first sync
This commit is contained in:
287
hook.php
Normal file
287
hook.php
Normal file
@@ -0,0 +1,287 @@
|
||||
<?php
|
||||
/*
|
||||
* Plugin SIEM-Wazuh pour GLPI
|
||||
* Hook file for installation/uninstallation
|
||||
*/
|
||||
|
||||
/**
|
||||
* Plugin install process
|
||||
*
|
||||
* @return boolean
|
||||
*/
|
||||
function plugin_siem_wazuh_install() {
|
||||
global $DB;
|
||||
|
||||
$version = plugin_version_siem_wazuh();
|
||||
|
||||
// Lecture du fichier SQL d'installation
|
||||
$sql_file = GLPI_ROOT . "/plugins/siem-wazuh/sql/install.sql";
|
||||
|
||||
if (!file_exists($sql_file)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$sql_content = file_get_contents($sql_file);
|
||||
$queries = explode(';', $sql_content);
|
||||
|
||||
foreach ($queries as $query) {
|
||||
$query = trim($query);
|
||||
if (!empty($query)) {
|
||||
$DB->queryOrDie($query, "Erreur lors de l'installation du plugin SIEM-Wazuh : " . $DB->error());
|
||||
}
|
||||
}
|
||||
|
||||
// Création des droits par défaut
|
||||
plugin_siem_wazuh_create_default_rights();
|
||||
|
||||
// Création de la tâche cron
|
||||
plugin_siem_wazuh_create_cron_tasks();
|
||||
|
||||
// Configuration par défaut
|
||||
plugin_siem_wazuh_create_default_config();
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Plugin uninstall process
|
||||
*
|
||||
* @return boolean
|
||||
*/
|
||||
function plugin_siem_wazuh_uninstall() {
|
||||
global $DB;
|
||||
|
||||
// Lecture du fichier SQL de désinstallation
|
||||
$sql_file = GLPI_ROOT . "/plugins/siem-wazuh/sql/uninstall.sql";
|
||||
|
||||
if (file_exists($sql_file)) {
|
||||
$sql_content = file_get_contents($sql_file);
|
||||
$queries = explode(';', $sql_content);
|
||||
|
||||
foreach ($queries as $query) {
|
||||
$query = trim($query);
|
||||
if (!empty($query)) {
|
||||
$DB->queryOrDie($query, "Erreur lors de la désinstallation du plugin SIEM-Wazuh : " . $DB->error());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Suppression des tâches cron
|
||||
plugin_siem_wazuh_remove_cron_tasks();
|
||||
|
||||
// Suppression des droits
|
||||
plugin_siem_wazuh_remove_rights();
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Plugin update process
|
||||
*
|
||||
* @param string $current_version
|
||||
* @return boolean
|
||||
*/
|
||||
function plugin_siem_wazuh_update($current_version) {
|
||||
global $DB;
|
||||
|
||||
// Mise à jour de la version 1.0.0
|
||||
if (version_compare($current_version, '1.0.0', '<')) {
|
||||
// Ajout de nouvelles colonnes si nécessaire
|
||||
$migration = new Migration(PLUGIN_SIEM_WAZUH_VERSION);
|
||||
|
||||
// Exemple de migration
|
||||
if (!$DB->fieldExists('glpi_plugin_siem_wazuh_servers', 'ticket_category')) {
|
||||
$migration->addField('glpi_plugin_siem_wazuh_servers', 'ticket_category', 'int(11) DEFAULT NULL');
|
||||
}
|
||||
|
||||
$migration->executeMigration();
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create default rights
|
||||
*/
|
||||
function plugin_siem_wazuh_create_default_rights() {
|
||||
global $DB;
|
||||
|
||||
$rights = [
|
||||
'plugin_siem_wazuh_config' => ['name' => __('SIEM Wazuh Configuration', 'siem-wazuh')],
|
||||
'plugin_siem_wazuh_server' => ['name' => __('Wazuh Servers', 'siem-wazuh')],
|
||||
'plugin_siem_wazuh_alert' => ['name' => __('Wazuh Alerts', 'siem-wazuh')]
|
||||
];
|
||||
|
||||
foreach ($rights as $right => $data) {
|
||||
// Ajout du droit s'il n'existe pas
|
||||
$query = "SELECT id FROM glpi_profilerights WHERE name = '$right'";
|
||||
$result = $DB->query($query);
|
||||
|
||||
if ($DB->numrows($result) == 0) {
|
||||
$query = "INSERT INTO glpi_profilerights (profiles_id, name, rights)
|
||||
SELECT id, '$right', '0' FROM glpi_profiles";
|
||||
$DB->query($query);
|
||||
|
||||
// Attribution des droits au profil Super-Admin
|
||||
$query = "UPDATE glpi_profilerights SET rights = '" . (READ | UPDATE | CREATE | DELETE | PURGE) . "'
|
||||
WHERE name = '$right' AND profiles_id IN (
|
||||
SELECT id FROM glpi_profiles WHERE name = 'Super-Admin'
|
||||
)";
|
||||
$DB->query($query);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove rights
|
||||
*/
|
||||
function plugin_siem_wazuh_remove_rights() {
|
||||
global $DB;
|
||||
|
||||
$rights = [
|
||||
'plugin_siem_wazuh_config',
|
||||
