def send_mbu_device_notifications(meta_business_unit): queues.post_raw_event( "mdm_device_notifications", { "enrolled_device_pk_list": [ d.pk for d in EnrolledDevice.objects.active_in_mbu( meta_business_unit) ] })
def post_puppet_report(instance, user_agent, ip, report): raw_event = { "request": { "user_agent": user_agent, "ip": ip }, "event_type": PuppetReportEvent.event_type, "puppet_instance": instance, "puppet_report": report } queues.post_raw_event("puppet_reports", raw_event)
def post_webhook_event(instance, user_agent, ip, wsone_event): raw_event = { "request": { "user_agent": user_agent, "ip": ip }, "observer": instance.observer_dict(), "wsone_instance": { "pk": instance.pk, "version": instance.version }, "wsone_event": wsone_event } queues.post_raw_event("wsone_events", raw_event)
def post_jamf_webhook_event(jamf_instance, user_agent, ip, data): jamf_event = data["webhook"]["webhookEvent"] event_type = 'jamf_{}'.format(JAMF_EVENTS[jamf_event][0]) payload = data["event"] # device event ? device_type = None if jamf_event.startswith("Computer"): device_type = "computer" elif jamf_event.startswith("MobileDevice"): device_type = "mobile_device" observer_dict = jamf_instance.observer_dict() if device_type is not None \ or event_type == "jamf_smart_group_computer_membership_change" \ or event_type == "jamf_smart_group_mobile_device_membership_change": # event needs preprocessing raw_event = { "request": { "user_agent": user_agent, "ip": ip }, "observer": observer_dict, "event_type": event_type, "jamf_instance": jamf_instance.serialize(), "jamf_event": payload } if device_type: try: jamf_id = payload["computer"]["jssID"] serial_number = payload["computer"]["serialNumber"] except KeyError: jamf_id = payload["jssID"] serial_number = payload["serialNumber"] raw_event.update({ "device_type": device_type, "jamf_id": jamf_id, "serial_number": serial_number, }) queues.post_raw_event("jamf_events", raw_event) else: # event doesn't need preprocessing event_cls = event_cls_from_type(event_type) msn = payload.get("serialNumber", None) event_cls.post_machine_request_payloads(msn, user_agent, ip, [payload], observer=observer_dict)
def post_jamf_event(jamf_instance, user_agent, ip, data): jamf_event = data["webhook"]["webhookEvent"] event_type = 'jamf_{}'.format(JAMF_EVENTS[jamf_event][0]) payload = data["event"] # add origin to jamf event payload["jamf_instance"] = { "host": jamf_instance.host, "path": jamf_instance.path, "port": jamf_instance.port } # device event ? device_type = None if jamf_event.startswith("Computer"): device_type = "computer" elif jamf_event.startswith("MobileDevice"): device_type = "mobile_device" if device_type is not None \ or event_type == "jamf_smart_group_computer_membership_change" \ or event_type == "jamf_smart_group_mobile_device_membership_change": # event needs preprocessing raw_event = { "request": { "user_agent": user_agent, "ip": ip }, "event_type": event_type, "jamf_instance": jamf_instance.serialize(), "jamf_event": payload } if device_type: raw_event.update({ "device_type": device_type, "jamf_id": payload["jssID"], "serial_number": payload["serialNumber"], }) queues.post_raw_event("jamf_events", raw_event) else: # event doesn't need preprocessing event_cls = event_cls_from_type(event_type) msn = payload.get("serialNumber", None) event_cls.post_machine_request_payloads(msn, user_agent, ip, [payload])
def post_jamf_event(jamf_instance, user_agent, ip, data): jamf_event = data["webhook"]["webhookEvent"] event_type = 'jamf_{}'.format(JAMF_EVENTS[jamf_event][0]) payload = data["event"] # add origin to jamf event payload["jamf_instance"] = { "host": jamf_instance.host, "path": jamf_instance.path, "port": jamf_instance.port } # device event ? device_type = None if jamf_event.startswith("Computer"): device_type = "computer" elif jamf_event.startswith("MobileDevice"): device_type = "mobile_device" if device_type is not None \ or event_type == "jamf_smart_group_computer_membership_change" \ or event_type == "jamf_smart_group_mobile_device_membership_change": # event needs preprocessing raw_event = {"request": {"user_agent": user_agent, "ip": ip}, "event_type": event_type, "jamf_instance": jamf_instance.serialize(), "jamf_event": payload} if device_type: raw_event.update({ "device_type": device_type, "jamf_id": payload["jssID"], "serial_number": payload["serialNumber"], }) queues.post_raw_event("jamf_events", raw_event) else: # event doesn't need preprocessing event_cls = event_cls_from_type(event_type) msn = payload.get("serialNumber", None) event_cls.post_machine_request_payloads(msn, user_agent, ip, [payload])
def send_device_notification(enrolled_device, delay=0): payload = {"enrolled_device_pk_list": [enrolled_device.pk]} if delay: not_before = timezone.now() + timedelta(seconds=delay) payload["not_before"] = not_before.isoformat() queues.post_raw_event("mdm_device_notifications", payload)
def post_finished_file_carve_session(session_id): queues.post_raw_event("osquery_finished_file_carve_session", {"session_id": session_id})