def generateResults(self, **kwargs): app_name = kwargs.get('client_app', APP_NAME) sessionKey = cherrypy.session.get('sessionKey') user = cherrypy.session['user']['name'] # if the current app doesn't exist... app = App.get(App.build_id(app_name, app_name, user)) if kwargs.get('set_ignore'): app.is_configured = True app.passive_save() return self.render_json({'has_ignored': True, 'errors': []}) if app.is_configured: return self.render_json({'is_configured': True, 'errors': []}) else: if self.is_app_admin(app, user): return self.render_json({ 'is_configured': False, 'is_admin': True, 'errors': [] }) else: return self.render_json({ 'is_configured': False, 'is_admin': False, 'errors': [] })
def generateResults(self, **kwargs): app_name = kwargs.get('client_app', APP_NAME) sessionKey = cherrypy.session.get('sessionKey') user = cherrypy.session['user']['name'] # if the current app doesn't exist... app = App.get(App.build_id(app_name, app_name, user)) try: hadoop = HadoopOps.get(HadoopOps.build_id(user, app_name, user)) except: hadoop = HadoopOps(app_name, user, user) if kwargs.get('set_ignore'): hadoop.has_ignored = True hadoop.passive_save() return self.render_json({'has_ignored': True, 'errors': []}) if hadoop.id and hadoop.has_ignored: return self.render_json({'has_ignored': True, 'errors': []}) if app.is_configured: return self.render_json({'is_configured': True, 'errors': []}) else: if self.is_app_admin(app, user): return self.render_json({'is_configured': False, 'is_admin': True, 'errors': []}) else: return self.render_json({'is_configured': False, 'is_admin': False, 'errors': []})
def is_configured(self, app=None, assume_true_on_error=False): if app: try: app = App.get(App.build_id(app, '', 'nobody'), self._input_config.session_key) return app.is_configured except splunk.RESTException: return assume_true_on_error else: return assume_true_on_error
def save(self, app, action, **params): ''' save the posted hadoop ops setup content ''' error_key = None form_content = {} user = cherrypy.session['user']['name'] host_app = cherrypy.request.path_info.split('/')[3] this_app = App.get(App.build_id(app, app, user)) ftr = 0 if (this_app.is_configured) else 1 redirect_params = dict(ftr=ftr) logger.error(params) # pass 1: load all user-supplied values as models for k, v in params.iteritems(): try: key = k.split('.')[1] except IndexError: continue if key and key in MACROS: if isinstance(v, list): definition = (' OR ').join(v) else: definition = v try: form_content[key] = Macro.get( Macro.build_id(key, app, user)) except: form_content[key] = Macro(app, user, key) form_content[key].definition = definition form_content[key].metadata.sharing = 'app' # pass 2: try to save(), and if we fail we return the user-supplied values for key in form_content.keys(): try: if not form_content[key].passive_save(): logger.error('Error saving setup values') return self.render_template('/%s:/templates/setup_show.html' \ % host_app, dict(name=key, app=app, form_content=form_content)) except splunk.AuthorizationFailed: logger.error('User %s is unauthorized to perform setup on %s' % (user, app)) raise cherrypy.HTTPRedirect( self._redirect(host_app, app, 'unauthorized', **redirect_params), 303) except Exception, ex: logger.debug(ex) logger.error('Failed to save eventtype %s' % key) raise cherrypy.HTTPRedirect( self._redirect(host_app, app, 'failure', **redirect_params), 303)
