def __createDefaultEntryForAuditor(filePath, auditorType): try: with open(filePath, "r") as f: auditorBodystr = f.read() auditorName = auditorType + '_default' auditor = dict() auditor.update({'auditor_type': auditorType}) auditor.update({'auditor_name': auditorName}) #auditor.update({'auditor_body': auditorBody}) blobdata = base64.b64encode(bytes(auditorBodystr, 'utf-8')).decode('ascii') metadata = dict() metadata.update({'auditor_type': auditorType}) metadata.update({'cluster': None}) #resp = post_request_ver2('auditors', json.dumps(auditor), auditorName, metadata) post_request_ver2('auditors', data=json.dumps(auditor), identity=auditorName, metadata=metadata, blob=blobdata) print('successful for {}'.format(auditorType)) return None except Exception as e: exc_type, exc_obj, exc_tb = sys.exc_info() fname = os.path.split(exc_tb.tb_frame.f_code.co_filename)[1] print("!!!! Exception while reading default yaml !!!!") print(exc_type, fname, exc_tb.tb_lineno) print(e)
def createSecurityPostureGraph(self, postureName, jsonDoc, orgName="Aricent"): print("In createSecurityPostureGraph") org = GphDB.getGphObject(orgName, Organization) resp = [{"result": "Failure", "error": "Service error"}] try: if org: print("Store posture in EL DB") res_url = post_request_ver2('securityposture', json.dumps(jsonDoc), postureName) print("Create posture in Graph-DB") posture = GphDB.addGphObject( SecurityPosture(name=postureName, documentLink=res_url, version='1.0')) print("Added Posture %s in GraphDB" % (postureName)) org.implementsSecPolPosture.connect(posture) print("Connected Posture %s to Org %s in GraphDB" % (postureName, org.name)) try: self.__createSecPosInGphDBv2(jsonDoc, org, posture) except Exception as e: exc_type, exc_obj, exc_tb = sys.exc_info() fname = os.path.split( exc_tb.tb_frame.f_code.co_filename)[1] print("!!! Exception in createSecPosInGphDB !!!") print(exc_type, fname, exc_tb.tb_lineno) print(e) sys.stdout.flush() valNodes = list(jsonDoc['operators'].values()) if valNodes: print("Looking for policies in posture %s" % (postureName)) for nd in valNodes: if nd['nodeType'] == 'Policies' or nd[ 'nodeType'] == 'Security Configurations': # Note: Add 'type' and 'name' as a property in sample-posture JSON pol = GphDB.getGphObject( nd['properties']['name'], replaceNonAlNum(nd["nodeType"])) if pol: posture.usesPolicy.connect(pol) print("Connected posture with Policy : ", nd['properties']['name']) else: print("Posture has an Unknown Policy : ", nd['properties']['name']) resp = [{"result": "Success", "error": None}] else: print("Organization %s was not found in graph-DB" % (orgName)) resp = [{"result": "Failure", "error": "No such Organization"}] print("----createSecurityPostureGraph END ------") finally: print("Finished Creating EVA-Map objects for %s" % (postureName)) print(resp) sys.stdout.flush() return resp
def message_handler(msg): subject = msg.subject reply = msg.reply data = msg.data.decode() print( "Received a message on message_handler'{subject} {reply}': {data}" .format(subject=subject, reply=reply, data=data)) print("\n\ntype of data {}".format(str(type(data)))) #yield from nc.publish(reply, bytes('I can help', 'utf-8')) report = json.loads(data) metadata = dict() metadata.update({'auditor_type': report['auditor_type']}) metadata.update({'cluster': report['cluster']}) post_request_ver2('audit_reports', json.dumps(report), None, metadata) print("************* data saved ************** ")
async def __reportHandler(self, msg): print("Received message on Topic: {subject} : Data {data}".format( subject=msg.subject, data=msg.data.decode())) report = json.loads(msg.data.decode()) metadata = dict() metadata.update({'auditor_type': report['auditor_type']}) metadata.update({'cluster': report['cluster']}) post_request_ver2('audit_reports', json.dumps(report), None, metadata) print('******** successfuly saved report in elastic DB ********') #Update the runstate in DB runstate = Auditor.finishedAuditorRun(report['auditor_type'], report['cluster']) print('******** successfuly updated status in registry *********') cluster_auditor_id = report['auditor_type'] + '_' + report['cluster'] cluster_auditor_entry = get_document_by_id_ver2( 'auditor_cluster_registry', urllib.parse.quote_plus(cluster_auditor_id)) update_object = {'jsondoc': {'runState': runstate}} cluster_auditor_entry['runState'] = runstate update_document('auditor_cluster_registry', cluster_auditor_id, update_object) print( '******* successfuly updated auditor_cluster_registry in elastic DB *******' ) audiInGph = GphDB.getGphObject(cluster_auditor_id, AuditorInstance) if audiInGph: audiInGph.state = runstate audiInGph.save() print('******** successfuly updated status in GphDB ********') print("************* data saved ************** ")
