Exemple #1
0
def system_settings(request):
    if not request.user.is_staff:
        context = { 'error': 'Unsufficient permissions' }
        return scirius_render(request, 'rules/system_settings.html', context)

    main_form = SystemSettingsForm(instance = get_system_settings())
    kibana_form = KibanaDataForm()
    context = {
        'form_id': 'main',
        'main_form': main_form,
        'kibana_form': kibana_form,
    }

    if request.method == 'POST':
        form_id = request.POST.get('form_id', None)

        if form_id == 'main':
            main_form = SystemSettingsForm(request.POST, instance = get_system_settings())
            context['main_form'] = main_form
            if main_form.is_valid():
                main_form.save()
                context['success'] = "All changes saved."
            else:
                context['error'] = "Invalid form."
        elif form_id == 'kibana':
            es_data = ESData()
            if 'export' in request.POST:
                tar_name, tar_file = es_data.kibana_export()

                with open(tar_file, 'rb') as f:
                    content = f.read()

                os.unlink(tar_file)
                response = HttpResponse(content, content_type='application/x-bzip2')
                response['Content-Disposition'] = 'attachment; filename="%s"' % tar_name
                return response
            elif 'import' in request.POST:
                form = KibanaDataForm(request.POST, request.FILES)
                if form.is_valid() and 'file' in request.FILES:
                    try:
                        count = es_data.kibana_import_fileobj(request.FILES['file'])
                        context['success'] = 'Successfully imported %i dashboards' % count
                    except Exception, e:
                        context['error'] = 'Import failed: %s' % e
                else:
                    context['error'] = 'Please provide a dashboard archive'
            elif 'clear' in request.POST:
                try:
                    es_data.kibana_clear()
                    context['success'] = 'Done'
                except Exception, e:
                    context['error'] = 'Clearing failed: %s' % e
            elif 'reset' in request.POST:
                try:
                    es_data.kibana_reset()
                    context['success'] = 'Done'
                except Exception, e:
                    context['error'] = 'Reset failed: %s' % e
Exemple #2
0
def complete_context(request, context):
    if get_system_settings().use_elasticsearch:
        if request.GET.__contains__('duration'):
            duration = int(request.GET.get('duration', '24'))
            if duration > 24 * 7:
                duration = 24 * 7
            request.session['duration'] = duration
        else:
            duration = int(request.session.get('duration', '24'))
        from_date = int((time() - (duration * 3600)) * 1000) # last 24 hours
        if duration <= 24:
            date = str(duration) + "h"
        else:
            date = str(duration / 24) + "d"
        if request.GET.__contains__('graph'):
            graph = request.GET.get('graph', 'sunburst')
            if not graph in ['sunburst', 'circles']:
                graph = 'sunburst'
            request.session['graph'] = graph
        else:
            graph = 'sunburst'
        if graph == 'sunburst':
            context['draw_func'] = 'draw_sunburst'
            context['draw_elt'] = 'path'
        else:
            context['draw_func'] = 'draw_circle'
            context['draw_elt'] = 'circle'
        context['date'] = date
        context['from_date'] = from_date
        context['time_range'] = duration * 3600
Exemple #3
0
def scirius_render(request, template, context):
    context['generator'] = settings.RULESET_MIDDLEWARE
    context['path_info'] = build_path_info(request)
    gsettings = get_system_settings()
    if settings.USE_INFLUXDB:
        context['influxdb'] = 1
    if settings.USE_SURICATA_STATS:
        context['suricata_stats'] = 1
    if settings.USE_LOGSTASH_STATS:
        context['logstash_stats'] = 1
    if gsettings.use_elasticsearch:
        context['elasticsearch'] = 1
        if settings.USE_KIBANA:
            context['kibana'] = 1
            if settings.KIBANA_PROXY:
                context['kibana_url'] = "/kibana"
            else:
                context['kibana_url'] = settings.KIBANA_URL
            context['kibana_version'] = settings.KIBANA_VERSION
    if settings.ELASTICSEARCH_2X:
        context['es2x'] = 1
    else:
        context['es2x'] = 0
    if settings.USE_EVEBOX:
        context['evebox'] = 1
        context['evebox_url'] = "/evebox"
    return render(request, template, context)
Exemple #4
0
def system_settings(request):
    if not request.user.is_staff:
        context = { 'error': 'Unsufficient permissions' }
        return scirius_render(request, 'rules/system_settings.html', context)
    if request.method == 'POST':
        form = SystemSettingsForm(request.POST, instance = get_system_settings())
        context = { 'form': form }
        if not form.is_valid():
            context['error'] = "Invalid form."
            return scirius_render(request, 'rules/system_settings.html', context)
        form.save()
        context['success'] = "All changes saved."
        return scirius_render(request, 'rules/system_settings.html', context)
    form = SystemSettingsForm(instance = get_system_settings())
    context = { 'form': form }
    return scirius_render(request, 'rules/system_settings.html', context)
Exemple #5
0
def complete_context(request, context):
    if get_system_settings().use_elasticsearch:
        if request.GET.__contains__("duration"):
            duration = int(request.GET.get("duration", "24"))
            if duration > 24 * 7:
                duration = 24 * 7
            request.session["duration"] = duration
        else:
            duration = int(request.session.get("duration", "24"))
        from_date = int((time() - (duration * 3600)) * 1000)  # last 24 hours
        if duration <= 24:
            date = str(duration) + "h"
        else:
            date = str(duration / 24) + "d"
        if request.GET.__contains__("graph"):
