qry); if ($s == 0 && $inv === false) { $doalert = false; } elseif ($s > 0 && $inv === false) { $doalert = true; } elseif ($s == 0 && $inv === true) { $doalert = true; } else { //( $s > 0 && $inv == false ) { $doalert = false; } if ($doalert) { if ($chk['state'] === "2") { c_echo('Status: %ySKIP'); } elseif ($chk['state'] >= "1") { c_echo('Status: %bNOCHG'); } else { $extra = gzcompress(json_encode(array('contacts' => GetContacts($qry), 'rule' => $qry)), 9); if (dbInsert(array('state' => 1, 'device_id' => $device, 'rule_id' => $rule['id'], 'details' => $extra), 'alert_log')) { if (!dbUpdate(array('state' => 1, 'open' => 1), 'alerts', 'device_id = ? && rule_id = ?', array($device, $rule['id']))) { dbInsert(array('state' => 1, 'device_id' => $device, 'rule_id' => $rule['id'], 'open' => 1, 'alerted' => 0), 'alerts'); } c_echo(PHP_EOL . 'Status: %rALERT'); } } } else { if ($chk['state'] === "0") { c_echo('Status: %bNOCHG'); } else { if (dbInsert(array('state' => 0, 'device_id' => $device, 'rule_id' => $rule['id']), 'alert_log')) { if (!dbUpdate(array('state' => 0, 'open' => 1), 'alerts', 'device_id = ? && rule_id = ?', array($device, $rule['id']))) { dbInsert(array('state' => 0, 'device_id' => $device, 'rule_id' => $rule['id'], 'open' => 1, 'alerted' => 0), 'alerts'); } c_echo(PHP_EOL . 'Status: %gOK'); } } } c_echo('%n' . PHP_EOL); } }
/** * Run all rules for a device * @param int $device Device-ID * @return void */ function RunRules($device) { if (IsMaintenance($device) > 0) { echo "Under Maintenance, Skipping alerts.\r\n"; return false; } foreach (GetRules($device) as $rule) { echo " #" . $rule['id'] . ":"; $inv = json_decode($rule['extra'], true); if (isset($inv['invert'])) { $inv = (bool) $inv['invert']; } else { $inv = false; } $chk = dbFetchRow("SELECT state FROM alerts WHERE rule_id = ? && device_id = ? ORDER BY id DESC LIMIT 1", array($rule['id'], $device)); $sql = GenSQL($rule['rule']); $qry = dbFetchRows($sql, array($device)); $s = sizeof($qry); if ($s == 0 && $inv === false) { $doalert = false; } elseif ($s > 0 && $inv === false) { $doalert = true; } elseif ($s == 0 && $inv === true) { $doalert = true; } else { //( $s > 0 && $inv == false ) { $doalert = false; } if ($doalert) { if ($chk['state'] === "2") { echo " SKIP "; } elseif ($chk['state'] >= "1") { echo " NOCHG "; } else { $extra = gzcompress(json_encode(array('contacts' => GetContacts($qry), 'rule' => $qry)), 9); if (dbInsert(array('state' => 1, 'device_id' => $device, 'rule_id' => $rule['id'], 'details' => $extra), 'alert_log')) { if (!dbUpdate(array('state' => 1, 'open' => 1), 'alerts', 'device_id = ? && rule_id = ?', array($device, $rule['id']))) { dbInsert(array('state' => 1, 'device_id' => $device, 'rule_id' => $rule['id'], 'open' => 1, 'alerted' => 0), 'alerts'); } echo " ALERT "; } } } else { if ($chk['state'] === "0") { echo " NOCHG "; } else { if (dbInsert(array('state' => 0, 'device_id' => $device, 'rule_id' => $rule['id']), 'alert_log')) { if (!dbUpdate(array('state' => 0, 'open' => 1), 'alerts', 'device_id = ? && rule_id = ?', array($device, $rule['id']))) { dbInsert(array('state' => 0, 'device_id' => $device, 'rule_id' => $rule['id'], 'open' => 1, 'alerted' => 0), 'alerts'); } echo " OK "; } } } } }
