} // Check if valid regex $vars[$var] = $value; } if ($ok) { $rule = array(); $rule['la_name'] = $vars['name']; $rule['la_descr'] = $vars['descr']; $rule['la_rule'] = $vars['regex']; $rule['la_severity'] = '8'; $rule['la_disable'] = '0'; $rule_id = dbInsert('syslog_rules', $rule); if (is_numeric($rule_id)) { print_success('<p>Syslog rule inserted as <a href="' . generate_url(array('page' => 'syslog_rules', 'la_id' => $rule_id)) . '">' . $rule_id . '</a></p>'); unset($vars['name'], $vars['descr'], $vars['regex']); set_obs_attrib('syslog_rules_changed', time()); } else { print_error('Failed to create new rule.'); } } else { print_error('Failed to create new rule. Incorrect rule passed.'); } } ?> <div class="row"> <div class="col-md-8"> <?php $form = array('type' => 'horizontal', 'id' => 'logalert_rule', 'title' => 'New Syslog Rule Details', 'icon' => 'oicon-gear'); $form['row'][1]['name'] = array('type' => 'text', 'name' => 'Rule Name', 'placeholder' => TRUE, 'width' => '250px', 'value' => $vars['name']);
} } else { // Disable STRICT mode for DB session (we not fully support them) $db_modes = explode(',', dbFetchCell("SELECT @@SESSION.sql_mode;")); $db_mode_exclude = 'STRICT_TRANS_TABLES'; if (in_array($db_mode_exclude, $db_modes)) { $db_modes = array_diff($db_modes, array($db_mode_exclude)); dbQuery('SET SESSION `sql_mode` = ?', array(implode(',', $db_modes))); print_debug('DB STRICT mode disabled'); } //register_shutdown_function('dbClose'); // Maybe better in another place, but at least here it runs always; keep track of what svn revision we last saw, and eventlog the upgrade versions. // We have versions here from the includes above, and we just connected to the DB. $rev_old = @get_obs_attrib('current_rev'); if ($rev_old < OBSERVIUM_REV || !is_numeric($rev_old)) { set_obs_attrib('current_rev', OBSERVIUM_REV); log_event("Observium updated: {$rev_old} -> " . OBSERVIUM_REV); // FIXME log_event currently REQUIRES a device, the SQL query will fail. } } } // Load SQL configuration into $config variable load_sqlconfig($config); /** * OHMYGOD, this is very dangerous, because this is secure hole for override static definitions, * now already defined configs skipped in load_sqlconfig(). * // Reload configuration file into $config variable to make sure it overrules all SQL-supplied and default settings // Not the greatest hack, but array_merge was unfit for the job, unfortunately. include($config['install_dir']."/config.php"); */
$stat_base64 = base64_encode($stat_serial); $query = http_build_query(array('stats' => $stat_base64)); $context_data = array('method' => 'POST', 'header' => "Connection: close\r\n" . "Content-Length: " . strlen($query) . "\r\n", 'content' => $query); //$context = stream_context_create(array( 'http' => $context_data )); //$versions = file_get_contents( 'http://www.observium.org/versions.php', false, $context); $versions = get_http_request('http://www.observium.org/versions.php', $context_data); if ($versions = json_decode($versions, TRUE)) { if (OBSERVIUM_EDITION == "community") { $train = "ce"; } elseif (OBSERVIUM_TRAIN == "stable") { $train = "stable"; } else { $train = "current"; } // this same as rolling $latest = $versions[$train]; set_obs_attrib('latest_ver', $latest['version']); set_obs_attrib('latest_rev', $latest['revision']); set_obs_attrib('latest_rev_date', $latest['date']); } set_obs_attrib('last_versioncheck', time()); } $latest['revision'] = get_obs_attrib('latest_rev'); if ($latest['revision'] > OBSERVIUM_REV) { $latest['version'] = get_obs_attrib('latest_ver'); $latest['date'] = get_obs_attrib('latest_rev_date'); print_message("%GThere is a newer revision of Observium available!%n", 'color'); print_message("%GVersion %r" . $latest['version'] . "%G (" . format_unixtime(datetime_to_unixtime($latest['date']), 'jS F Y') . ") is %r" . ($latest['revision'] - OBSERVIUM_REV) . "%G revisions ahead.%n\n", 'color'); } unset($latest, $versions, $train, $last_checked, $stats); // EOF
