def ossec_put_server_config(sensor_id):
(success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id)
if not success:
return False, "Invalid sensor id %s" % sensor_id
success, ossec_directory = get_ossec_directory(sensor_id)
if not success:
api_log.error(str(ossec_directory))
return False, ossec_directory
server_config_file = os.path.join(ossec_directory, OSSEC_CONFIG_SERVER_FILE_NAME)
success, local_system_ip = get_system_ip_from_local(local_loopback=False)
if not success:
api_log.error(str(local_system_ip))
return False, "Error getting the local system ip"
# Sanity Check of the file
success, msg = ossec_verify_server_config_file(local_system_ip, server_config_file)
if not success:
api_log.error(str(msg))
return False, "Error verifiying the ossec server configuration file\n%s" % msg
success, msg = copy_file(host_list=[system_ip],
args="src=%s dest=%s owner=root group=ossec mode=644" % (server_config_file, OSSEC_CONFIG_SERVER_PATH))
if not success:
api_log.error(str(msg))
return False, "Error setting the HIDS server configuration file"
return True, ''
def ansible_install_plugin(system_ip, plugin_path, sql_path):
if not (system_ip or plugin_path or sql_path):
return False, "[ansible_install_plugin]: Missing arguments"
# Copy plugin file to plugins dir
remote_plugin_path = "/etc/ossim/agent/plugins/" + basename(plugin_path)
cmd_args = "src=%s dest=%s force=yes owner=root " + \
"group=alienvault mode=644" % (plugin_path, remote_plugin_path)
(success, msg) = copy_file([system_ip], cmd_args)
if not success:
error_msg = "[ansible_install_plugin] Failed to copy " + \
"plugin file: %s" % msg
return False, error_msg
# Copy SQL file to tmp dir
remote_sql_path = "/tmp/tmp_" + basename(sql_path)
cmd_args = "src=%s dest=%s force=yes " % (sql_path, remote_sql_path) + \
"owner=root group=alienvault mode=644"
(success, msg) = copy_file([system_ip], cmd_args)
if not success:
error_msg = "[ansible_install_plugin] Failed to copy " + \
"sql file: %s" % msg
return False, error_msg
# Apply SQL file
cmd_args = "/usr/bin/ossim-db < %s" % remote_sql_path
response = ansible.run_module(host_list=[system_ip],
module="shell",
use_sudo=True,
args=cmd_args)
(success, msg) = ansible_is_valid_response(system_ip, response)
if not success:
error_msg = "[ansible_install_plugin] Failed to apply " + \
"sql file: %s" % msg
return False, error_msg
# Delete SQL file
(success, msg) = remove_file([system_ip], remote_sql_path)
if not success:
error_msg = "[ansible_install_plugin] Failed to delete " + \
"sql file: %s" % msg
return False, error_msg
return True, "[ansible_install_plugin] Plugin installed OK"
def ansible_install_plugin(system_ip, plugin_path, sql_path):
if not (system_ip or plugin_path or sql_path):
return False, "[ansible_install_plugin]: Missing arguments"
# Copy plugin file to plugins dir
remote_plugin_path = "/etc/ossim/agent/plugins/" + basename(plugin_path)
cmd_args = "src=%s dest=%s force=yes owner=root " + \
"group=alienvault mode=644" % (plugin_path, remote_plugin_path)
(success, msg) = copy_file([system_ip], cmd_args)
if not success:
error_msg = "[ansible_install_plugin] Failed to copy " + \
"plugin file: %s" % msg
return False, error_msg
# Copy SQL file to tmp dir
remote_sql_path = "/tmp/tmp_" + basename(sql_path)
cmd_args = "src=%s dest=%s force=yes " % (sql_path, remote_sql_path) + \
"owner=root group=alienvault mode=644"
(success, msg) = copy_file([system_ip], cmd_args)
if not success:
error_msg = "[ansible_install_plugin] Failed to copy " + \
"sql file: %s" % msg
return False, error_msg
# Apply SQL file
cmd_args = "/usr/bin/ossim-db < %s" % remote_sql_path
response = ansible.run_module(host_list=[system_ip],
module="shell",
use_sudo=True,
args=cmd_args)
(success, msg) = ansible_is_valid_response(system_ip, response)
if not success:
error_msg = "[ansible_install_plugin] Failed to apply " + \
"sql file: %s" % msg
return False, error_msg
# Delete SQL file
(success, msg) = remove_file([system_ip], remote_sql_path)
if not success:
error_msg = "[ansible_install_plugin] Failed to delete " + \
"sql file: %s" % msg
return False, error_msg
return True, "[ansible_install_plugin] Plugin installed OK"
