def add_ha_system(system_ip, password, add_to_database=True):
"""
Add an HA system using system ip.
Args:
system_ip (str): IP address of the system to add to HA
password (str): root password of the system to add
Returns:
success (bool): True if OK, False elsewhere
response (str): Result message
"""
# Get local IP
(success, local_system_id) = get_system_id_from_local()
if not success:
error_msg = "[add_ha_system] Something wrong happened retrieving " + \
"the local system id"
return success, error_msg
# Exchange certificates
(success, response) = ansible_add_system(local_system_id=local_system_id,
remote_system_ip=system_ip,
password=password)
if not success:
api_log.error(response)
return success, "Something wrong happened adding the system"
# Get remote system info
(success, system_info) = ansible_get_system_info(system_ip)
if not success:
api_log.error(system_info)
return success, "Something wrong happened getting the system info"
# Insert system into the database
if not system_info['admin_ip']:
system_info['admin_ip'] = system_ip
if add_to_database:
profile_str = ','.join(system_info['profile'])
(success, msg) = db_add_system(system_id=system_info['system_id'],
name=system_info['hostname'],
admin_ip=system_info['admin_ip'],
vpn_ip=system_info['vpn_ip'],
profile=profile_str,
server_id=system_info['server_id'],
sensor_id=system_info['sensor_id'])
if not success:
api_log.error(msg)
error_msg = "Something wrong happened inserting " + \
"the system into the database"
return (False, error_msg)
return success, response
def add_ha_system(system_ip, password, add_to_database=True):
"""
Add an HA system using system ip.
Args:
system_ip (str): IP address of the system to add to HA
password (str): root password of the system to add
Returns:
success (bool): True if OK, False elsewhere
response (str): Result message
"""
# Get local IP
(success, local_system_id) = get_system_id_from_local()
if not success:
error_msg = "[add_ha_system] Something wrong happened retrieving " + \
"the local system id"
return success, error_msg
# Exchange certificates
(success, response) = ansible_add_system(local_system_id=local_system_id,
remote_system_ip=system_ip,
password=password)
if not success:
api_log.error(response)
return success, "Something wrong happened adding the system"
# Get remote system info
(success, system_info) = ansible_get_system_info(system_ip)
if not success:
api_log.error(system_info)
return success, "Something wrong happened getting the system info"
# Insert system into the database
if not system_info['admin_ip']:
system_info['admin_ip'] = system_ip
if add_to_database:
profile_str = ','.join(system_info['profile'])
(success, msg) = db_add_system(system_id=system_info['system_id'],
name=system_info['hostname'],
admin_ip=system_info['admin_ip'],
vpn_ip=system_info['vpn_ip'],
profile=profile_str,
server_id=system_info['server_id'],
sensor_id=system_info['sensor_id'])
if not success:
api_log.error(msg)
error_msg = "Something wrong happened inserting " + \
"the system into the database"
return (False, error_msg)
return success, response
def add_system_from_ip(system_ip, password, add_to_database=True):
"""
Add a new system using system ip.
"""
(success, local_system_id) = get_system_id_from_local()
if not success:
error_msg = "Something wrong happened retrieving " + \
"the local system id"
return success, error_msg
(success, response) = ansible_add_system(local_system_id=local_system_id,
remote_system_ip=system_ip,
password=password)
if not success:
api_log.error(response)
return success, response
(success, system_info) = ansible_get_system_info(system_ip)
if not success:
api_log.error(system_info)
return success, "Something wrong happened getting the system info"
sensor_id = None
if 'server' in system_info['profile']:
# - Do not add the child server when I'm myself
if system_info['server_id'] != local_system_id:
success, msg = add_child_server(system_ip,
system_info['server_id'])
if not success:
api_log.error(str(msg))
error_msg = "Something wrong happened setting the child server"
return False, error_msg
if 'sensor' in system_info['profile']:
if 'server' in system_info['profile'] and system_info['sensor_id']:
# sensor and sensor profiles come with its own sensor_id
sensor_id = system_info['sensor_id']
else:
# get sensor_id from ip
sensor_ip = system_ip
if system_info['vpn_ip']:
sensor_ip = system_info['vpn_ip']
(success, sensor_id) = get_sensor_id_from_sensor_ip(sensor_ip)
if not success:
api_log.error(str(sensor_id))
sensor_id = None
system_info['sensor_id'] = sensor_id
if not system_info['admin_ip']:
system_info['admin_ip'] = system_ip
if system_info['admin_ip'] != system_ip:
# We're natted
system_info['admin_ip'] = system_ip
if add_to_database:
profile_str = ','.join(system_info['profile'])
(success, msg) = db_add_system(system_id=system_info['system_id'],
name=system_info['hostname'],
admin_ip=system_info['admin_ip'],
vpn_ip=system_info['vpn_ip'],
profile=profile_str,
server_id=system_info['server_id'],
sensor_id=system_info['sensor_id'])
if not success:
api_log.error(msg)
error_msg = "Something wrong happened inserting " + \
"the system into the database"
return (False, error_msg)
else:
result, _ = get_system_ip_from_system_id (system_info['system_id'])
if not result:
error_msg = "System was not inserted, cannot continue"
return (False, error_msg)
# Now that the system is in the database, check if it is a server and
# open the firewall, if it is required.
if 'server' in system_info['profile']:
trigger_success, msg = fire_trigger(system_ip="127.0.0.1",
trigger="alienvault-add-server")
if not trigger_success:
api_log.error(msg)
(success, msg) = create_directory_for_ossec_remote(system_info['system_id'])
if not success:
api_log.error(msg)
return (False, msg)
return (True, system_info)
def add_system_from_ip(system_ip, password, add_to_database=True):
"""
Add a new system using system ip.
