예제 #1
0
def main():
    init()
    init_sql()

    # Create components needed for Securitybot
    duo_api = duo_client.Auth(ikey=DUO_INTEGRATION,
                              skey=DUO_SECRET,
                              host=DUO_ENDPOINT)
    duo_builder = lambda name: DuoAuth(duo_api, name)

    chat = Slack('securitybot', SLACK_KEY, ICON_URL)
    tasker = SQLTasker()

    sb = SecurityBot(chat, tasker, duo_builder, REPORTING_CHANNEL,
                     'config/bot.yaml')
    sb.run()
예제 #2
0
def main():
    init()
    init_sql()

    # Create components needed for Securitybot
    # duo_api = duo_client.Auth(
    #     ikey=DUO_INTEGRATION,
    #     skey=DUO_SECRET,
    #     host=DUO_ENDPOINT
    # )
    # duo_builder = lambda name: DuoAuth(duo_api, name)
    default_builder = lambda name: DefaultAuth(name)
    chat = Slack(BOT_NAME, SLACK_KEY, BOT_ICON_URL)
    tasker = SQLTasker()

    sb = SecurityBot(chat, tasker, default_builder, REPORTING_CHANNEL,
                     'config/bot.yaml')
    sb.run()
예제 #3
0
def main():
    logging.basicConfig(level=logging.INFO,
                        format='%(asctime)s %(levelname)s %(message)s')

    try:
        # Parse stdin from Splunk
        payload = json.loads(sys.stdin.read())
        logging.info('Sending bot alert: {0}'.format(payload['search_name']))

        # initialize SQL
        init_sql()

        send_bot_alerts(payload)

        logging.info('Alert {} fired successfully.\n'.format(
            payload['search_name']))
    except Exception as e:
        logging.error('Failure: {}'.format(e))
    logging.info('Exiting')
예제 #4
0
파일: main.py 프로젝트: prezi/securitybot
def main():
    init()
    logging.warning("Securitybot [bot] restarted.")
    init_sql()

    # Create components needed for Securitybot
    auth_builder = None
    if DUO_INTEGRATION and DUO_SECRET and DUO_ENDPOINT:
        duo_api = duo_client.Auth(
            ikey=DUO_INTEGRATION,
            skey=DUO_SECRET,
            host=DUO_ENDPOINT
        )
        auth_builder = lambda name: DuoAuth(duo_api, name)

    chat = Slack('securitybot', SLACK_KEY, ICON_URL)
    tasker = SQLTasker()

    sb = SecurityBot(chat, tasker, auth_builder, REPORTING_CHANNEL, 'config/bot.yaml')
    sb.run()
예제 #5
0
def main():
    # type: () -> None
    if len(sys.argv) != 5:
        print 'Usage: python bot_lookup.py [hash] [comment] [performed] [authenticated]'

    # Initialize SQL
    init_sql()

    hash_field = sys.argv[1]
    comment_field = sys.argv[2]
    performed_field = sys.argv[3]
    authenticated_field = sys.argv[4]

    infile = sys.stdin
    outfile = sys.stdout

    # Load in query from stdin
    inbound = csv.DictReader(infile)

    # Prep return CSV with the same format
    header = inbound.fieldnames
    outbound = csv.DictWriter(outfile, fieldnames=header)
    outbound.writeheader()

    for entry in inbound:
        hash = entry[hash_field]

        try:
            res = find_on_hash(hash)
            if res is not None:
                comment, performed, authenticated = res

                entry[comment_field] = comment
                entry[performed_field] = performed
                entry[authenticated_field] = authenticated
        except Exception as e:
            logging.warn(
                'An exception was encountered making a DB call: {0}'.format(e))

        outbound.writerow(entry)
예제 #6
0
def init_api():
    # type: () -> None
    init_sql()