def test_get_app_base_url_uses_x_console_host_header_if_present(
mock_get_host_header, env_qradar_console_ip, env_qradar_app_id):
assert qpylib.get_app_base_url(
) == 'https://9.10.11.12/console/plugins/1005/app_proxy'
def test_get_app_base_url_returns_empty_string_when_host_cannot_be_determined(
env_qradar_app_id):
assert qpylib.get_app_base_url() == ''
def test_get_app_base_url_uses_console_ip_when_x_console_host_header_missing(
env_qradar_console_ip, env_qradar_app_id):
assert qpylib.get_app_base_url(
) == 'https://9.123.234.101/console/plugins/1005/app_proxy'
def test_get_app_base_url_uses_x_console_host_header_if_present(
mock_get_host_header, mock_root_path, mock_get_manifest_location):
assert qpylib.get_app_base_url(
) == 'https://9.10.11.12/console/plugins/1005/app_proxy'
def test_get_app_base_url_returns_empty_string_when_app_id_missing_from_env():
assert qpylib.get_app_base_url() == ''
def test_get_app_base_url_uses_console_ip_when_x_console_host_header_missing(
mock_root_path, mock_get_manifest_location):
assert qpylib.get_app_base_url(
) == 'https://9.123.234.101/console/plugins/1005/app_proxy'
def test_get_app_base_url_returns_empty_string_when_console_ip_missing_from_manifest(
mock_root_path, mock_get_manifest_location):
assert qpylib.get_app_base_url() == ''
def flowData(statusSearch_id):
try:
headers = {'content-type' : 'text/plain'}
#range = {"range":"items=0-5"}
flowDataOptions = qpylib.REST( 'get', 'api/ariel/searches/%s' % statusSearch_id + '/results', headers=headers)
#options = {}
#group = {}
#flow = flowDataOptions.json()
#for flowInfo in flowDataOptions.json():
#options[flowInfo] = flowInfo.capitalize()
#qpylib.log( "Search value " + flowInfo)
#flowInfo2 = json.loads(flowDataOptions.content)
#flowData = {}
flowData = flowDataOptions.json()
qpylib.log(json.dumps(flowData))
#qpylib.log(flowData)
#flowDataJson = json.loads(flowData)
#json = flowDataOptions.json()
#qpylib.log(json)
geoIpData = []
geoIpDataDestination = []
#for x in flowDataOptions.json():
# sourceIps['ipAddr'] = x['flows']['sourceip']
# qpylib.log( "result source ip " + x)
qpylib.log('flowData flows: ' + json.dumps(flowData['flows'],indent=2))
for x in flowData['flows']:
flowsData = {}
#destinationIP = {}
qpylib.log('inside flowdata loop')
#sourceIP['ipAddr'] = flowData['flows']['sourceip']
flowsData['ipAddr'] = x['sourceip']
flowsData['ipAddrDest'] = x['destinationip']
flowsData['sourcePort'] = x['sourceport']
flowsData['destinationPort'] = x['destinationport']
flowsData['sourceBytes'] = x['sourcebytes']
flowsData['destinationBytes'] = x['destinationbytes']
flowsData['sourcePackets'] = x['sourcepackets']
flowsData['destinationPackets'] = x['destinationpackets']
#flowDataJson = json.loads(flowData)
#qpylib.log(flowDataJson)
#sourceIP[ipAddr] = flowDataJson['sourceip']
qpylib.log('source ip: ' + json.dumps(x['sourceip']))
qpylib.log('destination ip: ' + json.dumps(x['destinationip']))
qpylib.log('source port: ' + json.dumps(x['sourceport']))
#qpylib.log('source ip ipadd ' + json.dumps(sourceIP['ipAddr']))
#geoIpData.extend(sourceIP and destinationIP)
geoIpData.append(flowsData)
#geoIpData.append(destinationIP)
#geoIpData = dict(sourceIP.items() + destinationIP.items())
qpylib.log('geoIpData : ' + json.dumps(geoIpData, indent=2))
for y in geoIpData:
ipaddr = y['ipAddr']