'plugin_siem_wazuh_server',
|
||||
'plugin_siem_wazuh_alert'
|
||||
];
|
||||
|
||||
foreach ($rights as $right) {
|
||||
$query = "DELETE FROM glpi_profilerights WHERE name = '$right'";
|
||||
$DB->query($query);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Create cron tasks
|
||||
*/
|
||||
function plugin_siem_wazuh_create_cron_tasks() {
|
||||
CronTask::Register('PluginSiemWazuhAlert', 'sync_alerts', 5 * MINUTE_TIMESTAMP, [
|
||||
'comment' => __('Synchronize Wazuh alerts', 'siem-wazuh'),
|
||||
'mode' => CronTask::MODE_EXTERNAL
|
||||
]);
|
||||
|
||||
CronTask::Register('PluginSiemWazuhAlert', 'cleanup_old_alerts', DAY_TIMESTAMP, [
|
||||
'comment' => __('Cleanup old alerts', 'siem-wazuh'),
|
||||
'mode' => CronTask::MODE_EXTERNAL
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove cron tasks
|
||||
*/
|
||||
function plugin_siem_wazuh_remove_cron_tasks() {
|
||||
global $DB;
|
||||
|
||||
$query = "DELETE FROM glpi_crontasks WHERE itemtype LIKE 'PluginSiemWazuh%'";
|
||||
$DB->query($query);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create default configuration
|
||||
*/
|
||||
function plugin_siem_wazuh_create_default_config() {
|
||||
$config = new PluginSiemWazuhConfig();
|
||||
|
||||
$default_configs = [
|
||||
'auto_create_ticket' => '1',
|
||||
'default_ticket_priority' => '3',
|
||||
'alert_retention_days' => '90',
|
||||
'sync_enabled' => '1',
|
||||
'max_alerts_per_sync' => '100',
|
||||
'notification_enabled' => '1'
|
||||
];
|
||||
|
||||
foreach ($default_configs as $name => $value) {
|
||||
$config->setConfiguration($name, $value);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get database relations
|
||||
*/
|
||||
function plugin_siem_wazuh_getDatabaseRelations() {
|
||||
$plugin_relations = [];
|
||||
|
||||
$plugin_relations["glpi_plugin_siem_wazuh_alerts"] = [
|
||||
"glpi_computers" => "computer_id",
|
||||
"glpi_networkequipments" => "networkequipment_id",
|
||||
"glpi_tickets" => "ticket_id"
|
||||
];
|
||||
|
||||
return $plugin_relations;
|
||||
}
|
||||
|
||||
/**
|
||||
* Define dropdown relations
|
||||
*/
|
||||
function plugin_siem_wazuh_getDropdown() {
|
||||
return [
|
||||
'PluginSiemWazuhServer' => __('Wazuh Servers', 'siem-wazuh')
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* Hook for profile changes
|
||||
*/
|
||||
function plugin_siem_wazuh_profile_form($prof) {
|
||||
global $DB;
|
||||
|
||||
if ($prof->getID()
|
||||
&& Session::haveRight("profile", READ)) {
|
||||
|
||||
$prof_id = $prof->getID();
|
||||
|
||||
$query = "SELECT * FROM glpi_plugin_siem_wazuh_profiles WHERE profiles_id = '$prof_id'";
|
||||
$result = $DB->query($query);
|
||||
|
||||
if ($DB->numrows($result)) {
|
||||
$rights = $DB->fetchAssoc($result);
|
||||
} else {
|
||||
$rights = [
|
||||
'wazuh_config' => '',
|
||||
'wazuh_server' => '',
|
||||
'wazuh_alert' => ''
|
||||
];
|
||||
}
|
||||
|
||||
echo "<div class='spaced-form'>";
|
||||
echo "<table class='tab_cadre_fixehov'>";
|
||||
echo "<tr class='tab_bg_1'>";
|
||||
echo "<th colspan='2'>" . __('SIEM Wazuh Rights', 'siem-wazuh') . "</th>";
|
||||
echo "</tr>";
|
||||
|
||||
$right_names = [
|
||||
'wazuh_config' => __('Configuration', 'siem-wazuh'),
|
||||
'wazuh_server' => __('Servers', 'siem-wazuh'),
|
||||
'wazuh_alert' => __('Alerts', 'siem-wazuh')
|
||||
];
|
||||
|
||||
foreach ($right_names as $field => $label) {
|
||||
echo "<tr class='tab_bg_2'>";
|
||||
echo "<td>$label</td>";
|
||||
echo "<td>";
|
||||
Profile::dropdownNoneReadWrite($field, $rights[$field], 1, 1, 1);
|
||||
echo "</td>";
|
||||
echo "</tr>";
|
||||
}
|
||||
|
||||
echo "</table>";
|
||||
echo "</div>";
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Save profile rights
|
||||
*/
|
||||
function plugin_siem_wazuh_profile_save($prof) {
|
||||
global $DB;
|
||||
|
||||
$prof_id = $prof->getID();
|
||||
|
||||
if (isset($_POST['wazuh_config']) || isset($_POST['wazuh_server']) || isset($_POST['wazuh_alert'])) {
|
||||
$query = "REPLACE INTO glpi_plugin_siem_wazuh_profiles
|
||||
(profiles_id, wazuh_config, wazuh_server, wazuh_alert)
|
||||
VALUES ('$prof_id', '" . $_POST['wazuh_config'] . "',
|
||||
'" . $_POST['wazuh_server'] . "', '" . $_POST['wazuh_alert'] . "')";
|
||||
$DB->query($query);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user