def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("resetDB", debug_level, "")
try:
post = json.loads(str(sys.stdin.read()))
fullreset = post["fullreset"]
rtcMainRunning = False
for pid in psutil.pids():
p = psutil.Process(pid)
cmdline = p.cmdline()
if ((len(cmdline) > 1)
and (cmdline[1] == "/usr/lib/cgi-bin/rtcMain.py")):
rtcMainRunning = True
if rtcMainRunning:
result = {
"rtcResult":
"Could not reset database - Stop RTC Process First"
}
else:
mydb = rtcdb.RTCDB()
mydb.reset_db(fullreset)
result = {"rtcResult": "OK"}
except Exception as err:
result = {"rtcResult": "Error {}".format(mylogger.exception_info(err))}
print("Content-type:application/json\n\n")
print(json.dumps(result))
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "")
post = str(sys.stdin.read())
creds = json.loads(post)
# todo -
# input validation is for wimps
#
try:
mydb = rtcdb.RTCDB()
mydb.updateRTCconfig(post)
dbresult = mydb.getRTCconfig()
if dbresult["rtcResult"] == "OK":
configstring = dbresult["configstring"]
rsp = {"rtcResult": "OK"}
rsp.update({"configstring": configstring})
else:
rsp = {"rtcResult": "DB ERROR"}
print("Content-type:application/json\n\n")
print(json.dumps(rsp))
except Exception as err:
print("Content-type:application/json\n\n")
result = {
"rtcResult": "Error",
"info": "some error {} {}".format(mylogger.exception_info(err),
temp)
}
print(json.dumps(result))
def __init__(self):
if 'REQUEST_METHOD' in os.environ:
filename = "/tmp/rtcdb.log"
else:
filename = "/tmp/rtcdb2.log"
self.logger = rtclogger.LOGGER(prefix="RTCDB",filename=filename)
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "")
try:
ip = "10.1.33.100"
# creds = json.loads(open("/tmp/config.json").read())
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("swconfig")
creds = json.loads(dbresult["configstring"])
SW_SERVER = creds["sw_server"]
SW_USERNAME = creds["sw_username"]
SW_PASSWORD = creds["sw_password"]
# print("connecting to ....{} {} {}".format(SW_SERVER,SW_USERNAME,SW_PASSWORD))
sw = cats.SW(server=SW_SERVER,
username=SW_USERNAME,
password=SW_PASSWORD,
debug=False)
rsp = sw.flowsFromIP(ipaddress=ip, days=3, hours=0)
rsp.update({"rtcResult": "OK"})
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
print(json.dumps(rsp, indent=4, sort_keys=True))
def main(argv):
debug_level = 0
debug = False
mylogger = rtclogger.LOGGER("rtcQ", debug_level, "")
try:
post = str(sys.stdin.read())
info = json.loads(post)
guid = info["guid"]
# creds = json.loads(open("/tmp/config.json").read())
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("ampconfig")
creds = json.loads(dbresult["configstring"])
AMP_api_client_id = creds["amp_api_client_id"]
AMP_api_key = creds["amp_api_key"]
amp = cats.AMP(cloud="us",
api_client_id=AMP_api_client_id,
api_key=AMP_api_key,
debug=debug,
logfile="")
rsp = amp.stopHostIsolation(guid=guid)
rsp.update({"rtcResult": "OK"})
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
print(json.dumps(rsp))
def main(argv):
debug = False
### default never log,change this if needed
try:
debug_level = 0
mylogger = rtclogger.LOGGER("getprocess", debug_level, "")
if 'REQUEST_METHOD' in os.environ:
### this is called as CGI script and we should avoid printouts
debug = False
else:
debug = True
rtcprocesses = []
for pid in psutil.pids():
p = psutil.Process(pid)
cmdline = p.cmdline()
if ((len(cmdline) > 1)
and (cmdline[1] == "/usr/lib/cgi-bin/rtcMain.py")):
p.kill()
rsp = {"rtcResult": "OK"}
rsp["rtcprocesses"] = []
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
if not debug:
print(json.dumps(rsp))
else:
print(json.dumps(rsp, indent=4, sort_keys=True))
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "")
try:
post = str(sys.stdin.read())
IPinfo = json.loads(post)
mac = IPinfo["MAC"]
# creds = json.loads(open("/tmp/config.json").read())
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("iseconfig")