            graph = request.GET.get("graph", "sunburst")
            if not graph in ["sunburst", "circles"]:
                graph = "sunburst"
            request.session["graph"] = graph
        else:
            graph = "sunburst"
        if graph == "sunburst":
            context["draw_func"] = "draw_sunburst"
            context["draw_elt"] = "path"
        else:
            context["draw_func"] = "draw_circle"
            context["draw_elt"] = "circle"
        context["date"] = date
        context["from_date"] = from_date
        context["time_range"] = duration * 3600
Exemple #6
0
def system_settings(request):
    if not request.user.is_staff:
        context = {"error": "Unsufficient permissions"}
        return scirius_render(request, "rules/system_settings.html", context)
    if request.method == "POST":
        form = SystemSettingsForm(request.POST, instance=get_system_settings())
        context = {"form": form}
        if not form.is_valid():
            context["error"] = "Invalid form."
            return scirius_render(request, "rules/system_settings.html", context)
        form.save()
        context["success"] = "All changes saved."
        return scirius_render(request, "rules/system_settings.html", context)
    form = SystemSettingsForm(instance=get_system_settings())
    context = {"form": form}
    return scirius_render(request, "rules/system_settings.html", context)
Exemple #7
0
def complete_context(request, context):
    if get_system_settings().use_elasticsearch:
        if request.GET.__contains__('duration'):
            duration = int(request.GET.get('duration', '24'))
            if duration > 24 * 30:
                duration = 24 * 30
            request.session['duration'] = duration
        else:
            duration = int(request.session.get('duration', '24'))
        from_date = int((time() - (duration * 3600)) * 1000)
        if duration <= 24:
            date = str(duration) + "h"
        else:
            date = str(duration / 24) + "d"
        if request.GET.__contains__('graph'):
            graph = request.GET.get('graph', 'sunburst')
            if not graph in ['sunburst', 'circles']:
                graph = 'sunburst'
            request.session['graph'] = graph
        else:
            graph = 'sunburst'
        if graph == 'sunburst':
            context['draw_func'] = 'draw_sunburst'
            context['draw_elt'] = 'path'
        else:
            context['draw_func'] = 'draw_circle'
            context['draw_elt'] = 'circle'
        context['date'] = date
        context['from_date'] = from_date
        context['time_range'] = duration * 3600
Exemple #8
0
def system_settings(request):
    if not request.user.is_staff:
        context = { 'error': 'Unsufficient permissions' }
        return scirius_render(request, 'rules/system_settings.html', context)
    if request.method == 'POST':
        form = SystemSettingsForm(request.POST, instance = get_system_settings())
        context = { 'form': form }
        if not form.is_valid():
            context['error'] = "Invalid form."
            return scirius_render(request, 'rules/system_settings.html', context)
        form.save()
        context['success'] = "All changes saved."
        return scirius_render(request, 'rules/system_settings.html', context)
    form = SystemSettingsForm(instance = get_system_settings())
    context = { 'form': form }
    return scirius_render(request, 'rules/system_settings.html', context)
Exemple #9
0
def scirius_render(request, template, context):
    context['generator'] = settings.RULESET_MIDDLEWARE
    context['path_info'] = build_path_info(request)
    gsettings = get_system_settings()
    if settings.USE_INFLUXDB:
        context['influxdb'] = 1
    if settings.USE_SURICATA_STATS:
        context['suricata_stats'] = 1
    if settings.USE_LOGSTASH_STATS:
        context['logstash_stats'] = 1
    if gsettings.use_elasticsearch:
        context['elasticsearch'] = 1
        if settings.USE_KIBANA:
            context['kibana'] = 1
            if settings.KIBANA_PROXY:
                context['kibana_url'] = "/kibana"
            else:
                context['kibana_url'] = settings.KIBANA_URL
            context['kibana_version'] = settings.KIBANA_VERSION
    if settings.ELASTICSEARCH_2X:
        context['es2x'] = 1
    else:
        context['es2x'] = 0
    if settings.USE_EVEBOX:
        context['evebox'] = 1
        context['evebox_url'] = "/evebox"
    try:
        middleware = __import__("%s.%s" % (settings.RULESET_MIDDLEWARE, 'links'))
        context['links'] = middleware.links.links(request)
    except:
        pass
    return render(request, template, context)
Exemple #10
0
def scirius_render(request, template, context):
    context['generator'] = settings.RULESET_MIDDLEWARE
    context['path_info'] = build_path_info(request)
    context[
        'scirius_release'] = settings.SCIRIUS_FLAVOR + " v" + settings.SCIRIUS_VERSION
    context['scirius_long_name'] = settings.SCIRIUS_LONG_NAME
    context['scirius_title'] = get_middleware_module(
        'common').get_homepage_context()['title']
    context['scirius_short_title'] = get_middleware_module(
        'common').get_homepage_context()['short_title']
    gsettings = get_system_settings()
    if settings.USE_INFLUXDB:
        context['influxdb'] = 1
    if settings.USE_SURICATA_STATS:
        context['suricata_stats'] = 1
    if settings.USE_LOGSTASH_STATS:
        context['logstash_stats'] = 1
    if settings.HAVE_NETINFO_AGG:
        context['netinfo_agg'] = 1
    if gsettings.use_elasticsearch:
        context['elasticsearch'] = 1
        if settings.USE_KIBANA:
            context['kibana'] = 1
            if settings.KIBANA_PROXY:
                context['kibana_url'] = "/kibana"
            else:
                context['kibana_url'] = settings.KIBANA_URL
    if settings.USE_EVEBOX:
        context['evebox'] = 1
        context['evebox_url'] = "/evebox"
    if settings.USE_CYBERCHEF:
        context['cyberchef'] = 1
        context['cyberchef_url'] = "/static/cyberchef/"
    if settings.SCIRIUS_HAS_DOC:
        djurl = request.resolver_match
        context['help_link'] = help_links(djurl.view_name)
    if settings.SCIRIUS_IN_SELKS:
        context['in_selks'] = 1

