def get_account(self, account_file):
""" Gets the username and password from an account file.
:param account_file: Path to the file which contains user and password information.
It can be either an absolute file path or one that is relative to the given rule.
"""
if os.path.isabs(account_file):
account_file_path = account_file
else:
account_file_path = os.path.join(os.path.dirname(self.rule['rule_file']), account_file)
account_conf = read_yaml(account_file_path)
if 'user' not in account_conf or 'password' not in account_conf:
raise EAException('Account file must have user and password fields')
self.user = account_conf['user']
self.password = account_conf['password']
def get_account(self, account_file):
""" Gets the username and password, or the apikey, from an account file.
:param account_file: Path to the file which contains the credentials.
It can be either an absolute file path or one that is relative to the given rule.
"""
if os.path.isabs(account_file):
account_file_path = account_file
else:
account_file_path = os.path.join(
os.path.dirname(self.rule['rule_file']), account_file)
account_conf = read_yaml(account_file_path)
if not (('user' in account_conf and 'password' in account_conf)
or 'apikey' in account_conf):
raise EAException(
'Account file must have user and password fields, or apikey field'
)
if 'apikey' in account_conf:
self.apikey = account_conf['apikey']
else:
self.user = account_conf['user']
self.password = account_conf['password']
def load_conf(args, defaults=None, overwrites=None):
""" Creates a conf dictionary for ElastAlerter. Loads the global
config file and then each rule found in rules_folder.
:param args: The parsed arguments to ElastAlert
:param defaults: Dictionary of default conf values
:param overwrites: Dictionary of conf values to override
:return: The global configuration, a dictionary.
"""
filename = args.config
if filename:
conf = read_yaml(filename)
else:
try:
conf = read_yaml('config.yaml')
except FileNotFoundError:
raise EAException('No --config or config.yaml found')
# init logging from config and set log levels according to command line options
configure_logging(args, conf)
for env_var, conf_var in list(env_settings.items()):
val = env(env_var, None)
if val is not None:
conf[conf_var] = val
for key, value in (iter(defaults.items()) if defaults is not None else []):
if key not in conf:
conf[key] = value
for key, value in (iter(overwrites.items())
if overwrites is not None else []):
conf[key] = value
# Make sure we have all required globals
if required_globals - frozenset(list(conf.keys())):
raise EAException('%s must contain %s' %
(filename, ', '.join(required_globals -
frozenset(list(conf.keys())))))
conf.setdefault('writeback_alias', 'elastalert_alerts')
conf.setdefault('max_query_size', 10000)
conf.setdefault('scroll_keepalive', '30s')
conf.setdefault('max_scrolling_count', 0)
conf.setdefault('disable_rules_on_error', True)
conf.setdefault('scan_subdirectories', True)
conf.setdefault('rules_loader', 'file')
# Convert run_every, buffer_time into a timedelta object
try:
conf['run_every'] = datetime.timedelta(**conf['run_every'])
conf['buffer_time'] = datetime.timedelta(**conf['buffer_time'])
if 'alert_time_limit' in conf:
conf['alert_time_limit'] = datetime.timedelta(
**conf['alert_time_limit'])
else:
conf['alert_time_limit'] = datetime.timedelta(days=2)
if 'old_query_limit' in conf:
conf['old_query_limit'] = datetime.timedelta(
**conf['old_query_limit'])
else:
conf['old_query_limit'] = datetime.timedelta(weeks=1)
except (KeyError, TypeError) as e:
raise EAException('Invalid time format used: %s' % e)
# Initialise the rule loader and load each rule configuration
rules_loader_class = loader_mapping.get(
conf['rules_loader']) or get_module(conf['rules_loader'])
rules_loader = rules_loader_class(conf)
conf['rules_loader'] = rules_loader
# Make sure we have all the required globals for the loader
# Make sure we have all required globals
if rules_loader.required_globals - frozenset(list(conf.keys())):
raise EAException('%s must contain %s' %
(filename, ', '.join(rules_loader.required_globals -
frozenset(list(conf.keys())))))
return conf
def get_yaml(self, filename):
try:
return read_yaml(filename)
except yaml.scanner.ScannerError as e:
raise EAException('Could not parse file %s: %s' % (filename, e))