def get_file_info(filename, cluster_items): def is_synced_file(mtime, node_type): if 'master' in node_type: return False else: return (datetime.now() - datetime.fromtimestamp(mtime)).seconds / 60 > 30 node_type = read_config()['node_type'] fullpath = common.ossec_path + filename if not path.isfile(fullpath): raise WazuhException(3000, "Could not open file {0}".format(filename)) stat_obj = stat(fullpath) st_mtime = stat_obj.st_mtime st_size = stat_obj.st_size directory = path.dirname(filename)+'/' new_item = cluster_items[directory] if directory in cluster_items.keys() else cluster_items['/etc/'] file_item = { "umask" : new_item['umask'], "format" : new_item['format'], "write_mode" : new_item['write_mode'], "md5": md5(fullpath), "modification_time" : str(datetime.utcfromtimestamp(st_mtime)), 'timestamp': st_mtime, "size" : st_size, 'is_synced': is_synced_file(st_mtime, node_type) } return file_item
def get_file_info(filename): fullpath = common.ossec_path + filename if not path.isfile(fullpath): raise WazuhException(3000, "Could not open file {0}".format(filename)) stat_obj = stat(fullpath) st_mtime = stat_obj.st_mtime st_size = stat_obj.st_size new_item = CLUSTER_ITEMS[0] if filename == CLUSTER_ITEMS[0]['file_name'] else CLUSTER_ITEMS[1] file_item = { "umask" : new_item['umask'], "format" : new_item['format'], "write_mode" : new_item['write_mode'], "conditions" : new_item['conditions'], "md5": md5(fullpath), "modification_time" : str(datetime.utcfromtimestamp(st_mtime)), "size" : st_size, 'is_synced': st_mtime.is_integer() } return file_item
def get_file_info(filename, cluster_items): fullpath = common.ossec_path + filename if not path.isfile(fullpath): raise WazuhException(3000, "Could not open file {0}".format(filename)) stat_obj = stat(fullpath) st_mtime = stat_obj.st_mtime st_size = stat_obj.st_size directory = path.dirname(filename) + '/' new_item = cluster_items[directory] if directory in cluster_items.keys( ) else cluster_items['/etc/'] file_item = { "umask": new_item['umask'], "format": new_item['format'], "write_mode": new_item['write_mode'], "md5": md5(fullpath), "modification_time": str(datetime.utcfromtimestamp(st_mtime)), "size": st_size, 'is_synced': st_mtime.is_integer() } return file_item
def walk_dir(dirname, recursive, files, excluded_files, excluded_extensions, get_cluster_item_key, get_md5=True, whoami='master'): walk_files = {} try: entries = listdir(dirname) except OSError as e: raise WazuhException(3015, str(e)) for entry in entries: if entry in excluded_files or reduce( add, map(lambda x: entry[-(len(x)):] == x, excluded_extensions)): continue full_path = path.join(dirname, entry) if entry in files or files == ["all"]: if not path.isdir(full_path): file_mod_time = datetime.utcfromtimestamp( stat(full_path).st_mtime) if whoami == 'worker' and file_mod_time < ( datetime.utcnow() - timedelta(minutes=30)): continue new_key = full_path.replace(common.ossec_path, "") walk_files[new_key] = { "mod_time": str(file_mod_time), 'cluster_item_key': get_cluster_item_key } if '.merged' in entry: walk_files[new_key]['merged'] = True walk_files[new_key][ 'merge_type'] = 'agent-info' if 'agent-info' in entry else 'agent-groups' walk_files[new_key][ 'merge_name'] = '/queue/cluster/' + entry else: walk_files[new_key]['merged'] = False if get_md5: walk_files[new_key]['md5'] = md5(full_path) if recursive and path.isdir(full_path): walk_files.update( walk_dir(full_path, recursive, files, excluded_files, excluded_extensions, get_cluster_item_key, get_md5, whoami)) return walk_files
def walk_dir(dirname, recursive, files, excluded_files, excluded_extensions, get_cluster_item_key, get_md5=True, whoami='master'): walk_files = {} try: entries = listdir(common.ossec_path + dirname) except OSError as e: raise WazuhException(3015, str(e)) for entry in entries: if entry in excluded_files or reduce(add, map(lambda x: entry[-(len(x)):] == x, excluded_extensions)): continue try: full_path = path.join(dirname, entry) if entry in files or files == ["all"]: if not path.isdir(common.ossec_path + full_path): file_mod_time = datetime.utcfromtimestamp(stat(common.ossec_path + full_path).st_mtime) if whoami == 'worker' and file_mod_time < (datetime.utcnow() - timedelta(minutes=30)): continue entry_metadata = {"mod_time": str(file_mod_time), 'cluster_item_key': get_cluster_item_key} if '.merged' in entry: entry_metadata['merged'] = True entry_metadata['merge_type'] = 'agent-info' if 'agent-info' in entry else 'agent-groups' entry_metadata['merge_name'] = dirname + '/' + entry else: entry_metadata['merged'] = False if get_md5: entry_metadata['md5'] = md5(common.ossec_path + full_path) walk_files[full_path] = entry_metadata if recursive and path.isdir(common.ossec_path + full_path): walk_files.update(walk_dir(full_path, recursive, files, excluded_files, excluded_extensions, get_cluster_item_key, get_md5, whoami)) except Exception as e: logger.error("Could not get checksum of file {}: {}".format(entry, e)) return walk_files