def StartInterrogationHunt(self): """Starts an interrogation hunt on all available clients.""" flow_name = compatibility.GetName(flows_discovery.Interrogate) flow_args = flows_discovery.InterrogateArgs(lightweight=False) description = "Interrogate run by cron to keep host info fresh." if data_store.RelationalDBEnabled(): hunt_id = hunt.CreateAndStartHunt( flow_name, flow_args, self.token.username, client_limit=0, client_rate=50, crash_limit=config.CONFIG["Cron.interrogate_crash_limit"], description=description, duration=rdfvalue.DurationSeconds("1w"), output_plugins=self.GetOutputPlugins()) self.Log("Started hunt %s.", hunt_id) else: with hunts_implementation.StartHunt( hunt_name=hunts_standard.GenericHunt.__name__, client_limit=0, flow_runner_args=rdf_flow_runner.FlowRunnerArgs( flow_name=flow_name), flow_args=flow_args, output_plugins=self.GetOutputPlugins(), crash_limit=config.CONFIG["Cron.interrogate_crash_limit"], client_rate=50, expiry_time=rdfvalue.DurationSeconds("1w"), description=description, token=self.token) as hunt_obj: hunt_obj.GetRunner().Start() self.Log("Started hunt %s.", hunt_obj.urn)
def StartInterrogationHunt(self): """Starts an interrogation hunt on all available clients.""" flow_name = compatibility.GetName(flows_discovery.Interrogate) flow_args = flows_discovery.InterrogateArgs(lightweight=False) description = "Interrogate run by cron to keep host info fresh." hunt_id = hunt.CreateAndStartHunt( flow_name, flow_args, self.token.username, client_limit=0, client_rate=config.CONFIG["Cron.interrogate_client_rate"], crash_limit=config.CONFIG["Cron.interrogate_crash_limit"], description=description, duration=config.CONFIG["Cron.interrogate_duration"], output_plugins=self.GetOutputPlugins()) self.Log("Started hunt %s.", hunt_id)
def Run(self): hra = self.job.args.hunt_cron_action.hunt_runner_args anbpcl = hra.avg_network_bytes_per_client_limit hunt.CreateAndStartHunt( self.job.args.hunt_cron_action.flow_name, self.job.args.hunt_cron_action.flow_args, CRON_JOB_USERNAME, avg_cpu_seconds_per_client_limit=hra.avg_cpu_seconds_per_client_limit, avg_network_bytes_per_client_limit=anbpcl, avg_results_per_client_limit=hra.avg_results_per_client_limit, client_limit=hra.client_limit, client_rate=hra.client_rate, client_rule_set=hra.client_rule_set, crash_limit=hra.crash_limit, description=hra.description, duration=rdfvalue.Duration(hra.expiry_time), original_object=hra.original_object, output_plugins=hra.output_plugins, per_client_cpu_limit=hra.per_client_cpu_limit, per_client_network_bytes_limit=hra.per_client_network_limit_bytes, )
def Run(self): if data_store.RelationalDBReadEnabled("hunts"): hra = self.job.args.hunt_cron_action.hunt_runner_args anbpcl = hra.avg_network_bytes_per_client_limit expiry_time = rdfvalue.RDFDatetime.Now() + hra.expiry_time hunt.CreateAndStartHunt( self.job.args.hunt_cron_action.flow_name, self.job.args.hunt_cron_action.flow_args, "Cron", avg_cpu_seconds_per_client_limit=hra. avg_cpu_seconds_per_client_limit, avg_network_bytes_per_client_limit=anbpcl, avg_results_per_client_limit=hra.avg_results_per_client_limit, client_limit=hra.client_limit, client_rate=hra.client_rate, client_rule_set=hra.client_rule_set, crash_limit=hra.crash_limit, description=hra.description, expiry_time=expiry_time, original_object=hra.original_object, output_plugins=hra.output_plugins, per_client_cpu_limit=hra.per_client_cpu_limit, per_client_network_bytes_limit=hra. per_client_network_limit_bytes, ) else: action = self.job.args.hunt_cron_action token = access_control.ACLToken(username="******") hunt_args = rdf_hunts.GenericHuntArgs( flow_args=action.flow_args, flow_runner_args=rdf_flow_runner.FlowRunnerArgs( flow_name=action.flow_name)) with implementation.StartHunt(hunt_name=GenericHunt.__name__, args=hunt_args, runner_args=action.hunt_runner_args, token=token) as hunt_obj: hunt_obj.Run()