def get_system_backup_list(system_id): """ Get the list of configuration backups in the system """ backup_type = request.args.get('type', '') no_cache = request.args.get('no_cache', 'false') no_cache = is_json_true(no_cache) success, backup_list = get_backup_list(system_id=system_id, backup_type=backup_type, no_cache=no_cache) if not success: return make_error("Error getting backup list. Please check the system is reachable", 500) return make_ok(backups=backup_list)
def get_system_backup_list(system_id): """ Get the list of configuration backups in the system """ backup_type = request.args.get('type', '') no_cache = request.args.get('no_cache', 'false') no_cache = is_json_true(no_cache) success, backup_list = get_backup_list(system_id=system_id, backup_type=backup_type, no_cache=no_cache) if not success: return make_error( "Error getting backup list. Please check the system is reachable", 500) return make_ok(backups=backup_list)
def rotate_backups(system_id, backup_type="configuration", nbackups=10): """ Rotate the backups """ (success, result) = ret = get_backup_list(system_id=system_id, backup_type=backup_type, no_cache=True) if not success: return ret (success, system_ip) = ret = get_system_ip_from_system_id(system_id) if not success: return ret result = [ x for x in result if x['date'] is not None and x['method'] == 'auto' ] if len(result) < nbackups: return True, 'No backups to remove' # Sort the list # Discard entries without date? # Clean the x['date'] == None origbackup = sorted(result, key=lambda x: x['date']) ref = origbackup[0]['date'] for backup in origbackup: backup['index'] = backup['date'] - ref backups = origbackup[:nbackups] for now_bk in origbackup[nbackups:]: backups = optimize(backups + [now_bk]) # Files we want to retain are in backups. keep_files = [x['file'] for x in backups] files_to_remove = [] backup_path = "/var/alienvault/backup/" for entry in origbackup: filepath = entry['file'] if filepath not in keep_files: files_to_remove.append(os.path.join(backup_path, filepath)) if len(files_to_remove) == 0: return True, 'No backups to remove' (success, result) = ret = remove_file([system_ip], " ".join(files_to_remove)) if not success: return ret return True, "Removed %d backups" % len(files_to_remove)
def rotate_backups(system_id, backup_type="configuration", nbackups=10): """ Rotate the backups """ (success, result) = ret = get_backup_list(system_id=system_id, backup_type=backup_type, no_cache=True) if not success: return ret (success, system_ip) = ret = get_system_ip_from_system_id(system_id) if not success: return ret result = [x for x in result if x['date'] is not None and x['method'] == 'auto'] if len(result) < nbackups: return True, 'No backups to remove' # Sort the list # Discard entries without date? # Clean the x['date'] == None origbackup = sorted(result, key=lambda x: x['date']) ref = origbackup[0]['date'] for backup in origbackup: backup['index'] = backup['date'] - ref backups = origbackup[:nbackups] for now_bk in origbackup[nbackups:]: backups = optimize(backups + [now_bk]) # Files we want to retain are in backups. keep_files = [x['file'] for x in backups] files_to_remove = [] backup_path = "/var/alienvault/backup/" for entry in origbackup: filepath = entry['file'] if filepath not in keep_files: files_to_remove.append(os.path.join(backup_path, filepath)) if len(files_to_remove) == 0: return True, 'No backups to remove' (success, result) = ret = remove_file([system_ip], " ".join(files_to_remove)) if not success: return ret return True, "Removed %d backups" % len(files_to_remove)
def start(self): try: self.remove_monitor_data() rc, system_list = get_systems(directly_connected=False) if not rc: logger.error("Can't retrieve systems..%s" % str(system_list)) return False for (system_id, system_ip) in system_list: success, sensor_id = get_sensor_id_from_system_id(system_id) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "get_sensor_id_from_system_id failed for system %s (%s)" % (system_ip, system_id)) sensor_id = None ha_name = None success, result = system_all_info(system_id, no_cache=True) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "system_all_info failed for system %s (%s)" % (system_ip, system_id)) continue if 'ha_status' in result: ha_name = 'active' if result[ 'ha_status'] == 'up' else 'passive' success, result = network_status(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "network_status failed for system %s (%s)" % (system_ip, system_id)) continue success, result = alienvault_status(system_id, no_cache=True) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "alienvault_status failed for