def modified_registry_entries_restore(): remotely_remove_file( ossim_setup.get_general_admin_ip(), "/var/ossec/queue/syscheck/\"(windows_behave) 172.17.2.99->syscheck-registry\"" ) remotely_restore_file(ossim_setup.get_general_admin_ip(), "/var/ossec/etc/client.keys.bk", "/var/ossec/etc/client.keys")
def put_passfile_scenario1_restore(): result, system_id = get_system_id_from_local() if not result: raise KeyboardInterrupt() base_path = "/var/alienvault/%s/ossec/" % system_id pass_file = base_path + "agentless/.passlist" pass_file_backup = base_path + "agentless/.passlist.bk" remotely_restore_file(ossim_setup.get_general_admin_ip(), pass_file_backup, pass_file) remotely_remove_file(ossim_setup.get_general_admin_ip(), pass_file_backup)
def after_feature(context, feature): celerybeat_start = ["Status operations","Host operations"] # Start celery beat if feature.name in celerybeat_start: #ret = call(["/usr/share/python/alienvault-api/scripts/venv_celerybeat.sh","start"]) #assert_equal (0, ret, "Can't start celery beat") # Wait for start time.sleep(10) if feature.name == "Status operations": restore_database_tables (context,context.tempfile) os.remove (context.tempfile) if feature.name == "Sensor detector operations": if not set_plugin_delete_hosts(): print ("Can't delete hosts") raise KeyboardInterrupt() if not remotely_restore_file(ossim_setup.get_general_admin_ip(), "/tmp/config.yml.bddbk","/etc/ossim/agent/config.yml"): print ("Something wrong happen while restoring the yml file") raise KeyboardInterrupt() files_to_remove = ["/tmp/config.yml.bddbk", "/tmp/config_test.yml"] for f in files_to_remove: if not remotely_remove_file(ossim_setup.get_general_admin_ip(), f): print ("Can't remove the file %s" % f) raise KeyboardInterrupt()
def after_feature(context, feature): celerybeat_start = ["Status operations", "Host operations"] # Start celery beat if feature.name in celerybeat_start: #ret = call(["/usr/share/python/alienvault-api/scripts/venv_celerybeat.sh","start"]) #assert_equal (0, ret, "Can't start celery beat") # Wait for start time.sleep(10) if feature.name == "Status operations": restore_database_tables(context, context.tempfile) os.remove(context.tempfile) if feature.name == "Sensor detector operations": if not set_plugin_delete_hosts(): print("Can't delete hosts") raise KeyboardInterrupt() if not remotely_restore_file(ossim_setup.get_general_admin_ip(), "/tmp/config.yml.bddbk", "/etc/ossim/agent/config.yml"): print("Something wrong happen while restoring the yml file") raise KeyboardInterrupt() files_to_remove = ["/tmp/config.yml.bddbk", "/tmp/config_test.yml"] for f in files_to_remove: if not remotely_remove_file(ossim_setup.get_general_admin_ip(), f): print("Can't remove the file %s" % f) raise KeyboardInterrupt()
def restore_nfsen_scenario2(): remotely_restore_file(ossim_setup.get_general_admin_ip(), "/etc/nfsen/nfsen.conf.bk", "/etc/nfsen/nfsen.conf")
def restore_nfsen_scenario2(): remotely_restore_file(ossim_setup.get_general_admin_ip(), "/etc/nfsen/nfsen.conf.bk","/etc/nfsen/nfsen.conf")
def restore_ossec_keys_file(): remotely_restore_file("127.0.0.1", "/var/ossec/etc/client.keys.bk", "/var/ossec/etc/client.keys") remotely_remove_file("127.0.0.1", "/var/ossec/etc/client.keys.bk")
def modified_registry_entries_restore(): remotely_remove_file(ossim_setup.get_general_admin_ip(), "/var/ossec/queue/syscheck/\"(windows_behave) 172.17.2.99->syscheck-registry\"") remotely_restore_file(ossim_setup.get_general_admin_ip(), "/var/ossec/etc/client.keys.bk","/var/ossec/etc/client.keys")