creds = json.loads(dbresult["configstring"])
ISE_SERVER = creds["ise_server"]
ISE_USERNAME = creds["ise_username"]
ISE_PASSWORD = creds["ise_password"]
# print("connecting to ....{} {} {}".format(SW_SERVER,SW_USERNAME,SW_PASSWORD))
ise = cats.ISE_ANC(server=ISE_SERVER,
username=ISE_USERNAME,
password=ISE_PASSWORD,
debug=False)
rsp = ise.clearPolicy(mac=mac)
rsp.update({"rtcResult": "OK"})
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
print(json.dumps(rsp))
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("SWeventDetails", debug_level, "")
try:
if 'REQUEST_METHOD' in os.environ:
debug = False
else:
debug = True
debug = False
post = str(sys.stdin.read())
temp = json.loads(post)
eventid = temp["eventid"]
dbconn = rtcdb.RTCDB()
eventDetails = dbconn.getUMBeventById(eventid)
rsp = {"rtcResult": "OK"}
rsp.update({"eventDetails": eventDetails})
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
print(json.dumps(rsp))
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("get config", debug_level, "")
try:
if 'REQUEST_METHOD' in os.environ:
order = str(sys.stdin.read())
ppost = json.loads(order)
table = ppost["table"]
else:
table = ""
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig(table)
if dbresult["rtcResult"] == "OK":
configstring = dbresult["configstring"]
rsp = {"rtcResult": "OK"}
rsp.update({"configstring": configstring})
else:
rsp = {"rtcResult": "DB ERROR"}
ret = json.dumps(rsp)
print("Content-type:application/json\n\n")
print(ret)
except Exception as err:
print("Content-type:application/json\n\n")
result = {
"result": "Error",
"info": "some error {}".format(mylogger.exception_info(err))
}
print(json.dumps(result))
def main(argv):
### default never log,change this if needed
debug_level = 0
mylogger = rtclogger.LOGGER("gethosts", debug_level, "")
try:
if 'REQUEST_METHOD' in os.environ:
### this is called as CGI script and we should avoid printouts
debug = False
post = str(sys.stdin.read())
temp = json.loads(post)
recurring = temp["recurring"]
else:
### this is called via CLI for troubleshooting
recurring = "True"
debug = True
dbconn = rtcdb.RTCDB()
### now get info on IPs
rsp = dbconn.getIPs()
ips = rsp["items"]
mylogger.log_debug(7, json.dumps(ips))
for thisip in ips:
mylogger.log_debug(7, "IP is ".format(json.dumps(thisip)))
try:
rsp = dbconn.getAMPevents(ip=thisip["ip"])
thisip.update({"ampevents": rsp})
except Exception as err:
estring = mylogger.exception_info(err)
thisip.update({"ampevents": {}})
try:
rsp = dbconn.getUMBevents(ip=thisip["ip"])
thisip.update({"umbevents": rsp})
except Exception as err:
estring = mylogger.exception_info(err)
thisip.update({"umbevents": {}})
try:
rsp = dbconn.getSWevents(ip=thisip["ip"])
thisip.update({"swevents": rsp})
except Exception as err:
estring = mylogger.exception_info(err)
thisip.update({"swevents": {}})
rsp = {"rtcResult": "OK"}
rsp.update({"items": ips})
rsp.update({"recurring": recurring})
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
if not debug:
print(json.dumps(rsp))
else:
print(json.dumps(rsp, indent=4, sort_keys=True))
def main(argv):
#options
AMPlogThreshold = -1
UMBlogThreshold = -1
SWlogThreshold = -1
logfilename = ""
try:
logger = rtclogger.LOGGER("main", 1, "/tmp/rtc.log")
opts, args = getopt.getopt(argv, "ha:s:u:f:")
for opt, arg in opts:
if opt == '-h':
print_help()
sys.exit(2)
if opt == ("-a"):
AMPlogThreshold = int(arg)
if opt == ("-s"):
SWlogThreshold = int(arg)
if opt == ("-u"):
UMBlogThreshold = int(arg)
if opt == ("-f"):
logfilename = arg
except Exception as err:
print_help()
sys.exit(2)
# start threads, second parameter is log level
try:
if UMBlogThreshold != -1:
rtcumb = rtcUMB("UMB", UMBlogThreshold, logfilename)
rtcumb.start()
except Exception as err:
logger.log_debug(
1, "Unable to start new UMB thread " + logger.exception_info(err))
try:
if AMPlogThreshold != -1:
rtcamp = rtcAMP("AMP", AMPlogThreshold, logfilename)
rtcamp.start()
except Exception as err:
logger.log_debug(
1, "Unable to start new AMP thread " + logger.exception_info(err))
try:
if SWlogThreshold != -1:
rtcsw = rtcSW("SW", SWlogThreshold, logfilename)
rtcsw.start()
except Exception as err:
logger.log_debug(
1, "Unable to start new SW thread " + logger.exception_info(err))
while True:
time.sleep(1)
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("SWevents", debug_level, "")
try:
if 'REQUEST_METHOD' in os.environ:
### this is called as CGI script and we should avoid printouts
debug = False
post = str(sys.stdin.read())
request = json.loads(post)
days = int(request["days"])
hours = int(request["hours"])
minutes = int(request["hours"])
else:
### this is called via CLI for troubleshooting
recurring = "True"
debug = True
days = 0
hours = 1
minutes = 0
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("swconfig")
creds = json.loads(dbresult["configstring"])
SW_SERVER = creds["sw_server"]
SW_USERNAME = creds["sw_username"]
SW_PASSWORD = creds["sw_password"]
# print("connecting to ....{} {} {}".format(SW_SERVER,SW_USERNAME,SW_PASSWORD))
sw = cats.SW(server=SW_SERVER,
username=SW_USERNAME,
password=SW_PASSWORD,
debug=False)
sw_rsp = sw.searchSecurityEvents(days=days,
hours=hours,
minutes=minutes,
sourceip="",
targetip="",
wait=5)
rsp = {"rtcResult": "OK"}
rsp.update({"events": sw_rsp["data"]["results"]})
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
print(json.dumps(rsp))
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "")
try:
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("iseconfig")
creds = json.loads(dbresult["configstring"])
ISE_SERVER = creds["ise_server"]
ISE_USERNAME = creds["ise_username"]
PXGRID_CLIENT_CERT = creds["pxgrid_client_cert"]
PXGRID_CLIENT_KEY = creds["pxgrid_client_key"]
PXGRID_CLIENT_KEY_PASSWORD = creds["pxgrid_client_key_pw"]
PXGRID_SERVER_CERT = creds["pxgrid_server_cert"]
PXGRID_NODENAME = creds["pxgrid_nodename"]
if "pxgrid_password" in creds:
PXGRID_PASSWORD = creds["pxgrid_password"]
else:
PXGRID_PASSWORD = ""
if 'REQUEST_METHOD' in os.environ:
debug = False
else:
debug = True
# print("connecting to ....{} {} {}".format(ISE_SERVER,ISE_USERNAME,ISE_PASSWORD))
i = cats.ISE_PXGRID(server=ISE_SERVER,
password=PXGRID_PASSWORD,
debug=debug,
logfile="",
clientcert=PXGRID_CLIENT_CERT,
clientkey=PXGRID_CLIENT_KEY,
clientkeypassword=PXGRID_CLIENT_KEY_PASSWORD,
servercert=PXGRID_SERVER_CERT,
nodename=PXGRID_NODENAME)
# i = cats.ISE_PXGRID(server=ISE_SERVER,username=ISE_USERNAME,password=ISE_PASSWORD,debug=True,logfile="")
rsp = i.getSessions()
# print(str(rsp))
rsp.update({"rtcResult": "OK"})
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
print(json.dumps(rsp))
def main(argv):
try:
if 'REQUEST_METHOD' in os.environ :
### this is called as CGI script and we should avoid printouts
post = str(sys.stdin.read())
levels = json.loads(post)
alog = levels["amploglevel"]
ulog = levels["umbloglevel"]
slog = levels["swloglevel"]
debug = False
else :
alog = "2"
slog = "2"
ulog = "2"
debug = True
### default never log,change this if needed
debug_level = 0
mylogger = rtclogger.LOGGER("rtcStart",debug_level,"")
debug = False
already_running = False
for pid in psutil.pids():
p = psutil.Process(pid)
cmdline = p.cmdline()
if ((len(cmdline) > 1) and(cmdline[1] == "/usr/lib/cgi-bin/rtcMain.py")):
already_running = True
break
if already_running:
rsp = {"rtcResult": "RTC Process already running"}
else:
subprocess.Popen(["/usr/lib/cgi-bin/rtcMain.py","-a",alog,"-u",ulog,"-s",slog,"-f","/tmp/rtc.log"])
rsp = {"rtcResult": "OK","info": "alog {} ulog {} slog {}".format(alog,ulog,slog)}
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
if not debug:
print(json.dumps(rsp))
else:
print(json.dumps(rsp,indent=4,sort_keys=True))
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("AMPeventDetails",debug_level,"")
