fix(qualys/agents): commandes audit adaptees multi-OS (RHEL5 SysV init, journalctl absent, chemins log Qualys multiples)

app/services/realtime_audit_service.py

@@ -562,10 +562,47 @@ def save_audit_to_db(db, results):
 # ===========================================================================
 
 QUALYS_AGENT_CMDS = {
-    "agent_status": "systemctl status qualys-cloud-agent --no-pager 2>&1 | head -25 || /etc/init.d/qualys-cloud-agent status 2>&1 | head -25",
+    "os_release": "cat /etc/redhat-release 2>/dev/null || (grep '^PRETTY_NAME=' /etc/os-release 2>/dev/null | cut -d'\"' -f2) || uname -sr",
-    "agent_log": "tail -50 /var/log/qualys/qualys-cloud-agent.log 2>/dev/null || tail -50 /var/log/qualys-cloud-agent.log 2>/dev/null || echo \"log Qualys introuvable (chemins testes: /var/log/qualys/*, /var/log/qualys-cloud-agent.log)\"",
+    "agent_status": (
-    "system_log": "journalctl -u qualys-cloud-agent --no-pager -n 50 2>/dev/null || tail -50 /var/log/messages 2>/dev/null | grep -i qualys || echo \"journalctl + /var/log/messages indisponibles\"",
+        "if command -v systemctl >/dev/null 2>&1; then "
-    "agent_version": "/usr/local/qualys/cloud-agent/bin/qualys-cloud-agent.sh -v 2>&1 || rpm -q qualys-cloud-agent 2>/dev/null || echo \"version introuvable\"",
+        "  systemctl status qualys-cloud-agent --no-pager 2>&1 | head -25; "
+        "elif [ -x /etc/init.d/qualys-cloud-agent ]; then "
+        "  /etc/init.d/qualys-cloud-agent status 2>&1 | head -25; "
+        "elif command -v service >/dev/null 2>&1; then "
+        "  service qualys-cloud-agent status 2>&1 | head -25; "
+        "else "
+        "  echo '--- ps (init system inconnu) ---'; "
+        "  ps -ef 2>/dev/null | grep -i qualys-cloud-agent | grep -v grep | head -5 || echo 'aucun process Qualys'; "
+        "fi"
+    ),
+    "agent_version": (
+        "(rpm -q qualys-cloud-agent 2>/dev/null) || "
+        "(dpkg -l qualys-cloud-agent 2>/dev/null | awk '/^ii/{print $2,$3}') || "
+        "(/usr/local/qualys/cloud-agent/bin/qualys-cloud-agent.sh -v 2>&1) || "
+        "echo 'version introuvable'"
+    ),
+    "agent_log": (
+        "for f in /var/log/qualys/qualys-cloud-agent.log "
+        "/var/log/qualys-cloud-agent/qualys-cloud-agent.log "
+        "/usr/local/qualys/cloud-agent/log/qualys-cloud-agent.log "
+        "/var/log/qualysagent/qualysagent.log; do "
+        "  if [ -r \"$f\" ]; then echo \"=== $f ===\"; tail -50 \"$f\"; exit 0; fi; "
+        "done; "
+        "echo 'log Qualys introuvable. Chemins testes: /var/log/qualys/*, /var/log/qualys-cloud-agent/*, /usr/local/qualys/cloud-agent/log/*, /var/log/qualysagent/*'"
+    ),
+    "system_log": (
+        "if command -v journalctl >/dev/null 2>&1; then "
+        "  journalctl -u qualys-cloud-agent --no-pager -n 50 2>/dev/null || echo '(journalctl: aucune entree)'; "
+        "elif [ -r /var/log/messages ]; then "
+        "  echo '--- /var/log/messages (filtre qualys, 50 derniers) ---'; "
+        "  grep -i qualys /var/log/messages 2>/dev/null | tail -50 || echo 'aucune entree qualys'; "
+        "elif [ -r /var/log/syslog ]; then "
+        "  echo '--- /var/log/syslog (filtre qualys, 50 derniers) ---'; "
+        "  grep -i qualys /var/log/syslog 2>/dev/null | tail -50 || echo 'aucune entree qualys'; "
+        "else "
+        "  echo 'logs systeme indisponibles (journalctl absent, messages/syslog non lisibles - sudo requis ?)'; "
+        "fi"
+    ),
 }
 
 

app/templates/qualys_agent_audit.html

@@ -32,6 +32,12 @@
 
 {% if audit.status == 'OK' %}
 
+<!-- OS détecté -->
+<div class="card p-4 mb-4">
+    <h3 class="text-sm font-bold text-cyber-accent mb-2">OS détecté</h3>
+    <pre style="background:#0b0f1a;color:#e5e7eb;padding:10px;border-radius:4px;font-size:11px;overflow-x:auto;white-space:pre-wrap">{{ audit.os_release or '(vide)' }}</pre>
+</div>
+
 <!-- Statut du service -->
 <div class="card p-4 mb-4">
     <h3 class="text-sm font-bold text-cyber-accent mb-2">État du service <code class="text-cyber-yellow">qualys-cloud-agent</code></h3>