Skip to content

Commit 272c4a8

Browse files
mjabascal10mjabascal10
committed
Merge branch 'backlog/add-as400-integration' into release/v11.2.5
# Conflicts: # backend/src/main/java/com/park/utmstack/domain/application_events/enums/ApplicationEventType.java
2 parents f3b6f9e + 7696863 commit 272c4a8

103 files changed

Lines changed: 7059 additions & 891 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

agent/agent/logprocessor.go

Lines changed: 38 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -11,11 +11,23 @@ import (
1111
"github.com/google/uuid"
1212
"github.com/threatwinds/go-sdk/plugins"
1313

14+
<<<<<<<< HEAD:as400/logservice/processor.go
15+
"github.com/utmstack/UTMStack/as400/agent"
16+
"github.com/utmstack/UTMStack/as400/config"
17+
"github.com/utmstack/UTMStack/as400/conn"
18+
"github.com/utmstack/UTMStack/as400/database"
19+
"github.com/utmstack/UTMStack/as400/models"
20+
"github.com/utmstack/UTMStack/as400/utils"
21+
"google.golang.org/grpc/codes"
22+
"google.golang.org/grpc/metadata"
23+
"google.golang.org/grpc/status"
24+
========
1425
"github.com/utmstack/UTMStack/agent/config"
1526
"github.com/utmstack/UTMStack/agent/database"
1627
"github.com/utmstack/UTMStack/agent/models"
1728
"github.com/utmstack/UTMStack/agent/utils"
1829
"github.com/utmstack/UTMStack/shared/fs"
30+
>>>>>>>> origin/v11:agent/agent/logprocessor.go
1931
)
2032

2133
type LogProcessor struct {
@@ -78,6 +90,9 @@ func (l *LogProcessor) ProcessLogs(cnf *config.Config, ctx context.Context) {
7890
}
7991

8092
client := plugins.NewIntegrationClient(connection)
93+
<<<<<<<< HEAD:as400/logservice/processor.go
94+
plClient := createClient(client, ctx, cnf)
95+
========
8196
plClient, err := createClient(client, ctx)
8297
if err != nil {
8398
if errors.Is(err, ErrAgentUninstalled) {
@@ -91,6 +106,7 @@ func (l *LogProcessor) ProcessLogs(cnf *config.Config, ctx context.Context) {
91106
utils.Logger.ErrorF("error creating client: %v", err)
92107
continue
93108
}
109+
>>>>>>>> origin/v11:agent/agent/logprocessor.go
94110
l.connErrWritten = false
95111

96112
// Create context only after successful client creation to avoid leaks
@@ -167,16 +183,8 @@ func (l *LogProcessor) CleanCountedLogs() {
167183
for range ticker.C {
168184
dataRetention, err := GetDataRetention()
169185
if err != nil {
170-
utils.Logger.ErrorF("error getting data retention: %s, creating default retention file", err)
171-
if err := SetDataRetention(""); err != nil {
172-
utils.Logger.ErrorF("error creating default data retention: %s", err)
173-
continue
174-
}
175-
dataRetention, err = GetDataRetention()
176-
if err != nil {
177-
utils.Logger.ErrorF("error reading newly created data retention: %s", err)
178-
continue
179-
}
186+
utils.Logger.ErrorF("error getting data retention: %s", err)
187+
continue
180188
}
181189
_, err = l.db.DeleteOld(&models.Log{}, dataRetention)
182190
if err != nil {
@@ -204,13 +212,32 @@ func (l *LogProcessor) CleanCountedLogs() {
204212
}
205213
}
206214

