def __createDefaultEntryForAuditor(filePath, auditorType):
try:
with open(filePath, "r") as f:
auditorBodystr = f.read()
auditorName = auditorType + '_default'
auditor = dict()
auditor.update({'auditor_type': auditorType})
auditor.update({'auditor_name': auditorName})
#auditor.update({'auditor_body': auditorBody})
blobdata = base64.b64encode(bytes(auditorBodystr,
'utf-8')).decode('ascii')
metadata = dict()
metadata.update({'auditor_type': auditorType})
metadata.update({'cluster': None})
#resp = post_request_ver2('auditors', json.dumps(auditor), auditorName, metadata)
post_request_ver2('auditors',
data=json.dumps(auditor),
identity=auditorName,
metadata=metadata,
blob=blobdata)
print('successful for {}'.format(auditorType))
return None
except Exception as e:
exc_type, exc_obj, exc_tb = sys.exc_info()
fname = os.path.split(exc_tb.tb_frame.f_code.co_filename)[1]
print("!!!! Exception while reading default yaml !!!!")
print(exc_type, fname, exc_tb.tb_lineno)
print(e)
def createSecurityPostureGraph(self,
postureName,
jsonDoc,
orgName="Aricent"):
print("In createSecurityPostureGraph")
org = GphDB.getGphObject(orgName, Organization)
resp = [{"result": "Failure", "error": "Service error"}]
try:
if org:
print("Store posture in EL DB")
res_url = post_request_ver2('securityposture',
json.dumps(jsonDoc), postureName)
print("Create posture in Graph-DB")
posture = GphDB.addGphObject(
SecurityPosture(name=postureName,
documentLink=res_url,
version='1.0'))
print("Added Posture %s in GraphDB" % (postureName))
org.implementsSecPolPosture.connect(posture)
print("Connected Posture %s to Org %s in GraphDB" %
(postureName, org.name))
try:
self.__createSecPosInGphDBv2(jsonDoc, org, posture)
except Exception as e:
exc_type, exc_obj, exc_tb = sys.exc_info()
fname = os.path.split(
exc_tb.tb_frame.f_code.co_filename)[1]
print("!!! Exception in createSecPosInGphDB !!!")
print(exc_type, fname, exc_tb.tb_lineno)
print(e)
sys.stdout.flush()
valNodes = list(jsonDoc['operators'].values())
if valNodes:
print("Looking for policies in posture %s" % (postureName))
for nd in valNodes:
if nd['nodeType'] == 'Policies' or nd[
'nodeType'] == 'Security Configurations':
# Note: Add 'type' and 'name' as a property in sample-posture JSON
pol = GphDB.getGphObject(
nd['properties']['name'],
replaceNonAlNum(nd["nodeType"]))
if pol:
posture.usesPolicy.connect(pol)
print("Connected posture with Policy : ",
nd['properties']['name'])
else:
print("Posture has an Unknown Policy : ",
nd['properties']['name'])
resp = [{"result": "Success", "error": None}]
else:
print("Organization %s was not found in graph-DB" % (orgName))
resp = [{"result": "Failure", "error": "No such Organization"}]
print("----createSecurityPostureGraph END ------")
finally:
print("Finished Creating EVA-Map objects for %s" % (postureName))
print(resp)
sys.stdout.flush()
return resp
def message_handler(msg):
subject = msg.subject
reply = msg.reply
data = msg.data.decode()
print(
"Received a message on message_handler'{subject} {reply}': {data}"
.format(subject=subject, reply=reply, data=data))
print("\n\ntype of data {}".format(str(type(data))))
#yield from nc.publish(reply, bytes('I can help', 'utf-8'))
report = json.loads(data)
metadata = dict()
metadata.update({'auditor_type': report['auditor_type']})
metadata.update({'cluster': report['cluster']})
post_request_ver2('audit_reports', json.dumps(report), None,
metadata)
print("************* data saved ************** ")
async def __reportHandler(self, msg):
print("Received message on Topic: {subject} : Data {data}".format(
subject=msg.subject, data=msg.data.decode()))
report = json.loads(msg.data.decode())
metadata = dict()
metadata.update({'auditor_type': report['auditor_type']})
metadata.update({'cluster': report['cluster']})
post_request_ver2('audit_reports', json.dumps(report), None, metadata)
print('******** successfuly saved report in elastic DB ********')
#Update the runstate in DB
runstate = Auditor.finishedAuditorRun(report['auditor_type'],
report['cluster'])
print('******** successfuly updated status in registry *********')
cluster_auditor_id = report['auditor_type'] + '_' + report['cluster']
cluster_auditor_entry = get_document_by_id_ver2(
'auditor_cluster_registry',
urllib.parse.quote_plus(cluster_auditor_id))
update_object = {'jsondoc': {'runState': runstate}}
cluster_auditor_entry['runState'] = runstate
update_document('auditor_cluster_registry', cluster_auditor_id,
update_object)
print(
'******* successfuly updated auditor_cluster_registry in elastic DB *******'
)
audiInGph = GphDB.getGphObject(cluster_auditor_id, AuditorInstance)
if audiInGph:
audiInGph.state = runstate
audiInGph.save()
print('******** successfuly updated status in GphDB ********')
print("************* data saved ************** ")
def __agentHandler(self, msg):
#async def __agentHandler(self, msg):
print("Received message on Topic: {subject} : Data {data}".format(
subject=msg.subject, data=msg.data.decode()))
agent_data = json.loads(msg.data.decode())
CloudId = agent_data['cloudId']
agent_token = agent_data['token']
if str(CloudId) in CloudConfig.cloud:
if agent_token == CloudConfig.cloud[str(CloudId)]['auth_token']:
ran_str = ''.join(
random.choice(string.ascii_letters) for i in range(20))
queue_name = ran_str + str(CloudId)
agent_obj = get_document_by_id('agents', str(CloudId))
if 'found' not in agent_obj.keys(
) or not agent_obj.get('found'):
agent = dict()
agent.update({'agent_name': 'Agent_' + str(CloudId)})
agent.update({'cloud_id': str(CloudId)})
agent.update({'agent_queue': queue_name})
agent.update({'status': 'ready'})
post_request_ver2('agents', json.dumps(agent),
str(CloudId), None)
else:
update_object = {'jsondoc': {'agent_queue': queue_name}}
update_document('agents', str(CloudId), update_object)
print('success......queue name....{}'.format(queue_name))
resp_dict = {
'status': 'SUCCESS',
'queue_name': queue_name,
'auditors': []
}
response = json.dumps(resp_dict)
"""
print("Fetch Clusters for Cloud-Id : %s" %(CloudId))
clstr = GphDB.getClusterByCloudid(str(CloudId))
print('clusters received....: %s' %(clstr))
print('type of cluster...{}'.format(type(clstr)))
print(clstr)
#pdb.set_trace()
auditor_list = []
for clr in clstr:
query_dict = {'metadata.cluster': clr.replace("/"," AND ")}
res = search_index_using_querystring('auditors', query_dict)
#res = json.loads(auditors)['hits']['hits']
print('res.....{}'.format(res))
if res:
for obj in res:
yaml_str = base64.b64decode(obj['_source']['blob']).decode('ascii')
yaml_obj = list(yaml.load_all(yaml_str))
#auditor_name = urllib.parse.unquote_plus(obj['_source']['jsondoc']['auditor_name'])
#obj['_source']['jsondoc'].update({'auditor_name' : auditor_name})
obj['_source']['jsondoc'].update({'auditor_body' : yaml_obj})
auditor_list.append(obj['_source']['jsondoc'])
resp_dict['auditors'] = auditor_list
print('auditor_list.................{}'.format(auditor_list))
print('***** length of auditor_list.................{}'.format(len(auditor_list)))
"""
else:
response = json.dumps({
'status': 'FAILED',
'message': 'Authentication failed'
})
else:
response = json.dumps({
'status': 'FAILED',
'message': 'Cloud not found'
})
yield from self.__natsClient.publish(msg.reply,
bytes(response, 'utf-8'))
print("************* data saved ************** ")
"""
def createAuditorAndMapCluster(self, requestData):
print("***** Enter Method - " + str(datetime.now()))
sys.stdout.flush()
auditorType = requestData['auditorType']
postureName = requestData['postureName']
auditorBody = requestData['auditorBody']
clusters = requestData['clusters']
auditorRelations = []
relationDict = dict()
for cluster in clusters:
''' Create the Auditors in Databse'''
auditorName = auditorType + '_' + cluster
auditor = dict()
auditor.update({'auditor_type': auditorType})
auditor.update({'auditor_name': auditorName})
#auditor.update({'auditor_body' : auditorBody})
metadata = dict()
metadata.update({'auditor_type': auditorType})
metadata.update({'cluster': cluster})
blob = base64.b64encode(bytes(auditorBody,
'utf-8')).decode('ascii')
auditorUrl = post_request_ver2(
'auditors', json.dumps(auditor),
urllib.parse.quote_plus(auditorName), metadata, blob)
if auditorType == 'SDWANBranchSysCalls':
try:
cluster_obj = GphDB.getGphObject(cluster, Cluster)
agent_obj = get_document_by_id_ver2(
'agents', str(cluster_obj.cloudId))
finaldata = {'purpose': 'SetConfig', 'data': []}
aud_obj = dict()
aud_obj.update({'auditor_type': auditorType})
aud_obj.update({'auditor_name': auditorName})
aud_obj.update(
{'auditor_body': list(yaml.load_all(auditorBody))})
finaldata['data'].append(aud_obj)
loop = asyncio.new_event_loop()
loop.run_until_complete(
RunAuditClass.publishAudit(loop,
agent_obj['agent_queue'],
json.dumps(finaldata)))
loop.close()
except Exception as e:
print("Exception while setting config on agent : \n %s" %
(e))
''' Add the AuditorType-Auditor-Cluster relationships to the node graph'''
relationData = dict()
relationData.update({'cluster': cluster})
relationData.update({'auditorName': auditorName})
relationData.update({'auditorUrl': auditorUrl})
auditorRelations.append(relationData)
''' Update the Cluster Auditor Registry'''
registryResp = Auditor.createAuditorInClusterRegistry(
cluster, auditorType, auditorUrl)
print("Registry entry created, Status - " + registryResp)
''' Add AuditorInstance to Graph DB '''
audInst = AuditorInstance(name=auditorName,
documentLink=auditorUrl,
state=registryResp).save()
print("auditor instance saved to graph DB !!!")
try:
audiInGph = GphDB.getGphObject(auditorType, GphAuditor)
audInst.instanceOf.connect(audiInGph)
except Exception as e:
print(
"Exception while linkinf AuditorInstance to Auditor : \n %s"
% (e))
''' Update index to add Registry data'''
registryEntry = {
'cluster': cluster,
'auditor_type': auditorType,
'config': auditorUrl,
'runState': registryResp,
'auditor_name': auditorName
}
post_request_ver2('auditor_cluster_registry',
json.dumps(registryEntry),
urllib.parse.quote_plus(auditorName), None)
print("data saved to auditor_cluster_registry !!!")
relationDict.update({'posture': postureName})
relationDict.update({'relations': auditorRelations})
#call the node graph method
try:
GphDB.addAudInstRelationsBulk(relationDict)
except Exception as e:
print(
"Exception while linkinf AuditorInstance to Auditor : \n %s" %
(e))
return "Success"