"""
(success, local_system_id) = get_system_id_from_local()
if not success:
error_msg = "Something wrong happened retrieving " + \
"the local system id"
return success, error_msg
(success, response) = ansible_add_system(local_system_id=local_system_id,
remote_system_ip=system_ip,
password=password)
if not success:
api_log.error(response)
return success, response
(success, system_info) = ansible_get_system_info(system_ip)
if not success:
api_log.error(system_info)
return success, "Something wrong happened getting the system info"
sensor_id = None
if 'server' in system_info['profile']:
# - Do not add the child server when I'm myself
if system_info['server_id'] != local_system_id:
success, msg = add_child_server(system_ip,
system_info['server_id'])
if not success:
api_log.error(str(msg))
error_msg = "Something wrong happened setting the child server"
return False, error_msg
if 'sensor' in system_info['profile']:
if 'server' in system_info['profile'] and system_info['sensor_id']:
# sensor and sensor profiles come with its own sensor_id
sensor_id = system_info['sensor_id']
else:
# get sensor_id from ip
sensor_ip = system_ip
if system_info['vpn_ip']:
sensor_ip = system_info['vpn_ip']
(success, sensor_id) = get_sensor_id_from_sensor_ip(sensor_ip)
if not success:
api_log.error(str(sensor_id))
sensor_id = None
system_info['sensor_id'] = sensor_id
if not system_info['admin_ip']:
system_info['admin_ip'] = system_ip
if system_info['admin_ip'] != system_ip:
# We're natted
system_info['admin_ip'] = system_ip
if add_to_database:
profile_str = ','.join(system_info['profile'])
(success, msg) = db_add_system(system_id=system_info['system_id'],
name=system_info['hostname'],
admin_ip=system_info['admin_ip'],
vpn_ip=system_info['vpn_ip'],
profile=profile_str,
server_id=system_info['server_id'],
sensor_id=system_info['sensor_id'])
if not success:
api_log.error(msg)
error_msg = "Something wrong happened inserting " + \
"the system into the database"
return (False, error_msg)
else:
result, _ = get_system_ip_from_system_id(system_info['system_id'])
if not result:
error_msg = "System was not inserted, cannot continue"
return (False, error_msg)
# Now that the system is in the database, check if it is a server and
# open the firewall, if it is required.
if 'server' in system_info['profile']:
trigger_success, msg = fire_trigger(system_ip="127.0.0.1",
trigger="alienvault-add-server")
if not trigger_success:
api_log.error(msg)
(success,
msg) = create_directory_for_ossec_remote(system_info['system_id'])
if not success:
api_log.error(msg)
return (False, msg)
return (True, system_info)
def add_system_from_ip(system_ip, password, add_to_database=True):
"""
Add a new system usign system ip.
"""
(success, local_system_id) = get_system_id_from_local()
if not success:
return success, "Something wrong happened retrieving the local system id"
(success, response) = ansible_add_system(local_system_id=local_system_id,
remote_system_ip=system_ip,
password=password)
if not success:
api_log.error(response)
return success, response
(success, system_info) = ansible_get_system_info(system_ip)
if not success:
api_log.error(system_info)
return success, "Something wrong happened getting the system info"
sensor_id = None
if 'server' in system_info['profile']:
# - Do not add the child server when I'm myself
if system_info['server_id'] != local_system_id:
success, msg = add_child_server(system_ip, system_info['server_id'])
if not success:
api_log.error(str(msg))
return False, "Something wrong happened setting the child server"
if 'sensor' in system_info['profile']:
if 'server' in system_info['profile'] and system_info['sensor_id']:
# sensor and sensor profiles come with its own sensor_id
sensor_id = system_info['sensor_id']
else:
# get sensor_id from ip
sensor_ip = system_ip
if system_info['vpn_ip']:
sensor_ip = system_info['vpn_ip']
(success, sensor_id) = get_sensor_id_from_sensor_ip(sensor_ip)
if not success:
api_log.error(str(sensor_id))
sensor_id = None
system_info['sensor_id'] = sensor_id
if not system_info['admin_ip']:
system_info['admin_ip'] = system_ip
if add_to_database:
profile_str = ','.join(system_info['profile'])
(success, msg) = db_add_system(system_id=system_info['system_id'],
name=system_info['hostname'],
admin_ip=system_info['admin_ip'],
vpn_ip=system_info['vpn_ip'],
profile=profile_str,
server_id=system_info['server_id'],
sensor_id=system_info['sensor_id'])
if not success:
api_log.error(msg)
return (False, "Something wrong happened inserting the system into the database")
(success, msg) = create_directory_for_ossec_remote(system_info['system_id'])
if not success:
api_log.error(msg)
return (False, msg)
return (True, system_info)