empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 17:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Addresses detail queries that don't return rows (#1044)

Browse Source 
* If a detail query doesn't return results, log problem but don't interrupt additional query processing

* changed arg to ingest func to logger interface
This commit is contained in:
John Murphy 2017-01-20 07:28:33 +08:00 committed by GitHub
parent b1a3ee8927
commit 28130b529b
1 changed files with 25 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
server/service/service_osquery.go
View File

@ -7,6 +7,7 @@ import (
"strings"
"time"
"github.com/go-kit/kit/log"
hostctx "github.com/kolide/kolide-ose/server/contexts/host"
"github.com/kolide/kolide-ose/server/kolide"
"github.com/kolide/kolide-ose/server/pubsub"
@ -178,15 +179,15 @@ const hostDistributedQueryPrefix = "kolide_distributed_query_"
// kolide.Host data model. This map should not be modified at runtime.
var detailQueries = map[string]struct {
Query string
IngestFunc func(host *kolide.Host, rows []map[string]string) error
IngestFunc func(logger log.Logger, host *kolide.Host, rows []map[string]string) error
}{
"osquery_info": {
Query: "select * from osquery_info limit 1",
IngestFunc: func(host *kolide.Host, rows []map[string]string) error {
IngestFunc: func(logger log.Logger, host *kolide.Host, rows []map[string]string) error {
if len(rows) != 1 {
return osqueryError{
message: fmt.Sprintf("expected 1 row but got %d", len(rows)),
}
logger.Log("component", "service", "method", "IngestFunc", "err",
fmt.Sprintf("detail_query_osquery_info expected single result got %d", len(rows)))
return nil
}
host.Platform = rows[0]["build_platform"]
@ -197,11 +198,11 @@ var detailQueries = map[string]struct {
},
"system_info": {
Query: "select * from system_info limit 1",
IngestFunc: func(host *kolide.Host, rows []map[string]string) error {
IngestFunc: func(logger log.Logger, host *kolide.Host, rows []map[string]string) error {
if len(rows) != 1 {
return osqueryError{
message: fmt.Sprintf("expected 1 row but got %d", len(rows)),
}
logger.Log("component", "service", "method", "IngestFunc", "err",
fmt.Sprintf("detail_query_system_info expected single result got %d", len(rows)))
return nil
}
var err error
@ -232,11 +233,11 @@ var detailQueries = map[string]struct {
},
"os_version": {
Query: "select * from os_version limit 1",
IngestFunc: func(host *kolide.Host, rows []map[string]string) error {
IngestFunc: func(logger log.Logger, host *kolide.Host, rows []map[string]string) error {
if len(rows) != 1 {
return osqueryError{
message: fmt.Sprintf("expected 1 row but got %d", len(rows)),
}
logger.Log("component", "service", "method", "IngestFunc", "err",
fmt.Sprintf("detail_query_os_version expected single result got %d", len(rows)))
return nil
}
host.OSVersion = fmt.Sprintf(
@ -258,11 +259,11 @@ var detailQueries = map[string]struct {
},
"uptime": {
Query: "select * from uptime limit 1",
IngestFunc: func(host *kolide.Host, rows []map[string]string) error {
IngestFunc: func(logger log.Logger, host *kolide.Host, rows []map[string]string) error {
if len(rows) != 1 {
return osqueryError{
message: fmt.Sprintf("expected 1 row but got %d", len(rows)),
}
logger.Log("component", "service", "method", "IngestFunc", "err",
fmt.Sprintf("detail_query_uptime expected single result got %d", len(rows)))
return nil
}
uptimeSeconds, err := strconv.Atoi(rows[0]["total_seconds"])
@ -278,8 +279,12 @@ var detailQueries = map[string]struct {
Query: `select * from interface_details id join interface_addresses ia
on ia.interface = id.interface where broadcast != ""
order by (ibytes + obytes) desc`,
IngestFunc: func(host *kolide.Host, rows []map[string]string) (err error) {
IngestFunc: func(logger log.Logger, host *kolide.Host, rows []map[string]string) (err error) {
if len(rows) == 0 {
logger.Log("component", "service", "method", "IngestFunc", "err",
"detail_query_network_interface expected 1 or more results")
return nil
}
networkInterfaces := []*kolide.NetworkInterface{}
for _, row := range rows {
@ -393,7 +398,7 @@ func (svc service) ingestDetailQuery(host *kolide.Host, name string, rows []map[
return osqueryError{message: "unknown detail query " + trimmedQuery}
}
err := query.IngestFunc(host, rows)
err := query.IngestFunc(svc.logger, host, rows)
if err != nil {
return osqueryError{
message: fmt.Sprintf("ingesting query %s: %s", name, err.Error()),