/** * Run Follow-Up alerts * @return void */ function RunFollowUp() { global $config; foreach (dbFetchRows('SELECT alerts.device_id, alerts.rule_id, alerts.state FROM alerts WHERE alerts.state != 2 && alerts.state > 0 && alerts.open = 0') as $alert) { $tmp = array($alert['rule_id'], $alert['device_id']); $alert = dbFetchRow('SELECT alert_log.id,alert_log.rule_id,alert_log.device_id,alert_log.state,alert_log.details,alert_log.time_logged,alert_rules.rule,alert_rules.severity,alert_rules.extra,alert_rules.name FROM alert_log,alert_rules WHERE alert_log.rule_id = alert_rules.id && alert_log.device_id = ? && alert_log.rule_id = ? && alert_rules.disabled = 0 ORDER BY alert_log.id DESC LIMIT 1', array($alert['device_id'], $alert['rule_id'])); if (empty($alert['rule']) || !IsRuleValid($tmp[1], $tmp[0])) { // Alert-Rule does not exist anymore, let's remove the alert-state. echo 'Stale-Rule: #' . $tmp[0] . '/' . $tmp[1] . "\r\n"; dbDelete('alerts', 'rule_id = ? && device_id = ?', array($tmp[0], $tmp[1])); continue; } $alert['details'] = json_decode(gzuncompress($alert['details']), true); $rextra = json_decode($alert['extra'], true); if ($rextra['invert']) { continue; } $chk = dbFetchRows(GenSQL($alert['rule']), array($alert['device_id'])); $o = sizeof($alert['details']['rule']); $n = sizeof($chk); $ret = 'Alert #' . $alert['id']; $state = 0; if ($n > $o) { $ret .= ' Worsens'; $state = 3; $alert['details']['diff'] = array_diff($chk, $alert['details']['rule']); } elseif ($n < $o) { $ret .= ' Betters'; $state = 4; $alert['details']['diff'] = array_diff($alert['details']['rule'], $chk); } if ($state > 0 && $n > 0) { $alert['details']['rule'] = $chk; if (dbInsert(array('state' => $state, 'device_id' => $alert['device_id'], 'rule_id' => $alert['rule_id'], 'details' => gzcompress(json_encode($alert['details']), 9)), 'alert_log')) { dbUpdate(array('state' => $state, 'open' => 1, 'alerted' => 1), 'alerts', 'rule_id = ? && device_id = ?', array($alert['rule_id'], $alert['device_id'])); } echo $ret . ' (' . $o . '/' . $n . ")\r\n"; } } //end foreach }
if (!is_admin()) { echo "Insufficient Privileges"; exit; } $hostname = escapeshellcmd($_REQUEST['hostname']); $type = $_REQUEST['type']; switch ($type) { case 'alerts': $filename = "alerts-{$hostname}.txt"; $device_id = getidbyname($hostname); $device = device_by_id_cache($device_id); $rules = GetRules($device_id); $output = ''; foreach ($rules as $rule) { if (empty($rule['query'])) { $rule['query'] = GenSQL($rule['rule']); } $sql = $rule['query']; $qry = dbFetchRow($sql, array($device_id)); if (is_array($qry)) { $response = 'matches'; } else { $response = 'no match'; } $output .= 'Rule name: ' . $rule['name'] . PHP_EOL; $output .= 'Alert rule: ' . $rule['rule'] . PHP_EOL; $output .= 'Alert query: ' . $rule['query'] . PHP_EOL; $output .= 'Rule match: ' . $response . PHP_EOL . PHP_EOL; } if ($config['alert']['transports']['mail'] === true) { $contacts = GetContacts($rules);