def generateResults(self, **kwargs): ''' be careful to account for tricky conditions where some users can't interact with our custom REST endpoint by falling back to bundle ''' app_name = kwargs.get('client_app', STATIC_APP) conf_name = 'unix' legacy_mode = False sessionKey = cherrypy.session.get('sessionKey') user = cherrypy.session['user']['name'] if os.path.exists(LEGACY_SETUP): shutil.move(LEGACY_SETUP, LEGACY_SETUP + '.bak') logger.info('disabled legacy setup.xml for %s' % app_name) # if the current app doesn't exist... app = App.get(App.build_id(app_name, app_name, user)) try: a = Unix.get(Unix.build_id(user, app_name, user)) except: a = Unix(app_name, user, user) if kwargs.get('set_ignore'): try: a.has_ignored = True a.save() except: # assumption: 99% of exceptions here will be 403 # we could version check, but this seems better to_set = {user: {'has_ignored': 1}} self.setConf(to_set, conf_name, namespace=app_name, sessionKey=sessionKey, owner=user) legacy_mode = True return self.render_json({'has_ignored': True, 'errors': ['legacy_mode=%s' % legacy_mode]}) if a.id and a.has_ignored: return self.render_json({'has_ignored': True, 'errors': []}) else: conf = self.getConf(conf_name, sessionKey=sessionKey, namespace=app_name, owner=user) if conf and conf[user] and util.normalizeBoolean(conf[user]['has_ignored']): return self.render_json({'has_ignored': True, 'errors': ['using legacy method']}) if app.is_configured: return self.render_json({'is_configured': True, 'errors': []}) else: if self.is_app_admin(app, user): return self.render_json({'is_configured': False, 'is_admin': True, 'errors': []}) return self.render_json({'is_configured': False, 'is_admin': False, 'errors': []})
def save(self, app, action, **params): ''' save the posted hadoop ops setup content ''' error_key = None form_content = {} user = cherrypy.session['user']['name'] host_app = cherrypy.request.path_info.split('/')[3] this_app = App.get(App.build_id(app, app, user)) ftr = 0 if (this_app.is_configured) else 1 redirect_params = dict(ftr=ftr) logger.error(params) # pass 1: load all user-supplied values as models for k, v in params.iteritems(): try: key = k.split('.')[1] except IndexError: continue if key and key in MACROS: if isinstance(v, list): definition = (' OR ').join(v) else: definition = v try: form_content[key] = Macro.get(Macro.build_id(key, app, user)) except: form_content[key] = Macro(app, user, key) form_content[key].definition = definition form_content[key].metadata.sharing = 'app' # pass 2: try to save(), and if we fail we return the user-supplied values for key in form_content.keys(): try: if not form_content[key].passive_save(): logger.error('Error saving setup values') return self.render_template('/%s:/templates/setup_show.html' \ % host_app, dict(name=key, app=app, form_content=form_content)) except splunk.AuthorizationFailed: logger.error('User %s is unauthorized to perform setup on %s' % (user, app)) raise cherrypy.HTTPRedirect(self._redirect(host_app, app, 'unauthorized', **redirect_params), 303) except Exception, ex: logger.debug(ex) logger.error('Failed to save eventtype %s' % key) raise cherrypy.HTTPRedirect(self._redirect(host_app, app, 'failure', **redirect_params), 303)
def index(self, app, **params): # request param cast/defaults offset = int(params.get('offset', 0)) count = int(params.get('count', 25)) alerts_app = getArgValue('eai:acl.app', params, app) alerts_user = urllib.unquote_plus(getArgValue('eai:acl.owner', params, '-')) # fired alerts search filters search_params = ['severity', 'search'] search_string = [] for key in search_params: value = params.get(key) if value and value != '*': if key=='search': search_string.append('%s' % value) else: search_string.append('%s="%s"' % (key, urllib.unquote_plus(value))) # fired alerts query if not 'alerts_id' in params: fired_alerts = FiredAlert.all() else: fired_alerts = FiredAlert.get_alerts(urllib.unquote_plus(params.get('alerts_id'))) # augment query with search if