def __init__(self, stdout: Optional[bool] = True, verbose: Optional[bool] = False, pretty_print_status: Optional[bool] = False): """Manage Logstash Process Args: stdout: Print output to console verbose: Include detailed debug messages pretty_print_status: If enabled, status will be printed in a tabulated style Returns: None """ environ = utilities.get_environment_file_dict() process.BaseProcessManager.__init__( self, 'logstash.service', 'logstash.process', log_path=environ.get('LS_LOGS'), stdout=stdout, verbose=verbose, pretty_print_status=pretty_print_status) if not logstash_profile.ProcessProfiler().is_installed(): self.logger.error( "LogStash is not installed. Install it with 'dynamite logstash install -h'" ) raise CallLogstashProcessError("LogStash is not installed.")
def __init__(self, prompt_user, stdout, verbose): execution_strategy.BaseExecStrategy.__init__( self, strategy_name="monitor_uninstall", strategy_description="Uninstall Monitor.", functions=( utilities.create_dynamite_environment_file, prompt_monitor_uninstall, ), arguments=( # utilities.create_dynamite_environment_file {}, # prompt_user { "prompt_user": bool(prompt_user), "stdout": bool(stdout) }, ), return_formats=(None, None)) if kb_profile.ProcessProfiler().is_installed(): self.add_function(func=kb_install.uninstall_kibana, argument_dict={ 'prompt_user': False, 'stdout': bool(stdout), 'verbose': bool(verbose) }) if ls_profile.ProcessProfiler().is_installed(): self.add_function(func=ls_install.uninstall_logstash, argument_dict={ 'prompt_user': False, 'stdout': bool(stdout), 'verbose': bool(verbose) }) if es_profile.ProcessProfiler().is_installed(): self.add_function(func=es_install.uninstall_elasticsearch, argument_dict={ 'prompt_user': False, 'stdout': bool(stdout), 'verbose': bool(verbose) }) self.add_function(func=log_message, argument_dict={ "msg": '*** Monitor uninstalled successfully. ***', 'stdout': bool(stdout), 'verbose': bool(verbose) })
def stop(self) -> bool: """Stop the monitor services Returns: True, if successfully stopped """ kibana_res, logstash_res, elasticsearch_res = True, True, True if not elasticsearch_profile.ProcessProfiler().is_installed(): self.logger.error('You must install kibana to run this command.') return False elasticsearch_res = elasticsearch_process.ProcessManager().stop() if logstash_profile.ProcessProfiler().is_installed(): logstash_res = logstash_process.ProcessManager().stop() if kibana_profile.ProcessProfiler().is_installed(): kibana_res = kibana_process.ProcessManager().stop() return kibana_res and elasticsearch_res and logstash_res
def uninstall(self): from dynamite_nsm.services.elasticsearch import profile as elasticsearch_profile from dynamite_nsm.services.logstash import profile as logstash_profile from dynamite_nsm.services.kibana import profile as kibana_profile if elasticsearch_profile.ProcessProfiler().is_installed(): elasticsearch_install.UninstallManager( purge_config=True, stdout=self.stdout, verbose=self.verbose).uninstall() if logstash_profile.ProcessProfiler().is_installed(): logstash_install.UninstallManager( purge_config=True, stdout=self.stdout, verbose=self.verbose).uninstall() if kibana_profile.ProcessProfiler().is_installed(): kibana_install.UninstallManager(purge_config=True, stdout=self.stdout, verbose=self.verbose).uninstall()
def change_logstash_elasticsearch_password(password='******', prompt_user=True, stdout=True, verbose=False): """ Change the password used by Logstash to authenticate to Elasticsearch :param password: The new Elasticsearch password :param prompt_user: If True, warning prompt is displayed before proceeding :param stdout: Print status to stdout :param verbose: Include detailed debug messages :return: True, if successful """ from dynamite_nsm.services.logstash import process as logstash_process from dynamite_nsm.services.logstash import profile as logstash_profile log_level = logging.INFO if verbose: log_level = logging.DEBUG logger = get_logger('LOGSTASH', level=log_level, stdout=stdout) environment_variables = utilities.get_environment_file_dict() if not logstash_profile.ProcessProfiler().is_installed(): logger.error( "Password reset failed. LogStash is not installed on this host.") raise general_exceptions.ResetPasswordError( "Password reset failed. LogStash is not installed on this host.") if prompt_user: resp = utilities.prompt_input( '\n\033[93m[-] WARNING! Changing the LogStash password can cause LogStash to lose communication with ' 'ElasticSearch. \n[?] Are you sure you wish to continue? [no]|yes):\033[0m ' ) while resp not in ['', 'no', 'yes']: resp = utilities.prompt_input( '\033[93m[?] Are you sure you wish to continue? ([no]|yes):\033[0m ' ) if resp != 'yes': if stdout: sys.stdout.write('\n[+] Exiting\n') exit(0) ConfigManager( environment_variables.get('LS_PATH_CONF')).set_elasticsearch_password( password=password) logstash_process.ProcessManager().restart()
