def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("SWeventDetails", debug_level, "") try: if 'REQUEST_METHOD' in os.environ: debug = False else: debug = True debug = False post = str(sys.stdin.read()) temp = json.loads(post) eventid = temp["eventid"] dbconn = rtcdb.RTCDB() eventDetails = dbconn.getUMBeventById(eventid) rsp = {"rtcResult": "OK"} rsp.update({"eventDetails": eventDetails}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") print(json.dumps(rsp))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "") try: ip = "10.1.33.100" # creds = json.loads(open("/tmp/config.json").read()) dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("swconfig") creds = json.loads(dbresult["configstring"]) SW_SERVER = creds["sw_server"] SW_USERNAME = creds["sw_username"] SW_PASSWORD = creds["sw_password"] # print("connecting to ....{} {} {}".format(SW_SERVER,SW_USERNAME,SW_PASSWORD)) sw = cats.SW(server=SW_SERVER, username=SW_USERNAME, password=SW_PASSWORD, debug=False) rsp = sw.flowsFromIP(ipaddress=ip, days=3, hours=0) rsp.update({"rtcResult": "OK"}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") print(json.dumps(rsp, indent=4, sort_keys=True))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("resetDB", debug_level, "") try: post = json.loads(str(sys.stdin.read())) fullreset = post["fullreset"] rtcMainRunning = False for pid in psutil.pids(): p = psutil.Process(pid) cmdline = p.cmdline() if ((len(cmdline) > 1) and (cmdline[1] == "/usr/lib/cgi-bin/rtcMain.py")): rtcMainRunning = True if rtcMainRunning: result = { "rtcResult": "Could not reset database - Stop RTC Process First" } else: mydb = rtcdb.RTCDB() mydb.reset_db(fullreset) result = {"rtcResult": "OK"} except Exception as err: result = {"rtcResult": "Error {}".format(mylogger.exception_info(err))} print("Content-type:application/json\n\n") print(json.dumps(result))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("get config", debug_level, "") try: if 'REQUEST_METHOD' in os.environ: order = str(sys.stdin.read()) ppost = json.loads(order) table = ppost["table"] else: table = "" dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig(table) if dbresult["rtcResult"] == "OK": configstring = dbresult["configstring"] rsp = {"rtcResult": "OK"} rsp.update({"configstring": configstring}) else: rsp = {"rtcResult": "DB ERROR"} ret = json.dumps(rsp) print("Content-type:application/json\n\n") print(ret) except Exception as err: print("Content-type:application/json\n\n") result = { "result": "Error", "info": "some error {}".format(mylogger.exception_info(err)) } print(json.dumps(result))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "") try: post = str(sys.stdin.read()) IPinfo = json.loads(post) mac = IPinfo["MAC"] # creds = json.loads(open("/tmp/config.json").read()) dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("iseconfig") creds = json.loads(dbresult["configstring"]) ISE_SERVER = creds["ise_server"] ISE_USERNAME = creds["ise_username"] ISE_PASSWORD = creds["ise_password"] # print("connecting to ....{} {} {}".format(SW_SERVER,SW_USERNAME,SW_PASSWORD)) ise = cats.ISE_ANC(server=ISE_SERVER, username=ISE_USERNAME, password=ISE_PASSWORD, debug=False) rsp = ise.clearPolicy(mac=mac) rsp.update({"rtcResult": "OK"}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") print(json.dumps(rsp))
