def then_json_sensor_interfaces (context):
interfaces = json.loads(context.result.getvalue())
ifaces = interfaces['data']['interfaces']
setup = AVOssimSetupConfigHandler (logfile="/dev/null")
if_setup = setup.get_sensor_interfaces_list()
#Compare
assert_equal(set(if_setup).issubset (set (ifaces)), True,"The API list %s not equals to the file list %s" % (str(ifaces),str(if_setup)))
def then_verify_sensor_key (context,var_setup_key,var_sensor,var_value):
tempdir = tempfile.mkdtemp (suffix =".behave")
u = uuid.UUID(context.alienvault[var_sensor])
try:
dbsensor = db.session.query(Sensor).filter (Sensor.id == u.bytes).one()
ip_sensor = dbsensor.ip
config = ConfigParser()
assert config.read ("/etc/ansible/ansible.cfg")[0] == "/etc/ansible/ansible.cfg", "Can\'t load ansible.cfg file"
sshkey = config.get("defaults","private_key_file")
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect (ip_sensor,username="******",key_filename=sshkey)
t = ssh.get_transport()
sftp = paramiko.SFTPClient.from_transport(t)
tempconf = os.path.join (tempdir,"ossim_setup.conf")
sftp.get ("/etc/ossim/ossim_setup.conf",tempconf)
ssh.close()
cfg = AVOssimSetupConfigHandler (filename=tempconf,logfile="/dev/null")
if var_setup_key == "[sensor]/sensor_ctx":
sctx = cfg.get_sensor_ctx()
assert sctx == context.alienvault[var_value]
else:
assert False,"Unknow ket %s" % var_setup_key
except OSError,msg:
assert False,"I/O Error: %s" % str(msg)
def get_engine(database='all'):
global engines
if engines == {}:
from avconfig.ossimsetupconfig import AVOssimSetupConfigHandler
config_file = "/etc/ossim/ossim_setup.conf"
ossim_setup = AVOssimSetupConfigHandler(config_file)
uri = "mysql://%s:%s@%s/" % (ossim_setup.get_database_user(),
ossim_setup.get_database_pass(),
ossim_setup.get_database_db_ip())
kwargs = {
'echo': False,
'poolclass': NullPool,
'connect_args': {
'cursorclass': MySQLdb.cursors.SSCursor
}
}
engines = {
'alienvault': create_engine(uri + 'alienvault', **kwargs),
'alienvault_siem': create_engine(uri + 'alienvault_siem',
**kwargs),
'avcenter': create_engine(uri + 'avcenter', **kwargs),
'alienvault_api': create_engine(uri + 'alienvault_api', **kwargs)
}
if database == 'all':
return engines
return engines.get(database)
def get_engine(database='any'):
global engines
if engines == {}:
from avconfig.ossimsetupconfig import AVOssimSetupConfigHandler
config_file = "/etc/ossim/ossim_setup.conf"
ossim_setup = AVOssimSetupConfigHandler(config_file)
uri = "mysql://%s:%s@%s/" % (ossim_setup.get_database_user(),
ossim_setup.get_database_pass(),
ossim_setup.get_database_db_ip())
kwargs = {'echo': False,
'poolclass': NullPool,
'pool_reset_on_return': None,
'connect_args': {'cursorclass': MySQLdb.cursors.SSCursor, 'autocommit': True}}
engines = {'alienvault': create_engine(uri + 'alienvault', **kwargs),
'alienvault_siem': create_engine(uri + 'alienvault_siem', **kwargs),
'alienvault_api': create_engine(uri + 'alienvault_api', **kwargs)}
if database == 'any':