</div> </div> <?php if (isset($_POST['create-default'])) { $default_rules[] = array('device_id' => '-1', 'rule' => '%macros.device_down = "1"', 'severity' => 'critical', 'extra' => '{"mute":false,"count":"-1","delay":"300"}', 'disabled' => 0, 'name' => 'Devices up/down'); $default_rules[] = array('device_id' => '-1', 'rule' => '%devices.uptime < "300" && %macros.device = "1"', 'severity' => 'critical', 'extra' => '{"mute":false,"count":"1","delay":"300"}', 'disabled' => 0, 'name' => 'Device rebooted'); $default_rules[] = array('device_id' => '-1', 'rule' => '%bgpPeers.bgpPeerState != "established" && %macros.device_up = "1"', 'severity' => 'critical', 'extra' => '{"mute":false,"count":"1","delay":"300"}', 'disabled' => 0, 'name' => 'BGP Session down'); $default_rules[] = array('device_id' => '-1', 'rule' => '%bgpPeers.bgpPeerFsmEstablishedTime < "300" && %bgpPeers.bgpPeerState = "established"', 'severity' => 'critical', 'extra' => '{"mute":false,"count":"1","delay":"300"}', 'disabled' => 0, 'name' => 'BGP Session established'); $default_rules[] = array('device_id' => '-1', 'rule' => '%macros.port_down = "1"', 'severity' => 'critical', 'extra' => '{"mute":false,"count":"1","delay":"300"}', 'disabled' => 0, 'name' => 'Port status up/down'); $default_rules[] = array('device_id' => '-1', 'rule' => '%macros.port_usage_perc >= "80" && %macros.port_up = "1" && %macros.port = "1"', 'severity' => 'critical', 'extra' => '{"mute":false,"count":"-1","delay":"300"}', 'disabled' => 0, 'name' => 'Port utilisation over threshold'); $default_rules[] = array('device_id' => '-1', 'rule' => '%sensors.sensor_current > %sensors.sensor_limit && %sensors.sensor_alert = "1"', 'severity' => 'critical', 'extra' => '{"mute":false,"count":"-1","delay":"300"}', 'disabled' => 0, 'name' => 'Sensor over limit'); $default_rules[] = array('device_id' => '-1', 'rule' => '%sensors.sensor_current < %sensors.sensor_limit_low && %sensors.sensor_alert = "1"', 'severity' => 'critical', 'extra' => '{"mute":false,"count":"-1","delay":"300"}', 'disabled' => 0, 'name' => 'Sensor under limit'); $default_rules[] = array('device_id' => '-1', 'rule' => '%services.service_status != "0"', 'severity' => 'critical', 'extra' => '{"mute":false,"count":"-1","delay":"300"}', 'disabled' => 0, 'name' => 'Service up/down'); require_once '../includes/alerts.inc.php'; foreach ($default_rules as $add_rule) { $add_rule['query'] = GenSQL($add_rule['rule']); dbInsert($add_rule, 'alert_rules'); } } //end if require_once 'includes/modal/new_alert_rule.inc.php'; require_once 'includes/modal/delete_alert_rule.inc.php'; ?> <form method="post" action="" id="result_form"> <?php if (isset($_POST['results_amount']) && $_POST['results_amount'] > 0) { $results = $_POST['results']; } else { $results = 50; } echo '<div class="table-responsive">
*/ define("TEST", true); include "alerts.php"; ///////////////////////////////////////////////////// echo "SQL Generation Test:\r\n"; ///////////////////// ///////////////////////////////////////////////////// $rules[] = "%ports.ifDescr !~ 'tun@' && %ports.ifDescr !~ 'tap@' && %ports.ifDescr !