def managers_ossec_log(type_log='all',
category='all',
months=3,
offset=0,
limit=common.database_limit,
sort=None,
search=None,
node_id=None,
cluster_depth=1):
if is_a_local_request() or cluster_depth <= 0:
return ossec_log(type_log, category, months, offset, limit, sort,
search)
else:
if not is_cluster_running():
raise WazuhException(3015)
request_type = list_requests_managers['MANAGERS_LOGS']
args = [
str(type_log),
str(category),
str(months),
str(offset),
str(limit),
str(sort),
str(search)
]
return distributed_api_request(request_type=request_type,
args=args,
cluster_depth=cluster_depth,
affected_nodes=node_id)
def get_cis(agent_id=None,
offset=0,
limit=common.database_limit,
sort=None,
search=None):
"""
Get all the CIS requirements used in the rootchecks of the agent.
:param agent_id: Agent ID.
:param offset: First item to return.
:param limit: Maximum number of items to return.
:param sort: Sorts the items. Format: {"fields":["field1","field2"],"order":"asc|desc"}.
:param search: Looks for items with the specified string.
:return: Dictionary: {'items': array of items, 'totalItems': Number of items (without applying the limit)}
"""
if is_a_local_request() or agent_id == "000":
return get_cis_local(agent_id, offset, limit, sort, search)
else:
if not is_cluster_running():
raise WazuhException(3015)
request_type = list_requests_rootcheck['ROOTCHECK_CIS']
args = [str(offset), str(limit), str(sort), str(search)]
return distributed_api_request(request_type,
Agent.get_agents_by_node(agent_id),
args)
def managers_status(node_id=None, cluster_depth=1):
if is_a_local_request() or cluster_depth <= 0:
return status()
else:
if not is_cluster_running():
raise WazuhException(3015)
request_type = list_requests_managers['MANAGERS_STATUS']
return distributed_api_request(request_type=request_type,
cluster_depth=cluster_depth,
affected_nodes=node_id)
def managers_get_ossec_init(self, node_id=None, cluster_depth=1):
if is_a_local_request() or cluster_depth <= 0:
return self.get_ossec_init()
else:
if not is_cluster_running():
raise WazuhException(3015)
request_type = list_requests_managers['MANAGERS_INFO']
return distributed_api_request(request_type=request_type,
cluster_depth=cluster_depth,
affected_nodes=node_id)
def managers_ossec_log_summary(months=3, node_id=None, cluster_depth=1):
if is_a_local_request() or cluster_depth <= 0:
return ossec_log_summary(months)
else:
if not is_cluster_running():
raise WazuhException(3015)
request_type = list_requests_managers['MANAGERS_LOGS_SUMMARY']
args = [str(months)]
return distributed_api_request(request_type=request_type,
args=args,
cluster_depth=cluster_depth,
affected_nodes=node_id)
def managers_get_ossec_conf(section=None,
field=None,
node_id=None,
cluster_depth=1):
if is_a_local_request() or cluster_depth <= 0:
return get_ossec_conf(section, field)
else:
if not is_cluster_running():
raise WazuhException(3015)
request_type = list_requests_managers['MANAGERS_OSSEC_CONF']
args = [str(section), str(field)]
return distributed_api_request(request_type=request_type,
args=args,
cluster_depth=cluster_depth,
affected_nodes=node_id)
def weekly(cluster_depth=1, node_id=None):
"""
Returns the hourly averages.
:return: Dictionary: averages and interactions.
"""
if is_a_local_request() or cluster_depth <= 0:
return weekly_local()
else:
if not is_cluster_running():
raise WazuhException(3015)
request_type = list_requests_managers['MANAGERS_STATS_WEEKLY']
return distributed_api_request(request_type=request_type,
cluster_depth=cluster_depth,
affected_nodes=node_id)
def last_scan(agent_id):
"""
Gets the last scan of the agent.
:param agent_id: Agent ID.
:return: Dictionary: end, start.
"""
if is_a_local_request() or agent_id == "000":
return last_scan_local(agent_id)
else:
if not is_cluster_running():
raise WazuhException(3015)
request_type = list_requests_rootcheck['ROOTCHECK_LAST_SCAN']
args = []
return distributed_api_request(request_type,
Agent.get_agents_by_node(agent_id),
args)
def run(agent_id=None, all_agents=False, cluster_depth=1):
"""
Runs rootcheck and syscheck.
:param agent_id: Run rootcheck/syscheck in the agent.
:param all_agents: Run rootcheck/syscheck in all agents.
:return: Message.
"""
if is_a_local_request() or agent_id == "000" or cluster_depth <= 0:
return run_local(agent_id, all_agents)
else:
if not is_cluster_running():
raise WazuhException(3015)
request_type = list_requests_rootcheck['ROOTCHECK_RUN']
args = [str(all_agents)]
return distributed_api_request(request_type,
Agent.get_agents_by_node(agent_id),
args, cluster_depth)
def clear(agent_id=None, all_agents=False, cluster_depth=1):
"""
Clears the database.
:param agent_id: For an agent.
:param all_agents: For all agents.
:return: Message.
"""
if is_a_local_request() or agent_id == "000" or cluster_depth <= 0:
return clear_local(agent_id, all_agents)
else:
if not is_cluster_running():
raise WazuhException(3015)
request_type = list_requests_rootcheck['ROOTCHECK_CLEAR']
args = [str(all_agents)]
return distributed_api_request(request_type,
Agent.get_agents_by_node(agent_id),
args, cluster_depth)
def totals(year, month, day, cluster_depth=1, node_id=None):
"""
Returns the totals file.
:param year: Year in YYYY format, e.g. 2016
:param month: Month in number or 3 first letters, e.g. Feb or 2
:param day: Day, e.g. 9
:return: Array of dictionaries. Each dictionary represents an hour.
"""
if is_a_local_request() or cluster_depth <= 0:
return totals_local(year, month, day)
else:
if not is_cluster_running():
raise WazuhException(3015)
request_type = list_requests_managers['MANAGERS_STATS_TOTALS']
args = [str(year), str(month), str(day)]
return distributed_api_request(request_type=request_type,
args=args,
cluster_depth=cluster_depth,
affected_nodes=node_id)
