def __init__(self,
configFile,
identifier='default',
sync_frequency=15.0,
logging_dest='/dev/log',
realm='global',
scale=None,
actorsRoot=None):
self._stopEvent = gevent.event.Event()
self._logger = None
self._log_level = logging.INFO
self._log_dest = logging_dest
self._realm = realm
self._initLogging(self._log_level, logging_dest)
self._threads = gevent.pool.Group()
self._owner = 'beach.patrol/%s' % (identifier, )
self._mutex = BoundedSemaphore(value=1)
self._entries = OrderedDict()
self._freq = sync_frequency
self._updateFreq = 60 * 60
self._patrolHash = None
self._patrolUrl = None
self._isMonitored = False
self._originalTtl = None
self._beach = Beach(configFile, realm=realm)
self._scale = scale
self._actorsRoot = actorsRoot
if self._actorsRoot is not None and not self._actorsRoot.endswith('/'):
self._actorsRoot += '/'
def __init__(self,
configFile,
identifier='default',
sync_frequency=15.0,
logging_dest='/dev/log',
realm='global',
scale=None,
actorsRoot=None):
self._stopEvent = gevent.event.Event()
self._logger = None
self._log_level = logging.INFO
self._log_dest = logging_dest
self._realm = realm
self._initLogging(self._log_level, logging_dest)
self._threads = gevent.pool.Group()
self._owner = 'beach.patrol/%s' % (identifier, )
self._entries = OrderedDict()
self._watch = {}
self._freq = sync_frequency
self._beach = Beach(configFile, realm=realm)
self._scale = scale
self._actorsRoot = actorsRoot
if self._actorsRoot is not None and not self._actorsRoot.endswith('/'):
self._actorsRoot += '/'
def init( self, parameters, resources ):
self.beach_api = Beach( self._beach_config_path, realm = 'hcp' )
self.db = CassDb( parameters[ 'db' ], 'hcp_analytics' )
self.audit = self.getActorHandle( resources[ 'auditing' ], timeout = 30, nRetries = 3 )
self.admin = self.getActorHandle( resources[ 'admin' ], timeout = 30, nRetries = 3 )
self.sensorDir = self.getActorHandle( resources[ 'sensordir' ], timeout = 30, nRetries = 3 )
self.genDefaultsIfNotPresent()
isSuccess, _oid = self.get_global_config( None )
if isSuccess:
self.admin_oid = uuid.UUID( str( _oid[ 'global/admin_oid' ] ) )
else:
self.admin_oid = None
self.handle( 'get_global_config', self.get_global_config )
self.handle( 'get_org_config', self.get_org_config )
self.handle( 'set_config', self.set_config )
self.handle( 'deploy_org', self.deploy_org )
self.handle( 'get_c2_cert', self.get_c2_cert )
self.handle( 'get_root_cert', self.get_root_cert )
self.handle( 'update_profile', self.update_profile )
self.handle( 'get_profiles', self.get_profiles )
self.handle( 'get_supported_events', self.get_supported_events )
self.handle( 'get_capabilities', self.get_capabilities )
self.handle( 'get_quick_detects', self.get_quick_detects )
self.handle( 'del_sensor', self.del_sensor )
self.handle( 'refresh_all_installers', self.refresh_all_installers )
self.handle( 'set_installer_info', self.set_installer_info )
self.handle( 'del_installer', self.del_installer )
self.metricsUrl = resources.get( 'metrics_url', 'https://limacharlie.io/metrics/opensource' )
self.schedule( ( 60 * 60 ) + random.randint( 0, 60 * 60 ) , self.sendMetricsIfEnabled )
def __init__(self, beach_config, token, timeout=1000 * 10):
self.token = token
self.beach = Beach(beach_config, realm='hcp')
self.vHandle = self.beach.getActorHandle(
'c2/admin/1.0',
ident='cli/955f6e63-9119-4ba6-a969-84b38bfbcc05',
timeout=timeout,
nRetries=3)
def beach_cluster(request):
global beach
global h_hostmanager
h_hostmanager = subprocess.Popen([
'python', '-m', 'beach.hostmanager',
os.path.join(curFileDir, 'simple.yaml'), '--log-level', '10'
])
beach = Beach(os.path.join(curFileDir, 'simple.yaml'), realm='global')
def beach_teardown():
global beach
global h_hostmanager
beach.close()
h_hostmanager.send_signal(signal.SIGQUIT)
assert (0 == h_hostmanager.wait())
request.addfinalizer(beach_teardown)
dest='is_display_responses',
help='if specified, all actor responses will be displayed')
args = parser.parse_args()
print("Launching LimaCharlie Appliance Test")
printStep('BASE PLATFORM')
if 0 == os.system('cqlsh %s -e "desc keyspaces" > /dev/null 2>&1' %
getLocalIp()):
printSuccess("Cassandra is running.")
else:
printFailure("Cassandra doesn't seem to be running.")