def __init__(self, old_password, new_password, stdout, verbose): execution_strategy.BaseExecStrategy.__init__( self, strategy_name="monitor_change_password", strategy_description= "Change the password for all monitor components.", ) if es_profile.ProcessProfiler().is_installed(): self.add_function(func=es_config.change_elasticsearch_password, argument_dict={ 'old_password': str(old_password), 'password': str(new_password), 'prompt_user': False, 'stdout': bool(stdout), 'verbose': bool(verbose) }) if ls_profile.ProcessProfiler().is_installed(): self.add_function( func=ls_config.change_logstash_elasticsearch_password, argument_dict={ 'password': str(new_password), 'prompt_user': False, 'stdout': bool(stdout), 'verbose': bool(verbose) }) if kb_profile.ProcessProfiler().is_installed(): self.add_function( func=kb_config.change_kibana_elasticsearch_password, argument_dict={ 'password': str(new_password), 'prompt_user': False, 'stdout': bool(stdout), 'verbose': bool(verbose) }) self.add_function(func=log_message, argument_dict={ 'msg': 'Monitor passwords changed successfully!', 'stdout': bool(stdout), 'verbose': bool(verbose) })
def __init__(self, stdout=True, verbose=False, pretty_print_status=False): environ = utilities.get_environment_file_dict() try: process.BaseProcessManager.__init__( self, 'logstash.service', 'logstash', log_path=environ.get('LS_LOGS'), stdout=stdout, verbose=verbose, pretty_print_status=pretty_print_status) except general_exceptions.CallProcessError: self.logger.error("Could not find systemctl on this system.") raise logstash_exceptions.CallLogstashProcessError( "Could not find systemctl.") if not logstash_profile.ProcessProfiler().is_installed(): self.logger.error( "LogStash is not installed. Install it with 'dynamite logstash install -h'" ) raise logstash_exceptions.CallLogstashProcessError( "LogStash is not installed.")
def uninstall_logstash(prompt_user=True, stdout=True, verbose=False): """ Install Logstash with ElastiFlow & Synesis :param prompt_user: Print a warning before continuing :param stdout: Print the output to console :param verbose: Include detailed debug messages """ log_level = logging.INFO if verbose: log_level = logging.DEBUG logger = get_logger('LOGSTASH', level=log_level, stdout=stdout) env_file = os.path.join(const.CONFIG_PATH, 'environment') environment_variables = utilities.get_environment_file_dict() configuration_directory = environment_variables.get('LS_PATH_CONF') ls_profiler = logstash_profile.ProcessProfiler() ls_config = logstash_config.ConfigManager( configuration_directory=configuration_directory) if not ls_profiler.is_installed(): logger.error('LogStash is not installed.') raise logstash_exceptions.UninstallLogstashError( "LogStash is not installed.") if prompt_user: sys.stderr.write( '\n\033[93m[-] WARNING! Removing Logstash Will Prevent ElasticSearch From Receiving Events.\033[0m\n' ) resp = utilities.prompt_input( '\n\033[93m[?] Are you sure you wish to continue? ([no]|yes):\033[0m ' ) while resp not in ['', 'no', 'yes']: resp = utilities.prompt_input( '\033[93m[?] Are you sure you wish to continue? ([no]|yes): \033[0m' ) if resp != 'yes': if stdout: sys.stdout.write('\n[+] Exiting\n') exit(0) if ls_profiler.is_running(): logstash_process.ProcessManager().stop() try: shutil.rmtree(ls_config.ls_path_conf) shutil.rmtree(ls_config.ls_home) shutil.rmtree(ls_config.path_logs) shutil.rmtree(const.INSTALL_CACHE, ignore_errors=True) env_lines = '' with open(env_file) as env_fr: for line in env_fr.readlines(): if 'LS_PATH_CONF' in line: continue elif 'LS_HOME' in line: continue elif 'LS_LOGS' in line: continue elif 'ELASTIFLOW_' in line: continue elif 'SYNLITE_' in line: continue elif 'ES_PASSWD' in line: continue elif line.strip() == '': continue env_lines += line.strip() + '\n' with open(env_file, 'w') as env_fw: env_fw.write(env_lines) except Exception as e: logger.error( "General error occurred while attempting to uninstall LogStash.". format(e)) logger.debug( "General error occurred while attempting to uninstall LogStash; {}" .format(e)) raise logstash_exceptions.UninstallLogstashError( "General error occurred while attempting to uninstall LogStash; {}" .format(e)) try: sysctl = systemctl.SystemCtl() except general_exceptions.CallProcessError: raise logstash_exceptions.UninstallLogstashError( "Could not find systemctl.") sysctl.uninstall_and_disable('logstash')
