def ossec_add_new_agent(sensor_id): """ Call API method to run ossec_create_new_agent script """ agent_name = request.args.get('agent_name', None) agent_ip = request.args.get('agent_ip', None) asset_id = request.args.get('asset_id', None) # Check valid input valid_str = re.compile('^[-.\w]+$') if not valid_str.match(agent_name) or not (is_valid_ipv4(agent_ip) or is_valid_ipv4_cidr(agent_ip)): return make_bad_request("Invalid agent name or address") # Now call the api method to create the new agent - If everything is right it returns the agent id of the new agent (success, data) = api_ossec_add_new_agent(sensor_id, agent_name, agent_ip, asset_id) if not success: current_app.logger.error("ossec_agent: error creating new agent: " + str(data)) return make_error(data, 500) # Now we get the agent detail try: agent_id = data (success, data) = apimethod_ossec_get_agent_from_db(sensor_id, agent_id) except APIException as e: return make_error_from_exception(e) if success: return make_ok(agent_detail=data) else: return make_error(data, 500)
def is_system_reachable(system_id): """Find out if a system is reachable or not. The blueprint handle the following url: GET /av/api/1.0/system/<system_id>/status/ping Args: system_id (str): String with system id (uuid) or local """ no_cache = is_json_true(request.args.get('no_cache', None)) try: reachable = ping_system(system_id, no_cache=no_cache) return make_ok(reachable=reachable) except APIException as e: make_error_from_exception(e)
def remove(): try: plugin_file = request.args.get('plugin_file') apimethod_remove_plugin(plugin_file=plugin_file) except APIException as e: return make_error_from_exception(e) return make_ok()
def set_auto_updates(): enabled = is_json_true(request.args.get('enabled')) try: set_feed_auto_update(enabled=enabled) except APIException as e: return make_error_from_exception(e) return make_ok()
def download(): try: plugin_file = request.form['plugin_file'] data = apimethod_download_plugin(plugin_file=plugin_file) # response = make_response(data) # response.headers["Content-Disposition"] = "attachment; filename={}".format(plugin_file) except APIException as e: return make_error_from_exception(e) return make_ok(contents=data)
def get_telemetry_collection_config(): if not first_init_admin_access(): return make_error('Request forbidden -- authorization will not help', 403) try: enabled = get_system_config_telemetry_enabled() except APIException as e: return make_error_from_exception(e) return make_ok(enabled=enabled)
def get_ossec_available_agents(sensor_id): """ Returns the agent list related to sensor :param sensor_id: Sensor id """ try: agents = apimethod_hids_get_list(sensor_id) return make_ok(agents=agents) except APIException as e: return make_error_from_exception(e)
def bp_get_sensor_detector_plugins(sensor_id): """ Return the plugins of type 'detector' in a sensor :param sensor_id: The sensor which we want to get the data """ try: plugins = get_sensor_detector_plugins(sensor_id) except APIException as e: return make_error_from_exception(e) return make_ok(plugins=plugins)
def put_sensor(sensor_id): password = request.args.get('password', None) try: job_id = apimethod_add_sensor(sensor_id=sensor_id, password=password, ctx=request.args.get('ctx').lower()) except APIException as e: return make_error_from_exception(e) return make_ok(job_id=job_id)
def set_telemetry_collection_config(): if not first_init_admin_access(): return make_error('Request forbidden -- authorization will not help', 403) enabled = is_json_true(request.args.get('enabled')) try: set_system_config_telemetry_enabled(enabled=enabled) except APIException as e: return make_error_from_exception(e) return make_ok()
def bp_get_sensor_plugins_asset_enabled(sensor_id): """ Return the plugins enabled by asset in a sensor filtered by asset_id :param sensor_id: The sensor which we want to get the data :param asset_id: Filter by asset (canonical uuid) """ asset_id = request.args.get('asset_id', None) try: plugins = get_sensor_plugins_enabled_by_asset(sensor_id=sensor_id, asset_id=asset_id) except APIException as e: return make_error_from_exception(e) return make_ok(plugins=plugins)
def upload(): try: plugin_file = request.form['plugin_file'] vendor = request.form.get('vendor', '') model = request.form.get('model', '') if not model: return make_bad_request("Model cannot be null") if not vendor: return make_bad_request("Vendor cannot be null") version = request.form.get('version', '-') overwrite = request.form.get('overwrite', False) product_type = request.form.get('product_type', '') data = apimethod_upload_plugin(plugin_file=plugin_file, model=model, vendor=vendor, version=version, overwrite=overwrite, product_type=product_type) except APIException as e: return make_error_from_exception(e) return make_ok(**data)
def bp_post_sensor_plugins_asset_enabled(sensor_id): """ Set the plugins enabled by asset (config.yml) in the sensor plugins: JSON string: {<asset_id>: [ <plugin_name>, ...], ...} """ # Get the 'plugins' param list, with contains json with the plugins # It must be a comma separate list plugins = request.form['plugins'] if plugins is None: current_app.logger.error("detector: put_sensor_detector error: Missing parameter 'plugins'") return make_bad_request("Missing parameter plugins") try: job_id = set_sensor_plugins_enabled_by_asset(sensor_id, plugins) except APIException as e: return make_error_from_exception(e) return make_ok(jobid=job_id)
def get_list(): try: data = apimethod_get_plugin_list() except APIException as e: return make_error_from_exception(e) return make_ok(plugins=data)