def main(argv): debug_level = 0 debug = False mylogger = rtclogger.LOGGER("rtcQ", debug_level, "") try: post = str(sys.stdin.read()) info = json.loads(post) guid = info["guid"] # creds = json.loads(open("/tmp/config.json").read()) dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("ampconfig") creds = json.loads(dbresult["configstring"]) AMP_api_client_id = creds["amp_api_client_id"] AMP_api_key = creds["amp_api_key"] amp = cats.AMP(cloud="us", api_client_id=AMP_api_client_id, api_key=AMP_api_key, debug=debug, logfile="") rsp = amp.stopHostIsolation(guid=guid) rsp.update({"rtcResult": "OK"}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") print(json.dumps(rsp))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "") post = str(sys.stdin.read()) creds = json.loads(post) # todo - # input validation is for wimps # try: mydb = rtcdb.RTCDB() mydb.updateRTCconfig(post) dbresult = mydb.getRTCconfig() if dbresult["rtcResult"] == "OK": configstring = dbresult["configstring"] rsp = {"rtcResult": "OK"} rsp.update({"configstring": configstring}) else: rsp = {"rtcResult": "DB ERROR"} print("Content-type:application/json\n\n") print(json.dumps(rsp)) except Exception as err: print("Content-type:application/json\n\n") result = { "rtcResult": "Error", "info": "some error {} {}".format(mylogger.exception_info(err), temp) } print(json.dumps(result))
def main(argv): ### default never log,change this if needed debug_level = 0 mylogger = rtclogger.LOGGER("gethosts", debug_level, "") try: if 'REQUEST_METHOD' in os.environ: ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) temp = json.loads(post) recurring = temp["recurring"] else: ### this is called via CLI for troubleshooting recurring = "True" debug = True dbconn = rtcdb.RTCDB() ### now get info on IPs rsp = dbconn.getIPs() ips = rsp["items"] mylogger.log_debug(7, json.dumps(ips)) for thisip in ips: mylogger.log_debug(7, "IP is ".format(json.dumps(thisip))) try: rsp = dbconn.getAMPevents(ip=thisip["ip"]) thisip.update({"ampevents": rsp}) except Exception as err: estring = mylogger.exception_info(err) thisip.update({"ampevents": {}}) try: rsp = dbconn.getUMBevents(ip=thisip["ip"]) thisip.update({"umbevents": rsp}) except Exception as err: estring = mylogger.exception_info(err) thisip.update({"umbevents": {}}) try: rsp = dbconn.getSWevents(ip=thisip["ip"]) thisip.update({"swevents": rsp}) except Exception as err: estring = mylogger.exception_info(err) thisip.update({"swevents": {}}) rsp = {"rtcResult": "OK"} rsp.update({"items": ips}) rsp.update({"recurring": recurring}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") if not debug: print(json.dumps(rsp)) else: print(json.dumps(rsp, indent=4, sort_keys=True))
def run(self): while True: try: #### DESPEARATE TRY self.db = rtcdb.RTCDB() self.loopEvents() time.sleep(59) except Exception as err: self.logger.log_debug(0,self.logger.exception_info(err)) time.sleep(59)
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("SWevents", debug_level, "") try: if 'REQUEST_METHOD' in os.environ: ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) request = json.loads(post) days = int(request["days"]) hours = int(request["hours"]) minutes = int(request["hours"]) else: ### this is called via CLI for troubleshooting recurring = "True" debug = True days = 0 hours = 1 minutes = 0 dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("swconfig") creds = json.loads(dbresult["configstring"]) SW_SERVER = creds["sw_server"] SW_USERNAME = creds["sw_username"] SW_PASSWORD = creds["sw_password"] # print("connecting to ....