def read_taskserver_port(cls): try: jvmopts = jvm_options.read() taskServerPort = jvm_options.get_property(jvmopts, cls.taskserverPortProperty, cls.taskserverPortRegex) if taskServerPort: return taskServerPort else: return cls.defaultPort except Exception as ex: logger.error('unable to read vmopts file, use default port 8080, error info: [%s]' % ex) return cls.defaultPort
def handler_wrapper(url, message, **kwargs): logger.debug('action=sending_request url=%s message=%s kwargs=%s', url, message, kwargs) try: return custom_handler(url, message, **kwargs) except ssl.SSLError: message = 'Unable to communicate with Splunkd. ' \ 'If you enable requireClientCert please make sure certs folder contains privkey.pem and cert.pem files. ' \ 'Also make sure cert.pem has been signed by the root CA used by Splunkd.' logger.error(message, exc_info=True) raise ssl.SSLError(message)
def read_vmopts(self, content): content['jvmOptions'] = '' content['taskServerPort'] = self.defaultPort try: jvmopts = jvm_options.read() content['jvmOptions'] = jvmopts taskServerPort = jvm_options.get_property(jvmopts, self.taskserverPortProperty, self.taskserverPortRegex) if taskServerPort: content['taskServerPort'] = int(taskServerPort) except Exception as ex: logger.error('unable to read vmopts file [%s]' % ex) raise
def get_private_key(key_path=None): ''' load local instance private key and return rsa instance ''' try: if (key_path is None): key_path = PRIV_KEY_PATH logger.debug("Loading private key from: %s" % os.path.expandvars(key_path)) return RSA.load_key(key_path) except Exception, ex: logger.error('unable to load private key %s' % key_path) logger.debug(ex) return None
def _update_server_log_level_in_file(self, server_log_level): logger.debug("action=try_to_update_server_log_level %s" % str(server_log_level)) try: jvmopts = jvm_options.read() logger.debug("action=read_vmopts_from_file vmopts=%s" % jvmopts) for (module, level) in server_log_level.items(): property = self.server_module_info[module]["property"] regex = self.server_module_info[module]["regex"] jvmopts = jvm_options.set_property(jvmopts, property, regex, level) jvm_options.write(jvmopts) except Exception as ex: logger.error('unable to update vmopts file [%s]' % ex) raise
def _execute(self, cmd): process = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) (result, error) = process.communicate() rc = process.wait() if rc != 0: logger.error("action=failed_to_execute_command:{} error={}".format( cmd, error)) return rc, result
def _check_java_server_configuration_health(self): # check if server.jar exists final_status = Status.OK final_details = [] logger.info("check the existence of server.jar") path_to_server_jar = os.path.join(self.path_to_app, "jars", "server.jar") if not os.path.isfile(path_to_server_jar): detail = "{} does not exist".format(path_to_server_jar) final_status = Status.ERROR final_details.append(detail) return self._create_health_check_result(final_status, final_details) # check whether it can be successfully registered to Splunk logger.info( "check whether the [server://default] modular input is registered successfully" ) input_url = "https://{}/services/data/modular-inputs/server".format( self.hostPath) try: response = requests.get( url=input_url, headers={'Authorization': ('Splunk %s' % self.sessionKey)}, verify=False) if response.status_code != 200: final_status = Status.ERROR final_details.append( "The modular input to start the Java Server failed to be registered to Splunk" ) return self._create_health_check_result( final_status, final_details) except Exception as ex: logger.error( "action=fail_to_send_request_to_get_health_check_result", ex) final_status = Status.ERROR final_details.append( "The modular input to start the Java Server failed to be registered to Splunk" ) return self._create_health_check_result(final_status, final_details) # check the availability of java server logger.debug("check the availability of java server") status, result = self._check_java_server_availability() if status != Status.OK: return self._create_health_check_result(status, result) return self._create_health_check_result(final_status, final_details)
def update_vmopts(self, content): try: jvmopts = content.pop('jvmOptions', '') # jvmOptions may contain taskServerPort settings taskServerPort = content.pop('taskServerPort', self.defaultPort) logger.debug('action=get_vmopts_from_postdata, jvmOptions: [%s], taskServerPort: [%s]' % (jvmopts, taskServerPort)) if not isinstance(taskServerPort, int): raise Exception("task server port must be a int value") if taskServerPort < 1024 or taskServerPort > 65535: raise Exception('task server port must be a number in [1024, 65535]') jvmopts = jvm_options.set_property(jvmopts, self.taskserverPortProperty, self.taskserverPortRegex, str(taskServerPort)) jvm_options.write(jvmopts) except Exception as ex: logger.error('unable to update vmopts file [%s]' % ex) raise
