adminmpmcz/patchcenter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

ui(qualys/agents): connectivite minimale - HTTP code recu = OK, diag detaille seulement si KO

Browse Source
This commit is contained in:
Pierre & Lumière 2026-04-28 00:52:17 +02:00
parent c54ec0ba0c
commit fb448257a1
1 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
app/services/realtime_audit_service.py
View File

@ -618,20 +618,20 @@ QUALYS_AGENT_CMDS = {
"grep -iE 'http_proxy|https_proxy' /etc/environment 2>/dev/null || echo '(aucune)'"
),
"qualys_connectivity": (
# L'agent Qualys SANEF sort en DIRECT (pas via proxy). Endpoint reel: qagpublic.qg1.apps.qualys.eu (pod EU1)
"echo '=== DNS resolution qagpublic.qg1.apps.qualys.eu ==='; "
"(getent hosts qagpublic.qg1.apps.qualys.eu 2>/dev/null || nslookup qagpublic.qg1.apps.qualys.eu 2>/dev/null | tail -3) || echo 'DNS KO'; "
"echo; echo '=== TCP/443 direct vers qagpublic.qg1.apps.qualys.eu (endpoint reel agent) ==='; "
# Test minimal : si HTTP code reçu -> connectivité OK. Sinon dérouler le diag.
"URL=https://qagpublic.qg1.apps.qualys.eu/Qlys/CloudAgent/status; "
"if command -v curl >/dev/null 2>&1; then "
" curl --connect-timeout 5 -sS -o /dev/null -w 'HTTP %{http_code} | IP %{remote_ip} | %{time_total}s\\n' "
" https://qagpublic.qg1.apps.qualys.eu/ 2>&1 || echo 'CONNEXION DIRECTE ECHEC (flux 443 sortant bloque ?)'; "
"elif command -v openssl >/dev/null 2>&1; then "
" timeout 5 openssl s_client -connect qagpublic.qg1.apps.qualys.eu:443 -servername qagpublic.qg1.apps.qualys.eu </dev/null 2>&1 | grep -E 'CONNECTED|verify return|subject=' | head -3 || echo 'openssl FAIL'; "
"else echo '(curl/openssl absents)'; fi; "
"echo; echo '=== Test fallback qualysguard.qualys.eu (console UI) ==='; "
"command -v curl >/dev/null 2>&1 && curl --connect-timeout 5 -sS -o /dev/null -w 'HTTP %{http_code} | %{time_total}s\\n' https://qualysguard.qualys.eu/ 2>&1 || echo 'KO ou curl absent'; "
"echo; echo '=== Connexions actives Qualys (process en cours) ==='; "
"(sudo -n ss -tnp 2>/dev/null || ss -tnp 2>/dev/null) | grep -i qualys | head -5 || echo '(aucune connexion active de l agent Qualys)'"
" CODE=$(curl --connect-timeout 5 -sS -o /dev/null -w '%{http_code}' \"$URL\" 2>/dev/null); "
" if [ -n \"$CODE\" ] && [ \"$CODE\" != \"000\" ]; then "
" echo \"✓ Connectivité OK (HTTP $CODE depuis $URL)\"; "
" else "
" echo '✗ Connectivité KO — diag détaillé :'; echo; "
" echo '--- DNS ---'; "
" (getent hosts qagpublic.qg1.apps.qualys.eu 2>/dev/null || nslookup qagpublic.qg1.apps.qualys.eu 2>/dev/null | tail -3) || echo 'DNS KO'; "
" echo '--- curl verbeux ---'; "
" curl --connect-timeout 5 -v -sS -o /dev/null \"$URL\" 2>&1 | grep -E 'Trying|Connected|connect|Could not|refused|timed out|verify|SSL' | head -10; "
" fi; "
"else echo '(curl absent — impossible de tester)'; fi"
),
"lvm_info": (
"echo '=== Volume Groups (espace libre dans le VG) ==='; "