Example #1
0
def get_system_id(system_ip):
    """ Returns the system Id from a given ip
    @param system_ip: the host system ip
    """
    host_list = []
    host_list.append(system_ip)
    uuid_regex = re.compile('^[a-fA-F0-9]{8}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{12}$')
    
    # 1- Try alienvault-system-id
    response = ansible.run_module([system_ip], "command", "/usr/bin/alienvault-system-id")
    success, msg = ansible_is_valid_response(system_ip, response)
    if success:
        system_id = response['contacted'][system_ip]['stdout']
    
    # 2- When error, try the old way
    else:
        # 2.1- Read center file
        (success, system_id) = read_file(system_ip, "/etc/alienvault-center/alienvault-center-uuid")
        if not success:
            # 2.2- Call ansible method
            response = ansible.run_module(host_list, "av_setup", "filter=ansible_product_uuid")
            if system_ip in response['dark']:
                return (False, "[get_system_id]: " + response['dark'][system_ip]['msg'])
            else:
                if system_ip in response['contacted']:
                    system_id = response['contacted'][system_ip]['ansible_facts']['ansible_product_uuid'].lower()
                else:
                    return (False, "[get_system_id]: Error getting system ID")
    
    # Check the system_id is valid
    if not system_id or not uuid_regex.match(system_id):
        return (False, "[get_system_id]: Error getting system ID")
    
    return (True, system_id)
Example #2
0
 def __verify_iface_list (self, ifaces):
     (result, setup) = read_file ("127.0.0.1", "/etc/ossim/ossim_setup.conf")
     nose.tools.ok_ (result == True,
                     msg="Error read_file. Can't read ossim_setup.conf")
     # Search the [sensor]/interface headers 
     cstr = StringIO.StringIO (setup)
     line = cstr.readline()
     ifacesfile = None
     while line:
         #print line
         if line == "[sensor]\n":
             line = cstr.readline()
             while line:
                 nose.tools.ok_ (TestAnsibleMgr.__re_section.match(line) == None,
                     msg="Section start without interfaces key.Bad ossim_setup.conf")
                 match = TestAnsibleMgr.__re_interfaces.match(line)
                 if match:
                     ifacesfile = match.group ('ifaces')
                     #print "ifaces=> " + ifacesfile
                     nose.tools.ok_ ( ifacesfile != None,
                         msg="Can't capture interfaces in [sensor]/ossim_setup.conf")
                     break
                 line = cstr.readline() 
             # 
             nose.tools.ok_ (ifacesfile != None, msg="Can't capture interfaces in [sensor]/ossim_setup.conf")
             break 
         line = cstr.readline ()
     # Here we have the ifaces. We must compare with 
     nose.tools.ok_ (ifacesfile != None, msg ="Can't capture interfaces in [sensor]/ossim_setup.conf")
     ifaceslist = [x.strip() for x in ifacesfile.split (",")] 
     for iface in ifaces:
         nose.tools.ok_ ((iface in ifaceslist) == True, msg ="%s from ansible not in ossim_setup.conf" % iface)
     return True
Example #3
0
def get_iface_stats(system_ip):
    """
    Return  dictionary key => iface, value =  (rxbytes,txbytes)
    e.g.: { "lo": (1000,2000)}
    """
    dresult = {}
    response = ansible.run_module([system_ip], "av_setup","filter=ansible_interfaces")
    if system_ip in response ['dark'] :
        return(False, "get_iface_list " + response['dark'][system_ip]['msg'])
    else:
        for iface in  response['contacted'][system_ip]['ansible_facts']['ansible_interfaces']:
            devpath = "/sys/class/net/" + iface
            (rrx, rxcontent) = read_file(system_ip, devpath + "/statistics/rx_bytes")
            (rtx, txcontent) = read_file(system_ip, devpath + "/statistics/tx_bytes")
            if rrx == True and rtx == True:
                rx = int(rxcontent.rstrip(os.linesep))
                tx = int(txcontent.rstrip(os.linesep))
            dresult[iface] = {"RX":rx, "TX":tx}
    return(True,dresult)
Example #4
0
def get_iface_stats(system_ip):
    """
    Return  dictionary key => iface, value =  (rxbytes,txbytes)
    e.g.: { "lo": (1000,2000)}
    """
    dresult = {}
    response = ansible.run_module([system_ip], "av_setup","filter=ansible_interfaces")
    if system_ip in response ['dark'] :
        return(False, "get_iface_list " + response['dark'][system_ip]['msg'])
    else:
        for iface in  response['contacted'][system_ip]['ansible_facts']['ansible_interfaces']:
            devpath = "/sys/class/net/" + iface
            (rrx, rxcontent) = read_file(system_ip, devpath + "/statistics/rx_bytes")
            (rtx, txcontent) = read_file(system_ip, devpath + "/statistics/tx_bytes")
            if rrx == True and rtx == True:
                rx = int(rxcontent.rstrip(os.linesep))
                tx = int(txcontent.rstrip(os.linesep))
            dresult[iface] = {"RX":rx, "TX":tx}
    return(True,dresult)
Example #5
0
def get_system_id(system_ip):
    """ Returns the system Id from a given ip
    @param system_ip: the host system ip
    """
    host_list = []
    host_list.append(system_ip)
    uuid_regex = re.compile(
        '^[a-fA-F0-9]{8}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{12}$'
    )

