def get_agent_conf(group_id=None, offset=0, limit=common.database_limit, filename=None):
"""
Returns agent.conf as dictionary.
:return: agent.conf as dictionary.
"""
if group_id:
if not Agent.group_exists(group_id):
raise WazuhException(1710, group_id)
agent_conf = "{0}/{1}".format(common.shared_path, group_id)
if filename:
agent_conf_name = filename
else:
agent_conf_name = 'agent.conf'
agent_conf += "/{0}".format(agent_conf_name)
if not os_path.exists(agent_conf):
raise WazuhException(1006, agent_conf)
try:
# Read XML
xml_data = load_wazuh_xml(agent_conf)
# Parse XML to JSON
data = _agentconf2json(xml_data)
except Exception as e:
raise WazuhException(1101, str(e))
return {'totalItems': len(data), 'items': cut_array(data, offset, limit)}
def get_file_conf(filename, group_id=None, type_conf=None, return_format=None):
"""
Returns the configuration file as dictionary.
:return: configuration file as dictionary.
"""
if group_id:
if not Agent.group_exists(group_id):
raise WazuhException(1710, group_id)
file_path = "{0}/{1}".format(common.shared_path, filename) \
if filename == 'ar.conf' else \
"{0}/{1}/{2}".format(common.shared_path, group_id, filename)
else:
file_path = "{0}/{1}".format(common.shared_path, filename)
if not os_path.exists(file_path):
raise WazuhException(1006, file_path)
types = {
'conf': get_agent_conf,
'rootkit_files': _rootkit_files2json,
'rootkit_trojans': _rootkit_trojans2json,
'rcl': _rcl2json
}
data = {}
if type_conf:
if type_conf in types:
if type_conf == 'conf':
data = types[type_conf](group_id,
limit=None,
filename=filename)
else:
data = types[type_conf](file_path)
else:
raise WazuhException(
1104, "{0}. Valid types: {1}".format(type_conf, types.keys()))
else:
if filename == "agent.conf":
data = get_agent_conf(group_id,
limit=None,
filename=filename,
return_format=return_format)
elif filename == "rootkit_files.txt":
data = _rootkit_files2json(file_path)
elif filename == "rootkit_trojans.txt":
data = _rootkit_trojans2json(file_path)
elif filename == "ar.conf":
data = _ar_conf2json(file_path)
else:
data = _rcl2json(file_path)
return data
def get_agent_conf(group_id=None,
offset=0,
limit=common.database_limit,
filename=None,
return_format=None):
"""
Returns agent.conf as dictionary.
:return: agent.conf as dictionary.
"""
if group_id:
if not Agent.group_exists(group_id):
raise WazuhException(1710, group_id)
agent_conf = "{0}/{1}".format(common.shared_path, group_id)
if filename:
agent_conf_name = filename
else:
agent_conf_name = 'agent.conf'
agent_conf += "/{0}".format(agent_conf_name)
if not os_path.exists(agent_conf):
raise WazuhException(1006, agent_conf)
try:
# Read RAW file
if agent_conf_name == 'agent.conf' and return_format and 'xml' == return_format.lower(
):
with open(agent_conf, 'r') as xml_data:
data = xml_data.read().replace('\n', '')
return data
# Parse XML to JSON
else:
# Read XML
xml_data = load_wazuh_xml(agent_conf)
data = _agentconf2json(xml_data)
except Exception as e:
raise WazuhException(1101, str(e))
return {'totalItems': len(data), 'items': cut_array(data, offset, limit)}
def get_agent_conf(group_id=None,
offset=0,
limit=common.database_limit,
filename=None):
"""
Returns agent.conf as dictionary.
:return: agent.conf as dictionary.
"""
if group_id:
if not Agent.group_exists(group_id):
raise WazuhException(1710, group_id)
agent_conf = "{0}/{1}".format(common.shared_path, group_id)
if filename:
agent_conf_name = filename
else:
agent_conf_name = 'agent.conf'
agent_conf += "/{0}".format(agent_conf_name)
if not os_path.exists(agent_conf):
raise WazuhException(1006, agent_conf)
try:
# wrap the data
f = open(agent_conf)
txt_data = f.read()
txt_data = txt_data.replace(" -- ", " -INVALID_CHAR ")
f.close()
txt_data = '<root_tag>' + txt_data + '</root_tag>'
# Read XML
xml_data = fromstring(txt_data)
# Parse XML to JSON
data = _agentconf2json(xml_data)
except:
raise WazuhException(1101)
return {'totalItems': len(data), 'items': cut_array(data, offset, limit)}
def upload_group_configuration(group_id, file_content):
"""
Updates group configuration
:param group_id: Group to update
:param file_content: File content of the new configuration in a string.
:return: Confirmation message.
"""
# check if the group exists
if not Agent.group_exists(group_id):
raise WazuhException(1710)
# path of temporary files for parsing xml input
tmp_file_path = '{}/tmp/api_tmp_file_{}_{}.xml'.format(
common.ossec_path, time.time(), random.randint(0, 1000))
# create temporary file for parsing xml input and validate XML format
try:
with open(tmp_file_path, 'w') as tmp_file:
# beauty xml file
xml = parseString('<root>' + file_content + '</root>')
# remove first line (XML specification: <? xmlversion="1.0" ?>), <root> and </root> tags, and empty lines
pretty_xml = '\n'.join(
filter(lambda x: x.strip(),
xml.toprettyxml(indent=' ').split('\n')[2:-2])) + '\n'
# revert xml.dom replacings
# (https://github.com/python/cpython/blob/8e0418688906206fe59bd26344320c0fc026849e/Lib/xml/dom/minidom.py#L305)
pretty_xml = pretty_xml.replace("&", "&").replace("<", "<").replace(""", "\"",)\
.replace(">", ">")
tmp_file.write(pretty_xml)
except Exception as e:
raise WazuhException(1113, str(e))
try:
# check Wazuh xml format
try:
subprocess.check_output([
'{}/bin/verify-agent-conf'.format(common.ossec_path), '-f',
tmp_file_path
],
stderr=subprocess.STDOUT)
except subprocess.CalledProcessError as e:
# extract error message from output.
# Example of raw output
# 2019/01/08 14:51:09 verify-agent-conf: ERROR: (1230): Invalid element in the configuration: 'agent_conf'.\n2019/01/08 14:51:09 verify-agent-conf: ERROR: (1207): Syscheck remote configuration in '/var/ossec/tmp/api_tmp_file_2019-01-08-01-1546959069.xml' is corrupted.\n\n
# Example of desired output:
# Invalid element in the configuration: 'agent_conf'. Syscheck remote configuration in '/var/ossec/tmp/api_tmp_file_2019-01-08-01-1546959069.xml' is corrupted.
output_regex = re.findall(
pattern=
r"\d{4}\/\d{2}\/\d{2} \d{2}:\d{2}:\d{2} verify-agent-conf: ERROR: "
r"\(\d+\): ([\w \/ \_ \- \. ' :]+)",
string=e.output.decode())
if output_regex:
raise WazuhException(1114, ' '.join(output_regex))
else:
raise WazuhException(1115, e.output.decode())
except Exception as e:
raise WazuhException(1743, str(e))
# move temporary file to group folder
try:
new_conf_path = "{}/{}/agent.conf".format(common.shared_path,
group_id)
move(tmp_file_path, new_conf_path)
except Exception as e:
raise WazuhException(1017, str(e))
return 'Agent configuration was updated successfully'
except Exception as e:
# remove created temporary file
remove(tmp_file_path)
raise e