def run_agent(self):
try:
self.db_cleaner = persistence.DBCleaner(self._db, self.conf.storage_db_timeout, 100000, 3600)
self.db_cleaner.start()
# def get a connection object
self.conn = config.get_connection_object(self.conf)
self.disp = dispatcher.Dispatcher(self.conf)
# this is done in two steps because we only want to fork before the
# threads are created
if self.conf.intrusion_detection_ossec:
self.intrusion_detection = ossec.AlertSender(
self.conn,
self._db,
max_process_time=self.conf.intrusion_detection_max_process_time,
alert_threshold=self.conf.intrusion_detection_alert_threshold,
)
self.intrusion_detection.start()
self.request_listener = reply.RequestListener(
self.conf, self.conn, self.disp, self._db, id_system=self.intrusion_detection
)
logger.set_dcm_connection(self.conf, self.conn)
self.conn.connect(self.request_listener.incoming_parent_q_message, self.handshaker)
self.disp.start_workers(self.request_listener)
rc = self.agent_main_loop()
return rc
finally:
self.cleanup_agent()
def test_logging_handler_with_conn(self):
conn = mock.Mock()
conf = mock.Mock()
logger_name = str(uuid.uuid4())
my_logger = logging.getLogger(logger_name)
handler = logger.dcmLogger()
my_logger.addHandler(handler)
logger.set_dcm_connection(conf, conn)
msg = "Test message with conn"
my_logger.error(msg)
handler.flush()
dcm_events.poll(timeblock=0.0)
args, kwargs = conn.send.call_args
log_dict = args[0]
self.assertEqual(log_dict['type'], "LOG")
self.assertEqual(log_dict['level'], "ERROR")
self.assertEqual(urllib.parse.unquote(log_dict['message']), msg)
def test_logging_handler_with_conn(self):
conn = mock.Mock()
conf = mock.Mock()
logger_name = str(uuid.uuid4())
my_logger = logging.getLogger(logger_name)
handler = logger.dcmLogger()
my_logger.addHandler(handler)
logger.set_dcm_connection(conf, conn)
msg = "Test message with conn"
my_logger.error(msg)
handler.flush()
dcm_events.poll(timeblock=0.0)
args, kwargs = conn.send.call_args
log_dict = args[0]
self.assertEqual(log_dict["type"], "LOG")
self.assertEqual(log_dict["level"], "ERROR")
self.assertEqual(urllib.parse.unquote(log_dict["message"]), msg)
def run_agent(self):
try:
self.db_cleaner = persistence.DBCleaner(
self._db, self.conf.storage_db_timeout, 100000, 3600)
self.db_cleaner.start()
# def get a connection object
self.conn = config.get_connection_object(self.conf)
self.disp = dispatcher.Dispatcher(self.conf)
# this is done in two steps because we only want to fork before the
# threads are created
if self.conf.intrusion_detection_ossec:
self.intrusion_detection =\
ossec.AlertSender(
self.conn, self._db,
max_process_time=self.conf.intrusion_detection_max_process_time,
alert_threshold=self.conf.intrusion_detection_alert_threshold)
self.intrusion_detection.start()
self.request_listener = reply.RequestListener(
self.conf,
self.conn,
self.disp,
self._db,
id_system=self.intrusion_detection)
logger.set_dcm_connection(self.conf, self.conn)
self.conn.connect(self.request_listener.incoming_parent_q_message,
self.handshaker)
self.disp.start_workers(self.request_listener)
rc = self.agent_main_loop()
return rc
finally:
self.cleanup_agent()
