Reworked shell script execution with runtime alert values

2026-04-30 16:09:32 +00:00 · 2020-11-19 17:37:26 +01:00 · 2020-11-19 17:37:26 +01:00 · 7c1a023dcd
commit 7c1a023dcd
parent ccd029be39
7 changed files with 94 additions and 54 deletions
--- a/scripts/plugins/endpoints/shell_alert_endpoint/alert_endpoints/shell.lua
+++ b/scripts/plugins/endpoints/shell_alert_endpoint/alert_endpoints/shell.lua
@ -64,46 +64,85 @@ end

 -- ##############################################

-function shell.sendMessage(alerts, settings)
-  if isEmptyString(settings.path) then
-    return false
-  end
- 
+function expandArguments(cmd, myalert)
+   alert = myalert -- Not sure why we need a non-local variable
+   
+   -- Search all alert.* strings
+   for word in string.gmatch(cmd, 'alert.[^,%s]+') do
+      local func, err = load("return "..word)
+
+      if(func) then
+	 local ok, res = pcall(func)
+
+	 if(ok) then
+	    -- print("Found "..word)
+	    cmd = cmd:gsub(word, res)
+	 else
+	    -- print("Execution error:", res)
+	 end
+      end
+   end
+
+   return(cmd)
+end
+
+-- ##############################################
+
+function shell.runScript(alerts, settings)
+   local where = { "/usr/share/ntopng/scripts/shell/", dirs.installdir.."/scripts/shell/" }
+   local fullpath = nil
+   local do_debug = false
+   
+   for _,p in ipairs(where) do
+      local path = p .. settings.path
+
+      if(do_debug) then tprint("Checking "..path) end
+      
+      if(ntop.exists(path)) then
+	 fullpath = path
+	 break
+      end
+   end
+
+   if(fullpath == nil) then
+      if(do_debug) then tprint("Not found: "..settings.path.." ("..dirs.installdir ..")") end
+      return(false)
+   end
+
  for key, alert in ipairs(alerts) do
    -- Executing the script
-    local exec_script = settings.path .. " " .. settings.options
+    local exec_script = fullpath .. " " .. settings.options

-    os.execute(exec_script)
+    if(do_debug) then
+       -- tprint(alert)
+       tprint("[Before] "..exec_script)
+    end
+
+    exec_script = expandArguments(exec_script, alert)
+    if(do_debug) then tprint("[After] "..exec_script) end
+
+    -- Mask output
+    os.execute(exec_script.." > /dev/null")

    -- Storing an alert-notice in regard of the shell script execution
    -- for security reasons
    local entity_info = alerts_api.processEntity("ntopng")
    local type_info = alert_consts.alert_types.alert_shell_script_executed.create(
-      alert_consts.alert_severities.notice,
-      exec_script,
-      alert_consts.alertTypeLabel(alert["alert_type"], true)
+       alert_consts.alert_severities.notice,
+       exec_script,
+       alert_consts.alertTypeLabel(alert["alert_type"], true)
    )

    alerts_api.store(entity_info, type_info)
-  end
+  end -- for
+
+  return true
 end

 -- ##############################################

 function shell.dequeueRecipientAlerts(recipient, budget, high_priority)
-  local full_path
  local settings = recipient2sendMessageSettings(recipient)
-
-  -- Checking if the script still exist for security reasons
-  if ntop.exists("/usr/share/ntopng/" .. settings.path) then
-    full_path = "/usr/share/ntopng/" .. settings.path
-  elseif ntop.exists("scripts/shell/" .. settings.path) then
-    full_path = "scripts/shell/" .. settings.path
-  else
-    return {success=false, error_message="- unable to execute the script"}
-  end
-
-  settings.path = full_path
  local start_time = os.time()
  local sent = 0
  local more_available = true
@ -123,7 +162,7 @@ function shell.dequeueRecipientAlerts(recipient, budget, high_priority)
    local notifications = {}
    for i = 1, MAX_ALERTS_PER_REQUEST do
       local notification = ntop.recipient_dequeue(recipient.recipient_id, high_priority)
-       if notification then 
+       if notification then
 	  notifications[#notifications + 1] = notification
       else
 	  break
@ -142,7 +181,9 @@ function shell.dequeueRecipientAlerts(recipient, budget, high_priority)
      table.insert(alerts, alert)
    end

-    shell.sendMessage(alerts, settings)
+    if(shell.runScript(alerts, settings) == false) then
+       return { success=false, error_message="- unable to execute the script" }
+    end

    -- Remove the processed messages from the queue
    budget_used = budget_used + #notifications
@ -158,7 +199,7 @@ function shell.runTest(recipient)
  local message_info

  local settings = recipient2sendMessageSettings(recipient)
-  local success = shell.sendMessage({}, settings)
+  local success = shell.runScript({}, settings)

  if not success then
    message_info = i18n("shell_alert_endpoint.shell_send_error")
@ -170,4 +211,3 @@ end
 -- ##############################################

 return shell
-