Added modules for antivirus programs Dr.Web and KESL #931
Conversation
There was a problem hiding this comment.
Hi @AnilAntari
thank you for your PR.
Actually, I can't accept it as is.
SERVER_LICENSE is not supported in the format so you can remove related code.
Time::Piece module is used in piece of code to set UPTODATE but with assumption you can't really use. UPTODATE can only be set if AV really tells you it is up-to-date.
Time::Piece module is also used in piece of code to set EXPIRATION, but there I think it's overkill. Can you better get rid of this new dependency ?
Can you also provide output samples for all the used commands ?
Here is the list I'm thinking of:
LANG=C drweb-ctl --version
LANG=C drweb-ctl baseinfo
LANG=C drweb-ctl license
LANG=C kesl-control --app-info
If you have some difference context case with different output, don't hesitate to add them.
| # Check if database is up-to-date (within 2 days) | ||
| if ($db_timestamp) { | ||
| eval { | ||
| my $db_time = Time::Piece->strptime($db_timestamp, "%Y-%b-%d %H:%M:%S"); | ||
| my $diff = time() - $db_time->epoch; | ||
| $av->{UPTODATE} = ($diff <= 172800) ? 1 : 0; # 172800 seconds = 2 days | ||
| }; | ||
| $av->{UPTODATE} = 0 if $@; | ||
| } |
There was a problem hiding this comment.
I'm not fully agree with this test. It doesn't say AV is up-to-date, it says database is not older than 2 days. You assume the editor always publish an update at worst every 2 days. If editor doesn't have to publish an update on 2 consecutive days, glpi-agent will report is no more up-to-date even if it is.
IMHO, if this AV doesn't provide the data itself, just don't set it.
| eval { | ||
| my $expire_time = Time::Piece->strptime($1, "%Y-%b-%d"); | ||
| $av->{EXPIRATION} = $expire_time->strftime("%Y-%m-%d"); | ||
| }; |
There was a problem hiding this comment.
Adding Time::Piece requirement for such usage is totally overkill. Can you better get rid of Time::Piece ?
| elsif ($line =~ /license is granted by the protection server/i) { | ||
| $av->{SERVER_LICENSE} = 1; | ||
| last; |
There was a problem hiding this comment.
As far I know, SERVER_LICENSE is not supported by the format. So you can remove this code.
| my $version_output = getFirstLine( | ||
| command => 'kesl-control --app-info 2>/dev/null | grep -E "Version|Версия"', | ||
| %params | ||
| ); | ||
| # Extract version number from either English or Russian output | ||
| if ($version_output && $version_output =~ /(?:Version|Версия):\s+([\d.]+)/) { | ||
| $av->{VERSION} = $1; | ||
| } |
There was a problem hiding this comment.
Don't run command with output piped to grep. As I see you do the same on $license_output and $db_date_output, involving you run kesl-control --app-info 3 times. Indeed, you should better use getAllLines() and analyze each lines.
Also, you shouldn't have to check on Cyrillic string as commands are run with "LANG=C" environment set.
| eval { | ||
| my $db_time = Time::Piece->strptime($1, "%Y-%m-%d %H:%M:%S"); | ||
| my $diff = time() - $db_time->epoch; | ||
| # Mark as up-to-date if databases are less than 2 days old (172800 seconds) | ||
| $av->{UPTODATE} = ($diff <= 172800) ? 1 : 0; | ||
| }; | ||
| if ($@) { | ||
| $logger->debug("Failed to parse database timestamp: $@"); | ||
| } |
There was a problem hiding this comment.
As for the other module, you assume database is up-to-date where you can't. Just don't set this value or find the real data in another way.
| my @license_info = getAllLines( | ||
| command => 'drweb-ctl license 2>/dev/null', | ||
| %params | ||
| ); |
There was a problem hiding this comment.
You don't need to redirect stderr to null, getAllLines API still does it.
| my $service_status = getFirstLine( | ||
| command => 'systemctl is-active kesl.service 2>/dev/null', | ||
| %params | ||
| ); |
There was a problem hiding this comment.
You don't need to redirect stderr to null, getFirstLine API still does it.
| if ($license_output && $license_output =~ /(?:License expiration date|Дата окончания срока действия лицензии):\s+([\d-]+)/) { | ||
| eval { | ||
| my $expire_time = Time::Piece->strptime($1, "%Y-%m-%d"); | ||
| $av->{EXPIRATION} = $expire_time->strftime("%Y-%m-%d"); | ||
| }; | ||
| if ($@) { | ||
| $logger->debug("Failed to parse license expiration: $@"); | ||
| } |
There was a problem hiding this comment.
Time::Piece usage is overkill here, please get rid of it.
You shouldn't have to parse against Cyrillic string as command is run with LANG=C set.
| return $av; | ||
| } | ||
|
|
||
| 1; |
There was a problem hiding this comment.
A end-of-line seems to miss here.
| return $av; | ||
| } | ||
|
|
||
| 1; |
There was a problem hiding this comment.
A end-of-line seems to miss here.
Added modules for antivirus programs Dr.Web and Kaspersky Endpoint Security.
These modules use
Time::Piecefor:1. Data analysis
Converts data strings from the antivirus output (for example, 2025-06-09, February 15, 2023) into temporary objects.
Supports:
2. Time check
Compares the dates with the current time to check:
Some Linux distributions do not include the
Time::Piecemodule by default, requiring manual installation.