def is_running(self):
if self.logstash_home:
try:
return logstash_process.ProcessManager().status()['running']
except KeyError:
return logstash_process.ProcessManager().status()['RUNNING']
return False
def is_running(self):
"""Check if Logstash is running
Returns:
True, if running
"""
if self.logstash_home:
try:
return logstash_process.ProcessManager().status()['running']
except KeyError:
return logstash_process.ProcessManager().status()['RUNNING']
return False
def stop(self) -> bool:
"""Stop the monitor services
Returns:
True, if successfully stopped
"""
kibana_res, logstash_res, elasticsearch_res = True, True, True
if not elasticsearch_profile.ProcessProfiler().is_installed():
self.logger.error('You must install kibana to run this command.')
return False
elasticsearch_res = elasticsearch_process.ProcessManager().stop()
if logstash_profile.ProcessProfiler().is_installed():
logstash_res = logstash_process.ProcessManager().stop()
if kibana_profile.ProcessProfiler().is_installed():
kibana_res = kibana_process.ProcessManager().stop()
return kibana_res and elasticsearch_res and logstash_res
def change_logstash_elasticsearch_password(password='******',
prompt_user=True,
stdout=True,
verbose=False):
"""
Change the password used by Logstash to authenticate to Elasticsearch
:param password: The new Elasticsearch password
:param prompt_user: If True, warning prompt is displayed before proceeding
:param stdout: Print status to stdout
:param verbose: Include detailed debug messages
:return: True, if successful
"""
from dynamite_nsm.services.logstash import process as logstash_process
from dynamite_nsm.services.logstash import profile as logstash_profile
log_level = logging.INFO
if verbose:
log_level = logging.DEBUG
logger = get_logger('LOGSTASH', level=log_level, stdout=stdout)
environment_variables = utilities.get_environment_file_dict()
if not logstash_profile.ProcessProfiler().is_installed():
logger.error(
"Password reset failed. LogStash is not installed on this host.")
raise general_exceptions.ResetPasswordError(
"Password reset failed. LogStash is not installed on this host.")
if prompt_user:
resp = utilities.prompt_input(
'\n\033[93m[-] WARNING! Changing the LogStash password can cause LogStash to lose communication with '
'ElasticSearch. \n[?] Are you sure you wish to continue? [no]|yes):\033[0m '
)
while resp not in ['', 'no', 'yes']:
resp = utilities.prompt_input(
'\033[93m[?] Are you sure you wish to continue? ([no]|yes):\033[0m '
)
if resp != 'yes':
if stdout:
sys.stdout.write('\n[+] Exiting\n')
exit(0)
ConfigManager(
environment_variables.get('LS_PATH_CONF')).set_elasticsearch_password(
password=password)
logstash_process.ProcessManager().restart()
def uninstall_logstash(prompt_user=True, stdout=True, verbose=False):
"""
Install Logstash with ElastiFlow & Synesis
:param prompt_user: Print a warning before continuing
:param stdout: Print the output to console
:param verbose: Include detailed debug messages
"""
log_level = logging.INFO
if verbose:
log_level = logging.DEBUG
logger = get_logger('LOGSTASH', level=log_level, stdout=stdout)
env_file = os.path.join(const.CONFIG_PATH, 'environment')
environment_variables = utilities.get_environment_file_dict()
configuration_directory = environment_variables.get('LS_PATH_CONF')
ls_profiler = logstash_profile.ProcessProfiler()
ls_config = logstash_config.ConfigManager(
configuration_directory=configuration_directory)
if not ls_profiler.is_installed():
logger.error('LogStash is not installed.')
raise logstash_exceptions.UninstallLogstashError(
"LogStash is not installed.")