system %s (%s)" % (system_ip, system_id)) continue success, result = status_tunnel(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoreInfo] " "status_tunnel failed for system %s (%s)" % (system_ip, system_id)) continue success, result = get_system_config_general(system_id, no_cache=True) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "get_system_config_general failed for system %s (%s)" % (system_ip, system_id)) continue hostname = result.get('general_hostname', None) if hostname is not None: success, hostname_old = db_get_hostname(system_id) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "db_get_hostname failed for system %s (%s)" % (system_ip, system_id)) continue if hostname == hostname_old: hostname = None # Getting config params from the system, # we do use this result var so do not change the order of the calls! success, config_alienvault = get_system_config_alienvault( system_id, no_cache=True) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "get_system_config_alienvault failed for system %s (%s)" % (system_ip, system_id)) continue ha_ip = None ha_role = None if 'ha_ha_virtual_ip' in config_alienvault: ha_ip = config_alienvault['ha_ha_virtual_ip'] if not is_valid_ipv4(ha_ip): ha_ip = None if 'ha_ha_role' in config_alienvault: ha_role = config_alienvault['ha_ha_role'] if ha_role not in ['master', 'slave']: ha_role = None # Update interfaces cache success, result = get_interfaces(system_id, no_cache=True) if not success: continue # Update system setup data cache success, result = system_get(system_id, no_cache=True) if not success: continue vpn_ip = None if "ansible_tun0" in result: try: vpn_ip = result['ansible_tun0']['ipv4']['address'] except Exception: vpn_ip = None # Sensor exclusive if sensor_id is not None and sensor_id != '': self.__update_sensor_properties( sensor_id=sensor_id, config_alienvault=config_alienvault) # Refresh sensor plugins cache try: get_sensor_plugins(sensor_id, no_cache=True) except APIException: logger.warning( "[MonitorRetrievesRemoteInfo] " "error getting plugins from sensor '{0}' {1}". format(sensor_id, system_ip)) if vpn_ip is not None: success, message = set_system_vpn_ip(system_id, vpn_ip) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_vpn_ip failed: %s" % message) if ha_role is not None: success, message = set_system_ha_role(system_id, ha_role) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message) else: success, message = set_system_ha_role(system_id, 'NULL') if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message) if ha_ip is not None: success, message = set_system_ha_ip(system_id, ha_ip) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_ha_ip: %s" % message) success, message = fix_system_references() if not success: logger.warning( "[MonitorRetrievesRemoteInfo] fix_system_references: %s" % message) if ha_name is not None: success, message = set_system_ha_name( system_id, ha_name) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_ha_name failed: %s" % message) else: success, message = set_system_ha_ip(system_id, '') if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_ha_ip failed: %s" % message) if hostname is not None: success, message = db_system_update_hostname( system_id, hostname) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] db_system_update_hostname failed: %s" % message) # Backups success, message = get_backup_list(system_id=system_id, backup_type="configuration", no_cache=True) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] get_backup_list failed: %s" % message) except Exception as err: api_log.error( "Something wrong happened while running the MonitorRetrievesRemoteInfo monitor %s" % str(err)) return False return True
def make_system_backup(system_id, backup_type, rotate=True, retry=True, method="auto", backup_pass=""): """ Run backup_type for system_id :param system_id :param backup_type """ success, system_ip = get_system_ip_from_system_id(system_id) if not success: return False, system_ip # here system_ip contains an error msg additional_info = json.dumps({ 'system_id': system_id, 'system_ip': system_ip }) if not backup_pass or backup_pass == 'NULL': msg = 'Password for configuration backups was not set. Backups will be disabled...' notifier.warning(msg) insert_current_status_message("00000000-0000-0000-0000-000000010039", system_id, "system", additional_info=additional_info) return False, msg try: notifier.info("Running Backup [%s - %s]" % (system_ip, backup_type)) if retry: # This kind of backup is always auto. make_system_backup_by_system_ip_with_retry(system_ip, backup_type, backup_pass=backup_pass) else: make_system_backup_by_system_ip(system_ip, backup_type, method=method, backup_pass=backup_pass) except Exception as e: notifier.error("Backup fails [%s - %s]: %s" % (system_ip, backup_type, str(e))) # To do: Launch a Notification message success, result = insert_current_status_message( "00000000-0000-0000-0000-000000010018", system_id, "system", additional_info=additional_info) if not success: return False, str(result) + " " + str(e) else: return False, str(e) notifier.info("Backup successfully made [%s - %s]" % (system_ip, backup_type)) # To do: Launch a Notification message # Rotate if rotate: success, result = rotate_backups(system_id, backup_type, 10) if not success: notifier.warning("Error Rotating %s backups in %s" % (backup_type, system_id)) else: notifier.info("Backups rotated successfully") # Refresh cache try: get_backup_list(system_id=system_id, backup_type=backup_type, no_cache=True) except Exception as e: error_msg = "Error when trying to flush the cache after deleting backups: %s" % str( e) notifier.warning(error_msg) return True, None
def make_system_backup(system_id, backup_type, rotate=True, retry=True, method="auto"): """ Run backup_type for system_id :param system_id :param backup_type """ success, system_ip = get_system_ip_from_system_id(system_id) if not success: return False try: notifier.info("Running Backup [%s - %s]" % (system_ip, backup_type)) if retry: make_system_backup_by_system_ip_with_retry( system_ip, backup_type) # This kind of backup is always auto. else: make_system_backup_by_system_ip(system_ip, backup_type, method=method) except Exception as e: notifier.warning("Backup fails " + "[%s - %s]: %s" % (system_ip, backup_type, str(e))) # To do: Launch a Notification message additional_info = {'system_id': system_id, 'system_ip': system_ip} additional_info = json.dumps(additional_info) success, result = insert_current_status_message( "00000000-0000-0000-0000-000000010018", system_id, "system", additional_info) if not success: return False, str(result) + " " + str(e) else: return False, str(e) notifier.info("Backup successfully made " + "[%s - %s]" % (system_ip, backup_type)) # To do: Launch a Notification message # Rotate if rotate: success, result = rotate_backups(system_id, backup_type, 10) if not success: notifier.warning("Error Rotating %s " % backup_type + "backups in %s" % (system_id)) else: notifier.info("Backups rotated successfully") # Refresh cache try: get_backup_list(system_id=system_id, backup_type=backup_type, no_cache=True) except Exception as e: error_msg = "Error when trying to flush the cache " \ "after deleting backups: %s" % str(e) notifier.warning(error_msg) return True, None
def make_system_backup(system_id, backup_type, rotate=True, retry=True, method="auto", backup_pass=""): """ Run backup_type for system_id :param system_id :param backup_type """ success, system_ip = get_system_ip_from_system_id(system_id) if not success: return False, system_ip # here system_ip contains an error msg additional_info = json.dumps({'system_id': system_id, 'system_ip': system_ip}) if not backup_pass or backup_pass == 'NULL': msg = 'Password for configuration backups was not set. Backups will be disabled...' notifier.warning(msg) insert_current_status_message("00000000-0000-0000-0000-000000010039", system_id, "system", additional_info=additional_info) return False, msg try: notifier.info("Running Backup [%s - %s]" % (system_ip, backup_type)) if retry: # This kind of backup is always auto. make_system_backup_by_system_ip_with_retry(system_ip, backup_type, backup_pass=backup_pass) else: make_system_backup_by_system_ip(system_ip, backup_type, method=method, backup_pass=backup_pass) except Exception as e: notifier.error("Backup fails [%s - %s]: %s" % (system_ip, backup_type, str(e))) # To do: Launch a Notification message success, result = insert_current_status_message("00000000-0000-0000-0000-000000010018", system_id, "system", additional_info=additional_info) if not success: return False, str(result) + " " + str(e) else: return False, str(e) notifier.info("Backup successfully made [%s - %s]" % (system_ip, backup_type)) # To do: Launch a Notification message # Rotate if rotate: success, result = rotate_backups(system_id, backup_type, 10) if not success: notifier.warning("Error Rotating %s backups in %s" % (backup_type, system_id)) else: notifier.info("Backups rotated successfully") # Refresh cache try: get_backup_list(system_id=system_id, backup_type=backup_type, no_cache=True) except Exception as e: error_msg = "Error when trying to flush the cache after deleting backups: %s" % str(e) notifier.warning(error_msg) return True, None
