def handle(self, paths, profile, format, progress=False, *args, **options): assert profile_loader.get_profile( profile), "Invalid profile: %s" % profile t0 = time.time() ruleset = RuleSet() ruleset.load() self.print("Ruleset load in %.2fms" % ((time.time() - t0) * 1000)) reader = getattr(self, "read_%s" % format, None) assert reader, "Invalid format %s" % format self.managed_object = ManagedObject(id=1, name="test", address="127.0.0.1", profile_name=profile) t0 = time.time() stats = defaultdict(int) total = 0 for p in paths: if not os.path.isfile(p): continue for f in iter_open(p): for event in reader(f): e_vars = event.raw_vars.copy() if event.source == "SNMP Trap": e_vars.update(MIB.resolve_vars(event.raw_vars)) rule, r_vars = ruleset.find_rule(event, e_vars) stats[rule.event_class.name] += 1 total += 1 if progress and total % 1000 == 0: self.print("%d records processed" % total) dt = time.time() - t0 self.print("%d events processed in %.2fms (%.fevents/sec)" % (total, dt * 1000, float(total) / dt)) if stats: # Prepare statistics s_data = sorted([(k, stats[k]) for k in stats], key=operator.itemgetter(1), reverse=True) s_total = sum(stats[k] for k in stats if not self.is_ignored(k)) data = [["Events", "%", "Event class"]] for ecls, qty in s_data: data += [[ str(qty), "%3.2f%%" % (float(stats[ecls] * 100) / float(total)), ecls ]] # Calculate classification quality data += [[ "", "%3.2f%%" % (float(s_total * 100) / total), "Classification Quality" ]] # Ruleset hit rate rs_rate = float(metrics["rules_checked"].value) / float(total) data += [["", "%.2f" % rs_rate, "Rule checks per event"]] # Dump table self.print("Event classes summary:") self.print(format_table([4, 6, 10], data))
def handle(self, services=None, *args, **options): service = get_service() out = [["Service", "ID", "Address"]] for sn in services: service.dcs.resolve_sync(sn) if sn in service.dcs.resolvers: for svc_id, address in service.dcs.resolvers[ sn].services.items(): out += [[sn, svc_id, address]] self.stdout.write(format_table([0, 0, 0, 0, 0], out) + "\n")
def handle_portmap(self, portmap_objects=[]): for po in portmap_objects: for o in ManagedObjectSelector.get_objects_from_expression(po): if not o.remote_system: self.stdout.write("%s (%s, %s) NRI: N/A\n" % (o.name, o.address, o.platform)) continue portmapper = loader.get_loader(o.remote_system.name)(o) nri = o.remote_system.name self.stdout.write("%s (%s, %s) NRI: %s\n" % (o.name, o.address, o.platform, nri)) r = [] for i in Interface._get_collection().find( { "managed_object": o.id, "type": "physical" }, { "_id": 1, "name": 1, "nri_name": 1 }, ): rn = portmapper.to_remote(i["name"]) or self.PORT_ERROR if rn == self.PORT_ERROR: ln = self.PORT_ERROR else: ln = portmapper.to_local(rn) or self.PORT_ERROR if i.get("nri_name") == rn and ln != self.PORT_ERROR: status = "OK" elif not i.get("nri_name") and ln != self.PORT_ERROR: status = "Not in database" elif rn == self.PORT_ERROR: status = "Failed to convert to remote name" else: self.print(ln, rn, i.get("nri_name")) status = "Failed to convert to local name" r += [(i["name"], rn, i.get("nri_name", "--"), status)] r = [("Local", "Remote", "Interface NRI", "Status")] + sorted( r, key=lambda x: split_alnum(x[0])) self.stdout.write( "%s\n" % format_table([0, 0, 0, 0], r, sep=" | ", hsep="-+-"))