215+
<<<<<<<< HEAD:as400/logservice/processor.go
216+
func createClient(client plugins.IntegrationClient, ctx context.Context, cnf *config.Config) plugins.Integration_ProcessLogClient {
217+
========
207218
func createClient(client plugins.IntegrationClient, ctx context.Context) (plugins.Integration_ProcessLogClient, error) {
219+
>>>>>>>> origin/v11:agent/agent/logprocessor.go
208220
var connErrMsgWritten bool
209221
invalidKeyCounter := 0
210222
invalidKeyDelay := timeToSleep
211223
maxInvalidKeyDelay := 5 * time.Minute
212224
maxInvalidKeyAttempts := 100 // ~8+ hours with backoff before uninstall
213225
for {
226+
<<<<<<<< HEAD:as400/logservice/processor.go
227+
authCtx := metadata.AppendToOutgoingContext(ctx,
228+
"key", cnf.CollectorKey,
229+
"id", strconv.Itoa(int(cnf.CollectorID)),
230+
"type", "collector")
231+
232+
plClient, err := client.ProcessLog(authCtx)
233+
if err != nil {
234+
if strings.Contains(err.Error(), "invalid agent key") {
235+
invalidKeyCounter++
236+
if invalidKeyCounter >= 20 {
237+
utils.Logger.Info("Uninstalling collector: reason: collector has been removed from the panel...")
238+
_ = agent.UninstallAll()
239+
os.Exit(1)
240+
========
214241
select {
215242
case <-ctx.Done():
216243
return nil, ctx.Err()
@@ -226,6 +253,7 @@ func createClient(client plugins.IntegrationClient, ctx context.Context) (plugin
226253
utils.Logger.ErrorF("uninstalling agent after %d consecutive invalid key errors", maxInvalidKeyAttempts)
227254
_ = UninstallAll()
228255
return nil, ErrAgentUninstalled
256+
>>>>>>>> origin/v11:agent/agent/logprocessor.go
229257
}
230258
time.Sleep(invalidKeyDelay)
231259
invalidKeyDelay = utils.IncrementReconnectDelay(invalidKeyDelay, maxInvalidKeyDelay)

as400/README.md

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,50 @@
1+
# UTMStack AS400 Collector
2+
3+
Log collection service for IBM AS/400 (iSeries) systems that integrates with the UTMStack platform for security analysis and event correlation.
4+
5+
## General Description
6+
7+
UTMStack AS400 Collector is a service written in Go that acts as a bridge between IBM AS/400 systems and the UTMStack platform. The service is installed on an intermediate server, connects to multiple remotely configured AS/400 systems, collects security logs, and transmits them in real-time to the UTMStack server for analysis.
8+
9+
### Key Features
10+
11+
- **Multi-Server Collection**: Support for multiple AS/400 systems simultaneously
12+
- **Remote Configuration**: Management of AS/400 servers from the UTMStack panel via gRPC streaming
13+
- **Local Persistence**: Temporary log storage in SQLite to ensure delivery in case of network failures
14+
- **Auto-Updates**: Automatic update service included
15+
- **Automatic Reconnection**: Robust handling of disconnections with automatic retries
16+
- **Configurable Retention**: Control of local database size by retention in megabytes
17+
- **Security**: AES encryption for credentials and TLS communication with the server
18+
19+
## Requirements
20+
21+
- **Operating System**: Linux (recommended)
22+
- **Connectivity**: Network access to:
23+
- UTMStack server (ports 9000, 9001, 50051)
24+
- AS/400 systems to monitor
25+
- **Java**: Installed automatically during installation
26+
- **Privileges**: Administrator/root permissions to install the service
27+
28+
### Installation Process
29+
30+
1. Verify connectivity with the UTMStack server
31+
2. Download dependencies (collector Java JAR, updater)
32+
3. Install Java Runtime if necessary
33+
4. Register the collector with UTMStack's Agent Manager
34+
5. Create and enable the system service
35+
6. Install the auto-update service
36+
37+
## Configuration of AS/400 Servers
38+
39+
Configuration of AS/400 servers to monitor is performed **from the UTMStack panel**, not locally. The collector automatically receives configuration.
40+
41+
### Parameters per Server
42+
43+
- **Tenant**: Identifier name of the group/server
44+
- **Hostname**: IP address or hostname of the AS/400
45+
- **User ID**: Connection user to the AS/400
46+
- **Password**: Password (automatically encrypted)
47+
48+
## License
49+
50+
This project is part of UTMStack. Consult the main project license for more information.

0 commit comments

Comments
 (0)