def get_cb_protection_object(args):
if args.verbose:
logging.basicConfig()
logging.getLogger("cbapi").setLevel(logging.DEBUG)
logging.getLogger("__main__").setLevel(logging.DEBUG)
if args.cburl and args.apitoken:
cb = CbEnterpriseProtectionAPI(args.cburl, args.apitoken)
else:
cb = CbEnterpriseProtectionAPI(profile=args.profile)
return cb
def main(params):
# Setup logging
logger = logging.getLogger("appcontrol-agent-upgrader.py")
logging.getLogger("cbapi").setLevel(logging.WARNING) # Hide cbapi debug
logging.getLogger("urllib3").setLevel(logging.WARNING) # Hide URLLIB debug
if params.verbose:
logger.setLevel(logging.DEBUG)
logging.getLogger("cbapi").setLevel(logging.DEBUG)
else:
logger.setLevel(logging.INFO)
logging.getLogger("cbapi").setLevel(logging.WARNING)
try:
cb = CbEnterpriseProtectionAPI()
# Call the function to print out the available policy IDs
if params.list_policies:
print_policies(cb, logger)
else:
# ---- Build the Query--------------
# The base query excludes computers that have been deleted.
# Note that each time we call query.where below it adds to the existing query
query = cb.select(Computer).where("deleted:false")
# Filter by Computer
if len(params.computer_names) > 0:
query = query.where(r"name:" + '|'.join(params.computer_names))
# Filter by Excluding Computers
if len(params.exclude_computer_names) > 0:
query = query.where(r"name!" +
'|'.join(params.exclude_computer_names))
# Filter by Policy
if params.policy_id != 0:
query = query.where('policyId:' + str(params.policy_id))
# Filter by Agent Version
if params.agent_version:
query = query.where('agentVersion!' + params.agent_version)
# Filter by Online/Connected Systems (exclude offline by default)
if not params.offline:
query = query.where('connected:True')
# ---- Run the Query----------------------
logger.info("Searching for computers with query: " +
str(query._query))
found_items = len(query)
logger.info("Items returned: " + str(found_items))
# ---- Process the items------------------
if found_items > 0:
if not (params.check or params.upgrade
): # Upgrade or Check not specified in parameters
print(
"\nParameters -c, --check and/or -u, --upgrade not specified. "
+ "List of computers in query shown below:\n")
for result in query:
print(result.name)
else:
# We're going to use a Queue and Threads to process all of the found computers.
# ---- Create Queue------------------------
pending_queue = Queue()
for result in query:
pending_queue.put_nowait(result)
# ---- Create Threads----------------------
# Create one thread for each -t setting (default 1)
workers = []
for i in range(params.threads):
worker = Thread(target=process_queue,
args=(cb, logger, pending_queue,
params))
worker.daemon = True
worker.start()
workers.append(worker)
# Wait until all of the items in the queue have been processed
# This is a messy alternative to pending_queue.join() that allows for CTRL-C
try:
while True:
all_done = True
for worker in workers:
if worker.is_alive():
all_done = False
if all_done:
break
time.sleep(1)
except KeyboardInterrupt:
logger.info("CTRL-C received")
except cbapi.errors.CredentialError as error:
logger.error("Error with login credentials: " + str(error))
except cbapi.errors.ServerError as error:
logger.error("Server raised an HTTP 5XX error: " + str(error))
except cbapi.errors.ApiError as error:
logger.error("General API error: " + str(error))