len(search_string) > 0: fired_alerts = fired_alerts.search(' '.join(search_string)) # augment query with app or user filters fired_alerts = fired_alerts.filter_by_app(alerts_app).filter_by_user(alerts_user) fired_alerts._count_per_req = count if 'sort_by' in params or 'sort_dir' in params: fired_alerts = fired_alerts.order_by(params.get('sort_by', 'trigger_time'), sort_dir=params.get('sort_dir', 'desc')) # fired alert summary information fired_alert_summary = FiredAlertSummary.all().filter_by_app(alerts_app).filter_by_user(alerts_user) fired_alert_summary._count_per_req = count # apps listings apps = App.all().filter(is_disabled=False) # users listings users = User.all() max_users = 250 users._count_per_req = max_users users = users[:max_users] # paginator pager = paginator.Google(fired_alerts.get_total(), max_items_page=count, item_offset=offset) app_label=splunk.bundle.getConf('app', namespace=app)['ui'].get('label') # view variables template_args = dict(app=alerts_app, apps=apps, users=users, count=count, fired_alerts=fired_alerts, fired_alert_summary=fired_alert_summary, offset=offset, pager=pager, app_label=app_label) return self.render_template('alerts/index.html', template_args)
def is_app_admin(self, app_name, user): ''' used to determine app administrator membership necessary because splunkd auth does not advertise inherited roles ''' sub_roles = [] app = App.get(App.build_id(app_name, app_name, user)) admin_list = app.entity['eai:acl']['perms']['write'] if '*' in admin_list: return True for role in auth.getUser(name=user)['roles']: if role in admin_list: return True sub_roles.append(role) for role in sub_roles: for irole in auth.getRole(name=role)['imported_roles']: if irole in admin_list: return True return False
def save_categories(self, app, action, **params): user = cherrypy.session['user']['name'] host_app = cherrypy.request.path_info.split('/')[3] this_app = App.get(App.build_id(host_app, host_app, user)) for param in params: data = json.loads(param) csvData = [] csvOrder = [1, 2, 0] #logger.error('before: %s' % data) self.tree_to_csv(csvData, data, csvOrder, [0, 0, 0]) csvHeader = ["host", "unix_category", "unix_group"] csvData.insert(0, csvHeader) #logger.error('after: %s' % csvData) dropdownsCsv = os.path.join(util.get_apps_dir(), 'SA-nix', 'lookups', 'dropdowns.csv') with open(dropdownsCsv, 'wb') as csvfile: writer = csv.writer(csvfile) writer.writerows(csvData)
def generateResults(self, **kwargs): app_name = kwargs.get('client_app', STATIC_APP) legacy_setup = os.path.join(app_util.get_apps_dir(), app_name, 'default', 'setup.xml') if os.path.exists(legacy_setup): shutil.move(legacy_setup, legacy_setup + '.bak') logger.info('disabled legacy setup.xml for %s' % app_name) for app in App.all(): if app.name in CONFLICT_APPS and not app.is_disabled: return self.render_json({'is_conflict': True, 'app_label': app.label}) return self.render_json({})
if (cachedDataItem == None): status = "new" statusSet = True elif (fieldName not in cachedDataItem) or str( job[x] != str(cachedDataItem[fieldName])): status = "updated" statusSet = True resultItem[fieldName] = job[x] resultItem["status"] = status print "'timestamp','id','status'" for key in result: item = result[key] line = "[" + strftime("%m/%d/%Y %H:%M:%S %p %Z", localtime()) + "]," line += str(key) + "," + resultItem["status"] print line if (scriptData.debug): logger.info(line) with open(CACHE_FILEPATH, 'w+') as outfile: json.dump(result, outfile) if __name__ == '__main__': token = sys.stdin.readlines()[0] app = App.get(App.build_id('nbu_setup_app', 'nbu_setup_app', 'nobody'), sessionKey=token) if (app.is_configured): execute() else: logger.info('App not configured!')
