ADD: script to update agent table in ossec database

This commit is contained in:
Dominik Meyer 2019-12-20 12:43:34 +01:00
parent 07bc45ec8d
commit 05ed5692c8
No known key found for this signature in database
GPG Key ID: B4C312B600606B64
1 changed files with 59 additions and 0 deletions

View File

@ -0,0 +1,59 @@
#!/usr/bin/env perl
#ABSTRACT: script to update the agents within the mysql database
#PODNAME: ossec-update-agents-database.pl
use strict;
use warnings;
use File::Basename;
use OSSEC;
use XML::LibXML;
use Try::Tiny;
my $ossec = OSSEC->new();
my $mysql = $ossec->mysql();
# clear rules from database
$mysql->deleteAllAgents();
my $help = readpipe($ossec->ossecPath()."/bin/agent_control -l");
my @lines = split /\n/, $help;
for my $l (@lines)
{
if ($l =~ /^\s*ID:\s(\d+)/)
{
my $help = readpipe($ossec->ossecPath()."/bin/agent_control -i $1");
my @lines = split /\n/, $help;
my $name;
my $ip;
my $version;
my $information;
for my $l2 (@lines)
{
if ($l2 =~ /Name:\s+(\S+)/)
{
$name = $1;
}
if ($l2 =~ /IP.*:\s+(\S+)/)
{
$ip = $1;
}
if ($l2 =~ /version:\s+OSSEC\sHIDS\sv(\S+)/)
{
$version = $1;
}
if ($l2 =~ /system:\s+(.*)$/)
{
$information=$1;
}
}
$mysql->addAgent("1", 0, $ip, $version,$name, $information );
}
}