def post(self):
args = self.parser.parse_args(
) # need to exists for input payload validation
query_id = args['query_id']
status = 'failure'
message = None
add_tags = args['add_tags'].split(',')
remove_tags = args['remove_tags'].split(',')
if not (add_tags or remove_tags):
message = 'Please provide tags'
else:
query = dao.get_query_by_id(query_id)
if not query:
message = 'Invalid query id. Query with this id does not exist'
else:
if add_tags:
add_tags = create_tags(*add_tags)
for add_tag in add_tags:
if not add_tag in query.tags:
query.tags.append(add_tag)
if remove_tags:
remove_tags = get_tags(*remove_tags)
for remove_tag in remove_tags:
if remove_tag in query.tags:
query.tags.remove(remove_tag)
query.save()
status = 'success'
message = 'Successfully modified the tag(s)'
return marshal(respcls(message, status),
parentwrapper.common_response_wrapper,
skip_none=True)
def post(self):
args = self.parser.parse_args() # need to exists for input payload validation
status = 'failure'
host_identifier = args['host_identifier']
add_tags = args['add_tags'].split(',')
remove_tags = args['remove_tags'].split(',')
node = dao.get_node_by_host_identifier(host_identifier)
if not node:
message = 'Invalid host identifier. This node does not exist'
else:
if add_tags:
add_tags = create_tags(*add_tags)
for add_tag in add_tags:
if not add_tag in node.tags:
node.tags.append(add_tag)
if remove_tags:
remove_tags = get_tags(*remove_tags)
for remove_tag in remove_tags:
if remove_tag in node.tags:
node.tags.remove(remove_tag)
node.save()
status = 'success'
message = 'Successfully modified the tag(s)'
return marshal(respcls(message,status), parentwrapper.common_response_wrapper, skip_none=True)
def post(self):
args = self.parser.parse_args(
) # need to exists for input payload validation
name = args['name']
sql = args['query']
interval = args['interval']
tags = args['tags'].split(',')
query = dao.get_query_by_name(name)
if query:
message = 'Query with this name already exists'
elif not validate_osquery_query(sql):
message = ('Invalid osquery query: "{0}"'.format(args['query']))
else:
query = dao.create_query_obj(name,
sql,
interval,
args['platform'],
args['version'],
args['description'],
args['value'],
100,
snapshot=args['snapshot'])
if tags:
query.tags = create_tags(*tags)
query.save()
return marshal({'query_id': query.id}, wrapper.add_query_wrapper)
return marshal(respcls(message), parentwrapper.failure_response_parent)
def post(self):
args = self.parser.parse_args(
) # need to exists for input payload validation
pack_id = args['pack_id']
status = 'failure'
message = None
add_tags = args['add_tags'].split(',')
remove_tags = args['remove_tags'].split(',')
pack = dao.get_pack_by_id(pack_id)
if not pack:
message = 'Invalid pack id. Pack with this id does not exist'
else:
if add_tags:
add_tags = create_tags(*add_tags)
for add_tag in add_tags:
if not add_tag in pack.tags:
pack.tags.append(add_tag)
if remove_tags:
remove_tags = get_tags(*remove_tags)
for remove_tag in remove_tags:
if remove_tag in pack.tags:
pack.tags.remove(remove_tag)
pack.save()
status = 'success'
message = 'Successfully modified the tag(s)'
return marshal(respcls(message, status),
parentwrapper.common_response_wrapper,
skip_none=True)
def post(self):
args = self.parser.parse_args(
) # need to exists for input payload validation
add_tags = args['tags'].split(',')
add_tags = create_tags(*add_tags)
message = "Tags are added successfully"
status = "success"
return marshal(respcls(message, status),
parentwrapper.failure_response_parent)
def add_pack_through_json_data(args):
from polylogyx.wrappers.v1 import parent_wrappers
from polylogyx.utils import create_tags, validate_osquery_query
from flask_restplus import marshal
if 'tags' in args:
tags = args['tags'].split(',')
else:
tags = []
name = args['name']
queries = args['queries']
category = args['category']
platform = args.get('platform', None)
version = args.get('version', None)
description = args.get('description', None)
shard = args.get('shard', None)
pack = packs_dao.get_pack_by_name(name)
if not pack:
pack = packs_dao.add_pack(name, category, platform, version,
description, shard)
for query_name, query in queries.items():
if not validate_osquery_query(query['query']):
message = ('Invalid osquery query: "{0}"'.format(query['query']))
return marshal({'message': message},
parent_wrappers.failure_response_parent)
q = queries_dao.get_query_by_name(query_name)
if not q:
q = queries_dao.add_query(query_name, **query)
pack.queries.append(q)
current_app.logger.debug("Adding new query %s to pack %s", q.name,
pack.name)
continue
else:
if q.sql == query['query']:
current_app.logger.debug("Adding existing query %s to pack %s",
q.name, pack.name)
pack.queries.append(q)
else:
q2 = queries_dao.add_query(query_name, **query)
current_app.logger.debug(
"Created another query named %s, but different sql: %r vs %r",
query_name, q2.sql.encode('utf-8'), q.sql.encode('utf-8'))
pack.queries.append(q2)
if q in pack.queries:
continue
if pack:
if tags:
pack.tags = create_tags(*tags)
pack.save()
return pack
def post(self):
from polylogyx.dao.v1 import packs_dao
args = self.parser.parse_args()
name = args['name']
sql = args['query']
interval = args['interval']
if args['snapshot'] == "true":
args['snapshot'] = True
else:
args['snapshot'] = False
if args['tags']:
tags = args['tags'].split(',')
else:
tags = args['tags']
packs = []
if args['packs']: packs = args['packs'].split(',')
query = dao.get_query_by_name(name)
if query:
message = 'Query with this name already exists'
elif not validate_osquery_query(sql):
message = ('Invalid osquery query: "{0}"'.format(args['query']))
elif not is_number_positive(interval):
message = 'Interval provided is not valid! Please provide an inverval greater than 0'
else:
query = dao.create_query_obj(name,
sql,
interval,
args['platform'],
args['version'],
args['description'],
args['value'],
100,
snapshot=args['snapshot'])
if tags:
query.tags = create_tags(*tags)
if packs:
packs_list = []
for pack_name in packs:
pack = packs_dao.get_pack_by_name(pack_name)
if pack:
packs_list.append(pack)
query.packs = packs_list
query.save()
return marshal({'query_id': query.id}, wrapper.add_query_wrapper)
return marshal(respcls(message), parentwrapper.failure_response_parent)
def add_pack_through_json_data(args):
from polylogyx.dao import packs_dao, queries_dao
from polylogyx.wrappers import parent_wrappers
from polylogyx.utils import create_tags, validate_osquery_query
from flask_restplus import marshal
tags = args['tags']
name = args['name']
queries = args['queries']
pack = packs_dao.get_pack_by_name(name)
if not pack:
pack = packs_dao.add_pack(**args)
for query_name, query in queries.items():
if not validate_osquery_query(query['query']):
message = ('Invalid osquery query: "{0}"'.format(query['query']))
return marshal({'message': message}, parent_wrappers.failure_response_parent)
q = queries_dao.get_query_by_name(query_name)
if not q:
q = queries_dao.add_query(query_name, **query)
pack.queries.append(q)
current_app.logger.debug("Adding new query %s to pack %s",
q.name, pack.name)
continue
if q in pack.queries:
continue
if q.sql == query['query']:
current_app.logger.debug("Adding existing query %s to pack %s",
q.name, pack.name)
pack.queries.append(q)
else:
q2 = queries_dao.add_query(query_name, **query)
current_app.logger.debug(
"Created another query named %s, but different sql: %r vs %r",
query_name, q2.sql.encode('utf-8'), q.sql.encode('utf-8'))
pack.queries.append(q2)
if pack:
if tags:
pack.tags = create_tags(*tags)
pack.save()
return pack