def call_peer(remote_host, remote_user, local_host, local_user, ts, nonce, signature): #DBX-2442 if not utils.validateHostName(remote_host): logger.debug("invalid remote_host") return None if not utils.validateHostName(local_host): logger.debug("invalid local_host") return None if not utils.validateUserName(remote_user): logger.debug("invalid remote_user") return None if not utils.validateUserName(local_user): logger.debug("invalid local_user") return None ''' make remote REST call to retreive foreign sessionKey ''' postargs = { 'name': '_create', USERID: local_user, PEERNAME: local_host, USERNAME: remote_user, TS: ts, NONCE: nonce, SIGNATURE: signature } logger.debug('call peer: remote_host=%s postargs=%s' % (remote_host, postargs)) resp, cont = rest.simpleRequest(remote_host + AUTH_TOKENS_ENDPOINT, postargs=postargs) if resp.status not in [200, 201]: logger.error('unable to get session key from remote peer %s' % remote_host) return None try: atomEntry = rest.format.parseFeedDocument(cont) logger.debug('response from peer:\n%s' % atomEntry.toPrimitive()) ret = atomEntry.toPrimitive()[remote_user][remote_user] return ret except Exception, ex: logger.error('unable to parse response from remote peer %s' % remote_host) logger.exception(ex) return None
def update_dbx_java_home(self, javaHome): app_dir = get_app_path() java_path_darwin = os.path.join(app_dir, "darwin_x86_64", "bin", self.customized_java_path) java_path_linux32 = os.path.join(app_dir, "linux_x86", "bin", self.customized_java_path) java_path_linux64 = os.path.join(app_dir, "linux_x86_64", "bin", self.customized_java_path) java_path_win32 = os.path.join(app_dir, "windows_x86", "bin", self.customized_java_path) java_path_win64 = os.path.join(app_dir, "windows_x86_64", "bin", self.customized_java_path) java_home_files = [{ "filename": java_path_darwin, "suffix": "/bin/java" }, { "filename": java_path_linux32, "suffix": "/bin/java" }, { "filename": java_path_linux64, "suffix": "/bin/java" }, { "filename": java_path_win32, "suffix": "\\bin\\java.exe" }, { "filename": java_path_win64, "suffix": "\\bin\\java.exe" }] for java_home_file in java_home_files: try: with open(java_home_file["filename"], "w") as file: file.write(javaHome + java_home_file["suffix"]) logger.info('update java path file [%s]' % java_home_file["filename"]) except IOError as er: logger.error('unable to update java path file [%s]' % java_home_file["filename"]) raise
def set_certificate(remote_host, local_host, local_cert, sessionKey): #DBX-2442 if not utils.validateHostName(remote_host): raise Exception("invalid remote_host") if not utils.validateHostName(local_host): raise Exception("invalid local_host") postargs = {PEERNAME: local_host, CERTIFICATE: local_cert} logger.debug('set_certificate: remote_host=%s postargs=%s' % (remote_host, postargs)) resp, cont = rest.simpleRequest(remote_host + AUTH_CERT_ENDPOINT + '/' + local_host, sessionKey=sessionKey, postargs=postargs) if resp.status not in [200, 201]: logger.error('unable to post certificate to remote peer %s %d' % (remote_host, resp.status)) raise Exception('posting certificate to remote peer failed') return
def _check_java_server_availability(self): taskserver_status_url = "https://{}/servicesNS/{}/splunk_app_db_connect/db_connect/dbxproxy/taskserver" \ .format(self.hostPath, self.userName) status = Status.OK detail = '' try: response = requests.get( url=taskserver_status_url, headers={'Authorization': ('Splunk %s' % self.sessionKey)}, verify=False) if response.status_code != 200: logger.error( "action=check_java_server_availability_failed error={}". format(taskserver_status_url, response.content)) status = Status.ERROR detail = response.content except Exception as ex: logger.error("action=check_java_server_availability_failed", ex) status = Status.ERROR detail = ex return status, detail
def _forward_request_to_proxy(self): status, result = self._check_java_server_availability() if status != Status.OK: return self._create_health_check_result(status, result) forward_url = "https://{}/servicesNS/{}/splunk_app_db_connect/{}/dbxproxy/{}" \ .format(self.hostPath, self.userName, self.pathParts[1], "/".join(self.pathParts[2:])) try: response = requests.get( url=forward_url, headers={'Authorization': ('Splunk %s' % self.sessionKey)}, verify=False) if response.status_code != 200: logger.warn( "action=fail_to_send_request_to_get_health_check_result url={} status_code={} content={}" .format(forward_url, response.status_code, response.content)) raise Exception( "fail to get health check result from server url={} status_code={} content={}" .format(forward_url, response.status_code, response.content)) result = response.json() if isinstance(result, list): return [ self._create_health_check_result(entry['severity_level'], entry['details']) for entry in result ] else: return self._create_health_check_result( result['severity_level'], result['details']) except Exception as ex: logger.error( "action=fail_to_send_request_to_get_health_check_result", ex) return "unhealthy", str(ex)