void
sim_db_update_host_properties (SimDatabase *database,
SimUuid *context_id,
SimUuid *sensor_id,
SimIdmEntry *entry,
SimIdmEntryChanges *changes,
gboolean is_ip_update)
{
gchar *query;
gchar *values;
gchar *property, *e_property;
const gchar *host_id_str;
const gchar *ip_str;
host_id_str = sim_uuid_get_db_string (sim_idm_entry_get_host_id (entry));
ip_str = sim_inet_get_db_string (sim_idm_entry_get_ip (entry));
// 'host' and 'host_sensor_reference' table
if (changes->host_id)
{
query = g_strdup_printf ("INSERT IGNORE INTO host (id, ctx, asset, threshold_c, threshold_a) VALUES (%s, %s, %d, %d, %d)", host_id_str, sim_uuid_get_db_string (context_id), 2, 30, 30);
sim_database_execute_no_query (database, query);
g_free (query);
query = g_strdup_printf ("INSERT IGNORE INTO host_sensor_reference (host_id, sensor_id) VALUES (%s, %s)", host_id_str, sim_uuid_get_db_string (sensor_id));
sim_database_execute_no_query (database, query);
g_free (query);
}
if (changes->hostname)
{
query = g_strdup_printf ("UPDATE host SET hostname = '%s' WHERE id = %s AND ctx = %s", sim_idm_entry_get_hostname (entry), host_id_str, sim_uuid_get_db_string (context_id));
sim_database_execute_no_query (database, query);
g_free (query);
}
if (changes->fqdns)
{
query = g_strdup_printf ("UPDATE host SET fqdns = '%s' WHERE id = %s AND ctx = %s", sim_idm_entry_get_fqdns (entry), host_id_str, sim_uuid_get_db_string (context_id));
sim_database_execute_no_query (database, query);
g_free (query);
}
query = NULL;
// 'host_ip' table
if (changes->ip || changes->mac)
{
const gchar *mac_text;
gchar *mac_bin;
mac_text = sim_idm_entry_get_mac (entry);
if (is_ip_update)
{
if (mac_text)
{
mac_bin = sim_mac_to_db_string (mac_text);
query = g_strdup_printf ("UPDATE host_ip SET ip=%s, mac=%s "
"WHERE host_id = %s",
ip_str,
mac_bin,
host_id_str);
g_free (mac_bin);
}
else
{
query = g_strdup_printf ("UPDATE host_ip SET ip=%s "
"WHERE host_id = %s",
ip_str,
host_id_str);
}
}
else
{
if (mac_text)
{
mac_bin = sim_mac_to_db_string (mac_text);
query = g_strdup_printf ("REPLACE host_ip (host_id, ip, mac) VALUES (%s, %s, %s)", host_id_str, ip_str, mac_bin);
g_free (mac_bin);
}
else
{
query = g_strdup_printf ("REPLACE host_ip (host_id, ip) VALUES (%s, %s)", host_id_str, ip_str);
}
}
}
if (query)
{
sim_database_execute_no_query (database, query);
g_free (query);
}
// 'host_properties' table
if (changes->username)
{
property = (gchar *)sim_idm_entry_get_username (entry);
/* Delete old usernames */
query = g_strdup_printf ("DELETE FROM host_properties WHERE host_id = %s AND property_ref = %d", host_id_str, SIM_HOST_PROP_USERNAME);
sim_database_execute_no_query (database, query);
g_free (query);
if (property != NULL && strlen(property) > 0)
{
/* Here, I need to SPLIT the user name. I need a row for each one */
gchar **usernames = NULL;
gchar **username_loop= NULL;
usernames = username_loop = g_strsplit (property, ",", -1);
while (*username_loop)
{
e_property = sim_database_str_escape (database, *username_loop, 0);
query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%s')", host_id_str, SIM_HOST_PROP_USERNAME, sim_idm_entry_get_source_id (entry), e_property);
sim_database_execute_no_query (database, query);
g_free (query);
g_free (e_property);
username_loop++;
}
g_strfreev (usernames);
}
}
if (changes->os)
{
//ENG-99163 We cannot use replace here, becuase value is part of the primary key.
// We only should allow one os per host_id.
// At this point we know that the revelance of the property>=old property relevance.