qpylib.log('inside flowdata loop y')
# write function where you request response from new freegeoip api
# eg. locationData = return of getLocationData(ipaddr)
#y['locationData'] = locationData
locationData = getLocationData(ipaddr)
qpylib.log('getLocationData result: ' + json.dumps(locationData,indent=2))
y['sourceLocationData'] = locationData
for b in geoIpData:
ipaddrdest = b['ipAddrDest']
qpylib.log('inside flowdata loop dest b')
locationDataDest = getLocationDataDest(ipaddrdest)
qpylib.log('getLocationDataDest result: ' + json.dumps(locationDataDest,indent=2))
b['destinationLocationData'] = locationDataDest
qpylib.log('final geoIpData : ' + json.dumps(geoIpData, indent = 2))
'''
qpylib.log('final geoIpDataDestination : ' + json.dumps(geoIpDataDestination, indent = 2))
flowsData = [5]*(len(geoIpData)+len(geoIpDataDestination))
flowsData[::2] = geoIpData
flowsData[1::2] = geoIpDataDestination
qpylib.log('final DATA : ' + json.dumps(flowsData, indent = 2))
#data = geoIpData + geoIpDataDestination
#qpylib.log('final DATA : ' + json.dumps(data, indent = 2))
'''
'''
for x in flowData['flows']:
sourceIP = {}
qpylib.log('inside flowdata loop')
#sourceIP['ipAddr'] = flowData['flows']['sourceip']
sourceIP['ipAddr'] = x['sourceip']
#flowDataJson = json.loads(flowData)
#qpylib.log(flowDataJson)
#sourceIP[ipAddr] = flowDataJson['sourceip']
qpylib.log('source ip: ' + json.dumps(x['sourceip']))
#qpylib.log('source ip ipadd ' + json.dumps(sourceIP['ipAddr']))
geoIpData.append(sourceIP)
qpylib.log('geoIpData : ' + json.dumps(geoIpData, indent=2))
for y in geoIpData:
ipaddr = y['ipAddr']
qpylib.log('inside flowdata loop y')
# write function where you request response from new freegeoip api
# eg. locationData = return of getLocationData(ipaddr)
#y['locationData'] = locationData
locationData = getLocationData(ipaddr)
qpylib.log('getLocationData result: ' + json.dumps(locationData,indent=2))
y['sourceLocationData'] = locationData
qpylib.log('final geoIpData : ' + json.dumps(geoIpData, indent = 2))
for a in flowData['flows']:
qpylib.log('inside flowdata loop dest')
destinationIP = {}
destinationIP['ipAddrDest'] = a['destinationip']
qpylib.log('destination ip: ' + json.dumps(a['destinationip']))
geoIpDataDestination.append(destinationIP)
qpylib.log('geoIpDataDestination : ' + json.dumps(geoIpData, indent=2))
for b in geoIpDataDestination:
ipaddrdest = b['ipAddrDest']
qpylib.log('inside flowdata loop dest b')
locationDataDest = getLocationDataDest(ipaddrdest)
qpylib.log('getLocationDataDest result: ' + json.dumps(locationDataDest,indent=2))
b['destinationLocationData'] = locationDataDest
qpylib.log('final geoIpDataDestination : ' + json.dumps(geoIpDataDestination, indent = 2))
#data = geoIpData + geoIpDataDestination
#qpylib.log('final DATA : ' + json.dumps(data, indent = 2))
'''
return render_template("map.html", data=json.dumps(geoIpData), base_url=qpylib.get_app_base_url())
#return render_template("map.html", data=json.dumps(data), base_url=qpylib.get_app_base_url())
except Exception as e:
qpylib.log( "Error ---- " + str(e), level='error' )
def test_get_app_base_url_returns_empty_string_when_host_cannot_be_determined(
mock_manifest):
assert qpylib.get_app_base_url() == ''
def test_get_app_base_url_returns_empty_string_when_app_id_missing_from_manifest(
mock_manifest):
assert qpylib.get_app_base_url() == ''