BEACH = Beach(BEACH_CONFIG, 'hcp')
resp = BEACH.getClusterHealth()
if 0 != len(resp) and resp.values()[0] is not None:
printSuccess('Beach cluster is running with %d node(s).' % len(resp))
else:
printFailure("Beach cluster doesn't seem to be running.")
if 0 == os.system(
'ps -elf | grep -E ".*endpoint_proxy.*" | grep -v grep > /dev/null'
):
printSuccess('Sensor proxy is running.')
else:
printFailure("Sensor proxy doesn't seem to be running.")
if 0 == os.system(
import json
import yaml
import time
# Adding the beach lib directory relatively for this example
curFileDir = os.path.dirname(os.path.abspath(__file__))
sys.path.append(os.path.join(curFileDir, '..', '..'))
from beach.beach_api import Beach
from beach.utils import _getIpv4ForIface
print("Connecting to example beach.")
# Note that we usually would not need to add the extraTmpSeedNode parameter in production
# since your config file would be populated. Here to keep the config file simple and
# portable we add our IP manually to operate in single-node mode.
beach = Beach(os.path.join(curFileDir, 'simple.yaml'), realm='global')
print("Creating ping actor in random beach node.")
a1 = beach.addActor('Ping', 'pingers')
print(json.dumps(a1, indent=4))
print("Creating pong actor in random beach node.")
a2 = beach.addActor('Pong', 'pongers')
print(json.dumps(a2, indent=4))
print("Idling for a few seconds...")
time.sleep(30)
print("Querying for beach directory.")
d = beach.getDirectory()
print(json.dumps(d, indent=4))
os.chdir(os.path.dirname(os.path.abspath(__file__)))
urls = (r'/', 'Index', r'/dashboard', 'Dashboard', r'/sensor', 'Sensor',
r'/search', 'Search', r'/sensor_state', 'SensorState', r'/timeline',
'Timeline', r'/objsearch', 'ObjSearch', r'/obj', 'ObjViewer',
r'/lastevents', 'LastEvents', r'/event', 'EventView', r'/hostobjects',
'HostObjects', r'/detects_data', 'JsonDetects', r'/detects',
'ViewDetects', r'/detect', 'ViewDetect')
web.config.debug = False
app = web.application(urls, globals())
render = web.template.render('templates',
base='base',
globals={
'json': json,
'tsToTime': tsToTime
})
if len(sys.argv) < 2:
print("Usage: python app.py beach_config [listen_port]")
sys.exit()
beach = Beach(sys.argv[1], realm='hcp')
del (sys.argv[1])
model = beach.getActorHandle('models',
nRetries=3,
timeout=30,
ident='lc/0bf01f7e-62bd-4cc4-9fec-4c52e82eb903')
app.run()
import os
import sys
from beach.beach_api import Beach
import logging
REPO_ROOT = os.path.join( os.path.dirname( os.path.abspath( __file__ ) ), '..', '..' )
if 1 < len( sys.argv ):
BEACH_CONFIG_FILE = os.path.abspath( sys.argv[ 1 ] )
else:
BEACH_CONFIG_FILE = os.path.join( os.path.dirname( os.path.abspath( __file__ ) ), 'sample_cluster.yaml' )
beach = Beach( BEACH_CONFIG_FILE, realm = 'hcp' )
#######################################
# BeaconProcessor
# This actor will process incoming
# beacons from the sensors.
# Parameters:
# state_db: these are the connection
# details for the mysql database
# used to store the low-importance
# data tracked at runtime.
# _priv_key: the C2 private key.
# task_back_timeout: the number of
# seconds to wait during each
# beacon to give a chance to any
# detects to generate tasks for
# the sensor to process right away.
#######################################
print( beach.addActor( 'c2/BeaconProcessor',
g_metrics = info
print("Done processing metris.")
def periodicUpdate():
while True:
updateMetrics()
gevent.sleep(SEC_PER_GEN)
###############################################################################
# BOILER PLATE
###############################################################################
urls = (r'/', 'Index', r'/info', 'GetClusterInfo')
web.config.debug = False
app = web.application(urls, globals())
render = web.template.render('%s/templates/' % g_current_dir, globals={})
if len(sys.argv) < 2:
print("Dashboard takes single argument: cluster config file.")
