def main():
p = get_argument_parser()
p = ArgumentParser(description=textwrap.dedent('''\
Env Variables:
CIF_ROUTER_STREAM_ADDR
CIF_STREAM_ADDR
example usage:
$ cif-streamer -d
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-streamer',
parents=[p])
args = p.parse_args()
setup_logging(args)
logger.info('loglevel is: {}'.format(
logging.getLevelName(logger.getEffectiveLevel())))
setup_runtime_path(args.runtime_path)
# setup_signals(__name__)
s = Streamer()
s.start()
def main():
from gevent import pywsgi, pool
from geventwebsocket.handler import WebSocketHandler
p = get_argument_parser()
p = ArgumentParser(description=textwrap.dedent('''\
example usage:
$ cif-httpd -d
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-httpd',
parents=[p])
p.add_argument('--fdebug', action='store_true')
args = p.parse_args()
setup_logging(args)
logger.info('loglevel is: {}'.format(
logging.getLevelName(logger.getEffectiveLevel())))
setup_runtime_path(args.runtime_path)
if not args.fdebug:
# http://stackoverflow.com/a/789383/7205341
pid = str(os.getpid())
logger.debug("pid: %s" % pid)
if os.path.isfile(PIDFILE):
logger.critical("%s already exists, exiting" % PIDFILE)
raise SystemExit
try:
pidfile = open(PIDFILE, 'w')
pidfile.write(pid)
pidfile.close()
except PermissionError as e:
logger.error('unable to create pid %s' % PIDFILE)
try:
logger.info('pinging router...')
logger.info('starting up...')
#app.run(host=HTTP_LISTEN, port=HTTP_LISTEN_PORT, debug=args.fdebug, threaded=True)
mypool = pool.Pool(500)
server = pywsgi.WSGIServer((HTTP_LISTEN, HTTP_LISTEN_PORT),
app,
spawn=mypool,
handler_class=WebSocketHandler)
server.serve_forever()
except KeyboardInterrupt:
logger.info('shutting down...')
except Exception as e:
logger.critical(e)
traceback.print_exc()
if os.path.isfile(PIDFILE):
os.unlink(PIDFILE)
def main():
p = get_argument_parser()
p = ArgumentParser(
description=textwrap.dedent('''\
example usage:
$ cif-hunter -d
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-hunter',
parents=[p],
)
p.add_argument('--remote', help="cif-router hunter address [default %(default)s]", default=HUNTER_ADDR)
p.add_argument('--router', help='cif-router front end address [default %(default)s]', default=ROUTER_ADDR)
p.add_argument('--token', help='specify cif-hunter token [default %(default)s]', default=TOKEN)
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
logger.info('loglevel is: {}'.format(logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
with Hunter(remote=args.remote, router=args.router, token=args.token) as h:
try:
logger.info('starting up...')
h.start()
except KeyboardInterrupt:
logging.info("shutting down...")
def main():
p = get_argument_parser()
p = ArgumentParser(description=textwrap.dedent('''\
example usage:
$ cif-gatherer
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-gatherer',
parents=[p])
p.add_argument('--remote',
help="cif-router gatherer address [default %(default)s]",
default=GATHER_ADDR)
p.add_argument('--router',
help='cif-router front end address [default %(default)s]',
default=ROUTER_ADDR)
p.add_argument('--token',
help='specify cif-gatherer token [default %(default)s]',
default=TOKEN)
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
logger.info('loglevel is: {}'.format(
logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
with Gatherer(remote=args.remote, router=args.router,
token=args.token) as r:
logger.info('staring gatherer...')
try:
r.start()
except KeyboardInterrupt:
logger.info('shutting down...')
