def __init__(self, xml_element, trace_dict, ruleset):
'''
Constructor
'''
self.name = None
self.parms = RuleParms()
GearActionable.__init__(self, GACT_TYPE_EXECUTE, xml_element, trace_dict, ruleset)
# Construct the external class
class_spec = self.ext_class.in_str
if class_spec is None or class_spec == '':
self.ruleset.parse_error(self.trace_id[0], 'execute element requires the \'ext_class\' attribute')
try:
module_name, class_name = class_spec.rsplit('.', 1)
module = __import__(module_name, globals(), locals(), [class_name])
tmp_class = getattr(module, class_name)
except ThreadKilled:
raise
except:
self.ruleset.parse_error(self.trace_id[0], 'execute element was unable to load specified the class: {0}'.format(self.class_spec))
get_logger().exception('execute element exception')
# Get parameters to pass to init
try:
self.parms.resolve_and_validate(self.ruleset, None, rule_part=GRUL_PART_EXTERNAL)
except XMLParsingError as e:
self.ruleset.parse_error(self.trace_id[0], 'execute element parm error: {0}'.format(e.msg))
get_logger().exception('execute element parm error exception')
init_dict = self.parms.get_dict()
init_dict['execute_name'] = self.name.in_str
try:
self.call_class = tmp_class(init_dict)
except ThreadKilled:
raise
except:
self.logger().exception('execute element with name {0} failed during initialization'.format(self.name.in_str))
raise
if isinstance(self.call_class, ExtExecute) == False:
self.ruleset.parse_error(self.trace_id[0], 'execute ext_class must be a subclass of ExtExecute')
return
class GearActionableExecute(GearActionable):
'''Execute the execute function on the specified class '''
def __init__(self, xml_element, trace_dict, ruleset):
'''
Constructor
'''
self.name = None
self.parms = RuleParms()
GearActionable.__init__(self, GACT_TYPE_EXECUTE, xml_element, trace_dict, ruleset)
# Construct the external class
class_spec = self.ext_class.in_str
if class_spec is None or class_spec == '':
self.ruleset.parse_error(self.trace_id[0], 'execute element requires the \'ext_class\' attribute')
try:
module_name, class_name = class_spec.rsplit('.', 1)
module = __import__(module_name, globals(), locals(), [class_name])
tmp_class = getattr(module, class_name)
except ThreadKilled:
raise
except:
self.ruleset.parse_error(self.trace_id[0], 'execute element was unable to load specified the class: {0}'.format(self.class_spec))
get_logger().exception('execute element exception')
# Get parameters to pass to init
try:
self.parms.resolve_and_validate(self.ruleset, None, rule_part=GRUL_PART_EXTERNAL)
except XMLParsingError as e:
self.ruleset.parse_error(self.trace_id[0], 'execute element parm error: {0}'.format(e.msg))
get_logger().exception('execute element parm error exception')
init_dict = self.parms.get_dict()
init_dict['execute_name'] = self.name.in_str
try:
self.call_class = tmp_class(init_dict)
except ThreadKilled:
raise
except:
self.logger().exception('execute element with name {0} failed during initialization'.format(self.name.in_str))
raise
if isinstance(self.call_class, ExtExecute) == False:
self.ruleset.parse_error(self.trace_id[0], 'execute ext_class must be a subclass of ExtExecute')
return
def _str_subelement_additions(self):
''' Add instance subelements to output '''
if self.parms is not None:
return str(self.parms)
return ''
def _read_from_xml_other_subelements(self,xml_element, trace_dict):
''' Read in the instances attribute '''
try:
self.parms.read_from_xml(xml_element)
except XMLParsingError as e:
self.ruleset.parse_error(self.trace_id[0], 'execute element parameter error: {0}'.format(e.msg))
return True
# resolve_and_validate is not needed ... done in init
def execute_accumulate_suppression_stage(self, truth_point, pool, rule):
''' Execute the suppression stage actions '''
try:
self.call_class.execute_accumulate_suppression_stage(truth_point, pool, rule)
except ThreadKilled:
raise
except ExtFatalError:
get_logger().exception('FATAL ERROR raised --> kill analyzer')
raise
except:
self.ruleset.trace_error(self.trace_id[1], 'execute {0} call failed with exception'.format(self.name))
get_logger().exception('')
return
def execute_finalize_suppression_stage(self, pool, rule):
''' Execute the suppression stage actions '''
try:
self.call_class.execute_finalize_suppression_stage(pool, rule)
except ThreadKilled:
raise
except ExtFatalError:
get_logger().exception('FATAL ERROR raised --> kill analyzer')
raise
except:
self.ruleset.trace_error(self.trace_id[1], 'execute {0} call failed with exception'.format(self.name))
get_logger().exception('')
return
def execute_accumulate_alert_stage(self, truth_point, pool, rule):
''' Execute the accumulate alert stage actions '''
try:
self.call_class.execute_accumulate_alert_stage(truth_point, pool, rule)
except ThreadKilled:
raise
except ExtFatalError:
get_logger().exception('FATAL ERROR raised --> kill analyzer')
raise
except:
self.ruleset.trace_error(self.trace_id[1], 'execute {0} call failed with exception'.format(self.name))
get_logger().exception('')
return
def execute_create_alert_stage(self, pool, rule):
''' Execute the create alert stage actions '''
new_alerts = []
try:
# Extending because paranoid that won't get list back
new_alerts.extend(self.call_class.execute_create_alert_stage(pool, rule))
except ThreadKilled:
raise
except ExtFatalError:
get_logger().exception('FATAL ERROR raised --> kill analyzer')
raise
except:
self.ruleset.trace_error(self.trace_id[1], 'execute {0} call failed with exception'.format(self.name))
get_logger().exception('')
return new_alerts
def reset(self):
'''Reset the condition'''
try:
self.call_class.reset()
except ThreadKilled:
raise
except:
self.ruleset.trace_error(self.trace_id[1], 'execute {0} call failed with exception'.format(self.name))
get_logger().exception('')
return
