def get_system_backup_list(system_id):
"""
Get the list of configuration backups in the system
"""
backup_type = request.args.get('type', '')
no_cache = request.args.get('no_cache', 'false')
no_cache = is_json_true(no_cache)
success, backup_list = get_backup_list(system_id=system_id,
backup_type=backup_type,
no_cache=no_cache)
if not success:
return make_error("Error getting backup list. Please check the system is reachable", 500)
return make_ok(backups=backup_list)
def get_system_backup_list(system_id):
"""
Get the list of configuration backups in the system
"""
backup_type = request.args.get('type', '')
no_cache = request.args.get('no_cache', 'false')
no_cache = is_json_true(no_cache)
success, backup_list = get_backup_list(system_id=system_id,
backup_type=backup_type,
no_cache=no_cache)
if not success:
return make_error(
"Error getting backup list. Please check the system is reachable",
500)
return make_ok(backups=backup_list)
def rotate_backups(system_id, backup_type="configuration", nbackups=10):
"""
Rotate the backups
"""
(success, result) = ret = get_backup_list(system_id=system_id,
backup_type=backup_type,
no_cache=True)
if not success:
return ret
(success, system_ip) = ret = get_system_ip_from_system_id(system_id)
if not success:
return ret
result = [
x for x in result if x['date'] is not None and x['method'] == 'auto'
]
if len(result) < nbackups:
return True, 'No backups to remove'
# Sort the list
# Discard entries without date?
# Clean the x['date'] == None
origbackup = sorted(result, key=lambda x: x['date'])
ref = origbackup[0]['date']
for backup in origbackup:
backup['index'] = backup['date'] - ref
backups = origbackup[:nbackups]
for now_bk in origbackup[nbackups:]:
backups = optimize(backups + [now_bk])
# Files we want to retain are in backups.
keep_files = [x['file'] for x in backups]
files_to_remove = []
backup_path = "/var/alienvault/backup/"
for entry in origbackup:
filepath = entry['file']
if filepath not in keep_files:
files_to_remove.append(os.path.join(backup_path, filepath))
if len(files_to_remove) == 0:
return True, 'No backups to remove'
(success, result) = ret = remove_file([system_ip],
" ".join(files_to_remove))
if not success:
return ret
return True, "Removed %d backups" % len(files_to_remove)
def rotate_backups(system_id, backup_type="configuration", nbackups=10):
"""
Rotate the backups
"""
(success, result) = ret = get_backup_list(system_id=system_id,
backup_type=backup_type,
no_cache=True)
if not success:
return ret
(success, system_ip) = ret = get_system_ip_from_system_id(system_id)
if not success:
return ret
result = [x for x in result if x['date'] is not None and x['method'] == 'auto']
if len(result) < nbackups:
return True, 'No backups to remove'
# Sort the list
# Discard entries without date?
# Clean the x['date'] == None
origbackup = sorted(result, key=lambda x: x['date'])
ref = origbackup[0]['date']
for backup in origbackup:
backup['index'] = backup['date'] - ref
backups = origbackup[:nbackups]
for now_bk in origbackup[nbackups:]:
backups = optimize(backups + [now_bk])
# Files we want to retain are in backups.
keep_files = [x['file'] for x in backups]
files_to_remove = []
backup_path = "/var/alienvault/backup/"
for entry in origbackup:
filepath = entry['file']
if filepath not in keep_files:
files_to_remove.append(os.path.join(backup_path, filepath))
if len(files_to_remove) == 0:
return True, 'No backups to remove'
(success, result) = ret = remove_file([system_ip],
" ".join(files_to_remove))
if not success:
return ret
return True, "Removed %d backups" % len(files_to_remove)
def start(self):
try:
self.remove_monitor_data()
rc, system_list = get_systems(directly_connected=False)
if not rc:
logger.error("Can't retrieve systems..%s" % str(system_list))
return False
for (system_id, system_ip) in system_list:
success, sensor_id = get_sensor_id_from_system_id(system_id)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"get_sensor_id_from_system_id failed for system %s (%s)"
% (system_ip, system_id))
sensor_id = None
ha_name = None
success, result = system_all_info(system_id, no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"system_all_info failed for system %s (%s)" %
(system_ip, system_id))
continue
if 'ha_status' in result:
ha_name = 'active' if result[
'ha_status'] == 'up' else 'passive'
success, result = network_status(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"network_status failed for system %s (%s)" %
(system_ip, system_id))
continue
success, result = alienvault_status(system_id, no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"alienvault_status failed for system %s (%s)" %
(system_ip, system_id))
continue
success, result = status_tunnel(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoreInfo] "
"status_tunnel failed for system %s (%s)" %
(system_ip, system_id))
continue
success, result = get_system_config_general(system_id,
no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"get_system_config_general failed for system %s (%s)" %
(system_ip, system_id))
continue
hostname = result.get('general_hostname', None)
if hostname is not None:
success, hostname_old = db_get_hostname(system_id)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"db_get_hostname failed for system %s (%s)" %
(system_ip, system_id))
continue
if hostname == hostname_old:
hostname = None
# Getting config params from the system,
# we do use this result var so do not change the order of the calls!
success, config_alienvault = get_system_config_alienvault(
system_id, no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"get_system_config_alienvault failed for system %s (%s)"
% (system_ip, system_id))
continue
ha_ip = None
ha_role = None
if 'ha_ha_virtual_ip' in config_alienvault:
ha_ip = config_alienvault['ha_ha_virtual_ip']
if not is_valid_ipv4(ha_ip):
ha_ip = None
if 'ha_ha_role' in config_alienvault:
ha_role = config_alienvault['ha_ha_role']
if ha_role not in ['master', 'slave']:
ha_role = None
# Update interfaces cache
success, result = get_interfaces(system_id, no_cache=True)
if not success:
continue
# Update system setup data cache
success, result = system_get(system_id, no_cache=True)
if not success:
continue
vpn_ip = None
if "ansible_tun0" in result:
try:
vpn_ip = result['ansible_tun0']['ipv4']['address']
except Exception:
vpn_ip = None
# Sensor exclusive
if sensor_id is not None and sensor_id != '':
self.__update_sensor_properties(
sensor_id=sensor_id,
config_alienvault=config_alienvault)
# Refresh sensor plugins cache
try:
get_sensor_plugins(sensor_id, no_cache=True)
except APIException:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"error getting plugins from sensor '{0}' {1}".
format(sensor_id, system_ip))
if vpn_ip is not None:
success, message = set_system_vpn_ip(system_id, vpn_ip)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_vpn_ip failed: %s"
% message)
if ha_role is not None:
success, message = set_system_ha_role(system_id, ha_role)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s"
% message)
else:
success, message = set_system_ha_role(system_id, 'NULL')
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s"
% message)
if ha_ip is not None:
success, message = set_system_ha_ip(system_id, ha_ip)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_ip: %s"
% message)
success, message = fix_system_references()
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] fix_system_references: %s"
% message)
if ha_name is not None:
success, message = set_system_ha_name(
system_id, ha_name)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_name failed: %s"
% message)
else:
success, message = set_system_ha_ip(system_id, '')
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_ip failed: %s"
% message)
if hostname is not None:
success, message = db_system_update_hostname(
system_id, hostname)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] db_system_update_hostname failed: %s"
% message)
# Backups
success, message = get_backup_list(system_id=system_id,
backup_type="configuration",
no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] get_backup_list failed: %s"
% message)
except Exception as err:
api_log.error(
"Something wrong happened while running the MonitorRetrievesRemoteInfo monitor %s"
% str(err))
return False
return True
def make_system_backup(system_id,
backup_type,
rotate=True,
retry=True,
method="auto",
backup_pass=""):
"""
Run backup_type for system_id
:param system_id
:param backup_type
"""
success, system_ip = get_system_ip_from_system_id(system_id)
if not success:
return False, system_ip # here system_ip contains an error msg
additional_info = json.dumps({
'system_id': system_id,
'system_ip': system_ip
})
if not backup_pass or backup_pass == 'NULL':
msg = 'Password for configuration backups was not set. Backups will be disabled...'
