コード例 #1
0
ファイル: system.py プロジェクト: alienfault/ossim
def add_ha_system(system_ip, password, add_to_database=True):
    """
    Add an HA system using system ip.

    Args:
        system_ip (str): IP address of the system to add to HA
        password (str): root password of the system to add

    Returns:
        success (bool): True if OK, False elsewhere
        response (str): Result message
    """
    # Get local IP
    (success, local_system_id) = get_system_id_from_local()
    if not success:
        error_msg = "[add_ha_system] Something wrong happened retrieving " + \
                    "the local system id"
        return success, error_msg

    # Exchange certificates
    (success, response) = ansible_add_system(local_system_id=local_system_id,
                                             remote_system_ip=system_ip,
                                             password=password)
    if not success:
        api_log.error(response)
        return success, "Something wrong happened adding the system"

    # Get remote system info
    (success, system_info) = ansible_get_system_info(system_ip)
    if not success:
        api_log.error(system_info)
        return success, "Something wrong happened getting the system info"

    # Insert system into the database
    if not system_info['admin_ip']:
        system_info['admin_ip'] = system_ip
    if add_to_database:
        profile_str = ','.join(system_info['profile'])
        (success, msg) = db_add_system(system_id=system_info['system_id'],
                                       name=system_info['hostname'],
                                       admin_ip=system_info['admin_ip'],
                                       vpn_ip=system_info['vpn_ip'],
                                       profile=profile_str,
                                       server_id=system_info['server_id'],
                                       sensor_id=system_info['sensor_id'])
        if not success:
            api_log.error(msg)
            error_msg = "Something wrong happened inserting " + \
                        "the system into the database"
            return (False, error_msg)

    return success, response
コード例 #2
0
ファイル: system.py プロジェクト: hellogitcn/ossim-1
def add_ha_system(system_ip, password, add_to_database=True):
    """
    Add an HA system using system ip.

    Args:
        system_ip (str): IP address of the system to add to HA
        password (str): root password of the system to add

    Returns:
        success (bool): True if OK, False elsewhere
        response (str): Result message
    """
    # Get local IP
    (success, local_system_id) = get_system_id_from_local()
    if not success:
        error_msg = "[add_ha_system] Something wrong happened retrieving " + \
                    "the local system id"
        return success, error_msg

    # Exchange certificates
    (success, response) = ansible_add_system(local_system_id=local_system_id,
                                             remote_system_ip=system_ip,
                                             password=password)
    if not success:
        api_log.error(response)
        return success, "Something wrong happened adding the system"

    # Get remote system info
    (success, system_info) = ansible_get_system_info(system_ip)
    if not success:
        api_log.error(system_info)
        return success, "Something wrong happened getting the system info"

    # Insert system into the database
    if not system_info['admin_ip']:
        system_info['admin_ip'] = system_ip
    if add_to_database:
        profile_str = ','.join(system_info['profile'])
        (success, msg) = db_add_system(system_id=system_info['system_id'],
                                       name=system_info['hostname'],
                                       admin_ip=system_info['admin_ip'],
                                       vpn_ip=system_info['vpn_ip'],
                                       profile=profile_str,
                                       server_id=system_info['server_id'],
                                       sensor_id=system_info['sensor_id'])
        if not success:
            api_log.error(msg)
            error_msg = "Something wrong happened inserting " + \
                        "the system into the database"
            return (False, error_msg)

    return success, response
コード例 #3
0
ファイル: system.py プロジェクト: alienfault/ossim
def add_system_from_ip(system_ip, password, add_to_database=True):
    """
    Add a new system using system ip.
    """
    (success, local_system_id) = get_system_id_from_local()
    if not success:
        error_msg = "Something wrong happened retrieving " + \
                    "the local system id"
        return success, error_msg

    (success, response) = ansible_add_system(local_system_id=local_system_id,
                                             remote_system_ip=system_ip,
                                             password=password)
    if not success:
        api_log.error(response)
        return success, response