if not statusSet: if cachedDataItem == None: status = "new" statusSet = True elif (fieldName not in cachedDataItem) or str(job[x] != str(cachedDataItem[fieldName])): status = "updated" statusSet = True resultItem[fieldName] = job[x] resultItem["status"] = status print "'timestamp','id','status'" for key in result: item = result[key] line = "[" + strftime("%m/%d/%Y %H:%M:%S %p %Z", localtime()) + "]," line += str(key) + "," + resultItem["status"] print line if scriptData.debug: logger.info(line) with open(CACHE_FILEPATH, "w+") as outfile: json.dump(result, outfile) if __name__ == "__main__": token = sys.stdin.readlines()[0] app = App.get(App.build_id("nbu_setup_app", "nbu_setup_app", "nobody"), sessionKey=token) if app.is_configured: execute() else: logger.info("App not configured!")
class TAUnixSetup(controllers.BaseController): '''TA Unix Setup Controller''' @route('/:app/:action=setup') @expose_page(must_login=True, methods=['GET']) @host_app def setup(self, app, action, host_app=None, **kwargs): ''' show the setup page ''' user = cherrypy.session['user']['name'] if not self.is_app_admin(host_app, user): raise cherrypy.HTTPRedirect( self._redirect(host_app, app, 'unauthorized')) mon = MonitorInput.all() mon = mon.filter_by_app(app) scripted = ScriptedInput.all() scripted = scripted.filter_by_app(app) system = (not (sys.platform.startswith('win'))) return self.render_template( '/%s:/templates/setup_show.html' % host_app, dict(system=system, mon=mon, scripted=scripted, app=app)) @route('/:app/:action=success') @expose_page(must_login=True, methods=['GET']) @host_app def success(self, app, action, host_app=None, **kwargs): ''' render the success page ''' return self.render_template('/%s:/templates/setup_success.html' \ % host_app, dict(app=app)) @route('/:app/:action=failure') @expose_page(must_login=True, methods=['GET']) @host_app def failure(self, app, action, host_app=None, **kwargs): ''' render the failure page ''' return self.render_template('/%s:/templates/setup_failure.html' \ % host_app, dict(app=app)) @route('/:app/:action=unauthorized') @expose_page(must_login=True, methods=['GET']) @host_app def unauthorized(self, app, action, host_app=None, **kwargs): ''' render the unauthorized page ''' return self.render_template('/%s:/templates/setup_403.html' \ % host_app, dict(app=app)) @route('/:app/:action=save') @expose_page(must_login=True, methods=['POST']) @host_app def save(self, app, action, host_app=None, **params): ''' save the posted setup content ''' user = cherrypy.session['user']['name'] mon = MonitorInput.all() mon = mon.filter_by_app(app) scripted = ScriptedInput.all() scripted = scripted.filter_by_app(app) for m in mon: disabled = normBool(params.get(m.name + '.disabled')) if disabled: m.disable() else: m.enable() m.share_global() for s in scripted: disabled = normBool(params.get(s.name + '.disabled')) if disabled: s.disable() else: s.enable() s.share_global() interval = params.get(s.name + '.interval') if interval: s.interval = interval try: if not s.passive_save(): logger.error(m.errors) return self.render_template( '/%s:/templates/setup_show.html' \ % host_app, dict(app=app, errors=s, scripted=scripted, mon=mon) ) except splunk.AuthorizationFailed: raise cherrypy.HTTPRedirect( self._redirect(host_app, app, 'unauthorized')) except Exception, ex: logger.info(ex) raise cherrypy.HTTPRedirect( self._redirect(host_app, app, 'failure')) logger.debug('Splunk Version = %s' % self._get_version()) if self._get_version() <= LooseVersion('4.2.2'): import splunk.bundle as bundle temp_app = bundle.getConf('app', namespace=host_app, owner='nobody') temp_app['install']['is_configured'] = 'true' else: this_app = App.get(App.build_id(host_app, host_app, user)) this_app.is_configured = True this_app.passive_save() logger.info('%s - App setup successful' % host_app) raise cherrypy.HTTPRedirect(self._redirect(host_app, app, 'success'))
