queryOrDie($query, "Erreur lors de l'installation du plugin SIEM-Wazuh : " . $DB->error()); } } // Création des droits par défaut plugin_siem_wazuh_create_default_rights(); // Création de la tâche cron plugin_siem_wazuh_create_cron_tasks(); // Configuration par défaut plugin_siem_wazuh_create_default_config(); return true; } /** * Plugin uninstall process * * @return boolean */ function plugin_siem_wazuh_uninstall() { global $DB; // Lecture du fichier SQL de désinstallation $sql_file = GLPI_ROOT . "/plugins/siem-wazuh/sql/uninstall.sql"; if (file_exists($sql_file)) { $sql_content = file_get_contents($sql_file); $queries = explode(';', $sql_content); foreach ($queries as $query) { $query = trim($query); if (!empty($query)) { $DB->queryOrDie($query, "Erreur lors de la désinstallation du plugin SIEM-Wazuh : " . $DB->error()); } } } // Suppression des tâches cron plugin_siem_wazuh_remove_cron_tasks(); // Suppression des droits plugin_siem_wazuh_remove_rights(); return true; } /** * Plugin update process * * @param string $current_version * @return boolean */ function plugin_siem_wazuh_update($current_version) { global $DB; // Mise à jour de la version 1.0.0 if (version_compare($current_version, '1.0.0', '<')) { // Ajout de nouvelles colonnes si nécessaire $migration = new Migration(PLUGIN_SIEM_WAZUH_VERSION); // Exemple de migration if (!$DB->fieldExists('glpi_plugin_siem_wazuh_servers', 'ticket_category')) { $migration->addField('glpi_plugin_siem_wazuh_servers', 'ticket_category', 'int(11) DEFAULT NULL'); } $migration->executeMigration(); } return true; } /** * Create default rights */ function plugin_siem_wazuh_create_default_rights() { global $DB; $rights = [ 'plugin_siem_wazuh_config' => ['name' => __('SIEM Wazuh Configuration', 'siem-wazuh')], 'plugin_siem_wazuh_server' => ['name' => __('Wazuh Servers', 'siem-wazuh')], 'plugin_siem_wazuh_alert' => ['name' => __('Wazuh Alerts', 'siem-wazuh')] ]; foreach ($rights as $right => $data) { // Ajout du droit s'il n'existe pas $query = "SELECT id FROM glpi_profilerights WHERE name = '$right'"; $result = $DB->query($query); if ($DB->numrows($result) == 0) { $query = "INSERT INTO glpi_profilerights (profiles_id, name, rights) SELECT id, '$right', '0' FROM glpi_profiles"; $DB->query($query); // Attribution des droits au profil Super-Admin $query = "UPDATE glpi_profilerights SET rights = '" . (READ | UPDATE | CREATE | DELETE | PURGE) . "' WHERE name = '$right' AND profiles_id IN ( SELECT id FROM glpi_profiles WHERE name = 'Super-Admin' )"; $DB->query($query); } } } /** * Remove rights */ function plugin_siem_wazuh_remove_rights() { global $DB; $rights = [ 'plugin_siem_wazuh_config', 'plugin_siem_wazuh_server', 'plugin_siem_wazuh_alert' ]; foreach ($rights as $right) { $query = "DELETE FROM glpi_profilerights WHERE name = '$right'"; $DB->query($query); } } /** * Create cron tasks */ function plugin_siem_wazuh_create_cron_tasks() { CronTask::Register('PluginSiemWazuhAlert', 'sync_alerts', 5 * MINUTE_TIMESTAMP, [ 'comment' => __('Synchronize Wazuh alerts', 'siem-wazuh'), 'mode' => CronTask::MODE_EXTERNAL ]); CronTask::Register('PluginSiemWazuhAlert', 'cleanup_old_alerts', DAY_TIMESTAMP, [ 'comment' => __('Cleanup old alerts', 'siem-wazuh'), 'mode' => CronTask::MODE_EXTERNAL ]); } /** * Remove cron tasks */ function plugin_siem_wazuh_remove_cron_tasks() { global $DB; $query = "DELETE FROM glpi_crontasks WHERE itemtype LIKE 'PluginSiemWazuh%'"; $DB->query($query); } /** * Create default configuration */ function plugin_siem_wazuh_create_default_config() { $config = new PluginSiemWazuhConfig(); $default_configs = [ 'auto_create_ticket' => '1', 'default_ticket_priority' => '3', 'alert_retention_days' => '90', 'sync_enabled' => '1', 'max_alerts_per_sync' => '100', 'notification_enabled' => '1' ]; foreach ($default_configs as $name => $value) { $config->setConfiguration($name, $value); } } /** * Get database relations */ function plugin_siem_wazuh_getDatabaseRelations() { $plugin_relations = []; $plugin_relations["glpi_plugin_siem_wazuh_alerts"] = [ "glpi_computers" => "computer_id", "glpi_networkequipments" => "networkequipment_id", "glpi_tickets" => "ticket_id" ]; return $plugin_relations; } /** * Define dropdown relations */ function plugin_siem_wazuh_getDropdown() { return [ 'PluginSiemWazuhServer' => __('Wazuh Servers', 'siem-wazuh') ]; } /** * Hook for profile changes */ function plugin_siem_wazuh_profile_form($prof) { global $DB; if ($prof->getID() && Session::haveRight("profile", READ)) { $prof_id = $prof->getID(); $query = "SELECT * FROM glpi_plugin_siem_wazuh_profiles WHERE profiles_id = '$prof_id'"; $result = $DB->query($query); if ($DB->numrows($result)) { $rights = $DB->fetchAssoc($result); } else { $rights = [ 'wazuh_config' => '', 'wazuh_server' => '', 'wazuh_alert' => '' ]; } echo "
"; echo ""; echo ""; echo ""; echo ""; $right_names = [ 'wazuh_config' => __('Configuration', 'siem-wazuh'), 'wazuh_server' => __('Servers', 'siem-wazuh'), 'wazuh_alert' => __('Alerts', 'siem-wazuh') ]; foreach ($right_names as $field => $label) { echo ""; echo ""; echo ""; echo ""; } echo "
" . __('SIEM Wazuh Rights', 'siem-wazuh') . "
$label"; Profile::dropdownNoneReadWrite($field, $rights[$field], 1, 1, 1); echo "
"; echo "
"; } } /** * Save profile rights */ function plugin_siem_wazuh_profile_save($prof) { global $DB; $prof_id = $prof->getID(); if (isset($_POST['wazuh_config']) || isset($_POST['wazuh_server']) || isset($_POST['wazuh_alert'])) { $query = "REPLACE INTO glpi_plugin_siem_wazuh_profiles (profiles_id, wazuh_config, wazuh_server, wazuh_alert) VALUES ('$prof_id', '" . $_POST['wazuh_config'] . "', '" . $_POST['wazuh_server'] . "', '" . $_POST['wazuh_alert'] . "')"; $DB->query($query); } }