Esempio n. 1
0
from dynamite_nsm import const
from dynamite_nsm.services.updates import install
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=install.InstallManager,
                                  interface_name='Update DynamiteNSM Default Configs',
                                  interface_description='Update mirrors and default configurations',
                                  entry_method_name='setup',
                                  defaults=dict(stdout=True, url=const.DEFAULT_CONFIGURATIONS_URL)
                                  )
Esempio n. 2
0
from dynamite_nsm.services.logstash import install
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=install.InstallManager,
                                  interface_name='Logstash Install Manager',
                                  interface_description='Install Logstash as a standalone component.',
                                  entry_method_name='setup',
                                  defaults=dict(download_logstash_archive=True,
                                                install_directory='/opt/dynamite/logstash',
                                                configuration_directory='/etc/dynamite/logstash',
                                                log_directory='/var/log/dynamite/logstash',
                                                stdout=True,
                                                )
                                  )
Esempio n. 3
0
from dynamite_nsm.services.elasticsearch import install
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=install.UninstallManager,
                                  interface_name='Elasticsearch Uninstall Manager',
                                  interface_description='Uninstall Elasticsearch on this machine.',
                                  entry_method_name='uninstall',
                                  defaults=dict(purge_config=True, stdout=True)
                                  )
Esempio n. 4
0
from dynamite_nsm.services.filebeat import install
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=install.InstallManager,
                                  interface_name='Filebeat Install Manager',
                                  interface_description='Install Filebeat as a standalone component.',
                                  entry_method_name='setup',
                                  defaults=dict(download_filebeat_archive=True,
                                                install_directory='/opt/dynamite/filebeat',
                                                stdout=True,
                                                target_type='elasticsearch'
                                                )
                                  )
Esempio n. 5
0
from dynamite_nsm.services.agent import install
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=install.InstallManager,
                                  interface_name='Agent Install Manager',
                                  interface_description='Install agent components and configure this system as a '
                                                        'sensor.',
                                  entry_method_name='setup',
                                  defaults=dict(stdout=True,
                                                filebeat_install_directory='/opt/dynamite/filebeat',
                                                suricata_install_directory='/opt/dynamite/suricata/',
                                                suricata_configuration_directory='/etc/dynamite/suricata/',
                                                suricata_log_directory='/opt/dynamite/suricata/logs/',
                                                zeek_install_directory='/opt/dynamite/zeek/',
                                                zeek_configuration_directory='/etc/dynamite/zeek/',
                                                target_type='elasticsearch'
                                                )
                                  )
Esempio n. 6
0
from dynamite_nsm.services.zeek import logs
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=logs.BrokerLog,
                                  interface_name='Zeek Broker Log',
                                  interface_description='Peering status events between Zeek or Broker-enabled processes',
                                  defaults=dict(log_sample_size=500),
                                  entry_method_name='tail',
                                  )
Esempio n. 7
0
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface
from dynamite_nsm.services.zeek import logs

interface = \
    SingleResponsibilityInterface(cls=logs.ClusterLog,
                                  interface_name='Zeek Cluster Log',
                                  interface_description='View Zeek connections between nodes within this Zeek cluster.',
                                  defaults=dict(log_sample_size=500),
                                  entry_method_name='tail',
                                  )
Esempio n. 8
0
from dynamite_nsm.services.zeek import logs
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=logs.ReporterLog,
                                  interface_name='Zeek Reporter Log',
                                  interface_description='View Zeek Internal error/warning/info messages.',
                                  defaults=dict(log_sample_size=500),
                                  entry_method_name='tail',
                                  )
Esempio n. 9
0
from dynamite_nsm.services.suricata import logs
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=logs.MainLog,
                                  interface_name='Suricata Main Log',
                                  interface_description='View Suricata Internal error/warning/info messages.',
                                  defaults=dict(log_sample_size=500),
                                  entry_method_name='tail',
                                  )
Esempio n. 10
0
from dynamite_nsm.services.filebeat import logs
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface


interface = \
    SingleResponsibilityInterface(cls=logs.StatusLog,
                                  interface_name='Filebeat Main Log',
                                  interface_description='View Filebeat Internal error/warning/info messages.',
                                  defaults=dict(log_sample_size=500),
                                  entry_method_name='tail_entries',
                                  )
Esempio n. 11
0
from dynamite_nsm.services.suricata import update
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=update.RuleUpdateManager,
                                  interface_name='Update Suricata Rules',
                                  interface_description='Install the latest Suricata rule-sets.',
                                  entry_method_name='update',
                                  defaults=dict(stdout=True)
                                  )
Esempio n. 12
0
from dynamite_nsm.services.monitor import install
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=install.UninstallManager,
                                  interface_name='Monitor Uninstall Manager',
                                  interface_description='Uninstall the monitor components on this machine.',
                                  entry_method_name='uninstall',
                                  defaults=dict(purge_config=False, stdout=True)
                                  )
Esempio n. 13
0
from dynamite_nsm.services.agent import optimize
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=optimize.OptimizeThreadingManager,
                                  interface_name='Agent Optimization Manager',
                                  interface_description='Automatically adjust how resources are allocated between '
                                                        'Zeek and Suricata.',
                                  entry_method_name='optimize',
                                  defaults=dict(stdout=True, suricata_configuration_directory='/etc/dynamite/suricata/',
                                                zeek_install_directory='/opt/dynamite/zeek/')
                                  )
Esempio n. 14
0
from dynamite_nsm import utilities
from dynamite_nsm.services.remote import install
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=install.InstallManager,
                                  interface_name='Remotes Install Manager',
                                  interface_description='Install a remote manager authentication package.',
                                  entry_method_name='setup',
                                  defaults=dict(install_directory='/opt/dynamite/remotes', stdout=True)
                                  )
Esempio n. 15
0
from dynamite_nsm.services.filebeat import logs
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=logs.StatusLog,
                                  interface_name='Filebeat Aggregated Metrics',
                                  interface_description='Filebeat metrics aggregated over a consistent time interval.',
                                  defaults=dict(log_sample_size=500),
                                  entry_method_name='tail_metrics',
                                  )
Esempio n. 16
0
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface
from dynamite_nsm.services.remote import install

interface = \
    SingleResponsibilityInterface(cls=install.UninstallManager,
                                  interface_name='Dynamite Remote Node Uninstall Manager',
                                  interface_description='Uninstall Dynamite Remote Node on this machine.',
                                  entry_method_name='uninstall',
                                  defaults=dict(purge_config=False, stdout=True)
                                  )
Esempio n. 17
0
from dynamite_nsm.services.monitor import install
from dynamite_nsm.cmd.service_interfaces import SingleResponsibilityInterface

interface = \
    SingleResponsibilityInterface(cls=install.InstallManager,
                                  interface_name='Monitor Install Manager',
                                  interface_description='Install monitor components and configure this system to '
                                                        'receive events and alerts from various agents.',
                                  entry_method_name='setup',
                                  defaults=dict(stdout=True,
                                                elasticsearch_install_directory='/opt/dynamite/elasticsearch/',
                                                elasticsearch_configuration_directory='/etc/dynamite/elasticsearch/',
                                                elasticsearch_log_directory='/var/log/dynamite/elasticsearch/',
                                                # As of DynamiteNSM 1.0 we do not setup logstash as part of the
                                                # monitor installation, unless this option is explicitly enabled by
                                                # the end-user agents (by default) will send events directly to
                                                # elasticsearch
                                                logstash_install_directory=None,
                                                logstash_configuration_directory=None,
                                                logstash_log_directory=None,
                                                kibana_install_directory='/opt/dynamite/kibana/',
                                                kibana_configuration_directory='/etc/dynamite/kibana/',
                                                kibana_log_directory='/var/log/dynamite/kibana/'
                                                )
                                  )