Esempio n. 1
0
    def _get_zeek_version(self):
        from ZeekControl import execute

        zeek = self.config["zeek"]
        if not os.path.lexists(zeek):
            raise ConfigurationError("cannot find Zeek binary: %s" % zeek)

        version = ""
        success, output = execute.run_localcmd("%s -v" % zeek)
        if success and output:
            version = output.splitlines()[-1]
        else:
            msg = " with no output"
            if output:
                msg = " with output:\n%s" % output
            raise RuntimeEnvironmentError('running "zeek -v" failed%s' % msg)

        match = re.search(".* version ([^ ]*).*$", version)
        if not match:
            raise RuntimeEnvironmentError(
                'cannot determine Zeek version ("zeek -v" output: %s)' %
                version.strip())

        version = match.group(1)
        # If zeek is built with the "--enable-debug" configure option, then it
        # appends "-debug" to the version string.
        if version.endswith("-debug"):
            version = version[:-6]

        return version
Esempio n. 2
0
    def __init__(self, path):
        self.path = path

        try:
            self.db = sqlite3.connect(self.path)
        except sqlite3.Error as err:
            raise RuntimeEnvironmentError(
                "%s: %s\nCheck if the user running ZeekControl has both write and search permission to\nthe directory containing the database file and has both read and write\npermission to the database file itself."
                % (err, path))

        self.c = self.db.cursor()

        try:
            self.setup()
        except sqlite3.Error as err:
            raise RuntimeEnvironmentError(
                "%s: %s\nCheck if the user running ZeekControl has write access to the database file.\nOtherwise, the database file is possibly corrupt."
                % (err, path))
Esempio n. 3
0
    def _initialize_options(self):
        from ZeekControl import execute

        # Set defaults for options we get passed in.
        self.init_option("zeekbase", self.basedir)
        self.init_option("zeekscriptdir", self.zeekscriptdir)
        self.init_option("version", VERSION)

        # Initialize options that are not already set.
        for opt in options.options:
            if opt.dontinit:
                continue

            if opt.legacy_name:
                old_key = opt.legacy_name.lower()
                if old_key in self.config:
                    self.ui.warn("option '%s' is deprecated, please use '%s' instead" % (opt.legacy_name, opt.name))
                    self.init_option(opt.name, self.config[old_key])
                    del self.config[old_key]
                    continue

            self.init_option(opt.name, opt.default)

        # Set defaults for options we derive dynamically.
        self.init_option("mailto", "%s" % os.getenv("USER"))
        self.init_option("mailfrom", "Zeek <zeek@%s>" % socket.gethostname())
        self.init_option("mailalarmsto", self.config["mailto"])

        # Determine operating system.
        success, output = execute.run_localcmd("uname")
        if not success or not output:
            raise RuntimeEnvironmentError("failed to run uname: %s" % output)
        self.init_option("os", output.strip())

        # Determine the CPU pinning command.
        pin_cmd = ""
        if self.config["os"] == "Linux":
            pin_cmd = "taskset -c"
        elif self.config["os"] == "FreeBSD":
            pin_cmd = "cpuset -l"

        self.init_option("pin_command", pin_cmd)

        # Find the time command (should be a GNU time for best results).
        time_cmd = ""
        success, output = execute.run_localcmd("which time")
        if success and output:
            # On redhat-based systems, path to cmd is prefixed with '\t' on 2nd
            # line when alias is defined.
            time_cmd = output.splitlines()[-1].strip()

        self.init_option("time", time_cmd)

        # Calculate the log expire interval (in minutes).
        minutes = self._get_interval_minutes("logexpireinterval")
        self.init_option("logexpireminutes", minutes)
Esempio n. 4
0
    def set(self, key, value):
        value = json.dumps(value)
        try:
            self.c.execute("REPLACE INTO state (key, value) VALUES (?,?)",
                           [key, value])
        except sqlite3.Error as err:
            raise RuntimeEnvironmentError(
                "%s: %s\nCheck if the user running ZeekControl has write access to the database file."
                % (err, self.path))

        self.db.commit()