def get_manager_name(): """This function read the manager name from global.db""" wdb_conn = WazuhDBConnection() manager_name = wdb_conn.execute( "global sql SELECT name FROM agent WHERE (id = 0)")[0]['name'] wdb_conn.close() return manager_name
def send_data_to_wdb(data, timeout): """Send chunks of data to Wazuh-db socket. Parameters ---------- data : dict Dict containing command and list of chunks to be sent to wazuh-db. timeout : int Seconds to wait before stopping the task. Returns ------- result : dict Dict containing number of updated chunks, error messages (if any) and time spent. """ result = { 'updated_chunks': 0, 'error_messages': { 'chunks': [], 'others': [] }, 'time_spent': 0 } wdb_conn = WazuhDBConnection() before = datetime.utcnow().timestamp() try: with utils.Timeout(timeout): for i, chunk in enumerate(data['chunks']): try: wdb_conn.send(f"{data['set_data_command']} {chunk}", raw=True) result['updated_chunks'] += 1 except TimeoutError: raise e except Exception as e: result['error_messages']['chunks'].append((i, str(e))) except TimeoutError: result['error_messages']['others'].append( 'Timeout while processing agent-info chunks.') except Exception as e: result['error_messages']['others'].append( f'Error while processing agent-info chunks: {e}') result['time_spent'] = datetime.utcnow().timestamp() - before wdb_conn.close() return result
def clear(agent_list: list = None): """Clear the syscheck database of the specified agents. Parameters ---------- agent_list : str Agent ID. Returns ------- result : AffectedItemsWazuhResult Confirmation/Error message. """ result = AffectedItemsWazuhResult( all_msg='Syscheck database was cleared on returned agents', some_msg='Syscheck database was not cleared on some agents', none_msg="No syscheck database was cleared") system_agents = get_agents_info() not_found_agents = set(agent_list) - system_agents list( map( lambda ag: result.add_failed_item( id_=ag, error=WazuhResourceNotFound(1701)), not_found_agents)) wdb_conn = None rbac_filters = get_rbac_filters(system_resources=system_agents, permitted_resources=agent_list) db_query = WazuhDBQueryAgents(select=["id", "version"], **rbac_filters) data = db_query.run() for item in data['items']: agent_id = item['id'] agent_version = item.get( 'version', None) # If the value was NULL in the DB the key might not exist if agent_version is not None: if WazuhVersion(agent_version) < WazuhVersion('v3.12.0'): try: if wdb_conn is None: wdb_conn = WazuhDBConnection() syscheck_delete_agent(agent_id, wdb_conn) result.affected_items.append(agent_id) except WazuhError as e: result.add_failed_item(id_=agent_id, error=e) else: result.add_failed_item( id_=agent_id, error=WazuhError( 1760, extra_message="Agent version should be < v3.12.0.")) else: result.add_failed_item(id_=agent_id, error=WazuhError(1015)) if wdb_conn is not None: wdb_conn.close() result.affected_items.sort(key=int) result.total_affected_items = len(result.affected_items) return result