~ 'ppp@' && %ports.ifOperStatus != 'up'"; $rules[] = "%devices.hostname ~ '@core@' && %ports.ifDescr ~ 'gbit@' && %ports.ifOperStatus != 'up'"; $rules[] = "((%ports.ifInOctets_rate*8)/%ports.ifSpeed)*100 >= '80'"; $rules[] = "80 >= ((%ports.ifInOctets_rate*8)/%ports.ifSpeed)*100"; $rules[] = '%((%ports.ifInOctets_rate*8)/%ports.ifSpeed)*100 >= "20"'; foreach ($rules as $rule) { echo ' Rule : ' . $rule; echo "\r\n"; echo ' SQL : ' . GenSQL($rule); echo "\r\n"; echo " ---\r\n"; } ///////////////////////////////////////////////////// echo "End.\r\n\r\n"; ///////////////////////////////// ///////////////////////////////////////////////////// ///////////////////////////////////////////////////// echo "Alert-Object and Formating Test:\r\n"; ///////// ///////////////////////////////////////////////////// $default_tpl = "%title\r\nSeverity: %severity\r\n{if %state == 0}Time elapsed: %elapsed\r\n{/if}Timestamp: %timestamp\r\nUnique-ID: %uid\r\nRule: {if %name}%name{else}%rule{/if}\r\n{if %faults}Faults:\r\n{foreach %faults} {if isset(%value.ifDescr)}%value.ifDescr{else}#%key: %value.string{/if}\r\n{/foreach}{/if}Alert sent to: {foreach %contacts}%value <%key> {/foreach}"; $alert = dbFetchRow("SELECT alert_log.id,alert_log.rule_id,alert_log.device_id,alert_log.state,alert_log.details,alert_log.time_logged,alert_rules.rule,alert_rules.severity,alert_rules.extra,alert_rules.name FROM alert_log,alert_rules WHERE alert_log.rule_id = alert_rules.id && alert_log.device_id = ? && alert_log.rule_id = ? ORDER BY alert_log.id DESC LIMIT 1", array(23, 1)); $alert['details'] = json_decode(gzuncompress($alert['details']), true); echo "Raw-Object:\r\n";
* LibreNMS * * Copyright (c) 2014 Neil Lathwood <https://github.com/laf/ http://www.lathwood.co.uk/fa> * * This program is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation, either version 3 of the License, or (at your * option) any later version. Please see LICENSE.txt at the top level of * the source code distribution for details. */ if (is_admin() === false) { die('ERROR: You need to be admin'); } $rule = implode(' ', $_POST['rules']); $rule = rtrim($rule, '&|'); $query = GenSQL($rule); $alert_id = $_POST['alert_id']; $count = mres($_POST['count']); $delay = mres($_POST['delay']); $interval = mres($_POST['interval']); $mute = mres($_POST['mute']); $invert = mres($_POST['invert']); $name = mres($_POST['name']); if ($_POST['proc'] != "") { $proc = $_POST['proc']; } else { $proc = ""; } if (empty($rule)) { $update_message = 'ERROR: No rule was generated - did you forget to click and / or?'; } elseif (validate_device_id($_POST['device_id']) || $_POST['device_id'] == '-1' || $_POST['device_id'][0] == ':') {
*/ if (!is_admin()) { echo "Insufficient Privileges"; exit; } $hostname = escapeshellcmd($_REQUEST['hostname']); $type = $_REQUEST['type']; switch ($type) { case 'alerts': $filename = "alerts-{$hostname}.txt"; $device_id = getidbyname($hostname); $device = device_by_id_cache($device_id); $rules = GetRules($device_id); $output = ''; foreach ($rules as $rule) { $sql = GenSQL($rule['rule']); $qry = dbFetchRow($sql, array($device_id)); if (is_array($qry)) { $response = 'matches'; } else { $response = 'no match'; } $output .= 'Rule name: ' . $rule['name'] . PHP_EOL; $output .= 'Alert rule: ' . $rule['rule'] . PHP_EOL; $output .= 'Rule match: ' . $response . PHP_EOL . PHP_EOL; } break; default: echo 'You must specify a valid type'; exit; }