void sim_db_update_host_properties (SimDatabase *database, SimUuid *context_id, SimUuid *sensor_id, SimIdmEntry *entry, SimIdmEntryChanges *changes, gboolean is_ip_update) { gchar *query; gchar *values; gchar *property, *e_property; const gchar *host_id_str; const gchar *ip_str; host_id_str = sim_uuid_get_db_string (sim_idm_entry_get_host_id (entry)); ip_str = sim_inet_get_db_string (sim_idm_entry_get_ip (entry)); // 'host' and 'host_sensor_reference' table if (changes->host_id) { query = g_strdup_printf ("INSERT IGNORE INTO host (id, ctx, asset, threshold_c, threshold_a) VALUES (%s, %s, %d, %d, %d)", host_id_str, sim_uuid_get_db_string (context_id), 2, 30, 30); sim_database_execute_no_query (database, query); g_free (query); query = g_strdup_printf ("INSERT IGNORE INTO host_sensor_reference (host_id, sensor_id) VALUES (%s, %s)", host_id_str, sim_uuid_get_db_string (sensor_id)); sim_database_execute_no_query (database, query); g_free (query); } if (changes->hostname) { query = g_strdup_printf ("UPDATE host SET hostname = '%s' WHERE id = %s AND ctx = %s", sim_idm_entry_get_hostname (entry), host_id_str, sim_uuid_get_db_string (context_id)); sim_database_execute_no_query (database, query); g_free (query); } if (changes->fqdns) { query = g_strdup_printf ("UPDATE host SET fqdns = '%s' WHERE id = %s AND ctx = %s", sim_idm_entry_get_fqdns (entry), host_id_str, sim_uuid_get_db_string (context_id)); sim_database_execute_no_query (database, query); g_free (query); } query = NULL; // 'host_ip' table if (changes->ip || changes->mac) { const gchar *mac_text; gchar *mac_bin; mac_text = sim_idm_entry_get_mac (entry); if (is_ip_update) { if (mac_text) { mac_bin = sim_mac_to_db_string (mac_text); query = g_strdup_printf ("UPDATE host_ip SET ip=%s, mac=%s " "WHERE host_id = %s", ip_str, mac_bin, host_id_str); g_free (mac_bin); } else { query = g_strdup_printf ("UPDATE host_ip SET ip=%s " "WHERE host_id = %s", ip_str, host_id_str); } } else { if (mac_text) { mac_bin = sim_mac_to_db_string (mac_text); query = g_strdup_printf ("REPLACE host_ip (host_id, ip, mac) VALUES (%s, %s, %s)", host_id_str, ip_str, mac_bin); g_free (mac_bin); } else { query = g_strdup_printf ("REPLACE host_ip (host_id, ip) VALUES (%s, %s)", host_id_str, ip_str); } } } if (query) { sim_database_execute_no_query (database, query); g_free (query); } // 'host_properties' table if (changes->username) { property = (gchar *)sim_idm_entry_get_username (entry); /* Delete old usernames */ query = g_strdup_printf ("DELETE FROM host_properties WHERE host_id = %s AND property_ref = %d", host_id_str, SIM_HOST_PROP_USERNAME); sim_database_execute_no_query (database, query); g_free (query); if (property != NULL && strlen(property) > 0) { /* Here, I need to SPLIT the user name. I need a row for each one */ gchar **usernames = NULL; gchar **username_loop= NULL; usernames = username_loop = g_strsplit (property, ",", -1); while (*username_loop) { e_property = sim_database_str_escape (database, *username_loop, 0); query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%s')", host_id_str, SIM_HOST_PROP_USERNAME, sim_idm_entry_get_source_id (entry), e_property); sim_database_execute_no_query (database, query); g_free (query); g_free (e_property); username_loop++; } g_strfreev (usernames); } } if (changes->os) { //ENG-99163 We cannot use replace here, becuase value is part of the primary key. // We only should allow one os per host_id. // At this point we know that the revelance of the property>=old property relevance. e_property = sim_database_str_escape (database, sim_idm_entry_get_os (entry), 0); query = g_strdup_printf ("DELETE FROM host_properties WHERE host_id = %s and property_ref=%d", host_id_str, SIM_HOST_PROP_OS); sim_database_execute_no_query (database, query); g_free (query); query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%s')", host_id_str, SIM_HOST_PROP_OS, sim_idm_entry_get_source_id (entry), e_property); sim_database_execute_no_query (database, query); g_free (query); g_free (e_property); } if (changes->cpu) { e_property = sim_database_str_escape (database, sim_idm_entry_get_cpu (entry), 0); query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%s')", host_id_str, SIM_HOST_PROP_CPU, sim_idm_entry_get_source_id (entry), e_property); sim_database_execute_no_query (database, query); g_free (query); g_free (e_property); } if (changes->memory) { query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%d')", host_id_str, SIM_HOST_PROP_MEMORY, sim_idm_entry_get_source_id (entry), sim_idm_entry_get_memory (entry)); sim_database_execute_no_query (database, query); g_free (query); } if (changes->video) { e_property = sim_database_str_escape (database, sim_idm_entry_get_video (entry), 0); query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%s')", host_id_str, SIM_HOST_PROP_VIDEO, sim_idm_entry_get_source_id (entry), e_property); sim_database_execute_no_query (database, query); g_free (query); g_free (e_property); } if (changes->state) { e_property = sim_database_str_escape (database, sim_idm_entry_get_state(entry), 0); query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%s')", host_id_str, SIM_HOST_PROP_STATE, sim_idm_entry_get_source_id (entry), e_property); sim_database_execute_no_query (database, query); g_free (query); g_free (e_property); } // 'host_services' table if (changes->service) { #if 0 // Currently disabled query = g_strdup_printf ("DELETE FROM host_services WHERE host_id = %s AND nagios = 0", host_id_str); sim_database_execute_no_query (database, query); g_free (query); #endif values = sim_idm_entry_service_get_string_db_insert (entry, database); if (values) { query = g_strdup_printf ("INSERT INTO host_services (host_id, host_ip, port, protocol, service, version, source_id) VALUES %s ON DUPLICATE KEY UPDATE service = VALUES(service), source_id = VALUES(source_id)", values); sim_database_execute_no_query (database, query); g_free (query); g_free (values); } } // 'host_software' table if (changes->software) { values = sim_idm_entry_software_get_string_db_insert (entry, database); if (values) { query = g_strdup_printf ("INSERT INTO host_software (host_id, cpe, banner, source_id) VALUES %s ON DUPLICATE KEY UPDATE banner = VALUES(banner), source_id = VALUES(source_id)", values); sim_database_execute_no_query (database, query); g_free (query); g_free (values); } } // Specific code for the web interface if (changes->ip) { // These queries mitigate performance problems with many hosts/nets. // Probably could be resolved with radix trees in the web if (is_ip_update) { query = g_strdup_printf ("DELETE FROM host_net_reference WHERE host_id = %s", host_id_str); sim_database_execute_no_query (database, query); g_free (query); } query = g_strdup_printf ("REPLACE INTO host_net_reference SELECT host.id, net_id FROM host, host_ip, net_cidrs " "WHERE host.id = host_ip.host_id AND host_ip.ip >= net_cidrs.begin AND host_ip.ip <= net_cidrs.end AND host_id = %s", host_id_str); sim_database_execute_no_query (database, query); g_free (query); } if (changes->ip || changes->username || changes->hostname || changes->mac || changes->os || changes->cpu || changes->memory || changes->video || changes->service || changes->software || changes->state) { // This query is exclusively used to notify the web server about changes on hosts/nets // // This could be executed in fewer cases by not caching some asset trees on the web sim_database_execute_no_query (database, "REPLACE INTO config (conf, value) VALUES ('latest_asset_change', utc_timestamp())"); } // Specific code for the web interface }
void sim_event_enrich_idm (SimEvent *event) { SimIdmEntry *entry; // IDM queries only if the IDM info is empty, usefull for not overwriting forwarded events if (!event->src_username && !event->src_hostname && !event->src_mac && !event->src_id) { entry = sim_idm_get (sim_context_get_id (event->context), event->src_ia); if (entry) { const gchar *value; value = sim_idm_entry_get_username (entry); if (value) { event->src_username_raw = g_strdup (value); event->src_username = sim_command_idm_event_parse_username (value); } value = sim_idm_entry_get_hostname (entry); if (value) event->src_hostname = g_strdup(value); value = sim_idm_entry_get_mac(entry); if (value) event->src_mac = g_strdup(value); event->src_id = g_object_ref (sim_idm_entry_get_host_id (entry)); g_object_unref (entry); } } if (!event->dst_username && !event->dst_hostname && !event->dst_mac && !event->dst_id) { entry = sim_idm_get (sim_context_get_id (event->context), event->dst_ia); if (entry) { const gchar *value; value = sim_idm_entry_get_username (entry); if (value) { event->dst_username_raw = g_strdup (value); event->dst_username = sim_command_idm_event_parse_username (value); } value = sim_idm_entry_get_hostname (entry); if (value) event->dst_hostname = g_strdup(value); value = sim_idm_entry_get_mac(entry); if (value) event->dst_mac = g_strdup(value); event->dst_id = g_object_ref (sim_idm_entry_get_host_id (entry)); g_object_unref (entry); } } }