# Return any engine, as it is not really needed to specify one.
return engines.get('alienvault')
return engines.get(database)
def then_verify_sensor_key(context, var_setup_key, var_sensor, var_value):
tempdir = tempfile.mkdtemp(suffix=".behave")
u = uuid.UUID(context.alienvault[var_sensor])
try:
dbsensor = db.session.query(Sensor).filter(Sensor.id == u.bytes).one()
ip_sensor = dbsensor.ip
config = ConfigParser()
assert config.read("/etc/ansible/ansible.cfg")[
0] == "/etc/ansible/ansible.cfg", "Can\'t load ansible.cfg file"
sshkey = config.get("defaults", "private_key_file")
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(ip_sensor, username="******", key_filename=sshkey)
t = ssh.get_transport()
sftp = paramiko.SFTPClient.from_transport(t)
tempconf = os.path.join(tempdir, "ossim_setup.conf")
sftp.get("/etc/ossim/ossim_setup.conf", tempconf)
ssh.close()
cfg = AVOssimSetupConfigHandler(filename=tempconf, logfile="/dev/null")
if var_setup_key == "[sensor]/sensor_ctx":
sctx = cfg.get_sensor_ctx()
assert sctx == context.alienvault[var_value]
else:
assert False, "Unknow ket %s" % var_setup_key
except OSError, msg:
assert False, "I/O Error: %s" % str(msg)
def get_engine (database='all'):
global engines
if engines == {}:
from avconfig.ossimsetupconfig import AVOssimSetupConfigHandler
config_file = "/etc/ossim/ossim_setup.conf"
ossim_setup = AVOssimSetupConfigHandler(config_file)
uri = "mysql://%s:%s@%s/" % (ossim_setup.get_database_user(),
ossim_setup.get_database_pass(),
ossim_setup.get_database_db_ip())
kwargs = {'echo': False, 'poolclass': NullPool, 'connect_args': {'cursorclass': MySQLdb.cursors.SSCursor}}
engines = {'alienvault': create_engine(uri + 'alienvault', **kwargs),
'alienvault_siem': create_engine(uri + 'alienvault_siem', **kwargs),
'avcenter': create_engine(uri + 'avcenter', **kwargs),
'alienvault_api': create_engine(uri + 'alienvault_api', **kwargs)}
if database == 'all':
return engines
return engines.get(database)
import getpass
import sys
from ansiblemethods.ansiblemanager import Ansible, PLAYBOOKS
from db.methods.system import db_get_systems, get_system_id_from_local
from ansiblemethods.system.system import ansible_remove_key_from_known_host_file, ansible_add_system
from avconfig.ossimsetupconfig import AVOssimSetupConfigHandler
ossim_setup = AVOssimSetupConfigHandler()
ansible = Ansible()
def add_system_with_new_key(local_system_id, remote_system_ip):
number_of_tries = 0
status = False
while not status and number_of_tries < 3:
number_of_tries += 1
msg = 'Please enter root password for {}:\n '.format(remote_system_ip)
password = getpass.getpass(msg)
status, result = ansible_add_system(local_system_id, remote_system_ip, password)
if not status:
print(result)
return status
def confirm(prompt='Confirm', default=False):
""" Prompts for yes or no response from the user. Returns True for yes and False for no.
Args:
# MA 02110-1301 USA
#
#
# On Debian GNU/Linux systems, the complete text of the GNU General
# Public License can be found in `/usr/share/common-licenses/GPL-2'.
#
# Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
#
import os
import sys
from avconfig.ossimsetupconfig import AVOssimSetupConfigHandler
CONFIG_FILE = "/etc/ossim/ossim_setup.conf"
ossim_setup = AVOssimSetupConfigHandler(CONFIG_FILE)
class Config(object):
DIR = os.path.abspath(os.path.dirname(__file__))
# Path to our database
SQLALCHEMY_DATABASE_URI = "mysql://%s:%s@%s/alienvault" % (
ossim_setup.get_database_user(), ossim_setup.get_database_pass(),
ossim_setup.get_database_db_ip())
SQLALCHEMY_BINDS = {
"status_message":
"mysql://%s:%s@%s/alienvault_api" %
(ossim_setup.get_database_user(), ossim_setup.get_database_pass(),
ossim_setup.get_database_db_ip()),
"status_message_action":
from __future__ import print_function
from nose import with_setup
from nose.tools import raises
import unittest
import sys
import os
import random
import string
import difflib
from shutil import copyfile
from avconfig.ossimsetupconfig import AVOssimSetupConfigHandler
from ansiblemethods.system.network import set_interfaces_roles, get_iface_list
ossim_setup = AVOssimSetupConfigHandler("/etc/ossim/ossim_setup.conf")
admin_ip = ossim_setup.get_general_admin_ip()
NET_IPS = {
'eth1': "172.17.2.50",
'eth2': "172.17.2.51",
'eth3': "172.17.2.52",
'eth4': "172.17.2.53",
'eth5': "172.17.2.54"
}
class TestNetworkSetInterfaces(unittest.TestCase):
"""Class to test the set_interface_roles function"""
def setUp(self):
#print ("TestNetworkSetInterfaces:setup() before each test method")
pass
from __future__ import print_function
from nose import with_setup
from nose.tools import raises
import unittest
import sys
import os
import random
import string
import difflib
from shutil import copyfile
from avconfig.ossimsetupconfig import AVOssimSetupConfigHandler
from ansiblemethods.system.network import set_interfaces_roles, get_iface_list
ossim_setup = AVOssimSetupConfigHandler("/etc/ossim/ossim_setup.conf")
admin_ip = ossim_setup.get_general_admin_ip()
NET_IPS = {'eth1': "172.17.2.50", 'eth2': "172.17.2.51", 'eth3': "172.17.2.52", 'eth4': "172.17.2.53",
'eth5': "172.17.2.54"}
class TestNetworkSetInterfaces(unittest.TestCase):
"""Class to test the set_interface_roles function"""
@classmethod
def setUpClass(cls):
print("TestNetworkSetInterfaces::setup_class() before any methods in this class")
rc, net_current_status = get_iface_list(admin_ip)
cls.net_current_status = net_current_status
