def init(self):
if not Template:
raise MissingDependencyError("jinja2")
if self.ssl:
self.smtp_class = smtplib.SMTP_SSL
else:
self.smtp_class = smtplib.SMTP
if not self.mail_from:
raise ConfigurationError("Mail", "No sender specified")
if not self.mail_to:
raise ConfigurationError("Mail", "No recipient specified")
if self.username and not self.password:
raise ConfigurationError(
"Server", "SMTP username provided, but not password")
if self.password and not self.username:
raise ConfigurationError(
"Server", "SMTP password provided, but not username")
self.smtp_authentication = self.username and self.password
self.templates = {
"subject": Template(self.subject),
"from": Template(self.mail_from),
"to": Template(self.mail_to),
"body": Template(self.body),
}
for tmpl in self.templates.values():
tmpl.globals.update({"from_json": json.loads})
self.templates["attachments"] = []
for att in self.attachments:
if "content-type" not in att:
self.logger.error(
"Attachment does not have a content-type, ignoring: %s.",
att)
continue
elif "text" not in att:
self.logger.error(
"Attachment does not have a text, ignoring: %s.", att)
continue
elif "name" not in att:
self.logger.error(
"Attachment does not have a name, ignoring: %s.", att)
continue
attachment_template = {
"content-type": Template(att["content-type"]),
"text": Template(att["text"]),
"name": Template(att["name"])
}
for tmpl in attachment_template.values():
tmpl.globals.update({"from_json": json.loads})
self.templates["attachments"].append(attachment_template)
def get_tlds_domain_list(self):
if os.path.isfile(self.tlds_domains_list):
with open(self.tlds_domains_list) as file:
lines = {line.strip().lower() for line in file if not line.startswith('#')}
else:
raise ConfigurationError("File", f"TLD domain list file not found at {self.tlds_domains_list!r}.")
return lines
def init(self):
self.tmp = self._ensure_path(self.parameters.tmp)
self.dir = self._ensure_path(self.parameters.dir)
if os.stat(self.tmp).st_dev != os.stat(
self.dir).st_dev: # pragma: no cover (hard to test)
raise ConfigurationError(
"bot setup", "tmp and dir must reside on the same filesystem")
self.hostname = socket.gethostname()
self.pid = os.getpid()
def init(self):
self.cache = Cache(
self.parameters.redis_cache_host, self.parameters.redis_cache_port,
self.parameters.redis_cache_db, self.parameters.timeout,
getattr(self.parameters, "redis_cache_password", None))
self.filter_keys = getattr(self.parameters, "filter_keys", [])
self.filter_type = getattr(self.parameters, "filter_type", "whitelist")
self.bypass = getattr(self.parameters, "bypass", False)
self.timeout = getattr(self.parameters, "timeout", -1)
if self.timeout <= 0:
raise ConfigurationError(
'Timeout',
'Invalid timeout specified, use positive integer seconds.')
self.threshold = getattr(self.parameters, "threshold", -1)
if self.threshold <= 0:
raise ConfigurationError(
'Threshold',
'Invalid threshold specified, use positive integer count.')
self.add_keys = getattr(self.parameters, "add_keys", {})
def init(self):
if requests is None:
raise MissingDependencyError("requests")
self.retry_interval = getattr(self.parameters, "retry_interval", 5)
self.url = getattr(self.parameters, "url", None)
if not self.url:
raise ConfigurationError("Connection",
"No Splunk API URL specified")
self.auth_token = getattr(self.parameters, "auth_token", None)
if not self.auth_token:
raise ConfigurationError(
"Connection", "No Splunk API authorization token specified")
self.saved_search = getattr(self.parameters, "saved_search", None)
if not self.saved_search:
raise ConfigurationError("Search",
"No Splunk saved search specified")
self.search_parameters = getattr(self.parameters, "search_parameters",
{})
self.result_fields = getattr(self.parameters, "result_fields", {})
self.not_found = getattr(self.parameters, "not_found",
["warn", "send"])
if "send" in self.not_found and "drop" in self.not_found:
raise ConfigurationError(
"Processing",
"Cannot both drop and send messages without search results")
self.multiple_result_handling = getattr(self.parameters,
"multiple_result_handling",
["warn", "use_first", "send"])
if "limit" in self.multiple_result_handling and len(
self.multiple_result_handling) != 1:
raise ConfigurationError(
"Processing",
"Search results limited to one, no processing of multiple results possible"
)
if "send" in self.multiple_result_handling and "drop" in self.multiple_result_handling:
raise ConfigurationError(
"Processing",
"Cannot both drop and send messages with multiple search results"
)
if "ignore" in self.multiple_result_handling and "use_first" in self.multiple_result_handling:
raise ConfigurationError(
"Processing",
"Cannot both ignore and use multiple search results")
self.overwrite = getattr(self.parameters, "overwrite", None)
self.set_request_parameters()
self.http_header.update(
{"Authorization": "Bearer {}".format(self.auth_token)})
self.session = utils.create_request_session(self)
self.session.keep_alive = False
def parse(self, report):
if "format=csv" in report.get('feed.url'):
self.logger.error("Could not parse report in CSV format, only support XML format.")
raise ConfigurationError("runtime", "CleanMX Collector must have http_url"
" parameter pointing to XML format URL from the feed, instead CSV format."
" See NEWS file for more details.")
raw_report = utils.base64_decode(report.get('raw'))
document = ElementTree.fromstring(raw_report)
for entry in document.iter(tag='entry'):
entry_bytes = ElementTree.tostring(entry, encoding='utf-8', method='xml')
entry_str = entry_bytes.decode("utf-8")
yield entry_str
def init(self):
if requests is None:
raise MissingDependencyError("requests")
if self.url is None:
raise ConfigurationError("Connection",
"No Splunk API URL specified")
if self.auth_token is None:
raise ConfigurationError(
"Connection", "No Splunk API authorization token specified")
if self.saved_search is None:
raise ConfigurationError("Search",
"No Splunk saved search specified")
if "send" in self.not_found and "drop" in self.not_found:
raise ConfigurationError(
"Processing",
"Cannot both drop and send messages without search results")
if "limit" in self.multiple_result_handling and len(
self.multiple_result_handling) != 1:
raise ConfigurationError(
"Processing",
"Search results limited to one, no processing of multiple results possible"
)
if "send" in self.multiple_result_handling and "drop" in self.multiple_result_handling:
raise ConfigurationError(
"Processing",
"Cannot both drop and send messages with multiple search results"
)
if "ignore" in self.multiple_result_handling and "use_first" in self.multiple_result_handling:
raise ConfigurationError(
"Processing",
"Cannot both ignore and use multiple search results")
self.set_request_parameters()
self.http_header.update(
{"Authorization": "Bearer {}".format(self.auth_token)})
self.session = utils.create_request_session(self)
self.session.keep_alive = False
def init(self):
if not self.keys:
raise ConfigurationError('Key extraction', 'No keys specified.')
def init(self):
if self.timeout <= 0:
raise ConfigurationError('Timeout', 'Invalid timeout specified, use positive integer seconds.')
if self.threshold <= 0:
raise ConfigurationError('Threshold', 'Invalid threshold specified, use positive integer count.')