try:
if 'REQUEST_METHOD' in os.environ :
### this is called as CGI script and we should avoid printouts
debug = False
post = str(sys.stdin.read())
request = json.loads(post)
days = int(request["days"])
hours = int(request["hours"])
minutes = int(request["hours"])
else :
### this is called via CLI for troubleshooting
debug = True
days = 0
hours = 1
minutes = 0
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("umbrellaconfig")
creds = json.loads(dbresult["configstring"])
API_ORGID = creds["u_orgid"]
API_INVESTIGATE_TOKEN = creds["u_investigate_token"]
API_ENFORCE_TOKEN = creds["u_investigate_token"]
API_SECRET = creds["u_secret"]
API_KEY = creds["u_key"]
u = cats.UMBRELLA(investigate_token=API_INVESTIGATE_TOKEN,enforce_token=API_ENFORCE_TOKEN,key=API_KEY,secret=API_SECRET,orgid=API_ORGID,debug=debug,logfile="")
umb_rsp = u.reportSecurityActivity(days=days,hours=hours,minutes=minutes)
rsp = {"rtcResult":"OK"}
rsp.update({"events": umb_rsp["requests"]})
print("Content-type:application/json\n\n")
print(json.dumps(rsp))
except Exception as err:
print("Content-type:application/json\n\n")
rsp = {"rtcResult": mylogger.exception_info(err)}
print(json.dumps(rsp))
def main(argv):
try:
debug = True
if 'REQUEST_METHOD' in os.environ:
debug = False
logger = rtclogger.LOGGER(filename="/tmp/rtc.log")
logs = logger.delete_logs()
rsp = {"rtcResult": "OK"}
except Exception as err:
rsp = {"rtcResult": logger.exception_info(err)}
print("Content-type:application/json\n\n")
if not debug:
print(json.dumps(rsp))
else:
print(json.dumps(rsp, indent=4, sort_keys=True))
def __init__(self,name,thresholdLogLevel,logfilename):
try:
threading.Thread.__init__(self)
self.logthreshold = thresholdLogLevel
self.logger = rtclogger.LOGGER(name,thresholdLogLevel,logfilename)
self.logger.log_debug(0,"starting {} thread with log level {}".format(name,str(thresholdLogLevel)))
self.db = rtcdb.RTCDB()
dbresult = self.db.getConfig("rtcconfig")
self.rtcConfig = json.loads(dbresult["configstring"])
self.threshold = self.rtcConfig["rtcThreshold"]
dbresult = self.db.getConfig("iseconfig")
creds = json.loads(dbresult["configstring"])
ISE_SERVER = creds["ise_server"]
ISE_USERNAME = creds["ise_username"]
ISE_PASSWORD = creds["ise_password"]
if "pxgrid_password" in creds:
PXGRID_PASSWORD = creds["pxgrid_password"]
else:
PXGRID_PASSWORD = ""
PXGRID_CLIENT_CERT = creds["pxgrid_client_cert"]
PXGRID_CLIENT_KEY = creds["pxgrid_client_key"]
PXGRID_CLIENT_KEY_PASSWORD = creds["pxgrid_client_key_pw"]
PXGRID_SERVER_CERT = creds["pxgrid_server_cert"]
PXGRID_NODENAME = creds["pxgrid_nodename"]
self.pxgrid = cats.ISE_PXGRID(server=ISE_SERVER,clientcert=PXGRID_CLIENT_CERT,clientkey=PXGRID_CLIENT_KEY,clientkeypassword=PXGRID_CLIENT_KEY_PASSWORD,servercert=PXGRID_SERVER_CERT,nodename=PXGRID_NODENAME,password=PXGRID_PASSWORD,debug=False,logfile="")
self.ise_anc = cats.ISE_ANC(ISE_SERVER,ISE_USERNAME,ISE_PASSWORD,debug=False)
self.ancpolicy = self.rtcConfig["rtcPolicyName"]
dbresultAMP = self.db.getXconfig("ampconfig")
credsAMP = json.loads(dbresultAMP["configstring"])
AMP_cloud = "us"
AMP_api_client_id = credsAMP["amp_api_client_id"]
AMP_api_key = credsAMP["amp_api_key"]
self.amp = cats.AMP(cloud=AMP_cloud,api_client_id=AMP_api_client_id,api_key=AMP_api_key,debug=False,logfile="")
except Exception as err:
self.logger.log_debug(0,self.logger.exception_info(err))
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "")
try:
if 'REQUEST_METHOD' in os.environ:
### this is called as CGI script and we should avoid printouts
debug = False
post = str(sys.stdin.read())
request = json.loads(post)
days = int(request["days"])
hours = int(request["hours"])
minutes = int(request["hours"])
else:
### this is called via CLI for troubleshooting
recurring = "True"
debug = True
days = 0
hours = 1
minutes = 0
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("ampconfig")