{} {} {}".format(SW_SERVER,SW_USERNAME,SW_PASSWORD)) sw = cats.SW(server=SW_SERVER, username=SW_USERNAME, password=SW_PASSWORD, debug=False) sw_rsp = sw.searchSecurityEvents(days=days, hours=hours, minutes=minutes, sourceip="", targetip="", wait=5) rsp = {"rtcResult": "OK"} rsp.update({"events": sw_rsp["data"]["results"]}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") print(json.dumps(rsp))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "") try: dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("iseconfig") creds = json.loads(dbresult["configstring"]) ISE_SERVER = creds["ise_server"] ISE_USERNAME = creds["ise_username"] PXGRID_CLIENT_CERT = creds["pxgrid_client_cert"] PXGRID_CLIENT_KEY = creds["pxgrid_client_key"] PXGRID_CLIENT_KEY_PASSWORD = creds["pxgrid_client_key_pw"] PXGRID_SERVER_CERT = creds["pxgrid_server_cert"] PXGRID_NODENAME = creds["pxgrid_nodename"] if "pxgrid_password" in creds: PXGRID_PASSWORD = creds["pxgrid_password"] else: PXGRID_PASSWORD = "" if 'REQUEST_METHOD' in os.environ: debug = False else: debug = True # print("connecting to ....{} {} {}".format(ISE_SERVER,ISE_USERNAME,ISE_PASSWORD)) i = cats.ISE_PXGRID(server=ISE_SERVER, password=PXGRID_PASSWORD, debug=debug, logfile="", clientcert=PXGRID_CLIENT_CERT, clientkey=PXGRID_CLIENT_KEY, clientkeypassword=PXGRID_CLIENT_KEY_PASSWORD, servercert=PXGRID_SERVER_CERT, nodename=PXGRID_NODENAME) # i = cats.ISE_PXGRID(server=ISE_SERVER,username=ISE_USERNAME,password=ISE_PASSWORD,debug=True,logfile="") rsp = i.getSessions() # print(str(rsp)) rsp.update({"rtcResult": "OK"}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") print(json.dumps(rsp))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("AMPeventDetails",debug_level,"") try: if 'REQUEST_METHOD' in os.environ : ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) request = json.loads(post) days = int(request["days"]) hours = int(request["hours"]) minutes = int(request["hours"]) else : ### this is called via CLI for troubleshooting debug = True days = 0 hours = 1 minutes = 0 dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("umbrellaconfig") creds = json.loads(dbresult["configstring"]) API_ORGID = creds["u_orgid"] API_INVESTIGATE_TOKEN = creds["u_investigate_token"] API_ENFORCE_TOKEN = creds["u_investigate_token"] API_SECRET = creds["u_secret"] API_KEY = creds["u_key"] u = cats.UMBRELLA(investigate_token=API_INVESTIGATE_TOKEN,enforce_token=API_ENFORCE_TOKEN,key=API_KEY,secret=API_SECRET,orgid=API_ORGID,debug=debug,logfile="") umb_rsp = u.reportSecurityActivity(days=days,hours=hours,minutes=minutes) rsp = {"rtcResult":"OK"} rsp.update({"events": umb_rsp["requests"]}) print("Content-type:application/json\n\n") print(json.dumps(rsp)) except Exception as err: print("Content-type:application/json\n\n") rsp = {"rtcResult": mylogger.exception_info(err)} print(json.dumps(rsp))
def __init__(self,name,thresholdLogLevel,logfilename): try: threading.Thread.__init__(self) self.logthreshold = thresholdLogLevel self.logger = rtclogger.LOGGER(name,thresholdLogLevel,logfilename) self.logger.log_debug(0,"starting {} thread with log level {}".format(name,str(thresholdLogLevel))) self.db = rtcdb.RTCDB() dbresult = self.db.getConfig("rtcconfig") self.rtcConfig = json.loads(dbresult["configstring"]) self.threshold = self.rtcConfig["rtcThreshold"] dbresult = self.db.getConfig("iseconfig") creds = json.loads(dbresult["configstring"]) ISE_SERVER = creds["ise_server"] ISE_USERNAME = creds["ise_username"] ISE_PASSWORD = creds["ise_password"] if "pxgrid_password" in creds: PXGRID_PASSWORD = creds["pxgrid_password"] else: PXGRID_PASSWORD = "" PXGRID_CLIENT_CERT = creds["pxgrid_client_cert"] PXGRID_CLIENT_KEY = creds["pxgrid_client_key"] PXGRID_CLIENT_KEY_PASSWORD = creds["pxgrid_client_key_pw"] PXGRID_SERVER_CERT = creds["pxgrid_server_cert"] PXGRID_NODENAME = creds["pxgrid_nodename"] self.pxgrid = cats.ISE_PXGRID(server=ISE_SERVER,clientcert=PXGRID_CLIENT_CERT,clientkey=PXGRID_CLIENT_KEY,clientkeypassword=PXGRID_CLIENT_KEY_PASSWORD,servercert=PXGRID_SERVER_CERT,nodename=PXGRID_NODENAME,password=PXGRID_PASSWORD,debug=False,logfile="") self.ise_anc = cats.ISE_ANC(ISE_SERVER,ISE_USERNAME,ISE_PASSWORD,debug=False) self.ancpolicy = self.rtcConfig["rtcPolicyName"] dbresultAMP = self.db.getXconfig("ampconfig") credsAMP = json.loads(dbresultAMP["configstring"]) AMP_cloud = "us" AMP_api_client_id = credsAMP["amp_api_client_id"] AMP_api_key = credsAMP["amp_api_key"] self.amp = cats.AMP(cloud=AMP_cloud,api_client_id=AMP_api_client_id,api_key=AMP_api_key,debug=False,logfile="") except Exception as err: self.logger.log_debug(0,self.logger.exception_info(err))
def main(argv): ### default never log,change this if needed try: debug_level = 0 mylogger = rtclogger.LOGGER("gethosts", debug_level, "") if 'REQUEST_METHOD' in os.environ: ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) temp = json.loads(post) table = temp["type"] name = temp["name"] else: debug = True table = input("Enter table to purge:") name = input("Enter name to purge:") if table == "mac" or table == "hostname" or table == "user" or table == "ip": dbconn = rtcdb.RTCDB() if table == "ip": rsp = dbconn.deleteIP(name) if table == "mac": rsp = dbconn.deleteHost(name) if table == "hostname": rsp = dbconn.deleteHostname(name) if table == "user": rsp = dbconn.deleteUser(name) rsp = {"rtcResult": "OK"} else: rsp = {"rtcResult": "Error - Invalid Table"} except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") if not debug: print(json.dumps(rsp)) else: print(json.dumps(rsp, indent=4, sort_keys=True))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "") try: if 'REQUEST_METHOD' in os.environ: ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) request = json.loads(post) days = int(request["days"]) hours = int(request["hours"]) minutes = int(request["hours"]) else: ### this is called via CLI for troubleshooting recurring = "True" debug = True days = 0 hours = 1 minutes = 0 dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("ampconfig") creds = json.loads(dbresult["configstring"]) API_CLIENT_ID = creds["amp_api_client_id"] API_KEY = creds["amp_api_key"] a = cats.AMP(cloud="us", api_client_id=API_CLIENT_ID, api_key=API_KEY, debug=False, logfile="/tmp/rtcAMPevents.log") amp_rsp = a.events(days=days, hours=hours, minutes=minutes) rsp = {"rtcResult": "OK"} rsp.update({"events": amp_rsp["data"]}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") print(json.dumps(rsp))
def main(argv): # todo - # input validation is for wimps # print("Content-type:application/json\n\n") try: debug_level = 0 mylogger = rtclogger.LOGGER("Config ",debug_level,"") order = str(sys.stdin.read()) ppost = json.loads(order) config= ppost["config"] dbconn = rtcdb.RTCDB() dbresult = dbconn.restoreConfig(config); if dbresult["rtcResult"] == "OK": rsp = {"rtcResult":"OK"} else: rsp = {"rtcResult":"DB ERROR","info": dbresult["info"]} print(json.dumps(rsp)) except Exception as err: result = { "result":"Error","info":"some error {} config {}".format(mylogger.exception_info(err),config) } print(json.dumps(result))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "") try: if 'REQUEST_METHOD' in os.environ: ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) IPinfo = json.loads(post) ip = IPinfo["IP"] else: ### this is called via CLI for troubleshooting debug = True ip = "10.1.33.10" dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("swconfig") creds = json.loads(dbresult["configstring"]) SW_SERVER = creds["sw_server"] SW_USERNAME = creds["sw_username"] SW_PASSWORD = creds["sw_password"] sw = cats.SW(server=SW_SERVER, username=SW_USERNAME, password=SW_PASSWORD, debug=False) rsp = sw.getFlows(sip=[ip], days=3, hours=0) rsp.update({"rtcResult": "OK"}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") if debug: print(json.dumps(rsp, indent=4, sort_keys=True)) else: print(json.dumps(rsp))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("GetDynOptions", debug_level, "") try: if 'REQUEST_METHOD' in os.environ: ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) temp = json.loads(post) email = temp["email"] sam = temp["username"] days = temp["days"] hours = temp["hours"] minutes = temp["minutes"] else: ### this is called via CLI for troubleshooting item = "all" debug = True email = "*****@*****.**" sam = "hacke" days = 90 hours = 0 minutes = 0 dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("smaconfig") creds = json.loads(dbresult["configstring"]) SMA_SERVER = creds["sma_server"] SMA_USERNAME = creds["sma_username"] SMA_PASSWORD = creds["sma_password"] dbresult = dbconn.getXconfig("duoconfig") creds = json.loads(dbresult["configstring"]) api_ikey = creds["api_ikey"] api_skey = creds["api_skey"] duo_host = creds["duo_host"] sma = cats.SMA(server=SMA_SERVER, username=SMA_USERNAME, password=SMA_PASSWORD, debug=debug) sma_rsp = sma.getDLPdetails(days=days, hours=hours, minutes=minutes, sender=email, critical=True, high=True, medium=True, low=True) if debug: print(json.dumps(sma_rsp, indent=4, sort_keys=True)) rsp = {"rtcResult": "OK", "smadata": sma_rsp["data"]} duo = cats.DUO_ADMIN(api_ikey=api_ikey, api_skey=api_skey, duo_host=duo_host, debug=debug, logfile="") duo_rsp = duo.getAuthLogs(username=sam, days=days, hours=hours, minutes=minutes) rsp.update({"duo": duo_rsp}) print("Content-type:application/json\n\n") ret = json.dumps(rsp) print(ret) except Exception as err: print("Content-type:application/json\n\n") result = { "rtcResult": "Error", "info": "some error {}".format(mylogger.exception_info(err)) } print(json.dumps(result))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("GetDynOptions",debug_level,"") try: if 'REQUEST_METHOD' in os.environ : ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) temp = json.loads(post) item = temp["item"] else : ### this is called via CLI for troubleshooting item = "all" recurring = "True" debug = True item = "all" dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("adconfig") ADgroups = [] if item == "all" or item=="adconfig": ad_config = json.loads(dbresult["configstring"]) if "ad_server" in ad_config: ad_server = Server(ad_config["ad_server"],get_info = ALL) ad_conn = Connection(ad_server,user=ad_config["ad_username"],password=ad_config["ad_password"], auto_bind\ = True) ad_conn.search(search_base=ad_config["ad_base_dn"],search_filter = '(objectclass=Group)',attributes=['cn']) groups = ad_conn.entries for group in groups: ADgroups.append(group.cn.values[0]) isePolicies = [] if item == "all" or item=="iseconfig": dbresult = dbconn.getXconfig("iseconfig") iseconfig = json.loads(dbresult["configstring"]) if "ise_server" in iseconfig: server = iseconfig["ise_server"] username = iseconfig["ise_username"] password = iseconfig["ise_password"] ise = cats.ISE_ANC(server=server,username=username,password=password,debug=False) isePolicies = ise.listPolicies() swEvents = [] swHostGroups = [] if item == "all" or item=="swconfig": dbresult = dbconn.getXconfig("swconfig") swconfig = json.loads(dbresult["configstring"]) if "sw_server" in swconfig: server = swconfig["sw_server"] username = swconfig["sw_username"] password = swconfig["sw_password"] sw = cats.SW(server=server,username=username,password=password,debug=False) swEvents = sw.eventList() swHostGroups = sw.getHostGroups() ampEvents = [] if item == "all" or item=="ampconfig": dbresult = dbconn.getXconfig("ampconfig") ampConfig = json.loads(dbresult["configstring"]) if "amp_api_client_id" in ampConfig: API_CLIENT_ID = ampConfig["amp_api_client_id"] API_KEY = ampConfig["amp_api_key"] amp = cats.AMP(cloud="us",api_client_id=API_CLIENT_ID,api_key=API_KEY,debug=False,logfile="") ampEvents = amp.eventTypes() rsp = {"rtcResult":"OK"} rsp.update({"item": item}) rsp.update({"ADgroups": ADgroups}) rsp.update({"swEvents": swEvents}) rsp.update({"swHostGroups": swHostGroups}) rsp.update({"ampEvents": ampEvents}) rsp.update({"isePolicies": isePolicies}) print("Content-type:application/json\n\n") ret = json.dumps(rsp) print (ret) except Exception as err: print("Content-type:application/json\n\n") result = { "rtcResult":"Error","info":"some error {}".format(mylogger.exception_info(err)) } print(json.dumps(result))
def main(argv): ### default never log,change this if needed debug_level = 0 mylogger = rtclogger.LOGGER("getHosts", debug_level, "") try: if 'REQUEST_METHOD' in os.environ: ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) temp = json.loads(post) recurring = temp["recurring"] else: ### this is called via CLI for troubleshooting recurring = "True" debug = True dbconn = rtcdb.RTCDB() rsp = dbconn.getHosts() hosts = rsp["items"] mylogger.log_debug(7, json.dumps(hosts)) dbresult = dbconn.getXconfig("iseconfig") creds = json.loads(dbresult["configstring"]) i = None if "ise_server" in creds: ISE_SERVER = creds["ise_server"] ISE_USERNAME = creds["ise_username"] ISE_PASSWORD = creds["ise_password"] if "pxgrid_password" in creds: PXGRID_PASSWORD = creds["pxgrid_password"] else: PXGRID_PASSWORD = "" PXGRID_CLIENT_CERT = creds["pxgrid_client_cert"] PXGRID_CLIENT_KEY = creds["pxgrid_client_key"] PXGRID_CLIENT_KEY_PASSWORD = creds["pxgrid_client_key_pw"] PXGRID_SERVER_CERT = creds["pxgrid_server_cert"] PXGRID_NODENAME = creds["pxgrid_nodename"] i = cats.ISE_PXGRID(server=ISE_SERVER, debug=debug, logfile="", clientcert=PXGRID_CLIENT_CERT, clientkey=PXGRID_CLIENT_KEY, clientkeypassword=PXGRID_CLIENT_KEY_PASSWORD, servercert=PXGRID_SERVER_CERT, nodename=PXGRID_NODENAME, password=PXGRID_PASSWORD) anc = cats.ISE_ANC(ISE_SERVER, ISE_USERNAME, ISE_PASSWORD, debug=debug, logfile="") dbresult = dbconn.getXconfig("ampconfig") creds = json.loads(dbresult["configstring"]) a = None if "amp_api_client_id" in creds: API_CLIENT_ID = creds["amp_api_client_id"] API_KEY = creds["amp_api_key"] a = cats.AMP(cloud="us", api_client_id=API_CLIENT_ID, api_key=API_KEY, debug=debug, logfile="") for h in hosts: mylogger.log_debug(7, "Host is ".format(json.dumps(h))) if i: try: mylogger.log_debug(7, "getting sessions for " + h["mac"]) rsp = i.getSessions(mac=h["mac"]) mylogger.log_debug( 7, "pxgrid rsp {}".format(json.dumps(rsp))) h.update({"ise": rsp}) except Exception as err: mylogger.log_debug( 2, "ise sessions " + mylogger.exception_info(err)) h.update({"ise": {}}) else: h.update({"ise": {}}) if a: try: # is this the same rsp as gotten from getsessions?!?! ip = rsp["ipAddresses"][0] rsp = a.computers(internal_ip=ip) mylogger.log_debug(7, "AMP resp" + json.dumps(rsp)) h.update({"amp": rsp}) except Exception as err: mylogger.log_debug( 1, "amp