def main():
p = get_argument_parser()
p = ArgumentParser(
description=textwrap.dedent('''\
example usage:
$ cif-gatherer
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-gatherer',
parents=[p]
)
p.add_argument("--remote", dest="remote", help="specify the cif-router publishing channel [default: %(default)s",
default=GATHER_ADDR)
args = p.parse_args()
logger = setup_logging(args)
logger.info('loglevel is: {}'.format(logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
with Gatherer() as r:
logger.info('staring gatherer...')
try:
r.run()
except KeyboardInterrupt:
logger.info('shutting down...')
def main():
p = get_argument_parser()
p = ArgumentParser(description=textwrap.dedent('''\
Env Variables:
CIF_RUNTIME_PATH
CIF_ROUTER_ADDR
CIF_HUNTER_ADDR
CIF_STORAGE_ADDR
example usage:
$ cif-router --listen 0.0.0.0 -d
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-router',
parents=[p])
p.add_argument('--listen',
help='address to listen on [default: %(default)s]',
default=ROUTER_ADDR)
p.add_argument('--hunter',
help='address hunters listen on on [default: %(default)s]',
default=HUNTER_ADDR)
p.add_argument("--storage",
help="specify a storage address [default: %(default)s]",
default=STORAGE_ADDR)
p.add_argument('--p2p',
action='store_true',
help='enable experimental p2p support')
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
logger.info('loglevel is: {}'.format(
logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
with Router(listen=args.listen,
hunter=args.hunter,
storage=args.storage,
p2p=args.p2p) as r:
try:
logger.info('starting router..')
r.run()
except KeyboardInterrupt:
logger.info('shutting down...')
logger.info('Shutting down')
def main():
p = get_argument_parser()
p = ArgumentParser(description=textwrap.dedent('''\
Env Variables:
CIF_RUNTIME_PATH
CIF_STORAGE_ADDR
example usage:
$ cif-storage -d
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-storage',
parents=[p])
p.add_argument(
"--storage-address",
help="specify the storage address cif-router is listening on[default: %("
"default)s]",
default=STORAGE_ADDR)
p.add_argument(
"--store",
help="specify a store type {} [default: %(default)s]".format(
', '.join(STORE_PLUGINS)),
default=STORE_DEFAULT)
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
logger.info('loglevel is: {}'.format(
logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
# from cif.reloader import ModuleWatcher
# mw = ModuleWatcher()
# mw.watch_module('cif.storage')
# mw.start_watching()
with Storage(storage_address=args.storage_address, store=args.store) as s:
try:
logger.info('starting up...')
s.start()
except KeyboardInterrupt:
logger.info('shutting down...')
def main():
p = get_argument_parser()
p = ArgumentParser(description=textwrap.dedent('''\
example usage:
$ cif-httpd -d
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-httpd',
parents=[p])
p.add_argument("--router",
help="specify router frontend [default %(default)s]",
default=ROUTER_ADDR)
p.add_argument('--token',
help="specify cif-httpd token [default %(default)s]",
default=TOKEN)
p.add_argument(
'--listen',
help='specify the interface to listen on [default %(default)s]',
default=HTTP_LISTEN)
p.add_argument('--listen-port',
help='specify the port to listen on [default %(default)s]',
default=HTTP_LISTEN_PORT)
p.add_argument('--fdebug', action='store_true')
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
logger.info('loglevel is: {}'.format(
logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
try:
logger.info('pinging router...')
if Client(args.router, args.token).ping():
app.config["SECRET_KEY"] = os.urandom(1024)
logger.info('starting up...')
app.run(host=args.listen, port=args.listen_port, debug=args.fdebug)
else:
logger.error('router unavailable...')
except KeyboardInterrupt:
logger.info('shutting down...')
