def _format_feed_auto_updates(message, additional_info):
"""
Format message for automatic feed updates.
"""
system_name = 'USM SYSTEM'
updated_ips = failed_ips = ''
update_results = additional_info['update_results']
failed_date = message['creation_time'].strftime("%Y-%m-%d %H:%M:%S")
# Sort by updated_at date:
sorted_result_ips = sorted(update_results, key=lambda x: update_results[x].get('updated_at'))
for system_ip in sorted_result_ips:
update_data = update_results[system_ip]
name_success, name = db_get_hostname(update_data['system_id'])
updated_ips += '* {} ({}) on {} UTC\n'.format(name if name_success else system_name,
system_ip,
update_data['updated_at'])
if not update_data['result']:
failed_ips += '* {} ({}) on {} - {} UTC\n'.format(name if name_success else system_name,
system_ip,
update_data['updated_at'],
update_data['message'])
# replace the default with failed date of last update attempt.
failed_date = update_data['updated_at']
if additional_info['all_updated']:
message['message_actions'] = updated_ips
if additional_info['error_on_update']:
message['message_actions'] = failed_ips
message['message_title'] = message['message_title'].replace('DATE', failed_date)
def _format_feed_auto_updates(message, additional_info):
"""
Format message for automatic feed updates.
"""
system_name = 'USM SYSTEM'
updated_ips = failed_ips = ''
update_results = additional_info['update_results']
failed_date = message['creation_time'].strftime("%Y-%m-%d %H:%M:%S")
# Sort by updated_at date:
sorted_result_ips = sorted(
update_results, key=lambda x: update_results[x].get('updated_at'))
for system_ip in sorted_result_ips:
update_data = update_results[system_ip]
name_success, name = db_get_hostname(update_data['system_id'])
updated_ips += '* {} ({}) on {} UTC\n'.format(
name if name_success else system_name, system_ip,
update_data['updated_at'])
if not update_data['result']:
failed_ips += '* {} ({}) on {} - {} UTC\n'.format(
name if name_success else system_name, system_ip,
update_data['updated_at'], update_data['message'])
# replace the default with failed date of last update attempt.
failed_date = update_data['updated_at']
if additional_info['all_updated']:
message['message_actions'] = updated_ips
if additional_info['error_on_update']:
message['message_actions'] = failed_ips
message['message_title'] = message['message_title'].replace(
'DATE', failed_date)
def _format_system_name(message, additional_info):
"""
Format system name
"""
name_success, name = db_get_hostname(additional_info['system_id'])
message['message_title'] = message['message_title'].replace('SYSTEM_NAME', 'Unknown' if not name_success else name)
message['message_description'] = message['message_description'].replace('SYSTEM_NAME',
'Unknown' if not name_success else name)
def _format_system_name(message, additional_info):
"""
Format system name
"""
name_success, name = db_get_hostname(additional_info['system_id'])
message['message_title'] = message['message_title'].replace(
'SYSTEM_NAME', 'Unknown' if not name_success else name)
message['message_description'] = message['message_description'].replace(
'SYSTEM_NAME', 'Unknown' if not name_success else name)
def _format_system_name(message, additional_info):
"""
Format system name
"""
success, name = db_get_hostname(additional_info['system_id'])
if not success:
system_name = "Unknown"
else:
system_name = name
message['message_description'] = message['message_description'].replace('SYSTEM_NAME',
system_name)
def start(self):
try:
self.remove_monitor_data()
rc, system_list = get_systems(directly_connected=False)
if not rc:
logger.error("Can't retrieve systems..%s" % str(system_list))
return False
for (system_id, system_ip) in system_list:
success, sensor_id = get_sensor_id_from_system_id(system_id)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"get_sensor_id_from_system_id failed for system %s (%s)"
% (system_ip, system_id))
sensor_id = None
ha_name = None
success, result = system_all_info(system_id, no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"system_all_info failed for system %s (%s)" %
(system_ip, system_id))
continue
if 'ha_status' in result:
ha_name = 'active' if result[
'ha_status'] == 'up' else 'passive'
success, result = network_status(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"network_status failed for system %s (%s)" %
(system_ip, system_id))
continue
success, result = alienvault_status(system_id, no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"alienvault_status failed for system %s (%s)" %
(system_ip, system_id))
continue
success, result = status_tunnel(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoreInfo] "
"status_tunnel failed for system %s (%s)" %
(system_ip, system_id))
continue
success, result = get_system_config_general(system_id,
no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"get_system_config_general failed for system %s (%s)" %
(system_ip, system_id))
continue
hostname = result.get('general_hostname', None)
if hostname is not None:
success, hostname_old = db_get_hostname(system_id)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"db_get_hostname failed for system %s (%s)" %
(system_ip, system_id))
continue
if hostname == hostname_old:
hostname = None
# Getting config params from the system,
# we do use this result var so do not change the order of the calls!
success, config_alienvault = get_system_config_alienvault(
system_id, no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"get_system_config_alienvault failed for system %s (%s)"
% (system_ip, system_id))
continue
ha_ip = None
ha_role = None
if 'ha_ha_virtual_ip' in config_alienvault:
ha_ip = config_alienvault['ha_ha_virtual_ip']
if not is_valid_ipv4(ha_ip):
ha_ip = None
if 'ha_ha_role' in config_alienvault:
ha_role = config_alienvault['ha_ha_role']
if ha_role not in ['master', 'slave']:
ha_role = None
# Update interfaces cache
success, result = get_interfaces(system_id, no_cache=True)
if not success:
continue
# Update system setup data cache
success, result = system_get(system_id, no_cache=True)
if not success:
continue
vpn_ip = None
if "ansible_tun0" in result:
try:
vpn_ip = result['ansible_tun0']['ipv4']['address']
except Exception:
vpn_ip = None
# Sensor exclusive
if sensor_id is not None and sensor_id != '':
self.__update_sensor_properties(
sensor_id=sensor_id,
config_alienvault=config_alienvault)
# Refresh sensor plugins cache
try:
get_sensor_plugins(sensor_id, no_cache=True)
except APIException:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"error getting plugins from sensor '{0}' {1}".
