def __init__(self,
datastore=None,
redis=None,
redis_persist=None,
logger=None):
self.config = forge.get_config()
self.redis = redis or get_client(
host=self.config.core.redis.nonpersistent.host,
port=self.config.core.redis.nonpersistent.port,
private=False,
)
redis_persist = redis_persist or get_client(
host=self.config.core.redis.persistent.host,
port=self.config.core.redis.persistent.port,
private=False,
)
self.timeout_watcher = WatcherClient(redis_persist)
self.submission_queue = NamedQueue(SUBMISSION_QUEUE, self.redis)
self.file_queue = NamedQueue(FILE_QUEUE, self.redis)
self.ds = datastore or forge.get_datastore(self.config)
self.log = logger or logging.getLogger(
"assemblyline.dispatching.client")
self.results = datastore.result
self.errors = datastore.error
self.files = datastore.file
self.active_submissions = ExpiringHash(DISPATCH_TASK_HASH,
host=redis_persist)
self.running_tasks = ExpiringHash(DISPATCH_RUNNING_TASK_HASH,
host=self.redis)
self.service_data = cast(Dict[str, Service],
CachedObject(self._get_services))
def __init__(self, datastore: AssemblylineDatastore, config: Config,
redis):
self.datastore = datastore
self.config = config
self._services: dict[str, Service] = {}
self.services = cast(Dict[str, Service],
CachedObject(self._get_services))
self.service_stage = get_service_stage_hash(redis)
def __init__(self, datastore=None, filestore=None):
super().__init__('assemblyline.randomservice')
self.config = forge.get_config()
self.datastore = datastore or forge.get_datastore()
self.filestore = filestore or forge.get_filestore()
self.client_id = get_random_id()
self.service_state_hash = ExpiringHash(SERVICE_STATE_HASH, ttl=30 * 60)
self.counters = {
n: MetricsFactory('service', Metrics, name=n, config=self.config)
for n in self.datastore.service_delta.keys()
}
self.queues = [
forge.get_service_queue(name)
for name in self.datastore.service_delta.keys()
]
self.dispatch_client = DispatchClient(self.datastore)
self.service_info = CachedObject(self.datastore.list_all_services,
kwargs={'as_obj': False})
def __init__(self, datastore=None):
self.datastore = datastore
self.safelist = CachedObject(get_safelist,
kwargs={'ds': self.datastore},
refresh=300) if datastore else {}
class HeuristicHandler():
def __init__(self, datastore=None):
self.datastore = datastore
self.safelist = CachedObject(get_safelist,
kwargs={'ds': self.datastore},
refresh=300) if datastore else {}
def service_heuristic_to_result_heuristic(self,
srv_heuristic,
heuristics,
zerioize_on_sig_safe=True):
heur_id = srv_heuristic['heur_id']
attack_ids = srv_heuristic.pop('attack_ids', [])
signatures = srv_heuristic.pop('signatures', {})
frequency = srv_heuristic.pop('frequency', 0)
score_map = srv_heuristic.pop('score_map', {})
# Validate the heuristic and recalculate its score
heuristic = Heuristic(heur_id, attack_ids, signatures, score_map,
frequency, heuristics)
try:
# Assign the newly computed heuristic to the section
output: dict[str, typing.Any] = dict(heur_id=heur_id,
score=heuristic.score,
name=heuristic.name,
attack=[],
signature=[])
# Assign the multiple attack IDs to the heuristic
for attack_id in heuristic.attack_ids:
attack_item = None
if attack_id in attack_map:
attack_item = dict(
attack_id=attack_id,
pattern=attack_map[attack_id]['name'],
categories=attack_map[attack_id]['categories'])
elif attack_id in software_map:
attack_item = dict(attack_id=attack_id,
pattern=software_map[attack_id].get(
'name', attack_id),
categories=["software"])
elif attack_id in group_map:
attack_item = dict(attack_id=attack_id,
pattern=group_map[attack_id].get(
'name', attack_id),
categories=["group"])
if attack_item:
output['attack'].append(attack_item)
else:
heur_logger.warning(
f"Could not generate Att&ck output for ID: {attack_id}"
)
# Assign the multiple signatures to the heuristic
for sig_name, freq in heuristic.signatures.items():
signature_item = dict(name=sig_name,
frequency=freq,
safe=self.safelist.get(
get_safelist_key(
'signature', sig_name), None)
is not None)
output['signature'].append(signature_item)
sig_safe_status = [s['safe'] for s in output['signature']]
if len(sig_safe_status) > 0 and all(sig_safe_status):
output['score'] = 0
return output, heuristic.associated_tags
except InvalidHeuristicException as e:
heur_logger.warning(str(e))
raise