raise SystemExit
def main():
p = get_argument_parser()
p = ArgumentParser(
description=textwrap.dedent('''\
Env Variables:
CIF_RUNTIME_PATH
CIF_STORAGE_ADDR
example usage:
$ cif-storage -d
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-storage',
parents=[p]
)
p.add_argument("--storage-address", help="specify the storage address cif-router is listening on[default: %("
"default)s]", default=STORAGE_ADDR)
p.add_argument("--store", help="specify a store type {} [default: %(default)s]".format(', '.join(STORE_PLUGINS)),
default=STORE_DEFAULT)
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
logger.info('loglevel is: {}'.format(logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
# from cif.reloader import ModuleWatcher
# mw = ModuleWatcher()
# mw.watch_module('cif.storage')
# mw.start_watching()
with Storage(storage_address=args.storage_address, store=args.store) as s:
try:
logger.info('starting up...')
s.start()
except KeyboardInterrupt:
logger.info('shutting down...')
def main():
p = get_argument_parser()
p = ArgumentParser(
description=textwrap.dedent('''\
Env Variables:
CIF_RUNTIME_PATH
CIF_ROUTER_ADDR
CIF_HUNTER_ADDR
CIF_STORAGE_ADDR
example usage:
$ cif-router --listen 0.0.0.0 -d
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-router',
parents=[p]
)
p.add_argument('--listen', help='address to listen on [default: %(default)s]', default=ROUTER_ADDR)
p.add_argument('--hunter', help='address hunters listen on on [default: %(default)s]', default=HUNTER_ADDR)
p.add_argument("--storage", help="specify a storage address [default: %(default)s]",
default=STORAGE_ADDR)
p.add_argument('--p2p', action='store_true', help='enable experimental p2p support')
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
logger.info('loglevel is: {}'.format(logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
with Router(listen=args.listen, hunter=args.hunter, storage=args.storage, p2p=args.p2p) as r:
try:
logger.info('starting router..')
r.run()
except KeyboardInterrupt:
logger.info('shutting down...')
logger.info('Shutting down')
def main():
p = get_argument_parser()
p = ArgumentParser(
description=textwrap.dedent(
"""\
Env Variables:
CIF_RUNTIME_PATH
CIF_ROUTER_ADDR
CIF_HUNTER_ADDR
CIF_STORAGE_ADDR
example usage:
$ cif-router --listen 0.0.0.0 -d
"""
),
formatter_class=RawDescriptionHelpFormatter,
prog="cif-router",
parents=[p],
)
p.add_argument("--listen", help="address to listen on [default: %(default)s]", default=ROUTER_ADDR)
p.add_argument("--hunter", help="address hunters listen on on [default: %(default)s]", default=HUNTER_ADDR)
p.add_argument("--storage", help="specify a storage address [default: %(default)s]", default=STORAGE_ADDR)
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
logger.info("loglevel is: {}".format(logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
with Router(listen=args.listen, hunter=args.hunter, storage=args.storage) as r:
try:
logger.info("starting router..")
r.run()
except KeyboardInterrupt:
logger.info("shutting down...")
logger.info("Shutting down")
def main():
p = get_argument_parser()
p = ArgumentParser(
description=textwrap.dedent('''\
example usage:
$ cif-httpd -d
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-httpd',
parents=[p]
)
p.add_argument("--router", help="specify router frontend [default %(default)s]", default=ROUTER_ADDR)
p.add_argument('--token', help="specify cif-httpd token [default %(default)s]", default=TOKEN)
p.add_argument('--listen', help='specify the interface to listen on [default %(default)s]', default=HTTP_LISTEN)
p.add_argument('--listen-port', help='specify the port to listen on [default %(default)s]',
default=HTTP_LISTEN_PORT)
p.add_argument('--fdebug', action='store_true')
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
logger.info('loglevel is: {}'.format(logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
try:
logger.info('pinging router...')
if Client(args.router, args.token).ping():
app.config["SECRET_KEY"] = os.urandom(1024)
logger.info('starting up...')
app.run(host=args.listen, port=args.listen_port, debug=args.fdebug)
else:
logger.error('router unavailable...')
except KeyboardInterrupt:
logger.info('shutting down...')