format(sensor_id, system_ip))
if vpn_ip is not None:
success, message = set_system_vpn_ip(system_id, vpn_ip)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_vpn_ip failed: %s"
% message)
if ha_role is not None:
success, message = set_system_ha_role(system_id, ha_role)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s"
% message)
else:
success, message = set_system_ha_role(system_id, 'NULL')
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s"
% message)
if ha_ip is not None:
success, message = set_system_ha_ip(system_id, ha_ip)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_ip: %s"
% message)
success, message = fix_system_references()
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] fix_system_references: %s"
% message)
if ha_name is not None:
success, message = set_system_ha_name(
system_id, ha_name)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_name failed: %s"
% message)
else:
success, message = set_system_ha_ip(system_id, '')
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_ip failed: %s"
% message)
if hostname is not None:
success, message = db_system_update_hostname(
system_id, hostname)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] db_system_update_hostname failed: %s"
% message)
# Backups
success, message = get_backup_list(system_id=system_id,
backup_type="configuration",
no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] get_backup_list failed: %s"
% message)
except Exception as err:
api_log.error(
"Something wrong happened while running the MonitorRetrievesRemoteInfo monitor %s"
% str(err))
return False
return True
def start(self):
try:
self.remove_monitor_data()
rc, system_list = get_systems(directly_connected=False)
if not rc:
logger.error("Can't retrieve systems..%s" % str(system_list))
return False
for (system_id, system_ip) in system_list:
success, sensor_id = get_sensor_id_from_system_id(system_id)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"get_sensor_id_from_system_id failed for system %s (%s)" % (system_ip, system_id))
sensor_id = None
ha_name = None
success, result = system_all_info(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"system_all_info failed for system %s (%s)" % (system_ip, system_id))
continue
if 'ha_status' in result:
ha_name = 'active' if result['ha_status'] == 'up' else 'passive'
success, result = network_status(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"network_status failed for system %s (%s)" % (system_ip, system_id))
continue
success, result = alienvault_status(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"alienvault_status failed for system %s (%s)" % (system_ip, system_id))
continue
success, result = status_tunnel(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoreInfo] "
"status_tunnel failed for system %s (%s)" % (system_ip, system_id))
continue
success, result = get_system_config_general(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"get_system_config_general failed for system %s (%s)" % (system_ip, system_id))
continue
hostname = result.get('general_hostname', None)
if hostname is not None:
success, hostname_old = db_get_hostname(system_id)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"db_get_hostname failed for system %s (%s)" % (system_ip, system_id))
continue
if hostname == hostname_old:
hostname = None
# Getting config params from the system,
# we do use this result var so do not change the order of the calls!
success, config_alienvault = get_system_config_alienvault(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"get_system_config_alienvault failed for system %s (%s)" % (system_ip, system_id))
continue
ha_ip = None
ha_role = None
if 'ha_ha_virtual_ip' in config_alienvault:
ha_ip = config_alienvault['ha_ha_virtual_ip']
if not is_valid_ipv4(ha_ip):
ha_ip = None
if 'ha_ha_role' in config_alienvault:
ha_role = config_alienvault['ha_ha_role']
if ha_role not in ['master', 'slave']:
ha_role = None
# Update interfaces cache
success, result = get_interfaces(system_id, no_cache=True)
if not success:
continue
# Update system setup data cache
success, result = system_get(system_id, no_cache=True)
if not success:
continue
vpn_ip = None
if "ansible_tun0" in result:
try:
vpn_ip = result['ansible_tun0']['ipv4']['address']
except Exception:
vpn_ip = None
# Sensor exclusive
if sensor_id is not None and sensor_id != '':
self.__update_sensor_properties(sensor_id=sensor_id,
config_alienvault=config_alienvault)
# Refresh sensor plugins cache
try:
get_sensor_plugins(sensor_id, no_cache=True)
except APIException:
logger.warning("[MonitorRetrievesRemoteInfo] "
"error getting plugins from sensor '{0}' {1}".format(sensor_id, system_ip))
if vpn_ip is not None:
success, message = set_system_vpn_ip(system_id, vpn_ip)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_vpn_ip failed: %s" % message)
if ha_role is not None:
success, message = set_system_ha_role(system_id, ha_role)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message)
else:
success, message = set_system_ha_role(system_id, 'NULL')
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message)
if ha_ip is not None:
success, message = set_system_ha_ip(system_id, ha_ip)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_ip: %s" % message)
success, message = fix_system_references()
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] fix_system_references: %s" % message)
if ha_name is not None:
success, message = set_system_ha_name(system_id, ha_name)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_name failed: %s" % message)
else:
success, message = set_system_ha_ip(system_id, '')
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_ip failed: %s" % message)
if hostname is not None:
success, message = db_system_update_hostname(system_id, hostname)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] db_system_update_hostname failed: %s" % message)
# Backups
success, message = get_backup_list(system_id=system_id,
backup_type="configuration",
no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] get_backup_list failed: %s" % message)
except Exception as err:
api_log.error("Something wrong happened while running the MonitorRetrievesRemoteInfo monitor %s" % str(err))
return False
return True