def __init__(self, ossec_path='/var/ossec', get_init=False): """ Initialize basic information and directories. :param ossec_path: OSSEC Path. By default it is /var/ossec. :param get_init: Get information from /etc/ossec-init.conf. :return: """ self.version = None self.installation_date = None self.type = None self.path = ossec_path self.max_agents = 'N/A' self.openssl_support = 'N/A' if get_init: self.get_ossec_init() common.set_paths_based_on_ossec(self.path)
def get_ossec_init(self): """ Gets information from /etc/ossec-init.conf. :return: ossec-init.conf as dictionary """ try: with open(self.OSSEC_INIT, 'r') as f: line_regex = re.compile('(^\w+)="(.+)"') for line in f: match = line_regex.match(line) if match and len(match.groups()) == 2: key = match.group(1).lower() if key == "version": self.version = match.group(2) elif key == "directory": # Read 'directory' when ossec_path (__init__) is set by default. # It could mean that get_init is True and ossec_path is not used. if self.path == '/var/ossec': self.path = match.group(2) common.set_paths_based_on_ossec(self.path) elif key == "date": self.installation_date = match.group(2) elif key == "type": if (str(match.group(2)) == "server"): self.type = "manager" else: self.type = match.group(2) except: raise WazuhException(1005, self.OSSEC_INIT) # info DB conn = Connection(common.database_path_global) query = "SELECT * FROM info" conn.execute(query) for tuple in conn: if tuple[0] == 'max_agents': self.max_agents = tuple[1] elif tuple[0] == 'openssl_support': self.openssl_support = tuple[1] # Ruleset version ruleset_version_file = "{0}/ruleset/VERSION".format(self.path) try: with open(ruleset_version_file, 'r') as f: line_regex = re.compile('(^\w+)="(.+)"') for line in f: match = line_regex.match(line) if match and len(match.groups()) == 2: self.ruleset_version = match.group(2) except: raise WazuhException(1005, ruleset_version_file) # Timezone info try: self.tz_offset = strftime("%z") self.tz_name = strftime("%Z") except: self.tz_offset = None self.tz_name = None return self.to_dict()