def Close(self):
"""Closes the connection to TimeSketch Elasticsearch database.
Sends the remaining events for indexing and adds the timeline to Timesketch.
"""
self._FlushEventsToElasticsearch()
with self._timesketch.app_context():
# Get Timesketch user object, or None if user do not exist. This is a
# SQLAlchemy query against the Timesketch database.
user_query = User.query.filter_by(username=self._timeline_owner)
user = user_query.first()
search_index = SearchIndex(name=self._timeline_name,
description=self._timeline_name,
user=user,
index_name=self._index_name)
# Grant all users read permission on the mapping object.
search_index.grant_permission(None, u'read')
# Save the mapping object to the Timesketch database.
db_session.add(search_index)
db_session.commit()
# Clean up stdout.
# TODO: an output module should not call sys.stdout directly.
sys.stdout.write(u'\n')
sys.stdout.flush()
def _create_searchindex(self, name, user):
"""Create a searchindex in the database.
Args:
name: Name of the searchindex (string)
user: A user (instance of timesketch.models.user.User)
Returns:
A searchindex (instance of timesketch.models.sketch.SearchIndex)
"""
searchindex = SearchIndex(
name=name, description=name, index_name=name, user=user)
self._commit_to_database(searchindex)
return searchindex
def _create_searchindex(self, name, user, acl=False):
"""Create a searchindex in the database.
Args:
name: Name of the searchindex (string)
user: A user (instance of timesketch.models.user.User)
acl: Boolean value to decide if ACL permissions should be set
Returns:
A searchindex (instance of timesketch.models.sketch.SearchIndex)
"""
searchindex = SearchIndex(
name=name, description=name, index_name=name, user=user)
if acl:
for permission in [u'read', u'write', u'delete']:
searchindex.grant_permission(permission=permission, user=user)
self._commit_to_database(searchindex)
return searchindex
def run(self, name, index, username):
"""Create the SearchIndex."""
es = ElasticsearchDataStore(
host=current_app.config['ELASTIC_HOST'],
port=current_app.config['ELASTIC_PORT'])
user = User.query.filter_by(username=username).first()
if not user:
sys.stderr.write('User does not exist\n')
sys.exit(1)
if not es.client.indices.exists(index=index):
sys.stderr.write('Index does not exist in the datastore\n')
sys.exit(1)
if SearchIndex.query.filter_by(name=name, index_name=index).first():
sys.stderr.write(
'Index with this name already exist in Timesketch\n')
sys.exit(1)
searchindex = SearchIndex(
name=name, description=name, user=user, index_name=index)
db_session.add(searchindex)
db_session.commit()
searchindex.grant_permission('read')
sys.stdout.write('Search index {0:s} created\n'.format(name))
