def post(self):
args = zeek_parser.parse_args()
command = args['command']
if command == 'deploy':
status = get_zeek_status()
for entry in status:
if entry.status == "running":
abort(409, message='Zeek is already running')
deploy_zeek()
return success_message()
elif command == 'stop':
stop_zeek()
return success_message()
else:
abort(400,
message='Unknown command - known commands: deploy, stop')
def post(self):
if 'file' not in request.files:
abort(400, message='File not in attachment')
file = request.files['file']
if file.filename == '':
return abort(400, message='Invalid filename')
if file and allowed_file(file.filename):
create_db_if_not_exist('PCAP')
filename = secure_filename(file.filename)
file_location = path.join(current_app.config["UPLOAD_FOLDER"],
filename)
file.save(file_location)
process_zeek(file_location)
return success_message()
else:
return abort(400, message='Invalid filetype')
def delete(self):
start_time = request.args.get('start-time')
end_time = request.args.get('end-time')
if start_time and end_time:
ConnectionModel.query.filter(
ConnectionModel.ts >= start_time,
ConnectionModel.ts <= end_time).delete()
NoticeModel.query.filter(NoticeModel.ts >= start_time,
NoticeModel.ts <= end_time).delete()
db.session.commit()
else:
ConnectionModel.query.delete()
DNSModel.query.delete()
NoticeModel.query.delete()
db.session.commit()
return success_message()
def delete(self):
start_time = request.args.get('start-time')
end_time = request.args.get('end-time')
if start_time and end_time:
DNSTopKModel.query.filter(DNSTopKModel.ts >= start_time,
DNSTopKModel.ts <= end_time).delete()
OriginHostTopKModel.query.filter(
OriginHostTopKModel.ts >= start_time,
OriginHostTopKModel.ts <= end_time).delete()
ResponderHostTopKModel.query.filter(
ResponderHostTopKModel.ts >= start_time,
ResponderHostTopKModel.ts <= end_time).delete()
ResponderPortTopKModel.query.filter(
ResponderPortTopKModel.ts >= start_time,
ResponderPortTopKModel.ts <= end_time).delete()
PortsOfInterestModel.query.filter(
PortsOfInterestModel.ts >= start_time,
PortsOfInterestModel.ts <= end_time).delete()
ProtocolSumModel.query.filter(
ProtocolSumModel.ts >= start_time,
ProtocolSumModel.ts <= end_time).delete()
ServiceSumModel.query.filter(
ServiceSumModel.ts >= start_time,
ServiceSumModel.ts <= end_time).delete()
IPByteSumModel.query.filter(
IPByteSumModel.ts >= start_time,
IPByteSumModel.ts <= end_time).delete()
ConnectionSumModel.query.filter(
ConnectionSumModel.ts >= start_time,
ConnectionSumModel.ts <= end_time).delete()
db.session.commit()
else:
DNSTopKModel.query.delete()
OriginHostTopKModel.query.delete()
ResponderHostTopKModel.query.delete()
ResponderPortTopKModel.query.delete()
PortsOfInterestModel.query.delete()
ProtocolSumModel.query.delete()
ServiceSumModel.query.delete()
IPByteSumModel.query.delete()
ConnectionSumModel.query.delete()
db.session.commit()
return success_message()
def delete(self): # Delete Cascade
args = dashboard_parser.parse_args()
dashboard = DashboardModel.query.get(args['name'])
db.session.delete(dashboard)
db.session.commit()
return success_message()
def delete(self): # Delete View
id = request.args.get('id')
ViewModel.query.filter(ViewModel.id == id).delete()
db.session.commit()
return success_message()