creds = json.loads(dbresult["configstring"])
API_CLIENT_ID = creds["amp_api_client_id"]
API_KEY = creds["amp_api_key"]
a = cats.AMP(cloud="us",
api_client_id=API_CLIENT_ID,
api_key=API_KEY,
debug=False,
logfile="/tmp/rtcAMPevents.log")
amp_rsp = a.events(days=days, hours=hours, minutes=minutes)
rsp = {"rtcResult": "OK"}
rsp.update({"events": amp_rsp["data"]})
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
print(json.dumps(rsp))
def main(argv):
### default never log,change this if needed
try:
debug_level = 0
mylogger = rtclogger.LOGGER("gethosts", debug_level, "")
if 'REQUEST_METHOD' in os.environ:
### this is called as CGI script and we should avoid printouts
debug = False
post = str(sys.stdin.read())
temp = json.loads(post)
table = temp["type"]
name = temp["name"]
else:
debug = True
table = input("Enter table to purge:")
name = input("Enter name to purge:")
if table == "mac" or table == "hostname" or table == "user" or table == "ip":
dbconn = rtcdb.RTCDB()
if table == "ip":
rsp = dbconn.deleteIP(name)
if table == "mac":
rsp = dbconn.deleteHost(name)
if table == "hostname":
rsp = dbconn.deleteHostname(name)
if table == "user":
rsp = dbconn.deleteUser(name)
rsp = {"rtcResult": "OK"}
else:
rsp = {"rtcResult": "Error - Invalid Table"}
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
if not debug:
print(json.dumps(rsp))
else:
print(json.dumps(rsp, indent=4, sort_keys=True))
def main(argv):
# todo -
# input validation is for wimps
#
print("Content-type:application/json\n\n")
try:
debug_level = 0
mylogger = rtclogger.LOGGER("Config ",debug_level,"")
order = str(sys.stdin.read())
ppost = json.loads(order)
config= ppost["config"]
dbconn = rtcdb.RTCDB()
dbresult = dbconn.restoreConfig(config);
if dbresult["rtcResult"] == "OK":
rsp = {"rtcResult":"OK"}
else:
rsp = {"rtcResult":"DB ERROR","info": dbresult["info"]}
print(json.dumps(rsp))
except Exception as err:
result = { "result":"Error","info":"some error {} config {}".format(mylogger.exception_info(err),config) }
print(json.dumps(result))
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "")
try:
if 'REQUEST_METHOD' in os.environ:
### this is called as CGI script and we should avoid printouts
debug = False
post = str(sys.stdin.read())
IPinfo = json.loads(post)
ip = IPinfo["IP"]
else:
### this is called via CLI for troubleshooting
debug = True
ip = "10.1.33.10"
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("swconfig")
creds = json.loads(dbresult["configstring"])
SW_SERVER = creds["sw_server"]
SW_USERNAME = creds["sw_username"]
SW_PASSWORD = creds["sw_password"]
sw = cats.SW(server=SW_SERVER,
username=SW_USERNAME,
password=SW_PASSWORD,
debug=False)
rsp = sw.getFlows(sip=[ip], days=3, hours=0)
rsp.update({"rtcResult": "OK"})
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
if debug:
print(json.dumps(rsp, indent=4, sort_keys=True))
else:
print(json.dumps(rsp))
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("GetDynOptions",debug_level,"")
try:
if 'REQUEST_METHOD' in os.environ :
### this is called as CGI script and we should avoid printouts
debug = False
post = str(sys.stdin.read())
temp = json.loads(post)
item = temp["item"]
else :
### this is called via CLI for troubleshooting item = "all"
recurring = "True"
debug = True
item = "all"
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("adconfig")
ADgroups = []
if item == "all" or item=="adconfig":
ad_config = json.loads(dbresult["configstring"])
if "ad_server" in ad_config:
ad_server = Server(ad_config["ad_server"],get_info = ALL)
ad_conn = Connection(ad_server,user=ad_config["ad_username"],password=ad_config["ad_password"], auto_bind\
= True)
ad_conn.search(search_base=ad_config["ad_base_dn"],search_filter = '(objectclass=Group)',attributes=['cn'])
groups = ad_conn.entries
for group in groups:
ADgroups.append(group.cn.values[0])
isePolicies = []