def start(self): try: self.remove_monitor_data() rc, system_list = get_systems(directly_connected=False) if not rc: logger.error("Can't retrieve systems..%s" % str(system_list)) return False for (system_id, system_ip) in system_list: success, sensor_id = get_sensor_id_from_system_id(system_id) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "get_sensor_id_from_system_id failed for system %s (%s)" % (system_ip, system_id)) sensor_id = None ha_name = None success, result = system_all_info(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "system_all_info failed for system %s (%s)" % (system_ip, system_id)) continue if 'ha_status' in result: ha_name = 'active' if result['ha_status'] == 'up' else 'passive' success, result = network_status(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "network_status failed for system %s (%s)" % (system_ip, system_id)) continue success, result = alienvault_status(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "alienvault_status failed for system %s (%s)" % (system_ip, system_id)) continue success, result = status_tunnel(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoreInfo] " "status_tunnel failed for system %s (%s)" % (system_ip, system_id)) continue success, result = get_system_config_general(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "get_system_config_general failed for system %s (%s)" % (system_ip, system_id)) continue hostname = result.get('general_hostname', None) if hostname is not None: success, hostname_old = db_get_hostname(system_id) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "db_get_hostname failed for system %s (%s)" % (system_ip, system_id)) continue if hostname == hostname_old: hostname = None # Getting config params from the system, # we do use this result var so do not change the order of the calls! success, config_alienvault = get_system_config_alienvault(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "get_system_config_alienvault failed for system %s (%s)" % (system_ip, system_id)) continue ha_ip = None ha_role = None if 'ha_ha_virtual_ip' in config_alienvault: ha_ip = config_alienvault['ha_ha_virtual_ip'] if not is_valid_ipv4(ha_ip): ha_ip = None if 'ha_ha_role' in config_alienvault: ha_role = config_alienvault['ha_ha_role'] if ha_role not in ['master', 'slave']: ha_role = None # Update interfaces cache success, result = get_interfaces(system_id, no_cache=True) if not success: continue # Update system setup data cache success, result = system_get(system_id, no_cache=True) if not success: continue vpn_ip = None if "ansible_tun0" in result: try: vpn_ip = result['ansible_tun0']['ipv4']['address'] except Exception: vpn_ip = None # Sensor exclusive if sensor_id is not None and sensor_id != '': self.__update_sensor_properties(sensor_id=sensor_id, config_alienvault=config_alienvault) # Refresh sensor plugins cache try: get_sensor_plugins(sensor_id, no_cache=True) except APIException: logger.warning("[MonitorRetrievesRemoteInfo] " "error getting plugins from sensor '{0}' {1}".format(sensor_id, system_ip)) if vpn_ip is not None: success, message = set_system_vpn_ip(system_id, vpn_ip) if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_vpn_ip failed: %s" % message) if ha_role is not None: success, message = set_system_ha_role(system_id, ha_role) if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message) else: success, message = set_system_ha_role(system_id, 'NULL') if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message) if ha_ip is not None: success, message = set_system_ha_ip(system_id, ha_ip) if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_ip: %s" % message) success, message = fix_system_references() if not success: logger.warning("[MonitorRetrievesRemoteInfo] fix_system_references: %s" % message) if ha_name is not None: success, message = set_system_ha_name(system_id, ha_name) if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_name failed: %s" % message) else: success, message = set_system_ha_ip(system_id, '') if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_ip failed: %s" % message) if hostname is not None: success, message = db_system_update_hostname(system_id, hostname) if not success: logger.warning("[MonitorRetrievesRemoteInfo] db_system_update_hostname failed: %s" % message) # Backups success, message = get_backup_list(system_id=system_id, backup_type="configuration", no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] get_backup_list failed: %s" % message) except Exception as err: api_log.error("Something wrong happened while running the MonitorRetrievesRemoteInfo monitor %s" % str(err)) return False return True