    context['toplinks'] = [{
        'id':
        'suricata',
        'url':
        '/suricata/',
        'icon':
        'eye-open',
        'label':
        'Suricata',
        'perm':
        request.user.has_perm('rules.configuration_view')
    }]
    context['monitoring_url'] = 'suricata_index'

    context.update(get_middleware_module('common').update_context(request))
    context['messages'] = messages.get_messages(request)
    context['settings'] = settings
    complete_context(request, context)
    return render(request, template, context)
Exemple #11
0
def scirius_render(request, template, context):
    try:
        context['probes'] = map(lambda x: "'" + x + "'",
                                Probe.models.get_probe_hostnames())
    except:
        pass
    context['generator'] = settings.RULESET_MIDDLEWARE
    context['path_info'] = build_path_info(request)
    context[
        'scirius_release'] = settings.SCIRIUS_FLAVOR + " v" + settings.SCIRIUS_VERSION
    gsettings = get_system_settings()
    if settings.USE_INFLUXDB:
        context['influxdb'] = 1
    if settings.USE_SURICATA_STATS:
        context['suricata_stats'] = 1
    if settings.USE_LOGSTASH_STATS:
        context['logstash_stats'] = 1
    if settings.HAVE_NETINFO_AGG:
        context['netinfo_agg'] = 1
    if gsettings.use_elasticsearch:
        context['elasticsearch'] = 1
        if settings.USE_KIBANA:
            context['kibana'] = 1
            if settings.KIBANA_PROXY:
                context['kibana_url'] = "/kibana"
            else:
                context['kibana_url'] = settings.KIBANA_URL
    context['es_backend'] = settings.ES_BACKEND
    if settings.USE_EVEBOX:
        context['evebox'] = 1
        context['evebox_url'] = "/evebox"
    if settings.SCIRIUS_HAS_DOC:
        djurl = request.resolver_match
        context['help_link'] = help_links(djurl.view_name)