notifier.warning(msg)
insert_current_status_message("00000000-0000-0000-0000-000000010039",
system_id,
"system",
additional_info=additional_info)
return False, msg
try:
notifier.info("Running Backup [%s - %s]" % (system_ip, backup_type))
if retry:
# This kind of backup is always auto.
make_system_backup_by_system_ip_with_retry(system_ip,
backup_type,
backup_pass=backup_pass)
else:
make_system_backup_by_system_ip(system_ip,
backup_type,
method=method,
backup_pass=backup_pass)
except Exception as e:
notifier.error("Backup fails [%s - %s]: %s" %
(system_ip, backup_type, str(e)))
# To do: Launch a Notification message
success, result = insert_current_status_message(
"00000000-0000-0000-0000-000000010018",
system_id,
"system",
additional_info=additional_info)
if not success:
return False, str(result) + " " + str(e)
else:
return False, str(e)
notifier.info("Backup successfully made [%s - %s]" %
(system_ip, backup_type))
# To do: Launch a Notification message
# Rotate
if rotate:
success, result = rotate_backups(system_id, backup_type, 10)
if not success:
notifier.warning("Error Rotating %s backups in %s" %
(backup_type, system_id))
else:
notifier.info("Backups rotated successfully")
# Refresh cache
try:
get_backup_list(system_id=system_id,
backup_type=backup_type,
no_cache=True)
except Exception as e:
error_msg = "Error when trying to flush the cache after deleting backups: %s" % str(
e)
notifier.warning(error_msg)
return True, None
def make_system_backup(system_id,
backup_type,
rotate=True,
retry=True,
method="auto"):
"""
Run backup_type for system_id
:param system_id
:param backup_type
"""
success, system_ip = get_system_ip_from_system_id(system_id)
if not success:
return False
try:
notifier.info("Running Backup [%s - %s]" % (system_ip, backup_type))
if retry:
make_system_backup_by_system_ip_with_retry(
system_ip, backup_type) # This kind of backup is always auto.
else:
make_system_backup_by_system_ip(system_ip,
backup_type,
method=method)
except Exception as e:
notifier.warning("Backup fails " + "[%s - %s]: %s" %
(system_ip, backup_type, str(e)))
# To do: Launch a Notification message
additional_info = {'system_id': system_id, 'system_ip': system_ip}
additional_info = json.dumps(additional_info)
success, result = insert_current_status_message(
"00000000-0000-0000-0000-000000010018", system_id, "system",
additional_info)
if not success:
return False, str(result) + " " + str(e)
else:
return False, str(e)
notifier.info("Backup successfully made " + "[%s - %s]" %
(system_ip, backup_type))
# To do: Launch a Notification message
# Rotate
if rotate:
success, result = rotate_backups(system_id, backup_type, 10)
if not success:
notifier.warning("Error Rotating %s " % backup_type +
"backups in %s" % (system_id))
else:
notifier.info("Backups rotated successfully")
# Refresh cache
try:
get_backup_list(system_id=system_id,
backup_type=backup_type,
no_cache=True)
except Exception as e:
error_msg = "Error when trying to flush the cache " \
"after deleting backups: %s" % str(e)
notifier.warning(error_msg)
return True, None
def make_system_backup(system_id, backup_type, rotate=True, retry=True, method="auto", backup_pass=""):
"""
Run backup_type for system_id
:param system_id
:param backup_type
"""
success, system_ip = get_system_ip_from_system_id(system_id)
if not success:
return False, system_ip # here system_ip contains an error msg
additional_info = json.dumps({'system_id': system_id,
'system_ip': system_ip})
if not backup_pass or backup_pass == 'NULL':
msg = 'Password for configuration backups was not set. Backups will be disabled...'
notifier.warning(msg)
insert_current_status_message("00000000-0000-0000-0000-000000010039",
system_id,
"system",
additional_info=additional_info)
return False, msg
try:
notifier.info("Running Backup [%s - %s]" % (system_ip, backup_type))
if retry:
# This kind of backup is always auto.
make_system_backup_by_system_ip_with_retry(system_ip, backup_type, backup_pass=backup_pass)
else:
make_system_backup_by_system_ip(system_ip, backup_type, method=method, backup_pass=backup_pass)
except Exception as e:
notifier.error("Backup fails [%s - %s]: %s" % (system_ip, backup_type, str(e)))
# To do: Launch a Notification message
success, result = insert_current_status_message("00000000-0000-0000-0000-000000010018",
system_id,
"system",
additional_info=additional_info)
if not success:
return False, str(result) + " " + str(e)
else:
return False, str(e)
notifier.info("Backup successfully made [%s - %s]" % (system_ip, backup_type))
# To do: Launch a Notification message
# Rotate
if rotate:
success, result = rotate_backups(system_id, backup_type, 10)
if not success:
notifier.warning("Error Rotating %s backups in %s" % (backup_type, system_id))
else:
notifier.info("Backups rotated successfully")
# Refresh cache
try:
get_backup_list(system_id=system_id,
backup_type=backup_type,
no_cache=True)
except Exception as e:
error_msg = "Error when trying to flush the cache after deleting backups: %s" % str(e)
notifier.warning(error_msg)
return True, None
def start(self):
try:
self.remove_monitor_data()
rc, system_list = get_systems(directly_connected=False)
if not rc:
logger.error("Can't retrieve systems..%s" % str(system_list))
return False
for (system_id, system_ip) in system_list:
success, sensor_id = get_sensor_id_from_system_id(system_id)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"get_sensor_id_from_system_id failed for system %s (%s)" % (system_ip, system_id))
sensor_id = None
ha_name = None
success, result = system_all_info(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"system_all_info failed for system %s (%s)" % (system_ip, system_id))
continue
if 'ha_status' in result:
ha_name = 'active' if result['ha_status'] == 'up' else 'passive'
success, result = network_status(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"network_status failed for system %s (%s)" % (system_ip, system_id))
continue
success, result = alienvault_status(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"alienvault_status failed for system %s (%s)" % (system_ip, system_id))
continue
success, result = status_tunnel(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoreInfo] "
"status_tunnel failed for system %s (%s)" % (system_ip, system_id))
continue
success, result = get_system_config_general(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"get_system_config_general failed for system %s (%s)" % (system_ip, system_id))
continue
hostname = result.get('general_hostname', None)
if hostname is not None:
success, hostname_old = db_get_hostname(system_id)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"db_get_hostname failed for system %s (%s)" % (system_ip, system_id))
continue
if hostname == hostname_old:
hostname = None
# Getting config params from the system,
# we do use this result var so do not change the order of the calls!
success, config_alienvault = get_system_config_alienvault(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"get_system_config_alienvault failed for system %s (%s)" % (system_ip, system_id))
continue
ha_ip = None
ha_role = None
if 'ha_ha_virtual_ip' in config_alienvault:
ha_ip = config_alienvault['ha_ha_virtual_ip']
if not is_valid_ipv4(ha_ip):
ha_ip = None
if 'ha_ha_role' in config_alienvault:
ha_role = config_alienvault['ha_ha_role']
if ha_role not in ['master', 'slave']:
ha_role = None
# Update interfaces cache
success, result = get_interfaces(system_id, no_cache=True)
if not success:
continue
# Update system setup data cache
success, result = system_get(system_id, no_cache=True)
if not success:
continue
vpn_ip = None
if "ansible_tun0" in result:
try:
vpn_ip = result['ansible_tun0']['ipv4']['address']
except Exception:
vpn_ip = None
# Sensor exclusive
if sensor_id is not None and sensor_id != '':
self.__update_sensor_properties(sensor_id=sensor_id,
config_alienvault=config_alienvault)
# Refresh sensor plugins cache
try:
get_sensor_plugins(sensor_id, no_cache=True)
except APIException:
logger.warning("[MonitorRetrievesRemoteInfo] "
"error getting plugins from sensor '{0}' {1}".format(sensor_id, system_ip))
if vpn_ip is not None:
success, message = set_system_vpn_ip(system_id, vpn_ip)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_vpn_ip failed: %s" % message)
if ha_role is not None:
success, message = set_system_ha_role(system_id, ha_role)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message)
else:
success, message = set_system_ha_role(system_id, 'NULL')
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message)
if ha_ip is not None:
success, message = set_system_ha_ip(system_id, ha_ip)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_ip: %s" % message)
success, message = fix_system_references()
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] fix_system_references: %s" % message)
if ha_name is not None:
success, message = set_system_ha_name(system_id, ha_name)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_name failed: %s" % message)
else:
success, message = set_system_ha_ip(system_id, '')
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_ip failed: %s" % message)
if hostname is not None:
success, message = db_system_update_hostname(system_id, hostname)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] db_system_update_hostname failed: %s" % message)
# Backups
success, message = get_backup_list(system_id=system_id,
backup_type="configuration",
no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] get_backup_list failed: %s" % message)
except Exception as err:
api_log.error("Something wrong happened while running the MonitorRetrievesRemoteInfo monitor %s" % str(err))
return False
return True
