def create_app(self):
"""Setup the Flask application.
Returns:
Flask application (instance of flask.app.Flask)
"""
app = create_app(TestConfig)
return app
def create_app(config=None):
"""Create the Flask app instance that is used throughout the application.
Args:
config: Path to configuration file as a string or an object with config
directives.
Returns:
Application object (instance of flask.Flask).
"""
# pylint: disable=import-outside-toplevel
from timesketch import app
return app.create_app(config)
def __init__(self, output_mediator):
"""Initializes a Timesketch output module.
Args:
output_mediator (OutputMediator): mediates interactions between output
modules and other components, such as storage and dfvfs.
"""
hostname = output_mediator.GetStoredHostname()
if hostname:
logger.debug('Hostname: {0:s}'.format(hostname))
super(TimesketchOutputModule, self).__init__(output_mediator)
self._timeline_name = hostname
self._timeline_owner = None
self._timesketch = timesketch.create_app()
gunicorn -b 127.0.0.1:80 --log-file - --timeout 120 timesketch.wsgi:application
Example configuration for Apache with mod_wsgi (a2enmod mod_wsgi):
<VirtualHost *:443>
ServerAdmin root@localhost
SSLEngine On
SSLCertificateFile /etc/apache2/cert.crt
SSLCertificateKeyFile /etc/apache2/cert.key
WSGIScriptAlias / /path/to/this/file/wsgi.py
</VirtualHost>
"""
# If you installed Timesketch in a virtualenv you need to activate it.
# This needs to be before any imports in order to import from the virtualenv.
#activate_virtualenv = '/path/to/your/virtualenv/bin/activate_this.py'
#execfile(activate_virtualenv, dict(__file__=activate_virtualenv))
from timesketch.app import configure_logger
from timesketch.app import create_app
from timesketch.models import db_session
configure_logger()
application = create_app()
# pylint: disable=unused-argument
@application.teardown_appcontext
def shutdown_session(exception=None):
"""Remove the database session after every request or app shutdown."""
db_session.remove()
# If you installed Timesketch in a virtualenv you need to activate it.
# This needs to be before any imports in order to import from the virtualenv.
# activate_virtualenv = '/path/to/your/virtualenv/bin/activate_this.py'
# execfile(activate_virtualenv, dict(__file__=activate_virtualenv))
import os
import logging
from prometheus_flask_exporter.multiprocess import GunicornPrometheusMetrics
from timesketch.app import configure_logger
from timesketch.app import create_app
from timesketch.models import db_session
logger = logging.getLogger("timesketch.wsgi_server")
configure_logger()
application = create_app()
application_v2 = create_app(v2=True)
# Setup metrics endpoint.
if os.environ.get("prometheus_multiproc_dir"):
logger.info("Metrics server enabled")
GunicornPrometheusMetrics(application, group_by="endpoint")
# pylint: disable=unused-argument
@application.teardown_appcontext
def shutdown_session(exception=None):
"""Remove the database session after every request or app shutdown."""
db_session.remove()
def win_logins(sketch_id):
parser = ParseEvents()
result = []
for event in parser.parse(sketch_id=sketch_id):
src_ws, user, dst_ws, method, timestamp, es_index_name, es_id = event
result.append({
'user':
user,
'src':
src_ws,
'dst':
dst_ws,
'method':
method,
'timestamp':
timestamp,
'es_index_name':
es_index_name,
'es_query':
'_index:{} AND _id:{}'.format(es_index_name, es_id)
})
return result
if __name__ == "__main__":
from timesketch.app import create_app
with create_app().app_context():
main()
sketch_id=sketch_id,
timeline_id=timeline_id)
pipeline.apply_async()
logger.info('File sent for indexing: {}'.format(gcs_base_filename))
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='GCS importer')
parser.add_argument('--project', help='Google Cloud Project ID')
parser.add_argument('--bucket',
help='Google Cloud Storage bucket to monitor')
parser.add_argument('--subscription',
help='Google Cloud PubSub subscription')
parser.add_argument('--output',
default='/tmp',
help='Directory for downloads')
args = parser.parse_args()
# Create flask app
app = create_app()
# Setup Google Cloud Pub/Sub
subscriber = pubsub_v1.SubscriberClient()
subscription_path = subscriber.subscription_path(args.project,
args.subscription)
subscriber.subscribe(subscription_path, callback=callback)
logger.info('Listening on PubSub queue: {}'.format(args.subscription))
while True:
time.sleep(10)