} // Fetch all MIBs we support for specific OS groups foreach ($config['os_group'] as $os => $data) { foreach ($data['mibs'] as $mib) { $mibs[$mib]['oses'][$os] = TRUE; } } ksort($mibs); $obs_attribs = get_obs_attribs('mib_'); // r($vars); if ($vars['toggle_mib'] && isset($mibs[$vars['toggle_mib']])) { $mib = $vars['toggle_mib']; if (isset($obs_attribs['mib_' . $mib])) { del_obs_attrib('mib_' . $mib); } else { set_obs_attrib('mib_' . $mib, "0"); } $obs_attribs = get_obs_attribs('mib_'); } print_message("This page allows you to globally disable individual MIBs. This configuration disables all discovery and polling using this MIB."); // r($obs_attribs); ?> <div class="row"> <!-- begin row --> <div class="col-md-12"> <?php $box_args = array('title' => 'Global MIB Configuration', 'header-border' => TRUE); echo generate_box_open($box_args); ?>
function get_http_request($request, $context = array(), $rate_limit = FALSE) { global $config; $ok = TRUE; if (defined('OBS_HTTP_REQUEST') && OBS_HTTP_REQUEST === FALSE) { print_debug("HTTP requests skipped since previous request exit with timeout"); $ok = FALSE; $GLOBALS['response_headers'] = array('code' => '408', 'status' => 'Request Timeout'); } else { if (!ini_get('allow_url_fopen')) { print_debug('HTTP requests disabled, since PHP config option "allow_url_fopen" set to off. Please enable this option in your PHP config.'); $ok = FALSE; $GLOBALS['response_headers'] = array('code' => '501', 'status' => 'Not Implemented'); } else { if (preg_match('/^https/i', $request) && !check_extension_exists('openssl')) { // Check if Secure requests allowed, but ssl extensin not exist print_debug(__FUNCTION__ . '() wants to connect with https but https is not enabled on this server. Please check your PHP settings, the openssl extension must exist and be enabled.'); logfile(__FUNCTION__ . '() wants to connect with https but https is not enabled on this server. Please check your PHP settings, the openssl extension must exist and be enabled.'); $ok = FALSE; $GLOBALS['response_headers'] = array('code' => '501', 'status' => 'HTTPS Method Not Implemented'); } } } if ($ok && $rate_limit && is_numeric($rate_limit) && $rate_limit >= 0) { // Check limit rates to this domain (per/day) if (preg_match('/^https?:\\/\\/([\\w\\.]+[\\w\\-\\.]*(:\\d+)?)/i', $request, $matches)) { $date = format_unixtime($config['time']['now'], 'Y-m-d'); $domain = $matches[0]; // base domain (with http(s)): https://test-me.com/ -> https://test-me.com $rate_db = json_decode(get_obs_attrib('http_rate_' . $domain), TRUE); //print_vars($date); print_vars($rate_db); if (is_array($rate_db) && isset($rate_db[$date])) { $rate_count = $rate_db[$date]; } else { $rate_count = 0; } $rate_count++; set_obs_attrib('http_rate_' . $domain, json_encode(array($date => $rate_count))); if ($rate_count > $rate_limit) { print_debug("HTTP requests skipped because the rate limit {$rate_limit}/day for domain '{$domain}' is exceeded (count: {$rate_count})"); $GLOBALS['response_headers'] = array('code' => '429', 'status' => 'Too Many Requests'); $ok = FALSE; } else { if (OBS_DEBUG > 1) { print_debug("HTTP rate count for domain '{$domain}': {$rate_count} ({$rate_limit}/day)"); } } } else { $rate_limit = FALSE; } } if (OBS_DEBUG > 0) { $debug_request = $request; if (OBS_DEBUG < 2 && strpos($request, 'update.observium.org')) { $debug_request = preg_replace('/&stats=.+/', '&stats=***', $debug_request); } $debug_msg = PHP_EOL . 'REQUEST[%y' . $debug_request . '%n]'; } if (!$ok) { if (OBS_DEBUG > 0) { print_message($debug_msg . PHP_EOL . 'REQUEST STATUS[' . $GLOBALS['response_headers']['code'] . ' ' . $GLOBALS['response_headers']['status'] . ']', 'console'); } return FALSE; } $response = ''; if (!is_array($context)) { $context = array(); } // Fix context if not array passed $opts = array('http' => $context); $opts['http']['timeout'] = '15'; // User agent (required for some type of queries, ie geocoding) if (!isset($opts['http']['header'])) { $opts['http']['header'] = ''; } // Avoid 'undefined index' when concatting below $opts['http']['header'] .