if prompt_user:
sys.stderr.write(
'\n\033[93m[-] WARNING! Removing Logstash Will Prevent ElasticSearch From Receiving Events.\033[0m\n'
)
resp = utilities.prompt_input(
'\n\033[93m[?] Are you sure you wish to continue? ([no]|yes):\033[0m '
)
while resp not in ['', 'no', 'yes']:
resp = utilities.prompt_input(
'\033[93m[?] Are you sure you wish to continue? ([no]|yes): \033[0m'
)
if resp != 'yes':
if stdout:
sys.stdout.write('\n[+] Exiting\n')
exit(0)
if ls_profiler.is_running():
logstash_process.ProcessManager().stop()
try:
shutil.rmtree(ls_config.ls_path_conf)
shutil.rmtree(ls_config.ls_home)
shutil.rmtree(ls_config.path_logs)
shutil.rmtree(const.INSTALL_CACHE, ignore_errors=True)
env_lines = ''
with open(env_file) as env_fr:
for line in env_fr.readlines():
if 'LS_PATH_CONF' in line:
continue
elif 'LS_HOME' in line:
continue
elif 'LS_LOGS' in line:
continue
elif 'ELASTIFLOW_' in line:
continue
elif 'SYNLITE_' in line:
continue
elif 'ES_PASSWD' in line:
continue
elif line.strip() == '':
continue
env_lines += line.strip() + '\n'
with open(env_file, 'w') as env_fw:
env_fw.write(env_lines)
except Exception as e:
logger.error(
"General error occurred while attempting to uninstall LogStash.".
format(e))
logger.debug(
"General error occurred while attempting to uninstall LogStash; {}"
.format(e))
raise logstash_exceptions.UninstallLogstashError(
"General error occurred while attempting to uninstall LogStash; {}"
.format(e))
try:
sysctl = systemctl.SystemCtl()
except general_exceptions.CallProcessError:
raise logstash_exceptions.UninstallLogstashError(
"Could not find systemctl.")
sysctl.uninstall_and_disable('logstash')
def status(self) -> Optional[Union[Dict, str]]:
"""Get the statuses of monitor services
Returns:
The statuses of monitor services
"""
agent_status = {}
kibana_status, elasticsearch_status, logstash_status = {}, {}, {}
if not elasticsearch_profile.ProcessProfiler().is_installed():
self.logger.error(
'You must install elasticsearch to run this command.')
return None
elasticsearch_status = elasticsearch_process.ProcessManager().status()
agent_status.update({
'elasticsearch': {
'running':
elasticsearch_status.get('running'),
'enabled_on_startup':
elasticsearch_status.get('enabled_on_startup')
}
})
if logstash_profile.ProcessProfiler().is_installed():
logstash_status = logstash_process.ProcessManager().status()
agent_status.update({
'logstash': {
'running': logstash_status.get('running'),
'enabled_on_startup':
logstash_status.get('enabled_on_startup')
}
})
if kibana_profile.ProcessProfiler().is_installed():
kibana_status = kibana_process.ProcessManager().status()
agent_status.update({
'kibana': {
'running': kibana_status.get('running'),
'enabled_on_startup':
kibana_status.get('enabled_on_startup')
}
})
if self.pretty_print_status:
colorize = utilities.PrintDecorations.colorize
child_services = [
['Service', 'Running', 'Enabled on Startup'],
[
'kibana',
colorize('yes', 'green')
if kibana_status.get('running') else colorize('no', 'red'),
colorize('yes', 'green')
if kibana_status.get('enabled_on_startup') else colorize(
'no', 'red')
]
]
if elasticsearch_status:
child_services.append([
'elasticsearch',
colorize('yes', 'green')
if elasticsearch_status.get('running') else colorize(
'no', 'red'),
colorize('yes', 'green')
if elasticsearch_status.get('enabled_on_startup') else
colorize('no', 'red')
])
if logstash_status:
child_services.append([
'logstash',
colorize('yes', 'green')
if elasticsearch_status.get('running') else colorize(
'no', 'red'),
colorize('yes', 'green')
if elasticsearch_status.get('enabled_on_startup') else
colorize('no', 'red')
])
return tabulate.tabulate(child_services, tablefmt='fancy_grid')
return agent_status