if item == "all" or item=="iseconfig":
dbresult = dbconn.getXconfig("iseconfig")
iseconfig = json.loads(dbresult["configstring"])
if "ise_server" in iseconfig:
server = iseconfig["ise_server"]
username = iseconfig["ise_username"]
password = iseconfig["ise_password"]
ise = cats.ISE_ANC(server=server,username=username,password=password,debug=False)
isePolicies = ise.listPolicies()
swEvents = []
swHostGroups = []
if item == "all" or item=="swconfig":
dbresult = dbconn.getXconfig("swconfig")
swconfig = json.loads(dbresult["configstring"])
if "sw_server" in swconfig:
server = swconfig["sw_server"]
username = swconfig["sw_username"]
password = swconfig["sw_password"]
sw = cats.SW(server=server,username=username,password=password,debug=False)
swEvents = sw.eventList()
swHostGroups = sw.getHostGroups()
ampEvents = []
if item == "all" or item=="ampconfig":
dbresult = dbconn.getXconfig("ampconfig")
ampConfig = json.loads(dbresult["configstring"])
if "amp_api_client_id" in ampConfig:
API_CLIENT_ID = ampConfig["amp_api_client_id"]
API_KEY = ampConfig["amp_api_key"]
amp = cats.AMP(cloud="us",api_client_id=API_CLIENT_ID,api_key=API_KEY,debug=False,logfile="")
ampEvents = amp.eventTypes()
rsp = {"rtcResult":"OK"}
rsp.update({"item": item})
rsp.update({"ADgroups": ADgroups})
rsp.update({"swEvents": swEvents})
rsp.update({"swHostGroups": swHostGroups})
rsp.update({"ampEvents": ampEvents})
rsp.update({"isePolicies": isePolicies})
print("Content-type:application/json\n\n")
ret = json.dumps(rsp)
print (ret)
except Exception as err:
print("Content-type:application/json\n\n")
result = { "rtcResult":"Error","info":"some error {}".format(mylogger.exception_info(err)) }
print(json.dumps(result))
def main(argv):
### default never log,change this if needed
debug_level = 0
mylogger = rtclogger.LOGGER("getHosts", debug_level, "")
try:
if 'REQUEST_METHOD' in os.environ:
### this is called as CGI script and we should avoid printouts
debug = False
post = str(sys.stdin.read())
temp = json.loads(post)
recurring = temp["recurring"]
else:
### this is called via CLI for troubleshooting
recurring = "True"
debug = True
dbconn = rtcdb.RTCDB()
rsp = dbconn.getHosts()
hosts = rsp["items"]
mylogger.log_debug(7, json.dumps(hosts))
dbresult = dbconn.getXconfig("iseconfig")
creds = json.loads(dbresult["configstring"])
i = None
if "ise_server" in creds:
ISE_SERVER = creds["ise_server"]
ISE_USERNAME = creds["ise_username"]
ISE_PASSWORD = creds["ise_password"]
if "pxgrid_password" in creds:
PXGRID_PASSWORD = creds["pxgrid_password"]
else:
PXGRID_PASSWORD = ""
PXGRID_CLIENT_CERT = creds["pxgrid_client_cert"]
PXGRID_CLIENT_KEY = creds["pxgrid_client_key"]
PXGRID_CLIENT_KEY_PASSWORD = creds["pxgrid_client_key_pw"]
PXGRID_SERVER_CERT = creds["pxgrid_server_cert"]
PXGRID_NODENAME = creds["pxgrid_nodename"]
i = cats.ISE_PXGRID(server=ISE_SERVER,
debug=debug,
logfile="",
clientcert=PXGRID_CLIENT_CERT,
clientkey=PXGRID_CLIENT_KEY,
clientkeypassword=PXGRID_CLIENT_KEY_PASSWORD,
servercert=PXGRID_SERVER_CERT,
nodename=PXGRID_NODENAME,
password=PXGRID_PASSWORD)
anc = cats.ISE_ANC(ISE_SERVER,
ISE_USERNAME,
ISE_PASSWORD,
debug=debug,
logfile="")
dbresult = dbconn.getXconfig("ampconfig")
creds = json.loads(dbresult["configstring"])
a = None
if "amp_api_client_id" in creds:
API_CLIENT_ID = creds["amp_api_client_id"]
API_KEY = creds["amp_api_key"]
a = cats.AMP(cloud="us",
api_client_id=API_CLIENT_ID,
api_key=API_KEY,
debug=debug,
logfile="")
for h in hosts:
mylogger.log_debug(7, "Host is ".format(json.dumps(h)))
if i:
try:
mylogger.log_debug(7, "getting sessions for " + h["mac"])
rsp = i.getSessions(mac=h["mac"])
mylogger.log_debug(
7, "pxgrid rsp {}".format(json.dumps(rsp)))
h.update({"ise": rsp})
except Exception as err:
mylogger.log_debug(
2, "ise sessions " + mylogger.exception_info(err))
h.update({"ise": {}})
else:
h.update({"ise": {}})
if a:
try:
# is this the same rsp as gotten from getsessions?!?!
ip = rsp["ipAddresses"][0]
rsp = a.computers(internal_ip=ip)
mylogger.log_debug(7, "AMP resp" + json.dumps(rsp))
h.update({"amp": rsp})
except Exception as err:
mylogger.log_debug(
1, "amp exception" + mylogger.exception_info(err))
h.update({"amp": {}})
else:
h.update({"amp": {}})
if anc:
try:
mylogger.log_debug(7, "reading ISE ANC for " + h["mac"])
rsp = anc.macPolicy(h["mac"])
h.update({"ancpolicy": rsp["policy"]})
except Exception as err:
h.update({"ancpolicy": ""})
mylogger.log_debug(
1, "ise anc exception" + mylogger.exception_info(err))
else:
h.update({"ancpolicy": ""})
# get all the rtcEvent for this host
try:
rsp = dbconn.getAMPevents(h["mac"])
h.update({"ampevents": rsp})
except Exception as err:
h.update({"ampevents": {}})
mylogger.log_debug(
1, "ampevents exception" + mylogger.exception_info(err))
try:
rsp = dbconn.getSWevents(h["mac"])
h.update({"swevents": rsp})
except Exception as err:
h.update({"swevents": {}})
try:
rsp = dbconn.getUMBevents(h["mac"])
h.update({"umbevents": rsp})
except Exception as err:
h.update({"umbevents": {}})
mylogger.log_debug(
1, "umbevents exception" + mylogger.exception_info(err))
rsp = {"rtcResult": "OK"}
rsp.update({"items": hosts})
rsp.update({"recurring": recurring})
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
print(json.dumps(rsp))
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "")
try:
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("adconfig")
ad_config = json.loads(dbresult["configstring"])
ADgroups = []
if "ad_server" in ad_config:
ad_server = Server(ad_config["ad_server"], get_info=ALL)
ad_conn = Connection(ad_server,user=ad_config["ad_username"],password=ad_config["ad_password"], auto_bind\
= True)
ad_conn.search(search_base=ad_config["ad_base_dn"],
search_filter='(objectclass=Group)',
attributes=['cn'])
groups = ad_conn.entries
for group in groups:
ADgroups.append(group.cn.values[0])
dbresult = dbconn.getXconfig("iseconfig")
iseconfig = json.loads(dbresult["configstring"])
server = iseconfig["ise_server"]
username = iseconfig["ise_username"]
password = iseconfig["ise_password"]
ise = cats.ISE_ANC(server=server,
username=username,
password=password,
debug=False)
isePolicies = ise.listPolicies()
dbresult = dbconn.getXconfig("swconfig")
swconfig = json.loads(dbresult["configstring"])
server = swconfig["sw_server"]
username = swconfig["sw_username"]
password = swconfig["sw_password"]
sw = cats.SW(server=server,
username=username,
password=password,
debug=False)
swEvents = sw.eventList()
dbresult = dbconn.getXconfig("ampconfig")
ampConfig = json.loads(dbresult["configstring"])
API_CLIENT_ID = ampConfig["amp_api_client_id"]
API_KEY = ampConfig["amp_api_key"]
amp = cats.AMP(cloud="us",
api_client_id=API_CLIENT_ID,
api_key=API_KEY,
debug=False,
logfile="")
ampEvents = amp.eventTypes()
rsp = {"rtcResult": "OK"}
rsp.update({"ADgroups": ADgroups})
rsp.update({"swEvents": swEvents})
rsp.update({"ampEvents": ampEvents})
rsp.update({"isePolicies": isePolicies})
print("Content-type:application/json\n\n")
ret = json.dumps(rsp)
print(ret)
except Exception as err:
print("Content-type:application/json\n\n")
result = {
"rtcResult": "Error",
"info": "some error {}".format(mylogger.exception_info(err))
}
print(json.dumps(result))
def main(argv):
# todo -
# input validation is for wimps
#
print("Content-type:application/json\n\n")
try:
debug_level = 4
mylogger = rtclogger.LOGGER("Config ", debug_level, "")
order = str(sys.stdin.read())
ppost = json.loads(order)
table = ppost["table"]
post = ppost["post"]
debugmsg = ""
dbconn = rtcdb.RTCDB()
if table == "iseconfig":
mylogger.log_debug(0, json.dumps(post))
if post["pxgrid_client_cert"]:
post.update({"pxgrid_password": ""})
else:
debugmsg = "not post client cert and iseconfig"
''' password based auth for ise may need to retrieve password if not already stored'''
dbresult = dbconn.getXconfig("iseconfig")
if dbresult["rtcResult"] == "OK":
configstring = dbresult["configstring"]
iseconfig = json.loads(configstring)
if not "pxgrid_password" in iseconfig:
debugmsg = debugmsg + " not pxgrid password"
i = cats.ISE_PXGRID(server=post["ise_server"],
nodename=post["pxgrid_nodename"],
description="",
debug=True,
logfile="/tmp/rtc.log")
password = i.getPassword()
debugmsg = debugmsg + "password is " + password
i.activate()
post.update({"pxgrid_password": password})
else:
rsp = {
"rtcResult": "DB ERROR",
"info": debugmsg + dbresult["info"]
}
print(json.dumps(rsp))
return
dbresult = dbconn.updateXconfig(table, json.dumps(post))
if dbresult["rtcResult"] == "OK":
dbresult = dbconn.getXconfig(table)