raise SystemExit
def main():
p = get_argument_parser()
p = ArgumentParser(
description=textwrap.dedent('''\
Env Variables:
CIF_RUNTIME_PATH
CIF_HTTP_ADDR
CIF_TOKEN
example usage:
$ cif-smrt -v --rules rules/default
$ cif-smrt --rules rules/default/drg.yml --feed ssh
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-smrt',
parents=[p],
)
p.add_argument(
"-r",
"--rule",
help=
"specify the rules directory or specific rules file [default: %(default)s",
default=SMRT_RULES_PATH)
p.add_argument("-f", "--feed", help="specify the feed to process")
p.add_argument("--remote",
dest="remote",
help="specify the remote api url [default: %(default)s",
default=REMOTE_ADDR)
p.add_argument('--cache',
help="specify feed cache [default %(default)s]",
default=SMRT_CACHE)
p.add_argument(
"--limit",
dest="limit",
help="limit the number of records processed [default: %(default)s]",
default=None)
p.add_argument("--token",
dest="token",
help="specify token [default: %(default)s]",
default=TOKEN)
p.add_argument('--test', action='store_true')
p.add_argument('--sleep', default=60)
p.add_argument('--ignore-unknown', action='store_true')
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
logger.info('loglevel is: {}'.format(
logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
stop = False
r = False
if not args.test:
r = randint(5, 55)
logger.info(
"random delay is {}, then running every 60min after that".format(
r))
sleep((r * 60))
while not stop:
if args.test:
stop = True
logger.info('starting...')
try:
with Smrt(args.remote, args.token) as s:
logger.info('staring up...')
x = s.process(args.rule, feed=args.feed, limit=args.limit)
logger.info('complete')
if not args.test:
logger.info('sleeping for 1 hour')
sleep((60 * 60))
except RuntimeError as e:
logger.error(e)
if str(e).startswith('submission failed'):
stop = True
else:
logging.exception('Got exception on main handler')
except KeyboardInterrupt:
logger.info('shutting down')
stop = True
logger.info('completed')
def main():
p = get_argument_parser()
p = ArgumentParser(
description=textwrap.dedent('''\
Env Variables:
CIF_RUNTIME_PATH
example usage:
$ cif-store -d
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-store',
parents=[p]
)
p.add_argument("--store", help="store type {} [default: %(default)s]".
format(', '.join(STORE_PLUGINS)),
default=STORE_DEFAULT)
p.add_argument('--config', help='specify config path [default %(default)s]'
, default=CONFIG_PATH)
p.add_argument('--token-create-admin', help='generate an admin token',
action="store_true")
p.add_argument('--token-create-fm', action="store_true")
p.add_argument('--token-create-fm-remote', default=REMOTE_ADDR)
p.add_argument('--token-create-hunter', action="store_true")
p.add_argument('--token-create-httpd', action="store_true")
p.add_argument('--config-path', help='store the token as a config')
p.add_argument('--token', help='specify the token to use', default=None)
p.add_argument('--token-groups',
help="groups associated with token [default %(default)s]'",
default='everyone')
p.add_argument('--remote', help='specify remote')
args = p.parse_args()
groups = args.token_groups.split(',')
setup_logging(args)
setup_signals(__name__)
if not args.token_create_fm and not args.token_create_admin and \
not args.token_create_hunter and not \
args.token_create_httpd:
logger.error('missing required arguments, see -h for more information')
raise SystemExit
if args.token_create_fm:
with Store(store_type=args.store) as s:
s._load_plugin(store_type=args.store)
t = s.token_handler.token_create_fm(token=args.token,
groups=groups)
if t:
data = {'token': t}
if args.remote:
data['remote'] = args.remote
if args.config_path:
with open(args.config_path, 'w') as f:
f.write(yaml.dump(data, default_flow_style=False))
logger.info(f'token config generated: {args.token_create_fm}')
else:
logger.error('token not created')
if args.token_create_hunter:
with Store(store_type=args.store) as s:
t = s.token_handler.token_create_hunter(token=args.token,
groups=groups)
if t:
data = {'token': t}
if args.config_path:
with open(args.config_path, 'w') as f:
f.write(yaml.dump(data, default_flow_style=False))
logger.info(f'token config generated: '
f'{args.token_create_hunter}')
else:
logger.error('token not created')
if args.token_create_admin:
with Store(store_type=args.store) as s:
t = s.token_handler.token_create_admin(token=args.token,
groups=groups)
if t:
data = {'token': t}
if args.config_path:
with open(args.config_path, 'w') as f:
f.write(yaml.dump(data, default_flow_style=False))
logger.info('token config generated: {}'
.format(args.token_create_admin))
else:
logger.error('token not created')
if args.token_create_httpd:
with Store(store_type=args.store) as s:
t = s.token_handler.token_create_httpd(token=args.token,
groups=groups)
if t:
data = {'token': t}
if args.config_path:
with open(args.config_path, 'w') as f:
f.write(yaml.dump(data, default_flow_style=False))
logger.info('token config generated: {}'
.format(args.token_create_httpd))
else:
logger.error('token not created')
def main():
p = get_argument_parser()
p = ArgumentParser(description=textwrap.dedent('''\
Env Variables:
CIF_RUNTIME_PATH
CIF_ROUTER_CONFIG_PATH
CIF_ROUTER_ADDR
CIF_HUNTER_ADDR
CIF_HUNTER_TOKEN
CIF_HUNTER_THREADS
CIF_GATHERER_THREADS
CIF_STORE_ADDR
example usage:
$ cif-router --listen 0.0.0.0 -d
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-router',
parents=[p])
p.add_argument('--config',
help='specify config path [default: %(default)s',
default=CONFIG_PATH)
p.add_argument('--listen',
help='address to listen on [default: %(default)s]',
default=ROUTER_ADDR)
p.add_argument('-G',
'--gatherers',
'--gatherer-threads',
help='specify number of gatherer threads to use '
'[default: %(default)s]',
default=GATHERER_THREADS)
p.add_argument('--hunter',
help='address hunters listen on on '
'[default: %(default)s]',
default=HUNTER_ADDR)
p.add_argument('--hunter-token',
help='specify token for hunters to use '
'[default: %(default)s]',
default=HUNTER_TOKEN)
p.add_argument('-H',
'--hunters',
'--hunter-threads',
help='specify number of hunter threads to use '
'[default: %(default)s]',
default=HUNTER_THREADS)
p.add_argument("--store-address",
help="specify the store address cif-router is listening on "
"[default: %(default)s]",
default=STORE_ADDR)
p.add_argument("--store",
help=f"specify a store type {', '.join(STORE_PLUGINS)} "
f"[default: %(default)s]",
default=STORE_DEFAULT)
p.add_argument('--store-nodes',
help='specify storage nodes address [default: %(default)s]',
default=STORE_NODES)
p.add_argument('--logging-ignore',
help='set logging to WARNING for specific modules')
p.add_argument('--pidfile',
help='specify pidfile location [default: %(default)s]',
default=PIDFILE)
args = p.parse_args()
setup_logging(args)
if args.verbose:
logger.setLevel(logging.INFO)
if args.debug:
logger.setLevel(logging.DEBUG)
logger.info('loglevel is: {}'.format(
logging.getLevelName(logger.getEffectiveLevel())))
if args.logging_ignore:
to_ignore = args.logging_ignore.split(',')
for i in to_ignore:
logging.getLogger(i).setLevel(logging.WARNING)
setup_runtime_path(args.runtime_path)
setup_signals(__name__)
# http://stackoverflow.com/a/789383/7205341
pid = str(os.getpid())
logger.debug("pid: %s" % pid)
if os.path.isfile(args.pidfile):
logger.critical("%s already exists, exiting" % args.pidfile)
raise SystemExit
r = Router(listen=args.listen,
store_type=args.store,
store_address=args.store_address,
store_nodes=args.store_nodes,
hunter_token=args.hunter_token,
hunter_threads=args.hunters,
gatherer_threads=args.gatherers)
try:
pidfile = open(args.pidfile, 'w')
pidfile.write(pid)
pidfile.close()
except PermissionError as e:
logger.critical('unable to create pid %s' % args.pidfile)
raise SystemExit
try:
logger.info('starting router..')