= 'User-Agent: ' . OBSERVIUM_PRODUCT . '/' . OBSERVIUM_VERSION . '\\r\\n'; if (isset($config['http_proxy']) && $config['http_proxy']) { $opts['http']['proxy'] = 'tcp://' . $config['http_proxy']; $opts['http']['request_fulluri'] = TRUE; } // Basic proxy auth if (isset($config['proxy_user']) && $config['proxy_user'] && isset($config['proxy_password'])) { $auth = base64_encode($config['proxy_user'] . ':' . $config['proxy_password']); $opts['http']['header'] .= 'Proxy-Authorization: Basic ' . $auth . '\\r\\n'; } $start = utime(); $context = stream_context_create($opts); $response = file_get_contents($request, FALSE, $context); $runtime = utime() - $start; // Parse response headers $head = array(); foreach ($http_response_header as $k => $v) { $t = explode(':', $v, 2); if (isset($t[1])) { $head[trim($t[0])] = trim($t[1]); } else { if (preg_match("!HTTP/([\\d\\.]+)\\s+(\\d+)(.*)!", $v, $matches)) { $head['http'] = $matches[1]; $head['code'] = intval($matches[2]); $head['status'] = trim($matches[3]); } else { $head[] = $v; } } } $GLOBALS['response_headers'] = $head; if (OBS_DEBUG > 0) { if (OBS_DEBUG < 2 && strpos($request, 'update.observium.org')) { $request = preg_replace('/&stats=.+/', '&stats=***', $request); } print_message($debug_msg . PHP_EOL . 'REQUEST STATUS[' . $head['code'] . ' ' . $head['status'] . ']' . PHP_EOL . 'REQUEST RUNTIME[' . ($runtime > 3 ? '%r' : '%g') . round($runtime, 4) . 's%n]', 'console'); if (OBS_DEBUG > 1) { print_message("RESPONSE[\n" . $response . "\n]", 'console', FALSE); print_vars($http_response_header); print_vars($opts); } } // Set OBS_HTTP_REQUEST for skip all other requests if (!defined('OBS_HTTP_REQUEST')) { if ($response === FALSE && empty($http_response_header)) { $GLOBALS['response_headers'] = array('code' => '408', 'status' => 'Request Timeout'); // Timeout error, only if not received responce headers define('OBS_HTTP_REQUEST', FALSE); print_debug(__FUNCTION__ . '() exit with timeout. Access to outside localnet is blocked by firewall or network problems. Check proxy settings.'); logfile(__FUNCTION__ . '() exit with timeout. Access to outside localnet is blocked by firewall or network problems. Check proxy settings.'); } else { define('OBS_HTTP_REQUEST', TRUE); } } // FIXME. what if first request fine, but second broken? //else if ($response === FALSE) //{ // if (function_exists('runkit_constant_redefine')) { runkit_constant_redefine('OBS_HTTP_REQUEST', FALSE); } //} return $response; }
} // Get age from command line if (isset($options['A'])) { $age = age_to_seconds($options['A']); if ($age) { foreach ($modules as $module) { if ($module == 'ports') { $module = 'deleted_ports'; } $config['housekeeping'][$module]['age'] = $age; } } else { print_debug("Invalid age specified '" . $options['A'] . "', skipped."); } unset($age, $module); } if (!count($modules)) { print_message("%n\nUSAGE:\n{$scriptname} [-Vyaselrptdbu] [-A <age>]\n\nNOTE, by default {$scriptname} asks 'Are you sure want to delete (y/N)?'.\n To assume 'yes' as answer to all prompts and run non-interactively,\n add '-y' in command line.\n Not necessary when run from cron (determined automatically).\n\nOPTIONS:\n -V Show version and exit.\n -y Automatically answer 'yes' to prompts\n -a Maintain all modules as specified below.\n -s Clean up syslog\n -e Clean up event log\n -l Clean up alert log\n -u Clean up auth log\n -r Clean up unused RRD files\n -p Clean up deleted ports\n -t Clean up timing data (discovery and poll times)\n -b Clean up stale database entries\n -A <age> Specifies maximum age for all modules (overrides configuration)\n\nDEBUGGING OPTIONS:\n -d Enable debugging output.\n -dd More verbose debugging output.\n\nEXAMPLES:\n {$scriptname} -a Clean up by all modules interactively (with prompts!)\n {$scriptname} -ya Clean up by all modules without prompts\n\n%rInvalid arguments!%n", 'color', FALSE); exit; } else { foreach ($modules as $module) { if (is_file($config['install_dir'] . "/includes/housekeeping/{$module}.inc.php")) { include $config['install_dir'] . "/includes/housekeeping/{$module}.inc.php"; set_obs_attrib("housekeeping_lastrun_{$module}", time()); } else { print_warning("Housekeeping module not found: {$module}"); } } set_obs_attrib("housekeeping_lastrun", time()); } // EOF