for m in mon: disabled = normBool(params.get(m.name + '.disabled')) if disabled: m.disable() else: m.enable() m.share_global() self.update_distsearch(host_app, normBool(params.get('optimize_dist_search'))) logger.debug('Splunk Version = %s' % self._get_version()) if self._get_version() <= LooseVersion('4.2.2'): temp_app = bundle.getConf('app', namespace=host_app, owner='nobody') temp_app['install']['is_configured'] = 'true' else: this_app = App.get(App.build_id(host_app, host_app, user)) this_app.is_configured = True this_app.passive_save() logger.info('%s - App setup successful' % host_app) raise cherrypy.HTTPRedirect(self._redirect(host_app, app, 'success')) def get_distsearch(self, host_app): return bundle.getConf('distsearch', namespace=host_app, owner='nobody')['replicationBlacklist']['nontsyslogmappings'] def is_app_admin(self, app_name, user): ''' used to determine app administrator membership
def getAppOptions(): appList = App.all().search('disabled=false') appOptionList = [ {'label': '%s (%s)' % (x.label, x.name), 'value': x.name} for x in appList ] return appOptionList
m.disable() else: m.enable() m.share_global() self.update_distsearch(host_app, normBool(params.get('optimize_dist_search'))) logger.debug('Splunk Version = %s' % self._get_version()) if self._get_version() <= LooseVersion('4.2.2'): temp_app = bundle.getConf('app', namespace=host_app, owner='nobody') temp_app['install']['is_configured'] = 'true' else: this_app = App.get(App.build_id(host_app, host_app, user)) this_app.is_configured = True this_app.passive_save() logger.info('%s - App setup successful' % host_app) raise cherrypy.HTTPRedirect(self._redirect(host_app, app, 'success')) def get_distsearch(self, host_app): return bundle.getConf( 'distsearch', namespace=host_app, owner='nobody')['replicationBlacklist']['nontsyslogmappings'] def is_app_admin(self, app_name, user): ''' used to determine app administrator membership
class AlertsController(BaseController): @route('/:app') @expose_page(must_login=True, methods='GET') def index(self, app, **params): # request param cast/defaults offset = int(params.get('offset', 0)) count = int(params.get('count', 25)) alerts_app = getArgValue('eai:acl.app', params, app) alerts_user = urllib.unquote_plus( getArgValue('eai:acl.owner', params, '-')) # fired alerts search filters search_params = ['severity', 'search'] search_string = [] for key in search_params: value = params.get(key) if value and value != '*': if key == 'search': search_string.append('%s' % value) else: search_string.append('%s="%s"' % (key, urllib.unquote_plus(value))) # fired alerts query if not 'alerts_id' in params: fired_alerts = FiredAlert.all() else: fired_alerts = FiredAlert.get_alerts( urllib.unquote_plus(params.get('alerts_id'))) # augment query with search if len(search_string) > 0: fired_alerts = fired_alerts.search(' '.join(search_string)) # augment query with app or user filters fired_alerts = fired_alerts.filter_by_app(alerts_app).filter_by_user( alerts_user) fired_alerts._count_per_req = count if 'sort_by' in params or 'sort_dir' in params: fired_alerts = fired_alerts.order_by( params.get('sort_by', 'trigger_time'), sort_dir=params.get('sort_dir', 'desc')) # fired alert summary information fired_alert_summary = FiredAlertSummary.all().filter_by_app( alerts_app).filter_by_user(alerts_user) fired_alert_summary._count_per_req = count try: fired_alert_summary[0] except Exception, e: if e.statusCode == 402: return self.render_template('admin/402.html', {'feature': _('Alerting')}) # apps listings apps = App.all().filter(is_disabled=False) # users listings users = User.all() max_users = 250 users._count_per_req = max_users users = users[:max_users] # paginator pager = paginator.Google(fired_alerts.get_total(), max_items_page=count, item_offset=offset) app_label = splunk.bundle.getConf('app', namespace=app)['ui'].get('label') # view variables template_args = dict( app=alerts_app, apps=apps, users=users, count=count, current_user=splunk.auth.getCurrentUser().get('name'), fired_alerts=fired_alerts, fired_alert_summary=fired_alert_summary, offset=offset, pager=pager, app_label=app_label) return self.render_template('alerts/index.html', template_args)