r.start()
except KeyboardInterrupt:
# todo - signal to threads to shut down and wait for them to finish
logger.info('shutting down via SIGINT...')
except SystemExit:
logger.info('shutting down via SystemExit...')
except Exception as e:
print("TEST")
logger.critical(e)
traceback.print_exc()
logger.info('stopping..')
r.stop()
logger.info('Shutting down')
if os.path.isfile(args.pidfile):
os.unlink(args.pidfile)
def main():
p = get_argument_parser()
p = ArgumentParser(description=textwrap.dedent('''\
example usage:
$ cif -q example.org -d
$ cif --search 1.2.3.0/24
$ cif --ping
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif',
parents=[p])
p.add_argument('--token', help='specify api token', default=str(1234))
p.add_argument('--remote',
help='specify API remote [default %(default)s]',
default=REMOTE_ADDR)
p.add_argument('-p', '--ping', action="store_true") # meg?
p.add_argument('-q', '--search', help="search")
p.add_argument('--itype', help='filter by indicator type'
) ## need to fix sqlite for non-ascii stuff first
p.add_argument("--submit", action="store_true", help="submit an indicator")
p.add_argument('--limit',
help='limit results [default %(default)s]',
default=SEARCH_LIMIT)
p.add_argument('--nolog', help='do not log search', default=False)
p.add_argument('--indicator')
p.add_argument('--tags', nargs='+')
p.add_argument("--zmq",
dest="zmq",
help="use zmq as a transport instead of http",
action="store_true")
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
options = vars(args)
if options.get("zmq"):
from cif.client.zeromq import ZMQ as ZMQClient
cli = ZMQClient(**options)
else:
from cif.client.http import HTTP as HTTPClient
cli = HTTPClient(args.remote, args.token)
if options.get('ping'):
logger.info('running ping')
for num in range(0, 4):
ret = cli.ping()
if ret != 0:
print("roundtrip: {} ms".format(ret))
select.select([], [], [], 1)
else:
logger.error('ping failed')
raise RuntimeError
elif options.get('itype'):
logger.info('searching for {}'.format(options['itype']))
try:
rv = cli.search({
'itype': options['itype'],
'limit': options['limit'],
})
except RuntimeError as e:
import traceback
traceback.print_exc()
logger.error(e)
else:
print(Table(data=rv))
elif options.get('search'):
logger.info("searching for {0}".format(options.get("search")))
try:
rv = cli.search({
'indicator': options['search'],
'limit': options['limit'],
'nolog': options['nolog']
})
except RuntimeError as e:
import traceback
traceback.print_exc()
logger.error(e)
else:
print(Table(data=rv))
elif options.get("submit"):
logger.info("submitting {0}".format(options.get("submit")))
rv = cli.submit(indicator=args.indicator, tags=args.tags)
def main():
p = get_argument_parser()
p = ArgumentParser(
description=textwrap.dedent('''\
example usage:
$ cif -q example.org -d
$ cif --search 1.2.3.0/24
$ cif --ping
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif',
parents=[p]
)
p.add_argument('--token', help='specify api token', default=str(1234))
p.add_argument('--remote', help='specify API remote [default %(default)s]', default=REMOTE_ADDR)
p.add_argument('-p', '--ping', action="store_true") # meg?
