Beispiel #1
0
 def handle(self, paths, profile, format, progress=False, *args, **options):
     assert profile_loader.get_profile(
         profile), "Invalid profile: %s" % profile
     t0 = time.time()
     ruleset = RuleSet()
     ruleset.load()
     self.print("Ruleset load in %.2fms" % ((time.time() - t0) * 1000))
     reader = getattr(self, "read_%s" % format, None)
     assert reader, "Invalid format %s" % format
     self.managed_object = ManagedObject(id=1,
                                         name="test",
                                         address="127.0.0.1",
                                         profile_name=profile)
     t0 = time.time()
     stats = defaultdict(int)
     total = 0
     for p in paths:
         if not os.path.isfile(p):
             continue
         for f in iter_open(p):
             for event in reader(f):
                 e_vars = event.raw_vars.copy()
                 if event.source == "SNMP Trap":
                     e_vars.update(MIB.resolve_vars(event.raw_vars))
                 rule, r_vars = ruleset.find_rule(event, e_vars)
                 stats[rule.event_class.name] += 1
                 total += 1
                 if progress and total % 1000 == 0:
                     self.print("%d records processed" % total)
     dt = time.time() - t0
     self.print("%d events processed in %.2fms (%.fevents/sec)" %
                (total, dt * 1000, float(total) / dt))
     if stats:
         # Prepare statistics
         s_data = sorted([(k, stats[k]) for k in stats],
                         key=operator.itemgetter(1),
                         reverse=True)
         s_total = sum(stats[k] for k in stats if not self.is_ignored(k))
         data = [["Events", "%", "Event class"]]
         for ecls, qty in s_data:
             data += [[
                 str(qty),
                 "%3.2f%%" % (float(stats[ecls] * 100) / float(total)), ecls
             ]]
         # Calculate classification quality
         data += [[
             "",
             "%3.2f%%" % (float(s_total * 100) / total),
             "Classification Quality"
         ]]
         # Ruleset hit rate
         rs_rate = float(metrics["rules_checked"].value) / float(total)
         data += [["", "%.2f" % rs_rate, "Rule checks per event"]]
         # Dump table
         self.print("Event classes summary:")
         self.print(format_table([4, 6, 10], data))
Beispiel #2
0
    def handle(self, services=None, *args, **options):
        service = get_service()

        out = [["Service", "ID", "Address"]]
        for sn in services:
            service.dcs.resolve_sync(sn)
            if sn in service.dcs.resolvers:
                for svc_id, address in service.dcs.resolvers[
                        sn].services.items():
                    out += [[sn, svc_id, address]]
        self.stdout.write(format_table([0, 0, 0, 0, 0], out) + "\n")
Beispiel #3
0
Datei: nri.py Projekt: 0pt1on/noc
 def handle_portmap(self, portmap_objects=[]):
     for po in portmap_objects:
         for o in ManagedObjectSelector.get_objects_from_expression(po):
             if not o.remote_system:
                 self.stdout.write("%s (%s, %s) NRI: N/A\n" %
                                   (o.name, o.address, o.platform))
                 continue
             portmapper = loader.get_loader(o.remote_system.name)(o)
             nri = o.remote_system.name
             self.stdout.write("%s (%s, %s) NRI: %s\n" %
                               (o.name, o.address, o.platform, nri))
             r = []
             for i in Interface._get_collection().find(
                 {
                     "managed_object": o.id,
                     "type": "physical"
                 },
                 {
                     "_id": 1,
                     "name": 1,
                     "nri_name": 1
                 },
             ):
                 rn = portmapper.to_remote(i["name"]) or self.PORT_ERROR
                 if rn == self.PORT_ERROR:
                     ln = self.PORT_ERROR
                 else:
                     ln = portmapper.to_local(rn) or self.PORT_ERROR
                 if i.get("nri_name") == rn and ln != self.PORT_ERROR:
                     status = "OK"
                 elif not i.get("nri_name") and ln != self.PORT_ERROR:
                     status = "Not in database"
                 elif rn == self.PORT_ERROR:
                     status = "Failed to convert to remote name"
                 else:
                     self.print(ln, rn, i.get("nri_name"))
                     status = "Failed to convert to local name"
                 r += [(i["name"], rn, i.get("nri_name", "--"), status)]
             r = [("Local", "Remote", "Interface NRI", "Status")] + sorted(
                 r, key=lambda x: split_alnum(x[0]))
             self.stdout.write(
                 "%s\n" %
                 format_table([0, 0, 0, 0], r, sep=" | ", hsep="-+-"))