Exemplos de Launch.load_cb_config em Python

Exemplo n.º 1

Arquivo: CheckExecution.py Projeto: bigblueswope/Gladius

    def Run(md5):
        launch=Launch()
        args=launch.get_args()
        cbserverurl,cbapitoken=launch.load_cb_config(args.configfile)
        parentmd5url=cbserverurl+str("\#search/cb.urlver=1&cb.q.parent_md5=%20")
        md5url=cbserverurl+str("\#search/cb.urlver=1&cb.q.md5=%20")
        cb = cbapi.CbApi(cbserverurl,
             token=cbapitoken,
             ssl_verify=False)

        parentquery='parent_md5:'+md5
        md5query='md5:'+md5

        if md5query.endswith(" "):
            print colored.red("[-] Bit9 did not capture the MD5 :(\n")
        else:
            print colored.yellow("[*] Checking if Parent MD5 process in Carbon Black...")
            parentresult = cb.process_search(parentquery, sort='start desc')
            if parentresult['total_results']==0:
                print colored.cyan("[+] Not a Parent MD5 process")
            else:
                cbparentmd5url=parentmd5url+md5+"&sort=&rows=10&start=0"
                print colored.green("[+] Parent MD5 event found in Carbon Black.")
                print colored.cyan(cbparentmd5url)
            print colored.yellow("[*] Checking if MD5 seen in Carbon Black...")
            md5result = cb.process_search(md5query, sort='start desc')
            if md5result['total_results'] == 0:
                print colored.cyan("[+] Not seen in Carbon Black.")
            else:
                cbmd5url=md5url+md5+"&sort=&rows=10&start=0"
                print colored.green("[+] MD5 Found in CB.")
                print colored.cyan(cbmd5url)

Exemplo n.º 2

Arquivo: FindCBComputer.py Projeto: kdauler/cb-cloud-cleaner

    def Run(computername):
        launch=Launch()
        args=launch.get_args()
        cbserverurl,cbapitoken=launch.load_cb_config(args.configfile)

        headers = {"X-Auth-Token": cbapitoken}  
        resp = requests.get(cbserverurl+str("/api/v1/sensor?hostname="+str(computername)), headers=headers, verify=False)  
        return resp.json()

Exemplo n.º 3

    def Run(computername):
        launch = Launch()
        args = launch.get_args()
        cbserverurl, cbapitoken = launch.load_cb_config(args.configfile)

        headers = {"X-Auth-Token": cbapitoken}
        resp = requests.get(
            cbserverurl + str("/api/v1/sensor?hostname=" + str(computername)),
            headers=headers,
            verify=False)
        return resp.json()

Exemplo n.º 4

Arquivo: cloud-cleaner.py Projeto: droptables/cb-cloud-cleaner

#!/usr/bin/env python
from Carbonblack.FindCBComputer import FindCBComputer
from Carbonblack.FindCBComputerGroup import FindCBComputerGroup
from Carbonblack.RemoveCBComputer import RemoveCBComputer
from Launch.Launch import Launch
from datetime import datetime, timedelta


if __name__ == '__main__':
	#Pull in the Launch module and get cmdline args via argparse.
    launch=Launch()
    args=launch.get_args()
    cbserverurl,cbapitoken=launch.load_cb_config(args.configfile)
    now = datetime.now()

    #get computers from sensor group '6', aka 'cloud-ops'
    cblookup = FindCBComputerGroup.Run(str(args.groupid),cbserverurl,cbapitoken)
    for computer in cblookup:
    	if computer['uninstall']==False:
	    	lastcheckintime = datetime.strptime(str(computer['last_checkin_time'][:19]),"%Y-%m-%d %H:%M:%S")
	    	if (now-lastcheckintime) > timedelta(days = int(args.daysoffline)):
	    		print computer['computer_name']+str(" has not checked in in over "+str(args.daysoffline)+" days, removing.")
	    		RemoveCBComputer.Run(computer['computer_name'], cbserverurl, cbapitoken)