def install_logstash(configuration_directory, install_directory, log_directory, host='0.0.0.0', elasticsearch_host='localhost', elasticsearch_port=9200, elasticsearch_password='******', heap_size_gigs=4, install_jdk=True, create_dynamite_user=True, stdout=False, verbose=False): """ Install Logstash with ElastiFlow & Synesis :param configuration_directory: Path to the configuration directory (E.G /etc/dynamite/logstash/) :param install_directory: Path to the install directory (E.G /opt/dynamite/logstash/) :param log_directory: Path to the log directory (E.G /var/log/dynamite/logstash/) :param host: The IP address to bind LogStash listeners too :param elasticsearch_password: The password used for authentication across all builtin ES users :param elasticsearch_host: A hostname/IP of the target elasticsearch instance :param elasticsearch_port: A port number for the target elasticsearch instance :param elasticsearch_password: The password used for authentication across all builtin ES users :param heap_size_gigs: The initial/max java heap space to allocate :param install_jdk: Install the latest OpenJDK that will be used by Logstash/ElasticSearch :param create_dynamite_user: Automatically create the 'dynamite' user, who has privs to run Logstash/ElasticSearch :param stdout: Print the output to console :param verbose: Include output from system utilities :return: True, if installation succeeded """ log_level = logging.INFO if verbose: log_level = logging.DEBUG logger = get_logger('LOGSTASH', level=log_level, stdout=stdout) ls_profiler = logstash_profile.ProcessProfiler() if ls_profiler.is_installed(): logger.error('LogStash is already installed.') raise logstash_exceptions.AlreadyInstalledLogstashError() if utilities.get_memory_available_bytes() < 6 * (1000**3): sys.stderr.write( '\n\033[93m[-] WARNING! LogStash should have at-least 6GB to run ' 'currently available [{} GB]\033[0m\n'.format( utilities.get_memory_available_bytes() / (1000**3))) if str(utilities.prompt_input( '\033[93m[?] Continue? [y|N]:\033[0m ')).lower() != 'y': sys.stdout.write('\n[+] Exiting\n') exit(0) ls_installer = InstallManager( configuration_directory, install_directory, log_directory, host=host, elasticsearch_host=elasticsearch_host, elasticsearch_port=elasticsearch_port, elasticsearch_password=elasticsearch_password, heap_size_gigs=heap_size_gigs, download_logstash_archive=not ls_profiler.is_downloaded(), stdout=stdout, verbose=verbose) if install_jdk: try: utilities.download_java(stdout=stdout) utilities.extract_java() utilities.setup_java() except Exception as e: logger.error( 'General error occurred while attempting to setup Java.') logger.debug( "General error occurred while attempting to setup Java; {}". format(e)) raise logstash_exceptions.InstallLogstashError( "General error occurred while attempting to setup Java; {}". format(e)) if create_dynamite_user: utilities.create_dynamite_user(utilities.generate_random_password(50)) ls_installer.setup_logstash()
def status(self) -> Optional[Union[Dict, str]]: """Get the statuses of monitor services Returns: The statuses of monitor services """ agent_status = {} kibana_status, elasticsearch_status, logstash_status = {}, {}, {} if not elasticsearch_profile.ProcessProfiler().is_installed(): self.logger.error( 'You must install elasticsearch to run this command.') return None elasticsearch_status = elasticsearch_process.ProcessManager().status() agent_status.update({ 'elasticsearch': { 'running': elasticsearch_status.get('running'), 'enabled_on_startup': elasticsearch_status.get('enabled_on_startup') } }) if logstash_profile.ProcessProfiler().is_installed(): logstash_status = logstash_process.ProcessManager().status() agent_status.update({ 'logstash': { 'running': logstash_status.get('running'), 'enabled_on_startup': logstash_status.get('enabled_on_startup') } }) if kibana_profile.ProcessProfiler().is_installed(): kibana_status = kibana_process.ProcessManager().status() agent_status.update({ 'kibana': { 'running': kibana_status.get('running'), 'enabled_on_startup': kibana_status.get('enabled_on_startup') } }) if self.pretty_print_status: colorize = utilities.PrintDecorations.colorize child_services = [ ['Service', 'Running', 'Enabled on Startup'], [ 'kibana', colorize('yes', 'green') if kibana_status.get('running') else colorize('no', 'red'), colorize('yes', 