def collect_events(helper, ew):
"""Implement your data collection logic here """
opt_imap_server = helper.get_arg("imap_server")
opt_imap_mailbox = helper.get_arg("imap_mailbox")
opt_use_ssl = True
opt_global_account = helper.get_arg('global_account')
opt_resolve_ip = helper.get_arg('resolve_ip')
opt_validate_xml = helper.get_arg('validate_xml')
opt_validate_dkim = helper.get_arg('validate_dkim')
opt_output_format = helper.get_arg('output_format')
opt_batch_size = int(helper.get_arg('batch_size'))
loglevel = helper.get_log_level()
helper.set_log_level(loglevel)
tmp_dir = create_tmp_dir(helper)
i2d = Imap2Dir(helper, opt_imap_server, tmp_dir, opt_use_ssl,
opt_global_account, opt_imap_mailbox, opt_validate_dkim,
opt_batch_size)
try:
filelist = i2d.process_incoming()
if len(filelist) > 0:
d2s = Dir2Splunk(ew, helper, tmp_dir, 0, opt_resolve_ip,
opt_validate_xml, opt_output_format, False)
if d2s.check_dir():
d2s.process_incoming()
finally:
remove_tmp_dir(helper, tmp_dir)
def process_incoming(self):
""" Processes the main incoming directory
"""
self.helper.log_info(
"Start processing incoming directory %s with %d quiet_secs" %
(self.dir, self.quiet_secs))
try:
self.check_dir()
self.tmp_dir = create_tmp_dir(self.helper)
fileslist = self.filter_quiet_files(self.list_incoming())
if self.do_checkpoint:
fileslist = self.filter_seen_files(fileslist)
for file in fileslist:
ext = os.path.splitext(file)[1]
if ext == ".zip":
self.helper.log_info("Start processing zip file %s" % file)
for xmlfile in self.process_zipfile(file):
xmlfile = self.fix_xml_encoding(xmlfile)
if self.is_valid_rua_xmlfile(xmlfile):
lines = self.process_xmlfile(xmlfile)
self.write_event(lines)
else:
self.helper.log_debug(
"process_incoming: ignoring invalid xml file %s from %s"
% (xmlfile, file))
elif ext == ".gz":
self.helper.log_info("Start processing gz file %s" % file)
for xmlfile in self.process_gzfile(file):
xmlfile = self.fix_xml_encoding(xmlfile)
if self.is_valid_rua_xmlfile(xmlfile):
lines = self.process_xmlfile(xmlfile)
self.write_event(lines)
else:
self.helper.log_debug(
"process_incoming: ignoring invalid xml file %s from %s"
% (xmlfile, file))
elif ext == ".xml":
self.helper.log_info("Start processing xml file %s" % file)
file = self.fix_xml_encoding(file)
if self.is_valid_rua_xmlfile(file):
lines = self.process_xmlfile(file)
self.write_event(lines)
else:
self.helper.log_debug(
"process_incoming: ignoring invalid xml file %s" %
file)
else:
self.helper.log_debug(
"process_incoming: Ignoring file %s" % file)
if self.do_checkpoint:
self.save_check_point(file)
finally:
self.helper.log_info("Ended processing incoming directory %s" %
self.dir)
remove_tmp_dir(self.helper, self.tmp_dir)
self.helper.log_debug("process_incoming: removed tmp_dir %s" %
self.tmp_dir)
def validate_input(helper, definition):
opt_pop3_server = definition.parameters.get("pop3_server", None)
opt_use_ssl = True
opt_global_account = definition.parameters.get('global_account', None)
opt_validate_dkim = definition.parameters.get('validate_dkim', None)
try:
tmp_dir = create_tmp_dir(helper)
p2d = Pop2Dir(helper, opt_pop3_server, tmp_dir, opt_use_ssl, opt_global_account, opt_validate_dkim)
p2d.get_pop3_connectivity()
finally:
remove_tmp_dir(helper, tmp_dir)
def validate_input(helper, definition):
"""Implement your own validation logic to validate the input stanza configurations"""
opt_pop3_server = definition.parameters.get("pop3_server", None)
opt_use_ssl = True
opt_global_account = definition.parameters.get('global_account', None)
opt_validate_dkim = definition.parameters.get('validate_dkim', None)
try:
tmp_dir = create_tmp_dir(helper)
p2d = Pop2Dir(helper, opt_pop3_server, tmp_dir, opt_use_ssl, opt_global_account, opt_validate_dkim)
p2d.get_pop3_connectivity()
finally:
remove_tmp_dir(helper, tmp_dir)
def validate_input(helper, definition):
opt_imap_server = definition.parameters.get("imap_server", None)
opt_imap_mailbox = definition.parameters.get("imap_mailbox", None)
opt_use_ssl = True
opt_global_account = definition.parameters.get('global_account', None)
opt_validate_dkim = definition.parameters.get('validate_dkim', None)
opt_batch_size = int(definition.parameters.get('batch_size', None))
try:
tmp_dir = create_tmp_dir(helper)
i2d = Imap2Dir(helper, opt_imap_server, tmp_dir, opt_use_ssl,
opt_global_account, opt_imap_mailbox, opt_validate_dkim,
opt_batch_size)
i2d.get_imap_connectivity()
finally:
remove_tmp_dir(helper, tmp_dir)
def collect_events(helper, ew):
opt_imap_server = helper.get_arg("imap_server")
opt_imap_mailbox = helper.get_arg("imap_mailbox")
opt_use_ssl = True
opt_global_account = helper.get_arg('global_account')
opt_resolve_ip = helper.get_arg('resolve_ip')
opt_validate_xml = helper.get_arg('validate_xml')
opt_validate_dkim = helper.get_arg('validate_dkim')
opt_output_format = helper.get_arg('output_format')
opt_batch_size = int(helper.get_arg('batch_size'))
loglevel = helper.get_log_level()
helper.set_log_level(loglevel)
tmp_dir = create_tmp_dir(helper)
i2d = Imap2Dir(helper, opt_imap_server, tmp_dir, opt_use_ssl,
opt_global_account, opt_imap_mailbox, opt_validate_dkim,
opt_batch_size)
try:
filelist = i2d.process_incoming()
if len(filelist) > 0:
d2s = Dir2Splunk(ew, helper, tmp_dir, 0, opt_resolve_ip,
opt_validate_xml, opt_output_format, False)
if d2s.check_dir():
d2s.process_incoming()
finally:
remove_tmp_dir(helper, tmp_dir)
# PSEUDOCODE for refactor:
#
# mailbox = DMARCMailbox(imap, ssl, account)
# for uid, message in mailbox.get_dmarc_messages()
# mail = DMARCMail(message)
# dkimvrfy = mail.dkim_verify()
# for file in mail.get_dmarc_attachments()
# rua = DMARCfile(file)
# res_xmlvalidation = rua.get_xml_validation()
# res_feedback = rua.get_rua_feedback()
# event = DMARCEvent(res_feedback, res_xmlvalidation, dkimvrfy)
# event.save_event()
# mailbox.save_checkpoint(uid)