    context['toplinks'] = [{
        'id': 'suricata',
        'url': '/suricata/',
        'icon': 'eye-open',
        'label': 'Suricata'
    }]
    context['monitoring_url'] = 'suricata_index'
    try:
        links = get_middleware_module('links')
        context['toplinks'] = links.TOPLINKS
        context['links'] = links.links(request)
        context['monitoring_url'] = links.MONITORING_URL
    except:
        pass
    try:
        context['middleware_status'] = get_middleware_module(
            'common').block_status(request)
    except:
        pass

    context['messages'] = messages.get_messages(request)
    complete_context(request, context)
    return render(request, template, context)
Exemple #12
0
def scirius_render(request, template, context):
    context['generator'] = settings.RULESET_MIDDLEWARE
    gsettings = get_system_settings()
    if gsettings.use_elasticsearch:
        context['elasticsearch'] = 1
        if settings.USE_KIBANA:
            context['kibana'] = 1
            if settings.KIBANA_PROXY:
                context['kibana_url'] = "/kibana"
            else:
                context['kibana_url'] = settings.KIBANA_URL
    return render(request, template, context)
Exemple #13
0
def scirius_render(request, template, context):
    context['generator'] = settings.RULESET_MIDDLEWARE
    context['path_info'] = build_path_info(request)
    context[
        'scirius_release'] = settings.SCIRIUS_FLAVOR + " v" + settings.SCIRIUS_VERSION
    gsettings = get_system_settings()
    if settings.USE_INFLUXDB:
        context['influxdb'] = 1
    if settings.USE_SURICATA_STATS:
        context['suricata_stats'] = 1
    if settings.USE_LOGSTASH_STATS:
        context['logstash_stats'] = 1
    if gsettings.use_elasticsearch:
        context['elasticsearch'] = 1
        if settings.USE_KIBANA:
            context['kibana'] = 1
            if settings.KIBANA_PROXY:
                context['kibana_url'] = "/kibana"
            else:
                context['kibana_url'] = settings.KIBANA_URL
            context['kibana_version'] = settings.KIBANA_VERSION
    if settings.ELASTICSEARCH_VERSION >= 2:
        context['es2x'] = 1
    else:
        context['es2x'] = 0
    if settings.USE_EVEBOX:
        context['evebox'] = 1
        context['evebox_url'] = "/evebox"

    context['toplinks'] = [{
        'id': 'suricata',
        'url': '/suricata/',
        'icon': 'eye-open',
        'label': 'Suricata'
    }]
    try:
        middleware = __import__("%s.%s" %
                                (settings.RULESET_MIDDLEWARE, 'links'))
        context['toplinks'] = middleware.links.TOPLINKS
        context['links'] = middleware.links.links(request)
    except:
        pass
    try:
        middleware = __import__("%s.%s" %
                                (settings.RULESET_MIDDLEWARE, 'common'))
        context['middleware_status'] = middleware.common.block_status(request)
    except:
        pass

    context['messages'] = messages.get_messages(request)