    (success, system_info) = ansible_get_system_info(system_ip)
    if not success:
        api_log.error(system_info)
        return success, "Something wrong happened getting the system info"

    sensor_id = None
    if 'server' in system_info['profile']:
        # - Do not add the child server when I'm myself
        if system_info['server_id'] != local_system_id:
            success, msg = add_child_server(system_ip,
                                            system_info['server_id'])
            if not success:
                api_log.error(str(msg))
                error_msg = "Something wrong happened setting the child server"
                return False, error_msg

    if 'sensor' in system_info['profile']:
        if 'server' in system_info['profile'] and system_info['sensor_id']:
            # sensor and sensor profiles come with its own sensor_id
            sensor_id = system_info['sensor_id']
        else:
            # get sensor_id from ip
            sensor_ip = system_ip
            if system_info['vpn_ip']:
                sensor_ip = system_info['vpn_ip']
            (success, sensor_id) = get_sensor_id_from_sensor_ip(sensor_ip)
            if not success:
                api_log.error(str(sensor_id))
                sensor_id = None

    system_info['sensor_id'] = sensor_id

    if not system_info['admin_ip']:
        system_info['admin_ip'] = system_ip
    if system_info['admin_ip'] != system_ip:
        # We're natted
        system_info['admin_ip'] = system_ip
    if add_to_database:
        profile_str = ','.join(system_info['profile'])
        (success, msg) = db_add_system(system_id=system_info['system_id'],
                                       name=system_info['hostname'],
                                       admin_ip=system_info['admin_ip'],
                                       vpn_ip=system_info['vpn_ip'],
                                       profile=profile_str,
                                       server_id=system_info['server_id'],
                                       sensor_id=system_info['sensor_id'])
        if not success:
            api_log.error(msg)
            error_msg = "Something wrong happened inserting " + \
                        "the system into the database"
            return (False, error_msg)
        else:
            result, _ = get_system_ip_from_system_id (system_info['system_id'])
            if not result:
                error_msg = "System was not inserted, cannot continue"
                return (False, error_msg)


    # Now that the system is in the database, check if it is a server and
    # open the firewall, if it is required.
    if 'server' in system_info['profile']:
        trigger_success, msg = fire_trigger(system_ip="127.0.0.1",
                                            trigger="alienvault-add-server")
        if not trigger_success:
            api_log.error(msg)


    (success, msg) = create_directory_for_ossec_remote(system_info['system_id'])
    if not success:
        api_log.error(msg)
        return (False, msg)

    return (True, system_info)
コード例 #4
0
ファイル: system.py プロジェクト: hellogitcn/ossim-1
def add_system_from_ip(system_ip, password, add_to_database=True):
    """
    Add a new system using system ip.
    """
    (success, local_system_id) = get_system_id_from_local()
    if not success:
        error_msg = "Something wrong happened retrieving " + \
                    "the local system id"
        return success, error_msg

    (success, response) = ansible_add_system(local_system_id=local_system_id,
                                             remote_system_ip=system_ip,
                                             password=password)
    if not success:
        api_log.error(response)
        return success, response

    (success, system_info) = ansible_get_system_info(system_ip)
    if not success:
        api_log.error(system_info)
        return success, "Something wrong happened getting the system info"

    sensor_id = None
    if 'server' in system_info['profile']:
        # - Do not add the child server when I'm myself
        if system_info['server_id'] != local_system_id:
            success, msg = add_child_server(system_ip,
                                            system_info['server_id'])
            if not success:
                api_log.error(str(msg))
                error_msg = "Something wrong happened setting the child server"
                return False, error_msg

    if 'sensor' in system_info['profile']:
        if 'server' in system_info['profile'] and system_info['sensor_id']:
            # sensor and sensor profiles come with its own sensor_id
            sensor_id = system_info['sensor_id']
        else:
            # get sensor_id from ip
            sensor_ip = system_ip
            if system_info['vpn_ip']:
                sensor_ip = system_info['vpn_ip']
            (success, sensor_id) = get_sensor_id_from_sensor_ip(sensor_ip)
            if not success:
                api_log.error(str(sensor_id))
                sensor_id = None