    # 1- Try alienvault-system-id
    response = ansible.run_module([system_ip], "command",
                                  "/usr/bin/alienvault-system-id")
    success, msg = ansible_is_valid_response(system_ip, response)
    if success:
        system_id = response['contacted'][system_ip]['stdout']

    # 2- When error, try the old way
    else:
        # 2.1- Read center file
        center_file = "/etc/alienvault-center/alienvault-center-uuid"
        (success, system_id) = read_file(system_ip, center_file)
        if not success:
            # 2.2- Call ansible method
            response = ansible.run_module(host_list, "av_setup",
                                          "filter=ansible_product_uuid")
            if system_ip in response['dark']:
                error_msg = "[get_system_id]: "
                error_msg = error_msg + response['dark'][system_ip]['msg']
                return (False, error_msg)
            else:
                if system_ip in response['contacted']:
                    system_id = response['contacted'][system_ip][
                        'ansible_facts']['ansible_product_uuid'].lower()
                else:
                    return (False, "[get_system_id]: Error getting system ID")

    # Check the system_id is valid
    if not system_id or not uuid_regex.match(system_id):
        return (False, "[get_system_id]: Error getting system ID")

    return (True, system_id)
Example #6
0
    def __read_proxy_file(self):
        """ Read the proxy curl configuration file
        """
        (success, proxy_file_content) = read_file(self.__system_ip,
                                                  self.__proxy_file)
        if not success:
            return False

        try:
            splitted = proxy_file_content.split('\n')
            for line in splitted:
                (key, value) = line.replace(' ', '').split('=')
                if key == 'proxy':
                    self.__proxy_url = value.replace('http://', '')
                if key == 'proxy-user':
                    (self.__proxy_user, self.__proxy_pass) = value.split(':')
        except ValueError:
            return False

        return True
Example #7
0
    def __read_proxy_file(self):
        """ Read the proxy curl configuration file
        """
        (success, proxy_file_content) = read_file(self.__system_ip,
                                                  self.__proxy_file)
        if not success:
            return False

        try:
            splitted = proxy_file_content.split('\n')
            for line in splitted:
                (key, value) = line.replace(' ', '').split('=')
                if key == 'proxy':
                    self.__proxy_url = value.replace('http://', '')
                if key == 'proxy-user':
                    (self.__proxy_user, self.__proxy_pass) = value.split(':')
        except ValueError:
            return False

        return True