def get_system_id(system_ip):
""" Returns the system Id from a given ip
@param system_ip: the host system ip
"""
host_list = []
host_list.append(system_ip)
uuid_regex = re.compile('^[a-fA-F0-9]{8}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{12}$')
# 1- Try alienvault-system-id
response = ansible.run_module([system_ip], "command", "/usr/bin/alienvault-system-id")
success, msg = ansible_is_valid_response(system_ip, response)
if success:
system_id = response['contacted'][system_ip]['stdout']
# 2- When error, try the old way
else:
# 2.1- Read center file
(success, system_id) = read_file(system_ip, "/etc/alienvault-center/alienvault-center-uuid")
if not success:
# 2.2- Call ansible method
response = ansible.run_module(host_list, "av_setup", "filter=ansible_product_uuid")
if system_ip in response['dark']:
return (False, "[get_system_id]: " + response['dark'][system_ip]['msg'])
else:
if system_ip in response['contacted']:
system_id = response['contacted'][system_ip]['ansible_facts']['ansible_product_uuid'].lower()
else:
return (False, "[get_system_id]: Error getting system ID")
# Check the system_id is valid
if not system_id or not uuid_regex.match(system_id):
return (False, "[get_system_id]: Error getting system ID")
return (True, system_id)
def __verify_iface_list (self, ifaces):
(result, setup) = read_file ("127.0.0.1", "/etc/ossim/ossim_setup.conf")
nose.tools.ok_ (result == True,
msg="Error read_file. Can't read ossim_setup.conf")
# Search the [sensor]/interface headers
cstr = StringIO.StringIO (setup)
line = cstr.readline()
ifacesfile = None
while line:
#print line
if line == "[sensor]\n":
line = cstr.readline()
while line:
nose.tools.ok_ (TestAnsibleMgr.__re_section.match(line) == None,
msg="Section start without interfaces key.Bad ossim_setup.conf")
match = TestAnsibleMgr.__re_interfaces.match(line)
if match:
ifacesfile = match.group ('ifaces')
#print "ifaces=> " + ifacesfile
nose.tools.ok_ ( ifacesfile != None,
msg="Can't capture interfaces in [sensor]/ossim_setup.conf")
break
line = cstr.readline()
#
nose.tools.ok_ (ifacesfile != None, msg="Can't capture interfaces in [sensor]/ossim_setup.conf")
break
line = cstr.readline ()
# Here we have the ifaces. We must compare with
nose.tools.ok_ (ifacesfile != None, msg ="Can't capture interfaces in [sensor]/ossim_setup.conf")
ifaceslist = [x.strip() for x in ifacesfile.split (",")]
for iface in ifaces:
nose.tools.ok_ ((iface in ifaceslist) == True, msg ="%s from ansible not in ossim_setup.conf" % iface)
return True
def get_iface_stats(system_ip):
"""
Return dictionary key => iface, value = (rxbytes,txbytes)
e.g.: { "lo": (1000,2000)}
"""
dresult = {}
response = ansible.run_module([system_ip], "av_setup","filter=ansible_interfaces")
if system_ip in response ['dark'] :
return(False, "get_iface_list " + response['dark'][system_ip]['msg'])
else:
for iface in response['contacted'][system_ip]['ansible_facts']['ansible_interfaces']:
devpath = "/sys/class/net/" + iface
(rrx, rxcontent) = read_file(system_ip, devpath + "/statistics/rx_bytes")
(rtx, txcontent) = read_file(system_ip, devpath + "/statistics/tx_bytes")
if rrx == True and rtx == True:
rx = int(rxcontent.rstrip(os.linesep))
tx = int(txcontent.rstrip(os.linesep))
dresult[iface] = {"RX":rx, "TX":tx}
return(True,dresult)
def get_iface_stats(system_ip):
"""
Return dictionary key => iface, value = (rxbytes,txbytes)
e.g.: { "lo": (1000,2000)}
"""
dresult = {}
response = ansible.run_module([system_ip], "av_setup","filter=ansible_interfaces")
if system_ip in response ['dark'] :
return(False, "get_iface_list " + response['dark'][system_ip]['msg'])
else:
for iface in response['contacted'][system_ip]['ansible_facts']['ansible_interfaces']:
devpath = "/sys/class/net/" + iface
(rrx, rxcontent) = read_file(system_ip, devpath + "/statistics/rx_bytes")
(rtx, txcontent) = read_file(system_ip, devpath + "/statistics/tx_bytes")
if rrx == True and rtx == True:
rx = int(rxcontent.rstrip(os.linesep))
tx = int(txcontent.rstrip(os.linesep))
dresult[iface] = {"RX":rx, "TX":tx}
return(True,dresult)
def get_system_id(system_ip):
""" Returns the system Id from a given ip
@param system_ip: the host system ip
"""
host_list = []
host_list.append(system_ip)
uuid_regex = re.compile(
'^[a-fA-F0-9]{8}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{12}$'
)
# 1- Try alienvault-system-id
response = ansible.run_module([system_ip], "command",
"/usr/bin/alienvault-system-id")
success, msg = ansible_is_valid_response(system_ip, response)
if success:
system_id = response['contacted'][system_ip]['stdout']
# 2- When error, try the old way
else:
# 2.1- Read center file
center_file = "/etc/alienvault-center/alienvault-center-uuid"
(success, system_id) = read_file(system_ip, center_file)
if not success:
# 2.2- Call ansible method
response = ansible.run_module(host_list, "av_setup",
"filter=ansible_product_uuid")
if system_ip in response['dark']:
error_msg = "[get_system_id]: "
error_msg = error_msg + response['dark'][system_ip]['msg']
return (False, error_msg)
else:
if system_ip in response['contacted']:
system_id = response['contacted'][system_ip][
'ansible_facts']['ansible_product_uuid'].lower()
else:
return (False, "[get_system_id]: Error getting system ID")
# Check the system_id is valid
if not system_id or not uuid_regex.match(system_id):
return (False, "[get_system_id]: Error getting system ID")
return (True, system_id)
def __read_proxy_file(self):
""" Read the proxy curl configuration file
"""
(success, proxy_file_content) = read_file(self.__system_ip,
self.__proxy_file)
if not success:
return False
try:
splitted = proxy_file_content.split('\n')
for line in splitted:
(key, value) = line.replace(' ', '').split('=')
if key == 'proxy':
self.__proxy_url = value.replace('http://', '')
if key == 'proxy-user':
(self.__proxy_user, self.__proxy_pass) = value.split(':')
except ValueError:
return False
return True
def __read_proxy_file(self):
""" Read the proxy curl configuration file
"""
(success, proxy_file_content) = read_file(self.__system_ip,
self.__proxy_file)
if not success:
return False
try:
splitted = proxy_file_content.split('\n')
for line in splitted:
(key, value) = line.replace(' ', '').split('=')
if key == 'proxy':
self.__proxy_url = value.replace('http://', '')
if key == 'proxy-user':
(self.__proxy_user, self.__proxy_pass) = value.split(':')
except ValueError:
return False
return True