e_property = sim_database_str_escape (database, sim_idm_entry_get_os (entry), 0);
query = g_strdup_printf ("DELETE FROM host_properties WHERE host_id = %s and property_ref=%d", host_id_str, SIM_HOST_PROP_OS);
sim_database_execute_no_query (database, query);
g_free (query);
query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%s')", host_id_str, SIM_HOST_PROP_OS, sim_idm_entry_get_source_id (entry), e_property);
sim_database_execute_no_query (database, query);
g_free (query);
g_free (e_property);
}
if (changes->cpu)
{
e_property = sim_database_str_escape (database, sim_idm_entry_get_cpu (entry), 0);
query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%s')", host_id_str, SIM_HOST_PROP_CPU, sim_idm_entry_get_source_id (entry), e_property);
sim_database_execute_no_query (database, query);
g_free (query);
g_free (e_property);
}
if (changes->memory)
{
query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%d')", host_id_str, SIM_HOST_PROP_MEMORY, sim_idm_entry_get_source_id (entry), sim_idm_entry_get_memory (entry));
sim_database_execute_no_query (database, query);
g_free (query);
}
if (changes->video)
{
e_property = sim_database_str_escape (database, sim_idm_entry_get_video (entry), 0);
query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%s')", host_id_str, SIM_HOST_PROP_VIDEO, sim_idm_entry_get_source_id (entry), e_property);
sim_database_execute_no_query (database, query);
g_free (query);
g_free (e_property);
}
if (changes->state)
{
e_property = sim_database_str_escape (database, sim_idm_entry_get_state(entry), 0);
query = g_strdup_printf ("REPLACE host_properties (host_id, property_ref, source_id, value) VALUES (%s, %d, %d, '%s')", host_id_str, SIM_HOST_PROP_STATE, sim_idm_entry_get_source_id (entry), e_property);
sim_database_execute_no_query (database, query);
g_free (query);
g_free (e_property);
}
// 'host_services' table
if (changes->service)
{
#if 0
// Currently disabled
query = g_strdup_printf ("DELETE FROM host_services WHERE host_id = %s AND nagios = 0", host_id_str);
sim_database_execute_no_query (database, query);
g_free (query);
#endif
values = sim_idm_entry_service_get_string_db_insert (entry, database);
if (values)
{
query = g_strdup_printf ("INSERT INTO host_services (host_id, host_ip, port, protocol, service, version, source_id) VALUES %s ON DUPLICATE KEY UPDATE service = VALUES(service), source_id = VALUES(source_id)", values);
sim_database_execute_no_query (database, query);
g_free (query);
g_free (values);
}
}
// 'host_software' table
if (changes->software)
{
values = sim_idm_entry_software_get_string_db_insert (entry, database);
if (values)
{
query = g_strdup_printf ("INSERT INTO host_software (host_id, cpe, banner, source_id) VALUES %s ON DUPLICATE KEY UPDATE banner = VALUES(banner), source_id = VALUES(source_id)", values);
sim_database_execute_no_query (database, query);
g_free (query);
g_free (values);
}
}
// Specific code for the web interface
if (changes->ip)
{
// These queries mitigate performance problems with many hosts/nets.
// Probably could be resolved with radix trees in the web
if (is_ip_update)
{
query = g_strdup_printf ("DELETE FROM host_net_reference WHERE host_id = %s",
host_id_str);
sim_database_execute_no_query (database, query);
g_free (query);
}
query = g_strdup_printf ("REPLACE INTO host_net_reference SELECT host.id, net_id FROM host, host_ip, net_cidrs "
"WHERE host.id = host_ip.host_id AND host_ip.ip >= net_cidrs.begin AND host_ip.ip <= net_cidrs.end AND host_id = %s",
host_id_str);
sim_database_execute_no_query (database, query);
g_free (query);
}
if (changes->ip || changes->username || changes->hostname || changes->mac || changes->os || changes->cpu || changes->memory || changes->video || changes->service || changes->software || changes->state)
{
// This query is exclusively used to notify the web server about changes on hosts/nets
//
// This could be executed in fewer cases by not caching some asset trees on the web
sim_database_execute_no_query (database, "REPLACE INTO config (conf, value) VALUES ('latest_asset_change', utc_timestamp())");
}
// Specific code for the web interface
}
void
sim_event_enrich_idm (SimEvent *event)
{
SimIdmEntry *entry;
// IDM queries only if the IDM info is empty, usefull for not overwriting forwarded events
if (!event->src_username && !event->src_hostname && !event->src_mac && !event->src_id)
{
entry = sim_idm_get (sim_context_get_id (event->context), event->src_ia);
if (entry)
{
const gchar *value;
value = sim_idm_entry_get_username (entry);
if (value)
{
event->src_username_raw = g_strdup (value);
event->src_username = sim_command_idm_event_parse_username (value);
}
value = sim_idm_entry_get_hostname (entry);
if (value)
event->src_hostname = g_strdup(value);
value = sim_idm_entry_get_mac(entry);
if (value)
event->src_mac = g_strdup(value);
event->src_id = g_object_ref (sim_idm_entry_get_host_id (entry));
g_object_unref (entry);
}
}
if (!event->dst_username && !event->dst_hostname && !event->dst_mac && !event->dst_id)
{
entry = sim_idm_get (sim_context_get_id (event->context), event->dst_ia);
if (entry)
{
const gchar *value;
value = sim_idm_entry_get_username (entry);
if (value)
{
event->dst_username_raw = g_strdup (value);
event->dst_username = sim_command_idm_event_parse_username (value);
}
value = sim_idm_entry_get_hostname (entry);
if (value)
event->dst_hostname = g_strdup(value);
value = sim_idm_entry_get_mac(entry);
if (value)
event->dst_mac = g_strdup(value);
event->dst_id = g_object_ref (sim_idm_entry_get_host_id (entry));
g_object_unref (entry);
}
}
}
