diff --git a/app/services/realtime_audit_service.py b/app/services/realtime_audit_service.py index b2dadc8..adff707 100644 --- a/app/services/realtime_audit_service.py +++ b/app/services/realtime_audit_service.py @@ -618,20 +618,20 @@ QUALYS_AGENT_CMDS = { "grep -iE 'http_proxy|https_proxy' /etc/environment 2>/dev/null || echo '(aucune)'" ), "qualys_connectivity": ( - # L'agent Qualys SANEF sort en DIRECT (pas via proxy). Endpoint reel: qagpublic.qg1.apps.qualys.eu (pod EU1) - "echo '=== DNS resolution qagpublic.qg1.apps.qualys.eu ==='; " - "(getent hosts qagpublic.qg1.apps.qualys.eu 2>/dev/null || nslookup qagpublic.qg1.apps.qualys.eu 2>/dev/null | tail -3) || echo 'DNS KO'; " - "echo; echo '=== TCP/443 direct vers qagpublic.qg1.apps.qualys.eu (endpoint reel agent) ==='; " + # Test minimal : si HTTP code reçu -> connectivité OK. Sinon dérouler le diag. + "URL=https://qagpublic.qg1.apps.qualys.eu/Qlys/CloudAgent/status; " "if command -v curl >/dev/null 2>&1; then " - " curl --connect-timeout 5 -sS -o /dev/null -w 'HTTP %{http_code} | IP %{remote_ip} | %{time_total}s\\n' " - " https://qagpublic.qg1.apps.qualys.eu/ 2>&1 || echo 'CONNEXION DIRECTE ECHEC (flux 443 sortant bloque ?)'; " - "elif command -v openssl >/dev/null 2>&1; then " - " timeout 5 openssl s_client -connect qagpublic.qg1.apps.qualys.eu:443 -servername qagpublic.qg1.apps.qualys.eu &1 | grep -E 'CONNECTED|verify return|subject=' | head -3 || echo 'openssl FAIL'; " - "else echo '(curl/openssl absents)'; fi; " - "echo; echo '=== Test fallback qualysguard.qualys.eu (console UI) ==='; " - "command -v curl >/dev/null 2>&1 && curl --connect-timeout 5 -sS -o /dev/null -w 'HTTP %{http_code} | %{time_total}s\\n' https://qualysguard.qualys.eu/ 2>&1 || echo 'KO ou curl absent'; " - "echo; echo '=== Connexions actives Qualys (process en cours) ==='; " - "(sudo -n ss -tnp 2>/dev/null || ss -tnp 2>/dev/null) | grep -i qualys | head -5 || echo '(aucune connexion active de l agent Qualys)'" + " CODE=$(curl --connect-timeout 5 -sS -o /dev/null -w '%{http_code}' \"$URL\" 2>/dev/null); " + " if [ -n \"$CODE\" ] && [ \"$CODE\" != \"000\" ]; then " + " echo \"✓ Connectivité OK (HTTP $CODE depuis $URL)\"; " + " else " + " echo '✗ Connectivité KO — diag détaillé :'; echo; " + " echo '--- DNS ---'; " + " (getent hosts qagpublic.qg1.apps.qualys.eu 2>/dev/null || nslookup qagpublic.qg1.apps.qualys.eu 2>/dev/null | tail -3) || echo 'DNS KO'; " + " echo '--- curl verbeux ---'; " + " curl --connect-timeout 5 -v -sS -o /dev/null \"$URL\" 2>&1 | grep -E 'Trying|Connected|connect|Could not|refused|timed out|verify|SSL' | head -10; " + " fi; " + "else echo '(curl absent — impossible de tester)'; fi" ), "lvm_info": ( "echo '=== Volume Groups (espace libre dans le VG) ==='; "