075706178e
feat(settings/teams M1+M4): UI CRUD canaux Teams + service teams_service.py (Adaptive Card via Incoming Webhook) + bouton Test webhook
2026-05-05 13:58:38 +02:00
ff95424e03
feat(patching/iexec B3.6): bouton 3e Reboot manuel (double confirmation, jamais auto) + 3f Wait reconnexion (poll TCP/22 + SSH uptime, timeout 10min) - shutdown -r +1 avec audit log
2026-05-05 12:06:50 +02:00
19d88f2d53
feat(patching/iexec): detection auto deps problematiques + bouton retry sans paquets KO (multilib, requires, conflicts) - extra_excludes via SSE query param
2026-05-05 11:32:44 +02:00
8cf78dfef3
feat(patching/iexec): terminal live SSE pour dry-run et patch reel - generator yum_stream_lines + endpoint /yum-stream + EventSource cote client + log audit en fin de stream
2026-05-04 17:02:28 +02:00
e29ecff949
feat(patching/iexec B3.4+B3.5): pre-capture services+ports + post-compare avant/apres avec rapport diff (scripts wiki SANEF, push base64) - workflow 3a/3b/3c/3d sequentiel
2026-05-04 16:52:15 +02:00
6c92c71d17
feat(patching/iexec B3): step 3a dry-run (yum update --assumeno) + step 3b real patch (yum update -y) avec excludes effectifs depuis v_servers, validation anti-injection sur excludes, log audit, double confirmation pour patch reel
2026-05-04 16:40:46 +02:00
37e6f0d8f3
chore(snapshot): strip() defensif sur credentials vCenter (copier-coller peut ajouter newline/CR)
2026-05-04 16:29:20 +02:00
a006e3f422
fix(snapshot): message d erreur distingue login KO de VM non trouvee (etait trompeur)
2026-05-04 16:25:10 +02:00
f1baae9c8e
fix(snapshot): _find_vm matching tolerant (court + FQDN) + log samples pour debug si VM non trouvee
2026-05-04 16:21:45 +02:00
9996757e4b
feat(snapshot): branche prod/hprod via prefixe hostname (vp/sp/lp = prod/metier ; reste = hprod/gestion) + fix matching DR vpsiaavcs1 (etait vpsicavcs1) + tolerance par name
2026-05-04 16:15:46 +02:00
a1476cb3e2
fix(snapshot): fallback secrets vsphere_user/pass (nom Settings UI) en plus de vcenter_user/pass legacy
2026-05-04 16:07:50 +02:00
b07a6816d4
feat(patching/iexec): check espace disque (/ >= 1.5Go, /var/log >= 1Go) + fix detection subscription-manager identity FR/EN via UUID regex
2026-05-04 15:37:12 +02:00
eb2e0dc8ba
feat(patching/iexec B1): page wizard step 1 - checks DNS+SSH+Satellite (LAN vpdsiasat2 / DMZ vpdsiasat1 selon domaine), Linux uniquement (Windows skip), sudo -n partout
2026-05-04 15:14:06 +02:00
983552a442
fix(qualys/agents): message d'echec specifique selon cause reelle (DNS/TCP timeout/TCP refused/SSH auth) - plus de 'agent installe? OS supporte?' generique
2026-04-28 02:00:21 +02:00
eecb61c720
fix(qualys/agents): check service multi-format - SysV init francais (en cours d'execution / (pid X)) en plus de systemd active (running)
2026-04-28 01:45:48 +02:00
f0043eb481
ui(qualys/agents): separation RHEL5 (early exit, decom) vs RHEL6 (agent legacy ok, CA bundle a jour)
2026-04-28 01:33:10 +02:00
4db0cf6a56
ui(qualys/agents): si OS EOL (RHEL 5/6) - affiche seule entree 'agent legacy, decom prevu', pas de warnings redondants
2026-04-28 01:31:25 +02:00
b6a602e848
ui(qualys/agents): wording diag prudent (constat/hypothese/proposition vers ticket support, pas affirmer)
2026-04-28 01:27:42 +02:00
67bd3a02d6
ui(qualys/agents): bloc Etat checklist OK/KO en tete (connectivite/disque/service/install) + log systeme 10 lignes
2026-04-28 01:24:57 +02:00
7f8c2c710b
ui(qualys/agents): renomme 'Suggestions' en 'Diagnostic' + reformulation orientee constat (pas de cmds shell, oriente vers ticket support)
2026-04-28 01:23:56 +02:00
5abc474805
perf(qualys/agents): combine toutes les cmds en 1 seul channel SSH avec markers - evite Timeout opening channel sur PSMP
2026-04-28 01:18:59 +02:00
d4205fb8f8
fix(qualys/agents): retry avec reconnect SSH si Timeout opening channel (limite channels PSMP)
2026-04-28 01:14:03 +02:00
fc480b4376
ui(qualys/agents): retire bloc Configuration proxy agent (inutile car SANEF prod sort en direct, pas via proxy)
2026-04-28 01:13:18 +02:00
49c700c5d1
