def ossec_add_new_agent(sensor_id):
"""
Call API method to run ossec_create_new_agent script
"""
agent_name = request.args.get('agent_name', None)
agent_ip = request.args.get('agent_ip', None)
asset_id = request.args.get('asset_id', None)
# Check valid input
valid_str = re.compile('^[-.\w]+$')
if not valid_str.match(agent_name) or not (is_valid_ipv4(agent_ip) or is_valid_ipv4_cidr(agent_ip)):
return make_bad_request("Invalid agent name or address")
# Now call the api method to create the new agent - If everything is right it returns the agent id of the new agent
(success, data) = api_ossec_add_new_agent(sensor_id, agent_name, agent_ip, asset_id)
if not success:
current_app.logger.error("ossec_agent: error creating new agent: " + str(data))
return make_error(data, 500)
# Now we get the agent detail
try:
agent_id = data
(success, data) = apimethod_ossec_get_agent_from_db(sensor_id, agent_id)
except APIException as e:
return make_error_from_exception(e)
if success:
return make_ok(agent_detail=data)
else:
return make_error(data, 500)
def is_system_reachable(system_id):
"""Find out if a system is reachable or not.
The blueprint handle the following url:
GET /av/api/1.0/system/<system_id>/status/ping
Args:
system_id (str): String with system id (uuid) or local
"""
no_cache = is_json_true(request.args.get('no_cache', None))
try:
reachable = ping_system(system_id, no_cache=no_cache)
return make_ok(reachable=reachable)
except APIException as e:
make_error_from_exception(e)
def is_system_reachable(system_id):
"""Find out if a system is reachable or not.
The blueprint handle the following url:
GET /av/api/1.0/system/<system_id>/status/ping
Args:
system_id (str): String with system id (uuid) or local
"""
no_cache = is_json_true(request.args.get('no_cache', None))
try:
reachable = ping_system(system_id, no_cache=no_cache)
return make_ok(reachable=reachable)
except APIException as e:
make_error_from_exception(e)
def remove():
try:
plugin_file = request.args.get('plugin_file')
apimethod_remove_plugin(plugin_file=plugin_file)
except APIException as e:
return make_error_from_exception(e)
return make_ok()
def remove():
try:
plugin_file = request.args.get('plugin_file')
apimethod_remove_plugin(plugin_file=plugin_file)
except APIException as e:
return make_error_from_exception(e)
return make_ok()
def set_auto_updates():
enabled = is_json_true(request.args.get('enabled'))
try:
set_feed_auto_update(enabled=enabled)
except APIException as e:
return make_error_from_exception(e)
return make_ok()
def download():
try:
plugin_file = request.form['plugin_file']
data = apimethod_download_plugin(plugin_file=plugin_file)
# response = make_response(data)
# response.headers["Content-Disposition"] = "attachment; filename={}".format(plugin_file)
except APIException as e:
return make_error_from_exception(e)
return make_ok(contents=data)
def download():
try:
plugin_file = request.form['plugin_file']
data = apimethod_download_plugin(plugin_file=plugin_file)
# response = make_response(data)
# response.headers["Content-Disposition"] = "attachment; filename={}".format(plugin_file)
except APIException as e:
return make_error_from_exception(e)
return make_ok(contents=data)
def get_telemetry_collection_config():
if not first_init_admin_access():
return make_error('Request forbidden -- authorization will not help', 403)
try:
enabled = get_system_config_telemetry_enabled()
except APIException as e:
return make_error_from_exception(e)
return make_ok(enabled=enabled)
def get_ossec_available_agents(sensor_id):
"""
Returns the agent list related to sensor
:param sensor_id: Sensor id
"""
try:
agents = apimethod_hids_get_list(sensor_id)
return make_ok(agents=agents)
except APIException as e:
return make_error_from_exception(e)
def get_telemetry_collection_config():
if not first_init_admin_access():
return make_error('Request forbidden -- authorization will not help',
403)
try:
enabled = get_system_config_telemetry_enabled()
except APIException as e:
return make_error_from_exception(e)