p.add_argument('-q', '--search', help="search")
p.add_argument('--itype', help='filter by indicator type') ## need to fix sqlite for non-ascii stuff first
p.add_argument("--submit", action="store_true", help="submit an indicator")
p.add_argument('--limit', help='limit results [default %(default)s]', default=SEARCH_LIMIT)
p.add_argument('--nolog', help='do not log search', default=False)
p.add_argument('--indicator')
p.add_argument('--tags', nargs='+')
p.add_argument("--zmq", dest="zmq", help="use zmq as a transport instead of http", action="store_true")
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
options = vars(args)
if options.get("zmq"):
from cif.client.zeromq import ZMQ as ZMQClient
cli = ZMQClient(**options)
else:
from cif.client.http import HTTP as HTTPClient
cli = HTTPClient(args.remote, args.token)
if options.get('ping'):
logger.info('running ping')
for num in range(0, 4):
ret = cli.ping()
if ret != 0:
print("roundtrip: {} ms".format(ret))
select.select([], [], [], 1)
else:
logger.error('ping failed')
raise RuntimeError
elif options.get('itype'):
logger.info('searching for {}'.format(options['itype']))
try:
rv = cli.search({
'itype': options['itype'],
'limit': options['limit'],
})
except RuntimeError as e:
import traceback
traceback.print_exc()
logger.error(e)
else:
print(Table(data=rv))
elif options.get('search'):
logger.info("searching for {0}".format(options.get("search")))
try:
rv = cli.search({
'indicator': options['search'],
'limit': options['limit'],
'nolog': options['nolog']
}
)
except RuntimeError as e:
import traceback
traceback.print_exc()
logger.error(e)
else:
print(Table(data=rv))
elif options.get("submit"):
logger.info("submitting {0}".format(options.get("submit")))
rv = cli.submit(indicator=args.indicator, tags=args.tags)
def main():
p = get_argument_parser()
p = ArgumentParser(
description=textwrap.dedent('''\
Env Variables:
CIF_RUNTIME_PATH
CIF_HTTP_ADDR
CIF_TOKEN
example usage:
$ cif-smrt -v --rules rules/default
$ cif-smrt --rules rules/default/drg.yml --feed ssh
'''),
formatter_class=RawDescriptionHelpFormatter,
prog='cif-smrt',
parents=[p],
)
p.add_argument("-r", "--rule", help="specify the rules directory or specific rules file [default: %(default)s",
default=SMRT_RULES_PATH)
p.add_argument("-f", "--feed", help="specify the feed to process")
p.add_argument("--remote", dest="remote", help="specify the remote api url [default: %(default)s",
default=REMOTE_ADDR)
p.add_argument('--cache', help="specify feed cache [default %(default)s]", default=SMRT_CACHE)
p.add_argument("--limit", dest="limit", help="limit the number of records processed [default: %(default)s]",
default=None)
p.add_argument("--token", dest="token", help="specify token [default: %(default)s]", default=TOKEN)
p.add_argument('--test', action='store_true')
p.add_argument('--sleep', default=60)
p.add_argument('--ignore-unknown', action='store_true')
args = p.parse_args()
setup_logging(args)
logger = logging.getLogger(__name__)
logger.info('loglevel is: {}'.format(logging.getLevelName(logger.getEffectiveLevel())))
setup_signals(__name__)
stop = False
r = False
if not args.test:
r = randint(5, 55)
logger.info("random delay is {}, then running every 60min after that".format(r))
sleep((r * 60))
while not stop:
if args.test:
stop = True
logger.info('starting...')
try:
with Smrt(args.remote, args.token) as s:
logger.info('staring up...')
x = s.process(args.rule, feed=args.feed, limit=args.limit)
logger.info('complete')
if not args.test:
logger.info('sleeping for 1 hour')
sleep((60 * 60))
except RuntimeError as e:
logger.error(e)
if str(e).startswith('submission failed'):
stop = True
else:
logging.exception('Got exception on main handler')
except KeyboardInterrupt:
logger.info('shutting down')
stop = True
logger.info('completed')
