Add SQL tables to store Malware database

diff --git a/bacula/src/cats/drop_postgresql_tables.in b/bacula/src/cats/drop_postgresql_tables.in
index 1cc1730a8f89fa5ddd92e80275d25cbda3efadb9..bf6b85225a60aa639a15cf0023621631cf0f9748 100644 (file)
--- a/bacula/src/cats/drop_postgresql_tables.in
+++ b/bacula/src/cats/drop_postgresql_tables.in
@@ -9,6 +9,9 @@ bindir=@POSTGRESQL_BINDIR@
 db_name=@db_name@
 
 $bindir/psql -f - -d ${db_name} $* <<END-OF-DATA 1>/dev/null 2>/dev/null
+drop table if exists MalwareMD5;
+drop table if exists MalwareSHA256;
+drop table if exists FileEvents;
 drop table if exists MetaEmail;
 drop table if exists MetaAttachment;
 drop table if exists TagJob;

diff --git a/bacula/src/cats/make_postgresql_tables.in b/bacula/src/cats/make_postgresql_tables.in
index 60570b72dfacf1bb349f1898cbb93f529fc64dad..6f00712fb25ccfc2bed114dad7c226a805c25216 100644 (file)
--- a/bacula/src/cats/make_postgresql_tables.in
+++ b/bacula/src/cats/make_postgresql_tables.in
@@ -16,21 +16,49 @@ db_name=${db_name:-@db_name@}
 psql -f - -d ${db_name} $* <<END-OF-DATA
 
 BEGIN;
+CREATE TABLE MalwareMD5
+(
+    MD5     char(22)
+);
+CREATE INDEX malwaremd5_idx on MalwareMD5 (MD5);
+
+CREATE TABLE MalwareSHA256
+(
+    MD5     char(65)
+);
+CREATE INDEX malwaresha256_idx on Malwaresha256 (MD5);
+
+CREATE TABLE FileEvents 
+(
+   Id   bigserial,
+   Time timestamp default NOW(), -- Time of the detection
+   SourceJobId   int,        -- Can be the Verify job id for example, or the jobid during a restore/backup
+   JobId         int,        -- JobId where the file was found. Used for pruning
+   FileIndex     int,        -- File reference
+   Type          char,       -- Event type (antivirus, malware scanning (M), lost file)
+   Description   text,       -- Description of the event
+   Severity      int,        -- level of severity. (0 OK, 100 Important)
+   Source        text        -- Information about the source of the event
+);
+
+CREATE INDEX FileEvents_jobid_idx ON FileEvents (JobId, FileIndex);
+CREATE INDEX FileEvents_sourcejobid_idx ON FileEvents (SourceJobId);
+
 -- --------------------------------------------------------------
 -- MetaData Index
 
 CREATE TABLE MetaEmail
 (
-    EmailTenant                text,
-    EmailOwner                 text,
-    EmailId                    text,
-    EmailTime                          timestamp without time zone,
+    EmailTenant                text,   -- Tenant used to get the email
+    EmailOwner                 text,   -- Email address
+    EmailId                    text,   -- EmailId generated by the software
+    EmailTime                  timestamp without time zone,
     EmailTags                  text,
     EmailSubject               text,
     EmailFolderName            text,
     EmailFrom                  text,
     EmailTo                    text,
-    EmailCc                        text,
+    EmailCc                    text,
     EmailInternetMessageId     text,  -- no index
     EmailBodyPreview           text,
     EmailImportance            text,
@@ -38,10 +66,10 @@ CREATE TABLE MetaEmail
     EmailIsRead                smallint,
     EmailIsDraft               smallint,
     EmailHasAttachment         smallint,
-    EmailSize                          integer,
-    Plugin                             text,
-    FileIndex                                  int,
-    JobId                              int
+    EmailSize                   integer,
+    Plugin                      text,
+    FileIndex                   int,
+    JobId                       int
 );
 
 -- Need to add postgresql-contrib to the dependency list