def then_json_sensors(context,key_path): sensors = json.loads(context.result.getvalue()) for path in key_path.split("."): sensors = sensors.get(path) assert sensors != None, "Key %s object not found " % key_path for s_data, value in sensors.items(): print (s_data) s_uuid = sensors[s_data]['sensor_id'] u = uuid.UUID(s_uuid) result = db.session.query(Sensor).filter (Sensor.id == u.bytes).all() for r in result: dp = r.serialize assert dp['id'] == s_uuid, "Bad id in API response" # Redundant check assert dp['ip'] == value['admin_ip'], "Bad admin_ip in API response" assert dp['name'] == value['hostname'],"Bad name in API response" # Verify the sensor_id try: system_info = db.session.query(System).filter( System.admin_ip == get_ip_bin_from_str(value['admin_ip']) ).one() sensor_uuid = system_info.serialize['sensor_id'] except NoResultFound: assert False,"Can't find admin_ip from API response in database" except Exception, msg: assert False, "Exception " + str(msg) assert sensor_uuid == value['sensor_id'],"Bad system_id in API response"
def get_host_id_by_ip_ctx(ip, ctx, output='str'): """ Returns an Asset ID given an IP address and context """ host_id = None try: if ip and ctx: ip_bin = get_ip_bin_from_str(ip) ctx_bin = get_bytes_from_uuid(ctx) query = db.session.query(Host.id).filter(Host.ctx == ctx_bin) host = query.join(Host_Ip, Host_Ip.host_id == Host.id).filter(Host_Ip.ip == ip_bin).one() host_id = host.id else: return False, "IP address and/or context could not be empty" except NoResultFound: return True, host_id except Exception as msg: msg = str(msg) api_log.error(msg) return False, "Asset ID not found in the system" if output == 'str': return True, get_uuid_string_from_bytes(host_id) else: return True, host_id
def get_sensor_id_from_sensor_ip(sensor_ip): try: sensor = db.session.query(Sensor).filter( Sensor.ip == get_ip_bin_from_str(sensor_ip)).one() sensor_id = get_uuid_string_from_bytes(sensor.id) except NoResultFound: return False, "No sensor id found for the given sensor ip" except MultipleResultsFound: return False, "More than one sensor with the same sensor ip" except Exception as msg: api_log.error(str(msg)) return False, msg return True, sensor_id
def get_sensor_from_alienvault(ip=""): """Returns the sensor list from alienvault.sensor table :param ip(dotted string) filter by ip. Whether ip is empty returns all the sensors.""" sensor_list = [] try: if ip is "": sensor_list = db.session.query(Sensor).all() else: sensor = db.session.query(Sensor).filter( Sensor.ip == get_ip_bin_from_str(ip)).one() sensor_list.append(sensor) except Exception: sensor_list = [] return sensor_list
def get_system_id_from_system_ip(system_ip, output='str'): """ Return the system id of an appliance using its ip. """ system_ip_bin = get_ip_bin_from_str(system_ip) try: system_id = None if output == 'str': system_id = get_uuid_string_from_bytes( db.session.query(System).filter( or_(System.admin_ip == system_ip_bin, System.vpn_ip == system_ip_bin)).one().id) elif output == 'bin': system_id = db.session.query(System).filter( or_(System.admin_ip == system_ip_bin, System.vpn_ip == system_ip_bin)).one().id except NoResultFound, msg: return False, "No system found with ip address '%s'" % str(system_ip)
def get_system_ip_from_local(output='str', local_loopback=True): """ Return the ip of the local machine """ if local_loopback: local_ip = '127.0.0.1' else: success, system_id = get_system_id_from_local() if not success: return success, system_id success, local_ip = get_system_ip_from_system_id(system_id) if not success: return success, local_ip if output == 'bin': try: local_ip_str = get_ip_bin_from_str(local_ip) except Exception, msg: return False, "Cannot convert supposed local ip '%s' to its binary form: %s" % ( str(local_ip_str), str(msg)) local_ip = local_ip_str
def set_system_ha_ip(system_id, value): if value == 'NULL': return set_system_value(system_id, "ha_ip", value) return set_system_value(system_id, "ha_ip", get_ip_bin_from_str(value))
def set_system_vpn_ip(system_id, value): return set_system_value(system_id, "vpn_ip", get_ip_bin_from_str(value))
try: if exclusive: system_list = db.session.query(System).filter( System.profile.ilike(system_type)).all() else: system_list = db.session.query(System).filter( System.profile.ilike('%' + system_type + '%')).all() except Exception, msg: db.session.rollback() return False, "Error while querying for '%s' systems: %s" % ( system_type if system_type != '' else 'all', str(msg)) if directly_connected: try: server_ip = get_ip_bin_from_str( db.session.query(Config).filter( Config.conf == 'server_address').one().value) server_id = get_bytes_from_uuid( db.session.query(Config).filter( Config.conf == 'server_id').one().value) connected_servers = [ x.child_id for x in db.session.query(Server_Hierarchy).filter( Server_Hierarchy.parent_id == server_id).all() ] connected_servers.append(server_id) except Exception, msg: db.session.rollback() return False, "Error while querying for server: '%s'" % str(msg) if not system_type or system_type.lower() == 'server': system_list = filter(
def create_host(ips, sensor_id, hostname='', fqdns='', asset_value=2, threshold_c=30, threshold_a=30, alert=0, persistence=0, nat=None, rrd_profile=None, descr='', lat=0, lon=0, icon=None, country=None, external_host=0, permissions=0, av_component=0, output='str', refresh=False): """ Creates a new host in the database Args: Host data Return: Tuple (boolean, msg) - boolean indicates whether the operation was successful or not - msg will be the host ID, or the error string otherwise """ if len(ips) == 0: return False, "At least one IP is required" succes, ctx = get_sensor_ctx_by_sensor_id(sensor_id) if not is_valid_uuid(ctx): return False, "ctx is not a valid canonical uuid" ctx = get_bytes_from_uuid(ctx) host_id = str(uuid.uuid4()) if hostname == '': hostname = "Host-%s" % (ips[0].replace(".", "-")) try: db.session.begin() for host_ip in ips: host_ip_object = Host_Ip(host_id=get_bytes_from_uuid(host_id), ip=get_ip_bin_from_str(host_ip), mac=None, interface=None) db.session.merge(host_ip_object) host = Host(id=get_bytes_from_uuid(host_id), ctx=ctx, hostname=hostname, fqdns=fqdns, asset=asset_value, threshold_c=threshold_c, threshold_a=threshold_a, alert=alert, persistence=persistence, nat=nat, rrd_profile=rrd_profile, descr=descr, lat=lat, lon=lon, icon=icon, country=country, external_host=external_host, permissions=permissions, av_component=av_component) db.session.merge(host) hs_reference = Host_Sensor_Reference(host_id=get_bytes_from_uuid(host_id), sensor_id=get_bytes_from_uuid(sensor_id)) db.session.merge(hs_reference) db.session.commit() except Exception, msg: db.session.rollback() message = "There was a problem adding new Host %s to the database: %s" % (hostname, str(msg)) api_log.error(message) return False, message