if dbresult["rtcResult"] == "OK":
configstring = dbresult["configstring"]
rsp = {"rtcResult": "OK"}
rsp.update({"configstring": configstring})
else:
rsp = {"rtcResult": "DB ERROR" + debugmsg}
else:
rsp = {
"rtcResult": "DB ERROR",
"info": debugmsg + dbresult["info"]
}
print(json.dumps(rsp))
except Exception as err:
result = {
"result":
"Error",
"info":
"some error {} table {} post {} {}".format(
mylogger.exception_info(err), table, post, debugmsg)
}
print(json.dumps(result))
def main(argv):
debug_level = 0
mylogger = rtclogger.LOGGER("GetDynOptions", debug_level, "")
try:
if 'REQUEST_METHOD' in os.environ:
### this is called as CGI script and we should avoid printouts
debug = False
post = str(sys.stdin.read())
temp = json.loads(post)
email = temp["email"]
sam = temp["username"]
days = temp["days"]
hours = temp["hours"]
minutes = temp["minutes"]
else:
### this is called via CLI for troubleshooting item = "all"
debug = True
email = "*****@*****.**"
sam = "hacke"
days = 90
hours = 0
minutes = 0
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("smaconfig")
creds = json.loads(dbresult["configstring"])
SMA_SERVER = creds["sma_server"]
SMA_USERNAME = creds["sma_username"]
SMA_PASSWORD = creds["sma_password"]
dbresult = dbconn.getXconfig("duoconfig")
creds = json.loads(dbresult["configstring"])
api_ikey = creds["api_ikey"]
api_skey = creds["api_skey"]
duo_host = creds["duo_host"]
sma = cats.SMA(server=SMA_SERVER,
username=SMA_USERNAME,
password=SMA_PASSWORD,
debug=debug)
sma_rsp = sma.getDLPdetails(days=days,
hours=hours,
minutes=minutes,
sender=email,
critical=True,
high=True,
medium=True,
low=True)
if debug:
print(json.dumps(sma_rsp, indent=4, sort_keys=True))
rsp = {"rtcResult": "OK", "smadata": sma_rsp["data"]}
duo = cats.DUO_ADMIN(api_ikey=api_ikey,
api_skey=api_skey,
duo_host=duo_host,
debug=debug,
logfile="")
duo_rsp = duo.getAuthLogs(username=sam,
days=days,
hours=hours,
minutes=minutes)
rsp.update({"duo": duo_rsp})
print("Content-type:application/json\n\n")
ret = json.dumps(rsp)
print(ret)
except Exception as err:
print("Content-type:application/json\n\n")
result = {
"rtcResult": "Error",
"info": "some error {}".format(mylogger.exception_info(err))
}
print(json.dumps(result))
def main(argv):
### default never log,change this if needed
debug_level = 0
mylogger = rtclogger.LOGGER("gethosts", debug_level, "")
try:
if 'REQUEST_METHOD' in os.environ:
### this is called as CGI script and we should avoid printouts
debug = False
post = str(sys.stdin.read())
temp = json.loads(post)
recurring = temp["recurring"]
else:
### this is called via CLI for troubleshooting
recurring = "True"
debug = True
dbconn = rtcdb.RTCDB()
dbresult = dbconn.getXconfig("adconfig")
ad_config = json.loads(dbresult["configstring"])
try:
ad_server = Server(ad_config["ad_server"], get_info=ALL)
ad_conn = Connection(ad_server,
user=ad_config["ad_username"],
password=ad_config["ad_password"],
auto_bind=True)
except Exception as err:
estring = mylogger.exception_info(err)
ad_conn = None
dbresult = dbconn.getXconfig("ampconfig")
creds = json.loads(dbresult["configstring"])
rsp = dbconn.getUsers()
users = rsp["items"]
mylogger.log_debug(7, json.dumps(users))
for u in users:
mylogger.log_debug(7, "User is ".format(json.dumps(u)))
ad_info = {
"memberOf": [],
"mail": "",
"badPasswordTime": "",
"lastLogon": "",
"badPwdCount": "",
}
try:
if ad_conn:
ad_conn.search(u["user"],
'(objectclass=person)',
attributes=[
'sn', 'mail', 'memberOf',
'badPasswordTime', 'lastLogon',
'badPwdCount', 'sAMAccountName'
])
entry = ad_conn.entries[0]
ad_info["memberOf"] = entry.memberOf.values
ad_info["badPasswordTime"] = str(entry.badPasswordTime)
ad_info["mail"] = str(entry.mail)
ad_info["lastLogon"] = str(entry.lastLogon)
ad_info["badPwdCount"] = str(entry.badPwdCount)
ad_info["sAMAccountName"] = str(entry.sAMAccountName)
except Exception as e:
pass
u.update({"ad_info": ad_info})
try:
rsp = dbconn.getAMPevents(user=u["user"])
u.update({"ampevents": rsp})
except Exception as err:
estring = mylogger.exception_info(err)
u.update({"ampevents": {}})
try:
rsp = dbconn.getSWevents(user=u["user"])
u.update({"swevents": rsp})
except Exception as err:
u.update({"swevents": {}})
try:
rsp = dbconn.getUMBevents(user=u["user"])
u.update({"umbevents": rsp})
except Exception as err:
u.update({"umbevents": {}})
rsp = {"rtcResult": "OK"}
rsp.update({"items": users})
rsp.update({"recurring": recurring})
except Exception as err:
rsp = {"rtcResult": mylogger.exception_info(err)}
print("Content-type:application/json\n\n")
if not debug:
print(json.dumps(rsp))
else:
print(json.dumps(rsp, indent=4, sort_keys=True))
