adminmpmcz/patchcenter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

fix(qualys/agents): sudo -n explicite pour lire logs Qualys (fichiers root-only) + fallback messages 'existe mais non lisible'

Browse Source
This commit is contained in:
Pierre & Lumière 2026-04-27 23:39:53 +02:00
parent cdcb85917d
commit d9be39a037
1 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
app/services/realtime_audit_service.py
View File

@ -586,21 +586,28 @@ QUALYS_AGENT_CMDS = {
"/var/log/qualys-cloud-agent/qualys-cloud-agent.log "
"/usr/local/qualys/cloud-agent/log/qualys-cloud-agent.log "
"/var/log/qualysagent/qualysagent.log; do "
" if [ -r \"$f\" ]; then echo \"=== $f ===\"; tail -50 \"$f\"; exit 0; fi; "
" if [ -e \"$f\" ]; then "
" out=$(tail -50 \"$f\" 2>/dev/null || sudo -n tail -50 \"$f\" 2>/dev/null); "
" if [ -n \"$out\" ]; then echo \"=== $f ===\"; echo \"$out\"; exit 0; fi; "
" echo \"=== $f (existe mais non lisible — sudo refuse) ===\"; "
" fi; "
"done; "
"echo 'log Qualys introuvable. Chemins testes: /var/log/qualys/*, /var/log/qualys-cloud-agent/*, /usr/local/qualys/cloud-agent/log/*, /var/log/qualysagent/*'"
),
"system_log": (
"if command -v journalctl >/dev/null 2>&1; then "
" journalctl -u qualys-cloud-agent --no-pager -n 50 2>/dev/null || echo '(journalctl: aucune entree)'; "
"elif [ -r /var/log/messages ]; then "
" out=$(journalctl -u qualys-cloud-agent --no-pager -n 50 2>/dev/null || sudo -n journalctl -u qualys-cloud-agent --no-pager -n 50 2>/dev/null); "
" if [ -n \"$out\" ]; then echo \"$out\"; else echo '(journalctl: aucune entree ou non autorise)'; fi; "
"elif [ -e /var/log/messages ]; then "
" echo '--- /var/log/messages (filtre qualys, 50 derniers) ---'; "
" grep -i qualys /var/log/messages 2>/dev/null | tail -50 || echo 'aucune entree qualys'; "
"elif [ -r /var/log/syslog ]; then "
" out=$(grep -i qualys /var/log/messages 2>/dev/null | tail -50 || sudo -n grep -i qualys /var/log/messages 2>/dev/null | tail -50); "
" if [ -n \"$out\" ]; then echo \"$out\"; else echo '(aucune entree qualys ou sudo refuse)'; fi; "
"elif [ -e /var/log/syslog ]; then "
" echo '--- /var/log/syslog (filtre qualys, 50 derniers) ---'; "
" grep -i qualys /var/log/syslog 2>/dev/null | tail -50 || echo 'aucune entree qualys'; "
" out=$(grep -i qualys /var/log/syslog 2>/dev/null | tail -50 || sudo -n grep -i qualys /var/log/syslog 2>/dev/null | tail -50); "
" if [ -n \"$out\" ]; then echo \"$out\"; else echo '(aucune entree qualys ou sudo refuse)'; fi; "
"else "
" echo 'logs systeme indisponibles (journalctl absent, messages/syslog non lisibles - sudo requis ?)'; "
" echo 'logs systeme indisponibles (journalctl absent, messages/syslog non trouves)'; "
"fi"
),
}