'green') if kibana_status.get('enabled_on_startup') else colorize( 'no', 'red') ] ] if elasticsearch_status: child_services.append([ 'elasticsearch', colorize('yes', 'green') if elasticsearch_status.get('running') else colorize( 'no', 'red'), colorize('yes', 'green') if elasticsearch_status.get('enabled_on_startup') else colorize('no', 'red') ]) if logstash_status: child_services.append([ 'logstash', colorize('yes', 'green') if elasticsearch_status.get('running') else colorize( 'no', 'red'), colorize('yes', 'green') if elasticsearch_status.get('enabled_on_startup') else colorize('no', 'red') ]) return tabulate.tabulate(child_services, tablefmt='fancy_grid') return agent_status
def __init__(self, logstash_listen_address, kibana_listen_address, kibana_listen_port, elasticsearch_host, elasticsearch_port, elasticsearch_password, elasticsearch_heap_size_gigs, logstash_heap_size_gigs, install_jdk, stdout, verbose): execution_strategy.BaseExecStrategy.__init__( self, strategy_name="monitor_install", strategy_description= "Install ElasticSearch, LogStash, and Kibana on the same instance.", functions=(utilities.create_dynamite_environment_file, ), arguments=({}, ), return_formats=(None, )) self.add_function(func=remove_elasticsearch_tar_archive, argument_dict={}, return_format=None) self.add_function(func=remove_logstash_tar_archive, argument_dict={}, return_format=None) self.add_function(func=remove_kibana_tar_archive, argument_dict={}, return_format=None) if not es_profile.ProcessProfiler().is_installed(): self.add_function(func=es_install.install_elasticsearch, argument_dict={ "configuration_directory": "/etc/dynamite/elasticsearch/", "install_directory": "/opt/dynamite/elasticsearch/", "log_directory": "/var/log/dynamite/elasticsearch/", "password": str(elasticsearch_password), "heap_size_gigs": int(elasticsearch_heap_size_gigs), "install_jdk": bool(install_jdk), "create_dynamite_user": True, "stdout": bool(stdout), "verbose": bool(verbose) }, return_format=None) else: self.add_function( func=log_message, argument_dict={ "msg": 'Skipping ElasticSearch installation; already installed.', 'stdout': bool(stdout), 'verbose': bool(verbose) }, return_format=None) self.add_function(func=es_process.start, argument_dict={"stdout": False}, return_format=None) if not ls_profile.ProcessProfiler().is_installed(): self.add_function(func=ls_install.install_logstash, argument_dict={ "configuration_directory": "/etc/dynamite/logstash/", "install_directory": "/opt/dynamite/logstash/", "log_directory": "/var/log/dynamite/logstash/", "host": str(logstash_listen_address), "elasticsearch_host": str(elasticsearch_host), "elasticsearch_port": int(elasticsearch_port), "elasticsearch_password": str(elasticsearch_password), "heap_size_gigs": int(logstash_heap_size_gigs), "install_jdk": False, "create_dynamite_user": False, "stdout": bool(stdout), "verbose": bool(verbose) }, return_format=None) else: self.add_function( func=log_message, argument_dict={ "msg": 'Skipping LogStash installation; already installed.', 'stdout': bool(stdout), 'verbose': bool(verbose) }, return_format=None) if not kb_profile.ProcessProfiler().is_installed(): self.add_function(func=kb_install.install_kibana, argument_dict={ "configuration_directory": "/etc/dynamite/kibana/", "install_directory": "/opt/dynamite/kibana/", "log_directory": "/var/log/dynamite/kibana/", "host": str(kibana_listen_address), "port": int(kibana_listen_port), "elasticsearch_host": str(elasticsearch_host), "elasticsearch_port": int(elasticsearch_port), "elasticsearch_password": str(elasticsearch_password), "create_dynamite_user": True, "stdout": bool(stdout), "verbose": bool(verbose) }, return_format=None) else: self.add_function( func=log_message, argument_dict={ "msg": 'Skipping Kibana installation; already installed.', 'stdout': bool(stdout), 'verbose': bool(verbose) }, return_format=None) self.add_function(func=kb_process.stop, argument_dict={"stdout": False}, return_format=None) self.add_function(func=es_process.stop, argument_dict={"stdout": False}, return_format=None) self.add_function(func=log_message, argument_dict={ "msg": '*** Monitor installed successfully. ***', 'stdout': bool(stdout), 'verbose': bool(verbose) }, return_format=None) self.add_function( func=log_message, argument_dict={ "msg": 'Next, Start your monitor: ' '\'dynamite monitor start\'. It will be available at: \033[4m{}:{}\033[0m once started.' ''.format(kibana_listen_address, kibana_listen_port), 'stdout': bool(stdout), 'verbose': bool(verbose) }, return_format=None)