fix(qualys/agents): procedure reinstall reelle SANEF (rpm -ivh /root/QualysCloudAgent.rpm)
2026-04-28 00:58:45 +02:00
79cff850d3
feat(qualys/agents): suggestion auto pour install cassee (core dump + package absent RPM/DPKG)
2026-04-28 00:57:06 +02:00
fb448257a1
ui(qualys/agents): connectivite minimale - HTTP code recu = OK, diag detaille seulement si KO
2026-04-28 00:52:17 +02:00
c54ec0ba0c
fix(qualys/agents): test connectivite DIRECT vers qagpublic.qg1.apps.qualys.eu (pod EU1 SANEF) - pas de proxy car agent sort en direct
2026-04-28 00:26:29 +02:00
9d312f43a3
feat(qualys/agents): check conf proxy agent (qagent-proxy.conf, drop-in systemd, sysconfig, /etc/environment) + suggestion config proxy
2026-04-28 00:20:56 +02:00
191c167423
fix(qualys/agents): snapshot vCenter (pas LVM) pour rollback avant extend FS
2026-04-28 00:15:12 +02:00
640292c1ce
feat(qualys/agents): checks LVM + logrotate + suggestions extend FS / cleanup / fix logrotate avec snapshot LVM obligatoire
2026-04-28 00:11:45 +02:00
b81343d5ca
fix(qualys/agents): test connectivite via proxy SANEF (proxy.sanef.fr:8080, fallback IP 10.40.10.225) + suggestion conf agent
2026-04-28 00:06:32 +02:00
a877589cf3
feat(qualys/agents): suggestions auto resolution selon patterns logs (disque sature, crash loop, conn KO, service masked, agent obsolete)
2026-04-28 00:01:14 +02:00
437b1ed172
feat(qualys/agents): ajout checks espace disque + connectivite console Qualys (qualysagent/qualysguard.qualys.eu)
2026-04-27 23:53:15 +02:00
d9be39a037
fix(qualys/agents): sudo -n explicite pour lire logs Qualys (fichiers root-only) + fallback messages 'existe mais non lisible'
2026-04-27 23:39:53 +02:00
cdcb85917d
feat(qualys/agents): audit en background thread + page d'attente auto-refresh (fix ERR_CONNECTION_RESET sur audits longs)
2026-04-27 23:25:50 +02:00
26e05d63ac
fix(qualys/agents): commandes audit adaptees multi-OS (RHEL5 SysV init, journalctl absent, chemins log Qualys multiples)
2026-04-27 23:15:50 +02:00
03229d4d08
feat(qualys/agents): bouton Check + page audit cible Qualys agent (status + version + logs agent/systeme via SSH)
2026-04-27 23:09:05 +02:00
dc9c197274
fix(qualys/dashboard): timeout 120s->300s + log erreurs sur _fetch_asset_ids_by_tag (manque ENV-PRD/REC sur gros tags)
2026-04-27 23:00:58 +02:00
5ec5271232
perf(qualys/dashboard): parallelise fetch vulns par batch IPs (8 workers, ~18min -> ~3min)
2026-04-27 17:15:44 +02:00
0d4ce6dfc2
feat(qualys/duplicates): scan filtre Linux+Windows Server uniquement (~1200 vs 6244)
2026-04-25 19:56:23 +00:00
6c52d05393
fix(qualys/duplicates): renomme cle items -> groups (conflit Jinja avec dict.items)
2026-04-25 10:49:53 +00:00
e832381b68
feat(qualys/duplicates): filtre serveurs uniquement (exclut Win 10/11/7/8/XP postes)
2026-04-25 10:23:14 +00:00
3d043af194
feat(qualys): page doublons + suppression API Qualys 1-clic
2026-04-25 10:17:40 +00:00
8f406f211d
feat(qualys/dashboard): compute v2 - interroge API Qualys par tag (DB locale qualys_asset_tags souvent obsolete)
2026-04-25 00:42:29 +00:00
0ab4f2d8fa
fix(qualys/dashboard): vire flag in-memory + safety net thread + flex layout 6 KPI
2026-04-25 00:13:22 +00:00
9a7f446637
fix(qualys/dashboard): insert pending row dans la route avant spawn thread (no race)
2026-04-25 00:07:22 +00:00
8f8e8c4d8f
feat(qualys): dashboard vulnerabilites avec KPI + historique
2026-04-24 23:49:46 +00:00
c258d6091a
fix(qualys): resync_all_tags HTTP 400 - limitResults 10000 trop grand, capper a 1000
...
Qualys QPS API rejette limitResults au-dela de 1000 (HTTP 400 Bad Request).
Aligne sur les autres requetes du service (5, 20, 100, 200, 1000) et sur
qualys_tags_service.list_qualys_tags qui utilise deja 1000.
Reproductible via /qualys/tags > bouton Resync (msg=resync_ko_HTTP+400).
2026-04-23 12:19:31 +00:00
9a72fa7eb7
Optim: fix N+1 queries itop_service (pre-load batch) + macros Jinja2 badges
2026-04-17 23:23:32 +00:00
a0f90cd719
Optim: logging structure + query_helpers.py + fix exceptions silencieuses routers
2026-04-17 23:19:18 +00:00