    system_info['sensor_id'] = sensor_id

    if not system_info['admin_ip']:
        system_info['admin_ip'] = system_ip
    if system_info['admin_ip'] != system_ip:
        # We're natted
        system_info['admin_ip'] = system_ip
    if add_to_database:
        profile_str = ','.join(system_info['profile'])
        (success, msg) = db_add_system(system_id=system_info['system_id'],
                                       name=system_info['hostname'],
                                       admin_ip=system_info['admin_ip'],
                                       vpn_ip=system_info['vpn_ip'],
                                       profile=profile_str,
                                       server_id=system_info['server_id'],
                                       sensor_id=system_info['sensor_id'])
        if not success:
            api_log.error(msg)
            error_msg = "Something wrong happened inserting " + \
                        "the system into the database"
            return (False, error_msg)
        else:
            result, _ = get_system_ip_from_system_id(system_info['system_id'])
            if not result:
                error_msg = "System was not inserted, cannot continue"
                return (False, error_msg)

    # Now that the system is in the database, check if it is a server and
    # open the firewall, if it is required.
    if 'server' in system_info['profile']:
        trigger_success, msg = fire_trigger(system_ip="127.0.0.1",
                                            trigger="alienvault-add-server")
        if not trigger_success:
            api_log.error(msg)

    (success,
     msg) = create_directory_for_ossec_remote(system_info['system_id'])
    if not success:
        api_log.error(msg)
        return (False, msg)

    return (True, system_info)
コード例 #5
0
ファイル: system.py プロジェクト: weisst/alienvault-ossim
def add_system_from_ip(system_ip, password, add_to_database=True):
    """
    Add a new system usign system ip.
    """
    (success, local_system_id) = get_system_id_from_local()
    if not success:
        return success, "Something wrong happened retrieving the local system id"

    (success, response) = ansible_add_system(local_system_id=local_system_id,
                                             remote_system_ip=system_ip,
                                             password=password)
    if not success:
        api_log.error(response)
        return success, response

    (success, system_info) = ansible_get_system_info(system_ip)
    if not success:
        api_log.error(system_info)
        return success, "Something wrong happened getting the system info"

    sensor_id = None
    if 'server' in system_info['profile']:
        # - Do not add the child server when I'm myself
        if system_info['server_id'] != local_system_id:
            success, msg = add_child_server(system_ip, system_info['server_id'])
            if not success:
                api_log.error(str(msg))
                return False, "Something wrong happened setting the child server"

    if 'sensor' in system_info['profile']:
        if 'server' in system_info['profile'] and system_info['sensor_id']:
            # sensor and sensor profiles come with its own sensor_id
            sensor_id = system_info['sensor_id']
        else:
            # get sensor_id from ip
            sensor_ip = system_ip
            if system_info['vpn_ip']:
                sensor_ip = system_info['vpn_ip']
            (success, sensor_id) = get_sensor_id_from_sensor_ip(sensor_ip)
            if not success:
                api_log.error(str(sensor_id))
                sensor_id = None

    system_info['sensor_id'] = sensor_id

    if not system_info['admin_ip']:
        system_info['admin_ip'] = system_ip
    if add_to_database:
        profile_str = ','.join(system_info['profile'])
        (success, msg) = db_add_system(system_id=system_info['system_id'],
                                       name=system_info['hostname'],
                                       admin_ip=system_info['admin_ip'],
                                       vpn_ip=system_info['vpn_ip'],
                                       profile=profile_str,
                                       server_id=system_info['server_id'],
                                       sensor_id=system_info['sensor_id'])
        if not success:
            api_log.error(msg)
            return (False, "Something wrong happened inserting the system into the database")

    (success, msg) = create_directory_for_ossec_remote(system_info['system_id'])
    if not success:
        api_log.error(msg)
        return (False, msg)

    return (True, system_info)