def get_manager_info(available_versions):
"""
Return hash from manager version in available_versions list
"""
for version in available_versions:
if WazuhVersion(version[0]) == WazuhVersion(get_manager_version()):
return version[0], version[1]
raise Exception # raise an exception if there is not hash for manager version
def test_get_outdated_agents(test_data):
"""
Test get_outdated_agents function
"""
with patch('sqlite3.connect') as mock_db:
mock_db.return_value = test_data.global_db
result = Agent.get_outdated_agents()
assert isinstance(result, dict)
assert result['totalItems'] == len(result['items'])
for item in result['items']:
assert set(item.keys()) == {'version', 'id', 'name'}
assert WazuhVersion(item['version']) < WazuhVersion(get_manager_version())
def last_scan(agent_id):
"""
Gets the last scan of the agent.
:param agent_id: Agent ID.
:return: Dictionary: end, start.
"""
my_agent = Agent(agent_id)
# if agent status is never connected, a KeyError happens
try:
agent_version = my_agent.get_basic_information(
select={'fields': ['version']})['version']
except KeyError:
# if the agent is never connected, it won't have either version (key error) or last scan information.
return {'start': 'ND', 'end': 'ND'}
if WazuhVersion(agent_version) < WazuhVersion('Wazuh v3.7.0'):
db_agent = glob('{0}/{1}-*.db'.format(common.database_path_agents,
agent_id))
if not db_agent:
raise WazuhException(1600)
else:
db_agent = db_agent[0]
conn = Connection(db_agent)
# end time
query = "SELECT date_last, log FROM pm_event WHERE log LIKE '% syscheck scan.'"
conn.execute(query)
return {
'end' if log.startswith('End') else 'start': date_last
for date_last, log in conn
}
else:
fim_scan_info = my_agent._load_info_from_agent_db(
table='scan_info',
select={'end_scan', 'start_scan'},
filters={'module': 'fim'})[0]
end = 'ND' if not fim_scan_info[
'end_scan'] else datetime.utcfromtimestamp(
float(fim_scan_info['end_scan'])).strftime('%Y-%m-%d %H:%M:%S')
start = 'ND' if not fim_scan_info[
'start_scan'] else datetime.utcfromtimestamp(
float(
fim_scan_info['start_scan'])).strftime('%Y-%m-%d %H:%M:%S')
# if start is 'ND', end will be as well.
return {'start': start, 'end': 'ND' if start == 'ND' else end}
def test_get_available_versions(requests_mock, test_data, agent_id):
"""
Test _get_versions method
"""
# regex for checking SHA-1 hash
regex_sha1 = re.compile(r'^[0-9a-f]{40}$')
with patch('sqlite3.connect') as mock_db:
mock_db.return_value = test_data.global_db
manager_version = get_manager_version()
agent = Agent(agent_id)
agent._load_info_from_DB()
# mock request with available versions from server
requests_mock.return_value.get.return_value = wpk_versions
available_versions = agent._get_versions()
for version in available_versions:
assert WazuhVersion(version[0]) <= WazuhVersion(manager_version)
assert re.search(regex_sha1, version[1])
def hello(self, data):
try:
# Check client version
client_version = WazuhVersion(data.split(' ')[2])
server_version = WazuhVersion(__version__)
if server_version.to_array()[0] != client_version.to_array()[0] or server_version.to_array()[1] != client_version.to_array()[1]:
raise Exception("Incompatible client version ({})".format(client_version))
client_id = self.server.add_client(data, self.addr, self)
self.name = client_id # TO DO: change self.name to self.client_id
logger.info("[Master] [{0}]: Connected.".format(client_id))
except Exception as e:
logger.error("[Transport-ServerHandler] Error accepting connection from {}: {}".format(self.addr, e))
self.handle_close()
return None
def last_scan(agent_id):
"""
Gets the last scan of the agent.
:param agent_id: Agent ID.
:return: Dictionary: end, start.
"""
my_agent = Agent(agent_id)
# if agent status is never connected, a KeyError happens
try:
agent_version = my_agent.get_basic_information(
select={'fields': ['version']})['version']
except KeyError:
# if the agent is never connected, it won't have either version (key error) or last scan information.
return {'start': 'ND', 'end': 'ND'}
if WazuhVersion(agent_version) < WazuhVersion('Wazuh v3.7.0'):
db_agent = glob('{0}/{1}-*.db'.format(common.database_path_agents,
agent_id))
if not db_agent:
raise WazuhException(1600)
else:
db_agent = db_agent[0]
conn = Connection(db_agent)
data = {}
# end time
query = "SELECT max(date_last) FROM pm_event WHERE log = 'Ending rootcheck scan.'"
conn.execute(query)
for tuple in conn:
data['end'] = tuple['max(date_last)'] if tuple[
'max(date_last)'] is not None else "ND"
# start time
query = "SELECT max(date_last) FROM pm_event WHERE log = 'Starting rootcheck scan.'"
conn.execute(query)
for tuple in conn:
data['start'] = tuple['max(date_last)'] if tuple[
'max(date_last)'] is not None else "ND"
return data
else:
fim_scan_info = WazuhDBQuerySyscheck(
agent_id=agent_id,
query='module=fim',
offset=0,
sort=None,
search=None,
limit=common.database_limit,
select={
'fields': ['end', 'start']
},
fields={
'end': 'end_scan',
'start': 'start_scan',
'module': 'module'
},
table='scan_info',
default_sort_field='start_scan').run()['items'][0]
return fim_scan_info