def submitCluster(self, config, action, **kwargs): '''add configuration for a single HDFS cluster''' app = cherrypy.request.path_info.split('/')[3] user = cherrypy.session['user']['name'] errors = [] if kwargs.get('secure', 0): #TODO: verify service principal is provided if kwargs.get('kerberos_principal') == 'add': principal = Principal( app, user, **{ 'name': kwargs.get('principal_name'), 'keytab_path': kwargs.get('principal_keytab_location') }) if principal.passive_save(): kwargs['kerberos_principal'] = kwargs.get('principal_name') else: errors += principal.errors else: if kwargs.get('kerberos_principal'): kwargs['kerberos_principal'] = '' if kwargs.get('kerberos_service_principal'): kwargs['kerberos_service_principal'] = '' id = kwargs.pop('id', None) type = kwargs.pop('type', None) if type == 'remote': kwargs['uri'] = 'hdfs://%s' % kwargs.get( 'name') if 'name' in kwargs else None elif type == 'local': kwargs['uri'] = 'file://%s' % kwargs.pop('local_mount') else: raise cherrypy.HTTPError(400, 'Expected cluster type parameter') try: cluster = Cluster.get(id) cluster.update(kwargs) # Change the owner to nobody, so that REST call will be made to /servicesNS/nobody/HadoopConnect/... # instead of /servicesNS/admin/HadoopConnect/... or /servicesNS/<owner>/HadoopConnect/... if cluster.entity and cluster.entity.owner: cluster.entity.owner = 'nobody' edit = True except: cluster = Cluster(app, user, **kwargs) edit = False # save stuff iff there were no errors while saving the principal if len(errors) == 0: logger.info("Saving cluster with args: %s " % kwargs) if cluster.passive_save(): this_app = App.get(App.build_id(app, app, user)) this_app.is_configured = True this_app.passive_save() if app_util.is_xhr(): cherrypy.response.status = 200 return "" raise cherrypy.HTTPRedirect( self.make_url(['app', app, 'config_clusters']), 303) principals = Principal.all().filter_by_app(app) principal_name = kwargs.get('principal_name', '') principal_keytab_location = kwargs.get('principal_keytab_location', '') cluster.errors += errors if app_util.is_xhr(): cherrypy.response.status = 404 return self.render_template( '/%s:/templates/add_cluster.html' % app, dict(form_content='fomasdafe', app=app, cluster=cluster, edit=edit, principals=principals, principal_name=principal_name, principal_keytab_location=principal_keytab_location, selectedTab=type))
writeToCsv(sharegroupList, SHAREGROUP_OUTPUT) writeToCsv(includeList, INCLUDE_OUTPUT) writeToCsv(ssmargsList, SSMARGS_OUTPUT) writeToCsv(scheduleList, SCHEDULE_OUTPUT) writeToCsv(scheduleCalendar, SCHEDULE_CALENDAR_OUTPUT) def execute(): scriptData = getScriptData() args = scriptData.args.split(" ") scriptResult = None while True: scriptResult = wrapper_utils.getScriptOutput([scriptData.path] + args, scriptData.maxDuration, scriptData.debug, logger) if(scriptResult[2]): break logger.error('Couldn\'t execute script in time') data = scriptResult[0][0] # with open(INPUT_FILE) as f: # data = f.readlines() policies = AllPolicies(data) policies.writePolicies() if __name__ == '__main__': token = sys.stdin.readlines()[0] app = App.get(App.build_id('nbu_setup_app', 'nbu_setup_app', 'nobody'), sessionKey = token) if (app.is_configured): execute() else: logger.info('App not configured!')