exception" + mylogger.exception_info(err)) h.update({"amp": {}}) else: h.update({"amp": {}}) if anc: try: mylogger.log_debug(7, "reading ISE ANC for " + h["mac"]) rsp = anc.macPolicy(h["mac"]) h.update({"ancpolicy": rsp["policy"]}) except Exception as err: h.update({"ancpolicy": ""}) mylogger.log_debug( 1, "ise anc exception" + mylogger.exception_info(err)) else: h.update({"ancpolicy": ""}) # get all the rtcEvent for this host try: rsp = dbconn.getAMPevents(h["mac"]) h.update({"ampevents": rsp}) except Exception as err: h.update({"ampevents": {}}) mylogger.log_debug( 1, "ampevents exception" + mylogger.exception_info(err)) try: rsp = dbconn.getSWevents(h["mac"]) h.update({"swevents": rsp}) except Exception as err: h.update({"swevents": {}}) try: rsp = dbconn.getUMBevents(h["mac"]) h.update({"umbevents": rsp}) except Exception as err: h.update({"umbevents": {}}) mylogger.log_debug( 1, "umbevents exception" + mylogger.exception_info(err)) rsp = {"rtcResult": "OK"} rsp.update({"items": hosts}) rsp.update({"recurring": recurring}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") print(json.dumps(rsp))
def main(argv): # todo - # input validation is for wimps # print("Content-type:application/json\n\n") try: debug_level = 4 mylogger = rtclogger.LOGGER("Config ", debug_level, "") order = str(sys.stdin.read()) ppost = json.loads(order) table = ppost["table"] post = ppost["post"] debugmsg = "" dbconn = rtcdb.RTCDB() if table == "iseconfig": mylogger.log_debug(0, json.dumps(post)) if post["pxgrid_client_cert"]: post.update({"pxgrid_password": ""}) else: debugmsg = "not post client cert and iseconfig" ''' password based auth for ise may need to retrieve password if not already stored''' dbresult = dbconn.getXconfig("iseconfig") if dbresult["rtcResult"] == "OK": configstring = dbresult["configstring"] iseconfig = json.loads(configstring) if not "pxgrid_password" in iseconfig: debugmsg = debugmsg + " not pxgrid password" i = cats.ISE_PXGRID(server=post["ise_server"], nodename=post["pxgrid_nodename"], description="", debug=True, logfile="/tmp/rtc.log") password = i.getPassword() debugmsg = debugmsg + "password is " + password i.activate() post.update({"pxgrid_password": password}) else: rsp = { "rtcResult": "DB ERROR", "info": debugmsg + dbresult["info"] } print(json.dumps(rsp)) return dbresult = dbconn.updateXconfig(table, json.dumps(post)) if dbresult["rtcResult"] == "OK": dbresult = dbconn.getXconfig(table) if dbresult["rtcResult"] == "OK": configstring = dbresult["configstring"] rsp = {"rtcResult": "OK"} rsp.update({"configstring": configstring}) else: rsp = {"rtcResult": "DB ERROR" + debugmsg} else: rsp = { "rtcResult": "DB ERROR", "info": debugmsg + dbresult["info"] } print(json.dumps(rsp)) except Exception as err: result = { "result": "Error", "info": "some error {} table {} post {} {}".format( mylogger.exception_info(err), table, post, debugmsg) } print(json.dumps(result))
def main(argv): ### default never log,change this if needed debug_level = 0 mylogger = rtclogger.LOGGER("gethosts", debug_level, "") try: if 'REQUEST_METHOD' in os.environ: ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) temp = json.loads(post) recurring = temp["recurring"] else: ### this is called via CLI for troubleshooting recurring = "True" debug = True dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("adconfig") ad_config = json.loads(dbresult["configstring"]) try: ad_server = Server(ad_config["ad_server"], get_info=ALL) ad_conn = Connection(ad_server, user=ad_config["ad_username"], password=ad_config["ad_password"], auto_bind=True) except