def __agentHandler(self, msg): #async def __agentHandler(self, msg): print("Received message on Topic: {subject} : Data {data}".format( subject=msg.subject, data=msg.data.decode())) agent_data = json.loads(msg.data.decode()) CloudId = agent_data['cloudId'] agent_token = agent_data['token'] if str(CloudId) in CloudConfig.cloud: if agent_token == CloudConfig.cloud[str(CloudId)]['auth_token']: ran_str = ''.join( random.choice(string.ascii_letters) for i in range(20)) queue_name = ran_str + str(CloudId) agent_obj = get_document_by_id('agents', str(CloudId)) if 'found' not in agent_obj.keys( ) or not agent_obj.get('found'): agent = dict() agent.update({'agent_name': 'Agent_' + str(CloudId)}) agent.update({'cloud_id': str(CloudId)}) agent.update({'agent_queue': queue_name}) agent.update({'status': 'ready'}) post_request_ver2('agents', json.dumps(agent), str(CloudId), None) else: update_object = {'jsondoc': {'agent_queue': queue_name}} update_document('agents', str(CloudId), update_object) print('success......queue name....{}'.format(queue_name)) resp_dict = { 'status': 'SUCCESS', 'queue_name': queue_name, 'auditors': [] } response = json.dumps(resp_dict) """ print("Fetch Clusters for Cloud-Id : %s" %(CloudId)) clstr = GphDB.getClusterByCloudid(str(CloudId)) print('clusters received....: %s' %(clstr)) print('type of cluster...{}'.format(type(clstr))) print(clstr) #pdb.set_trace() auditor_list = [] for clr in clstr: query_dict = {'metadata.cluster': clr.replace("/"," AND ")} res = search_index_using_querystring('auditors', query_dict) #res = json.loads(auditors)['hits']['hits'] print('res.....{}'.format(res)) if res: for obj in res: yaml_str = base64.b64decode(obj['_source']['blob']).decode('ascii') yaml_obj = list(yaml.load_all(yaml_str)) #auditor_name = urllib.parse.unquote_plus(obj['_source']['jsondoc']['auditor_name']) #obj['_source']['jsondoc'].update({'auditor_name' : auditor_name}) obj['_source']['jsondoc'].update({'auditor_body' : yaml_obj}) auditor_list.append(obj['_source']['jsondoc']) resp_dict['auditors'] = auditor_list print('auditor_list.................{}'.format(auditor_list)) print('***** length of auditor_list.................{}'.format(len(auditor_list))) """ else: response = json.dumps({ 'status': 'FAILED', 'message': 'Authentication failed' }) else: response = json.dumps({ 'status': 'FAILED', 'message': 'Cloud not found' }) yield from self.__natsClient.publish(msg.reply, bytes(response, 'utf-8')) print("************* data saved ************** ") """
def createAuditorAndMapCluster(self, requestData): print("***** Enter Method - " + str(datetime.now())) sys.stdout.flush() auditorType = requestData['auditorType'] postureName = requestData['postureName'] auditorBody = requestData['auditorBody'] clusters = requestData['clusters'] auditorRelations = [] relationDict = dict() for cluster in clusters: ''' Create the Auditors in Databse''' auditorName = auditorType + '_' + cluster auditor = dict() auditor.update({'auditor_type': auditorType}) auditor.update({'auditor_name': auditorName}) #auditor.update({'auditor_body' : auditorBody}) metadata = dict() metadata.update({'auditor_type': auditorType}) metadata.update({'cluster': cluster}) blob = base64.b64encode(bytes(auditorBody, 'utf-8')).decode('ascii') auditorUrl = post_request_ver2( 'auditors', json.dumps(auditor), urllib.parse.quote_plus(auditorName), metadata, blob) if auditorType == 'SDWANBranchSysCalls': try: cluster_obj = GphDB.getGphObject(cluster, Cluster) agent_obj = get_document_by_id_ver2( 'agents', str(cluster_obj.cloudId)) finaldata = {'purpose': 'SetConfig', 'data': []} aud_obj = dict() aud_obj.update({'auditor_type': auditorType}) aud_obj.update({'auditor_name': auditorName}) aud_obj.update( {'auditor_body': list(yaml.load_all(auditorBody))}) finaldata['data'].append(aud_obj) loop = asyncio.new_event_loop() loop.run_until_complete( RunAuditClass.publishAudit(loop, agent_obj['agent_queue'], json.dumps(finaldata))) loop.close() except Exception as e: print("Exception while setting config on agent : \n %s" % (e)) ''' Add the AuditorType-Auditor-Cluster relationships to the node graph''' relationData = dict() relationData.update({'cluster': cluster}) relationData.update({'auditorName': auditorName}) relationData.update({'auditorUrl': auditorUrl}) auditorRelations.append(relationData) ''' Update the Cluster Auditor Registry''' registryResp = Auditor.createAuditorInClusterRegistry( cluster, auditorType, auditorUrl) print("Registry entry created, Status - " + registryResp) ''' Add AuditorInstance to Graph DB ''' audInst = AuditorInstance(name=auditorName, documentLink=auditorUrl, state=registryResp).save() print("auditor instance saved to graph DB !!!") try: audiInGph = GphDB.getGphObject(auditorType, GphAuditor) audInst.instanceOf.connect(audiInGph) except Exception as e: print( "Exception while linkinf AuditorInstance to Auditor : \n %s" % (e)) ''' Update index to add Registry data''' registryEntry = { 'cluster': cluster, 'auditor_type': auditorType, 'config': auditorUrl, 'runState': registryResp, 'auditor_name': auditorName } post_request_ver2('auditor_cluster_registry', json.dumps(registryEntry), urllib.parse.quote_plus(auditorName), None) print("data saved to auditor_cluster_registry !!!") relationDict.update({'posture': postureName}) relationDict.update({'relations': auditorRelations}) #call the node graph method try: GphDB.addAudInstRelationsBulk(relationDict) except Exception as e: print( "Exception while linkinf AuditorInstance to Auditor : \n %s" % (e)) return "Success"