return make_ok(enabled=enabled)
def bp_get_sensor_detector_plugins(sensor_id):
"""
Return the plugins of type 'detector' in a sensor
:param sensor_id: The sensor which we want to get the data
"""
try:
plugins = get_sensor_detector_plugins(sensor_id)
except APIException as e:
return make_error_from_exception(e)
return make_ok(plugins=plugins)
def put_sensor(sensor_id):
password = request.args.get('password', None)
try:
job_id = apimethod_add_sensor(sensor_id=sensor_id,
password=password,
ctx=request.args.get('ctx').lower())
except APIException as e:
return make_error_from_exception(e)
return make_ok(job_id=job_id)
def set_telemetry_collection_config():
if not first_init_admin_access():
return make_error('Request forbidden -- authorization will not help', 403)
enabled = is_json_true(request.args.get('enabled'))
try:
set_system_config_telemetry_enabled(enabled=enabled)
except APIException as e:
return make_error_from_exception(e)
return make_ok()
def set_telemetry_collection_config():
if not first_init_admin_access():
return make_error('Request forbidden -- authorization will not help',
403)
enabled = is_json_true(request.args.get('enabled'))
try:
set_system_config_telemetry_enabled(enabled=enabled)
except APIException as e:
return make_error_from_exception(e)
return make_ok()
def bp_get_sensor_plugins_asset_enabled(sensor_id):
"""
Return the plugins enabled by asset in a sensor filtered by asset_id
:param sensor_id: The sensor which we want to get the data
:param asset_id: Filter by asset (canonical uuid)
"""
asset_id = request.args.get('asset_id', None)
try:
plugins = get_sensor_plugins_enabled_by_asset(sensor_id=sensor_id,
asset_id=asset_id)
except APIException as e:
return make_error_from_exception(e)
return make_ok(plugins=plugins)
def upload():
try:
plugin_file = request.form['plugin_file']
vendor = request.form.get('vendor', '')
model = request.form.get('model', '')
if not model:
return make_bad_request("Model cannot be null")
if not vendor:
return make_bad_request("Vendor cannot be null")
version = request.form.get('version', '-')
overwrite = request.form.get('overwrite', False)
product_type = request.form.get('product_type', '')
data = apimethod_upload_plugin(plugin_file=plugin_file,
model=model,
vendor=vendor,
version=version,
overwrite=overwrite,
product_type=product_type)
except APIException as e:
return make_error_from_exception(e)
return make_ok(**data)
def bp_post_sensor_plugins_asset_enabled(sensor_id):
"""
Set the plugins enabled by asset (config.yml) in the sensor
plugins: JSON string: {<asset_id>: [
<plugin_name>,
...],
...}
"""
# Get the 'plugins' param list, with contains json with the plugins
# It must be a comma separate list
plugins = request.form['plugins']
if plugins is None:
current_app.logger.error("detector: put_sensor_detector error: Missing parameter 'plugins'")
return make_bad_request("Missing parameter plugins")
try:
job_id = set_sensor_plugins_enabled_by_asset(sensor_id, plugins)
except APIException as e:
return make_error_from_exception(e)
return make_ok(jobid=job_id)
def upload():
try:
plugin_file = request.form['plugin_file']
vendor = request.form.get('vendor', '')
model = request.form.get('model', '')
if not model:
return make_bad_request("Model cannot be null")
if not vendor:
return make_bad_request("Vendor cannot be null")
version = request.form.get('version', '-')
overwrite = request.form.get('overwrite', False)
product_type = request.form.get('product_type', '')
data = apimethod_upload_plugin(plugin_file=plugin_file,
model=model,
vendor=vendor,
version=version,
overwrite=overwrite,
product_type=product_type)
except APIException as e:
return make_error_from_exception(e)
return make_ok(**data)
def get_list():
try:
data = apimethod_get_plugin_list()
except APIException as e:
return make_error_from_exception(e)
return make_ok(plugins=data)
def get_list():
try:
data = apimethod_get_plugin_list()
except APIException as e:
return make_error_from_exception(e)
return make_ok(plugins=data)