Exception as err: estring = mylogger.exception_info(err) ad_conn = None dbresult = dbconn.getXconfig("ampconfig") creds = json.loads(dbresult["configstring"]) rsp = dbconn.getUsers() users = rsp["items"] mylogger.log_debug(7, json.dumps(users)) for u in users: mylogger.log_debug(7, "User is ".format(json.dumps(u))) ad_info = { "memberOf": [], "mail": "", "badPasswordTime": "", "lastLogon": "", "badPwdCount": "", } try: if ad_conn: ad_conn.search(u["user"], '(objectclass=person)', attributes=[ 'sn', 'mail', 'memberOf', 'badPasswordTime', 'lastLogon', 'badPwdCount', 'sAMAccountName' ]) entry = ad_conn.entries[0] ad_info["memberOf"] = entry.memberOf.values ad_info["badPasswordTime"] = str(entry.badPasswordTime) ad_info["mail"] = str(entry.mail) ad_info["lastLogon"] = str(entry.lastLogon) ad_info["badPwdCount"] = str(entry.badPwdCount) ad_info["sAMAccountName"] = str(entry.sAMAccountName) except Exception as e: pass u.update({"ad_info": ad_info}) try: rsp = dbconn.getAMPevents(user=u["user"]) u.update({"ampevents": rsp}) except Exception as err: estring = mylogger.exception_info(err) u.update({"ampevents": {}}) try: rsp = dbconn.getSWevents(user=u["user"]) u.update({"swevents": rsp}) except Exception as err: u.update({"swevents": {}}) try: rsp = dbconn.getUMBevents(user=u["user"]) u.update({"umbevents": rsp}) except Exception as err: u.update({"umbevents": {}}) rsp = {"rtcResult": "OK"} rsp.update({"items": users}) rsp.update({"recurring": recurring}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") if not debug: print(json.dumps(rsp)) else: print(json.dumps(rsp, indent=4, sort_keys=True))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "") try: dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("adconfig") ad_config = json.loads(dbresult["configstring"]) ADgroups = [] if "ad_server" in ad_config: ad_server = Server(ad_config["ad_server"], get_info=ALL) ad_conn = Connection(ad_server,user=ad_config["ad_username"],password=ad_config["ad_password"], auto_bind\ = True) ad_conn.search(search_base=ad_config["ad_base_dn"], search_filter='(objectclass=Group)', attributes=['cn']) groups = ad_conn.entries for group in groups: ADgroups.append(group.cn.values[0]) dbresult = dbconn.getXconfig("iseconfig") iseconfig = json.loads(dbresult["configstring"]) server = iseconfig["ise_server"] username = iseconfig["ise_username"] password = iseconfig["ise_password"] ise = cats.ISE_ANC(server=server, username=username, password=password, debug=False) isePolicies = ise.listPolicies() dbresult = dbconn.getXconfig("swconfig") swconfig = json.loads(dbresult["configstring"]) server = swconfig["sw_server"] username = swconfig["sw_username"] password = swconfig["sw_password"] sw = cats.SW(server=server, username=username, password=password, debug=False) swEvents = sw.eventList() dbresult = dbconn.getXconfig("ampconfig") ampConfig = json.loads(dbresult["configstring"]) API_CLIENT_ID = ampConfig["amp_api_client_id"] API_KEY = ampConfig["amp_api_key"] amp = cats.AMP(cloud="us", api_client_id=API_CLIENT_ID, api_key=API_KEY, debug=False, logfile="") ampEvents = amp.eventTypes() rsp = {"rtcResult": "OK"} rsp.update({"ADgroups": ADgroups}) rsp.update({"swEvents": swEvents}) rsp.update({"ampEvents": ampEvents}) rsp.update({"isePolicies": isePolicies}) print("Content-type:application/json\n\n") ret = json.dumps(rsp) print(ret) except Exception as err: print("Content-type:application/json\n\n") result = { "rtcResult": "Error", "info": "some error {}".format(mylogger.exception_info(err)) } print(json.dumps(result))