    return render(request, template, context)
Exemple #14
0
def scirius_render(request, template, context):
    context['generator'] = settings.RULESET_MIDDLEWARE
    gsettings = get_system_settings()
    if settings.USE_INFLUXDB:
        context['influxdb'] = 1
    if settings.USE_SURICATA_STATS:
        context['suricata_stats'] = 1
    if settings.USE_LOGSTASH_STATS:
        context['logstash_stats'] = 1
    if gsettings.use_elasticsearch:
        context['elasticsearch'] = 1
        if settings.USE_KIBANA:
            context['kibana'] = 1
            if settings.KIBANA_PROXY:
                context['kibana_url'] = "/kibana"
            else:
                context['kibana_url'] = settings.KIBANA_URL
            context['kibana_version'] = settings.KIBANA_VERSION
    return render(request, template, context)
Exemple #15
0
def scirius_render(request, template, context):
    context['generator'] = settings.RULESET_MIDDLEWARE
    context['path_info'] = build_path_info(request)
    gsettings = get_system_settings()
    if settings.USE_INFLUXDB:
        context['influxdb'] = 1
    if settings.USE_SURICATA_STATS:
        context['suricata_stats'] = 1
    if settings.USE_LOGSTASH_STATS:
        context['logstash_stats'] = 1
    if gsettings.use_elasticsearch:
        context['elasticsearch'] = 1
        if settings.USE_KIBANA:
            context['kibana'] = 1
            if settings.KIBANA_PROXY:
                context['kibana_url'] = "/kibana"
            else:
                context['kibana_url'] = settings.KIBANA_URL
            context['kibana_version'] = settings.KIBANA_VERSION
    if settings.ELASTICSEARCH_2X:
        context['es2x'] = 1
    else:
        context['es2x'] = 0
    if settings.USE_EVEBOX:
        context['evebox'] = 1
        context['evebox_url'] = "/evebox"
    try:
        middleware = __import__("%s.%s" %
                                (settings.RULESET_MIDDLEWARE, 'links'))
        context['links'] = middleware.links.links(request)
    except:
        pass
    try:
        middleware = __import__("%s.%s" %
                                (settings.RULESET_MIDDLEWARE, 'common'))
        context['middleware_status'] = middleware.common.block_status(request)
    except:
        pass

    return render(request, template, context)
Exemple #16
0
def complete_context(request, context):
    if get_system_settings().use_elasticsearch:
        if request.GET.__contains__('duration'):
            duration = int(request.GET.get('duration', '24'))
            if duration > 24 * 30:
                duration = 24 * 30
            request.session['duration'] = duration
        else:
            duration = int(request.session.get('duration', '24'))

        from_date = int((time() - (duration * 3600)) * 1000)
        if duration <= 24:
            date = '%ih' % int(duration)
        else:
            date = '%id' % int(duration / 24)

        context['draw_func'] = 'draw_sunburst'
        context['draw_elt'] = 'path'

        context['date'] = date
        context['from_date'] = from_date
        context['time_range'] = duration * 3600
Exemple #17
0
 def _get_proxies(self):
     return get_system_settings().get_proxy_params()
Exemple #18
0
def system_settings(request):
    if not request.user.is_staff:
        context = {'error': 'Unsufficient permissions'}
        return scirius_render(request, 'rules/system_settings.html', context)

    main_form = SystemSettingsForm(instance=get_system_settings())
    kibana_form = KibanaDataForm()
    context = {
        'form_id': 'main',
        'main_form': main_form,
        'kibana_form': kibana_form,
    }

    if request.method == 'POST':
        form_id = request.POST.get('form_id', None)

        if form_id == 'main':
            main_form = SystemSettingsForm(request.POST,
                                           instance=get_system_settings())
            context['main_form'] = main_form
            if main_form.is_valid():
                main_form.save()
                context['success'] = "All changes saved."
            else:
                context['error'] = "Invalid form."

        elif form_id == 'es':
            es_data = ESData()
            try:
                es_data.es_clear()
                context['success'] = 'Done'
            except ConnectionError as e:
                context['error'] = 'Could not connect to Elasticsearch'
            except Exception as e:
                context['error'] = 'Clearing failed: %s' % e

        elif form_id == 'kibana':
            es_data = ESData()
            if 'export' in request.POST:
                tar_name, tar_file = es_data.kibana_export()

                with open(tar_file, 'rb') as f:
                    content = f.read()

                os.unlink(tar_file)
                response = HttpResponse(content,
                                        content_type='application/x-bzip2')
                response[
                    'Content-Disposition'] = 'attachment; filename="%s"' % tar_name
                return response
            elif 'import' in request.POST:
                form = KibanaDataForm(request.POST, request.FILES)
                if form.is_valid() and 'file' in request.FILES:
                    try:
                        count = es_data.kibana_import_fileobj(
                            request.FILES['file'])
                        context[
                            'success'] = 'Successfully imported %i dashboards' % count
                    except Exception, e:
                        context['error'] = 'Import failed: %s' % e
                else:
                    context['error'] = 'Please provide a dashboard archive'
            elif 'clear' in request.POST:
                try:
                    es_data.kibana_clear()
                    context['success'] = 'Done'
                except Exception, e:
                    context['error'] = 'Clearing failed: %s' % e
            elif 'reset' in request.POST:
                try:
                    es_data.kibana_reset()
                    context['success'] = 'Done'
                except Exception, e:
                    context['error'] = 'Reset failed: %s' % e