예제 #1
0
    def submit(self, submission):
        """Attempts to submit the given Submission to this node."""
        assert isinstance(submission, Submission)
        # we need to convert the list of files to what is expected by the ace_api.submit function
        _files = []
        for f in submission.files:
            if isinstance(f, tuple):
                src_path, dest_name = f
                _files.append(
                    (dest_name,
                     open(
                         os.path.join(self.incoming_dir, submission.uuid,
                                      os.path.basename(src_path)), 'rb')))
            else:
                _files.append((os.path.basename(f),
                               open(
                                   os.path.join(self.incoming_dir,
                                                submission.uuid,
                                                os.path.basename(f)), 'rb')))

        #files = [ (os.path.basename(f), open(os.path.join(self.incoming_dir, submission.uuid, os.path.basename(f)), 'rb')) for f in submission.files]
        result = ace_api.submit(
            submission.description,
            remote_host=self.location,
            ssl_verification=saq.CONFIG['SSL']['ca_chain_path'],
            analysis_mode=submission.analysis_mode,
            tool=submission.tool,
            tool_instance=submission.tool_instance,
            type=submission.type,
            event_time=submission.event_time,
            details=submission.details,
            observables=submission.observables,
            tags=submission.tags,
            files=_files)

        try:
            result = result['result']
            logging.info("submit remote {} submission {} uuid {}".format(
                self.location, submission, result['uuid']))
        except Exception as e:
            logging.warning("submission irregularity for {}: {}".format(
                submission, e))

        # clean up our file descriptors
        for name, fp in _files:
            try:
                fp.close()
            except Exception as e:
                logging.error(
                    "unable to close file descriptor for {}: {}".format(
                        name, e))

        return result
예제 #2
0
    def _submit(self,
                analysis_mode=None,
                tool=None,
                tool_instance=None,
                type=None,
                description=None,
                details=None,
                event_time=None,
                observables=None,
                tags=None):

        temp_path = os.path.join(saq.SAQ_HOME, saq.TEMP_DIR, 'submit_test.dat')
        temp_data = os.urandom(1024)

        with open(temp_path, 'wb') as fp:
            fp.write(temp_data)

        try:
            with open(temp_path, 'rb') as fp:
                return ace_api.submit(
                    analysis_mode='test_empty'
                    if analysis_mode is None else analysis_mode,
                    tool='unittest_tool' if tool is None else tool,
                    tool_instance='unittest_tool_instance'
                    if tool_instance is None else tool_instance,
                    type='unittest_type' if type is None else type,
                    description='testing'
                    if description is None else description,
                    details={'hello': 'world'} if details is None else details,
                    event_time=self._get_submit_time()
                    if event_time is None else event_time,
                    observables=[
                        {
                            'type': 'ipv4',
                            'value': '1.2.3.4',
                            'time': self._get_submit_time(),
                            'tags': ['tag_1', 'tag_2'],
                            'directives': ['no_scan'],
                            'limited_analysis': ['basic_test']
                        },
                        {
                            'type': 'user',
                            'value': 'test_user',
                            'time': self._get_submit_time()
                        },
                    ] if observables is None else observables,
                    tags=['alert_tag_1', 'alert_tag_2']
                    if tags is None else tags,
                    files=[('sample.dat', io.BytesIO(b'Hello, world!')),
                           ('submit_test.dat', fp)])
        finally:
            os.remove(temp_path)