def submit(self, submission):
"""Attempts to submit the given Submission to this node."""
assert isinstance(submission, Submission)
# we need to convert the list of files to what is expected by the ace_api.submit function
_files = []
for f in submission.files:
if isinstance(f, tuple):
src_path, dest_name = f
_files.append(
(dest_name,
open(
os.path.join(self.incoming_dir, submission.uuid,
os.path.basename(src_path)), 'rb')))
else:
_files.append((os.path.basename(f),
open(
os.path.join(self.incoming_dir,
submission.uuid,
os.path.basename(f)), 'rb')))
#files = [ (os.path.basename(f), open(os.path.join(self.incoming_dir, submission.uuid, os.path.basename(f)), 'rb')) for f in submission.files]
result = ace_api.submit(
submission.description,
remote_host=self.location,
ssl_verification=saq.CONFIG['SSL']['ca_chain_path'],
analysis_mode=submission.analysis_mode,
tool=submission.tool,
tool_instance=submission.tool_instance,
type=submission.type,
event_time=submission.event_time,
details=submission.details,
observables=submission.observables,
tags=submission.tags,
files=_files)
try:
result = result['result']
logging.info("submit remote {} submission {} uuid {}".format(
self.location, submission, result['uuid']))
except Exception as e:
logging.warning("submission irregularity for {}: {}".format(
submission, e))
# clean up our file descriptors
for name, fp in _files:
try:
fp.close()
except Exception as e:
logging.error(
"unable to close file descriptor for {}: {}".format(
name, e))
return result
def _submit(self,
analysis_mode=None,
tool=None,
tool_instance=None,
type=None,
description=None,
details=None,
event_time=None,
observables=None,
tags=None):
temp_path = os.path.join(saq.SAQ_HOME, saq.TEMP_DIR, 'submit_test.dat')
temp_data = os.urandom(1024)
with open(temp_path, 'wb') as fp:
fp.write(temp_data)
try:
with open(temp_path, 'rb') as fp:
return ace_api.submit(
analysis_mode='test_empty'
if analysis_mode is None else analysis_mode,
tool='unittest_tool' if tool is None else tool,
tool_instance='unittest_tool_instance'
if tool_instance is None else tool_instance,
type='unittest_type' if type is None else type,
description='testing'
if description is None else description,
details={'hello': 'world'} if details is None else details,
event_time=self._get_submit_time()
if event_time is None else event_time,
observables=[
{
'type': 'ipv4',
'value': '1.2.3.4',
'time': self._get_submit_time(),
'tags': ['tag_1', 'tag_2'],
'directives': ['no_scan'],
'limited_analysis': ['basic_test']
},
{
'type': 'user',
'value': 'test_user',
'time': self._get_submit_time()
},
] if observables is None else observables,
tags=['alert_tag_1', 'alert_tag_2']
if tags is None else tags,
files=[('sample.dat', io.BytesIO(b'Hello, world!')),
('submit_test.dat', fp)])
finally:
os.remove(temp_path)