sys.exit()
beach = Beach(sys.argv[-1])
sys.argv.pop()
os.chdir(g_current_dir)
gevent.spawn(periodicUpdate)
app.run()
def init(self, parameters, resources):
self.beach_api = Beach(self._beach_config_path, realm='hcp')
self.handle('reg_detect', self.handleRegDetect)
self.handle('reg_inv', self.handleRegInvestigation)
self.handle('unreg_detect', self.handleRegDetect)
self.handle('unreg_inv', self.handleUnRegInvestigation)
dest='source')
parser.add_argument(
'-i',
'--ident',
type=str,
required=False,
default='endpointproxy/8e7a890b-8016-4396-b012-aec73d055dd6',
help='Beach identity to use to request list of endpoints.',
dest='ident')
parser.add_argument(
'-u',
'--update',
type=int,
required=False,
default=60,
help='refresh list of available endpoints every X seconds.',
dest='update')
arguments = parser.parse_args()
currentEndpoints = Set()
beach = Beach(arguments.config, realm='hcp')
endpointActors = beach.getActorHandle('c2/endpoint',
nRetries=3,
timeout=30,
ident=arguments.ident)
updateEndpoints(endpointActors, arguments.update)
proxy = LcEndpointProxy(arguments.source, currentEndpoints)
proxy.start()
gevent.wait()
def init(self, parameters):
self.beach_api = Beach(parameters['beach_config'], realm='hcp')
self.handle('reg_detect', self.handleRegDetect)
self.handle('reg_inv', self.handleRegInvestigation)
self.handle('unreg_detect', self.handleRegDetect)
self.handle('unreg_inv', self.handleUnRegInvestigation)
ENABLE_GET = args.withGet
if args.sslSelfSigned:
if not os.path.isfile(args.sslCert) and not os.path.isfile(
args.sslKey):
print("Generating self-signed certs.")
if 0 != os.system(
'openssl req -x509 -days 36500 -newkey rsa:4096 -keyout %s -out %s -nodes -sha256 -subj "/C=US/ST=CA/L=Mountain View/O=refractionPOINT/CN=restbridge.beach" > /dev/null 2>&1'
% (args.sslKey, args.sslCert)):
print("Failed to generate self-signed certificate.")
if os.path.isfile(args.sslCert) and os.path.isfile(args.sslKey):
print("Using SSL cert/key: %s and %s" % (args.sslCert, args.sslKey))
from web.wsgiserver import CherryPyWSGIServer
CherryPyWSGIServer.ssl_certificate = args.sslCert
CherryPyWSGIServer.ssl_private_key = args.sslKey
else:
print("No SSL cert/key at %s and %s so using normal HTTP." %
(args.sslCert, args.sslKey))
urls = (
r'/(.*)',
'Bridge',
)
web.config.debug = False
app = web.application(urls, globals())
beach = Beach(args.configFile, realm=args.realm)
handle_cache = {}
os.chdir(g_current_dir)
app.run()
def __init__(self, configFile, realm=None):
cmd.Cmd.__init__(self)
self.realm = 'global'
self.updatePrompt()
self.beach = Beach(configFile)
userConf = yaml.parse(f.read())
if 'config' in userConf:
conf = userConf['config']
else:
conf = args.config
if conf is None:
parser.error('no config specified and ~/.beach is not a valid config.')
else:
if args.req_realm is None and args.req_cat is None and args.req_cmd is None and args.req_ident is None:
app = BeachShell(conf)
app.cmdloop()
elif args.req_realm is None or args.req_cat is None or args.req_cmd is None:
parser.error('--req-* components missing to execute a request.')
else:
beach = Beach(conf, realm=args.req_realm)
h = beach.getActorHandle(args.req_cat,
ident=args.req_ident,
timeout=args.req_timeout)
if 0 == h.getNumAvailable():
h.close()
beach.close()
eprint("no actors available in category")
sys.exit(1)
if args.is_broadcast:
futures = h.requestFromAll(args.req_cmd, data=args.req_data)
else:
resp = h.request(args.req_cmd, data=args.req_data)
h.close()
# This will set the host as a beach node.
import sys
import os
import json
import yaml
import time
# Adding the beach lib directory relatively for this example
curFileDir = os.path.dirname(os.path.abspath(__file__))
sys.path.append(os.path.join(curFileDir, '..', '..'))
from beach.beach_api import Beach
print("Connecting to example beach.")
beach = Beach(os.path.join(curFileDir, 'multinode.yaml'), realm='global')
print("Creating ping actor in resource beach node.")
a1 = beach.addActor('Ping', 'pingers', strategy='resource')
print(json.dumps(a1, indent=4))
print("Creating pong actor in affinity( pingers ) beach node.")
a2 = beach.addActor('Pong',
'pongers',
strategy='affinity',
strategy_hint='pingers')
print(json.dumps(a2, indent=4))
print("Creating pong actor in isolation.")
a3 = beach.addActor('Pong', 'pongers', isIsolated=True)
print(json.dumps(a3, indent=4))
