def __init__(self): self.__conf = OssimConf() self.__db = OssimDB(self.__conf[VAR_DB_HOST], self.__conf[VAR_DB_SCHEMA], self.__conf[VAR_DB_USER], self.__conf[VAR_DB_PASSWORD]) self.__stored_id = 0 self.__stored_num = 0 self.__header_id = 0 self.__ntop_apache_manager = ApacheNtopProxyManager(self.__conf) self.__last_ntop_link = "" threading.Thread.__init__(self)
def __init__(self): self.__conf = OssimConf(Const.CONFIG_FILE) self.__db = OssimDB() self.__stored_id = 0 self.__stored_num = 0 self.__header_id = 0 self.__ntop_apache_manager = ApacheNtopProxyManager(self.__conf) self.__last_ntop_link = "" threading.Thread.__init__(self)
def main(self): logger.info("Frameworkd is starting up...") conf = OssimConf (Const.CONFIG_FILE) ap = ApacheNtopProxyManager(conf) self.checkEncryptionKey(conf['ossim_host'],conf['ossim_base'],conf['ossim_user'],conf['ossim_pass']) logger.info("Check ntop proxy configuration ...") ap.refreshConfiguration() ap.close() t=None for c in self.__classes : conf_entry = "frameworkd_" + c.lower() logger.info("Conf entry:%s value: %s" % (conf_entry,conf[conf_entry])) if str(conf[conf_entry]).lower() in ('1', 'yes', 'true'): logger.info(c.upper() + " is enabled") #print conf_entry exec "from %s import %s" % (c, c) exec "t = %s()" % (c) t.start() else: logger.info(c.upper() + " is disabled") #Autodiscovery #Ntop if str(conf["network_auto_discovery"]) in ('1', 'yes', 'true'): logger.info("NtopDiscovery" + " is enabled") exec "from %s import %s" % ("NtopDiscovery", "NtopDiscovery") exec "t = %s()" % ("NtopDiscovery") t.start() #Nedi if str(conf["nedi_autodiscovery"]) in ('1', 'yes', 'true'): logger.info("nediDiscovery" + " is enabled") exec "from %s import %s" % ("nediDiscovery", "nediDiscovery") exec "t = %s()" % ("nediDiscovery") t.start()
def main(self): logger.info("Frameworkd is starting up...") self.checkEncryptionKey() from OssimConf import OssimConf conf = OssimConf (Const.CONFIG_FILE) logger.info("Check ntop proxy configuration ...") ap = ApacheNtopProxyManager(conf) ap.refreshConfiguration() for c in self.__classes : conf_entry = "frameworkd_" + c.lower() if str(conf[conf_entry]).lower() in ('1', 'yes', 'true'): logger.info(c.upper() + " is enabled") #print conf_entry exec "from %s import %s" % (c, c) exec "t = %s()" % (c) t.start() else: logger.info(c.upper() + " is disabled") #Autodiscovery #Ntop if str(conf["network_auto_discovery"]) in ('1', 'yes', 'true'): logger.info("NtopDiscovery" + " is enabled") exec "from %s import %s" % ("NtopDiscovery", "NtopDiscovery") exec "t = %s()" % ("NtopDiscovery") t.start() #Nedi if str(conf["nedi_autodiscovery"]) in ('1', 'yes', 'true'): logger.info("nediDiscovery" + " is enabled") exec "from %s import %s" % ("nediDiscovery", "nediDiscovery") exec "t = %s()" % ("nediDiscovery") t.start()
def __init__(self, conf): logger.debug("Initialising ControlManager...") self.control_agents = {} self.transaction_map = {} self.__myconf = conf self.__myDB = OssimDB(conf[VAR_DB_HOST], conf[VAR_DB_SCHEMA], conf[VAR_DB_USER], conf[VAR_DB_PASSWORD]) self.__myDB_connected = self.__myDB.connect () self.__transaction_timeout = 60 self.__ntop_apache_manager = ApacheNtopProxyManager(conf) self.__control = DoControl(self) self.__control.start() self.__ntop_configuration_checked = False self.__mutexRquest = Lock()
def handle(self): global controlmanager global bkmanager global asechandler self.__id = None logger.debug("Request from: %s:%i" % (self.client_address)) while 1: try: line = self.rfile.readline().rstrip('\n') if len(line) > 0: command = line.split()[0] # set sane default response response = "" # check if we are a "control" request message if command == "control": # spawn our control timer if controlmanager == None: controlmanager = ControlManager(OssimConf()) response = controlmanager.process(self, command, line) # otherwise we are some form of standard control message elif command == "nagios": if self.__nagiosmanager == None: self.__nagiosmanager = NagiosManager(OssimConf()) response = self.__nagiosmanager.process(line) elif command == "ping": response = "pong\n" elif command == "add_asset" or command == "remove_asset" or command == "refresh_asset_list": linebk = "" if controlmanager == None: controlmanager = ControlManager(OssimConf()) linebk = "action=\"refresh_asset_list\"\n" response = controlmanager.process(self, command, linebk) # elif command == "refresh_inventory_task": # if controlmanager == None: # controlmanager = ControlManager(OssimConf()) # response = controlmanager.process(self, command, linebk) elif command == "refresh_sensor_list": logger.info("Check ntop proxy configuration ...") ap = ApacheNtopProxyManager(OssimConf()) ap.refreshConfiguration() ap.close() elif command == "backup": if bkmanager == None: bkmanager= BackupRestoreManager(OssimConf()) response = bkmanager.process(line) elif command == "asec": if asechandler == None: asechandler = ASECHandler(OssimConf()) response = asechandler.process_web(self, line) elif command == "asec_m":#struct.unpack('!H',line[0:2])[0] == 0x1F1F: #it's a tlv if asechandler == None: asechandler = ASECHandler(OssimConf()) response = asechandler.process(self,line) elif command == "ws": [ws_data] = re.findall('ws_data=(.*)$', line) try: ws_json = json.loads(ws_data) logger.info("Received new WS: %s" % str(ws_json)) except Exception, msg: logger.warning ("WS json is invalid: '%s'" % line) else: if ws_json['ws_id'] != '': for ws_id in ws_json['ws_id'].split(','): try: ws_handler = WSHandler(OssimConf(), ws_id) except Exception, msg: logger.warning (msg) else: # response = ws_handler.process_json(ws_type, ws_data) response = ws_handler.process_json('insert', ws_json) else: logger.warning ("WS command does not contain a ws_id field: '%s'" % line) else: a = Action.Action(line) a.start() # Group Alarms #ag = AlarmGroup.AlarmGroup() #ag.start() # return the response as appropriate if len(response) > 0: self.wfile.write(response) line = ""
def handle(self): global controlmanager self.__id = None logger.debug("Request from: %s:%i" % (self.client_address)) while 1: try: line = self.rfile.readline().rstrip('\n') if len(line) > 0: command = line.split()[0] # set sane default response response = "" # check if we are a "control" request message if command == "control": # spawn our control timer if controlmanager == None: controlmanager = ControlManager(OssimConf(Const.CONFIG_FILE)) response = controlmanager.process(self, command, line) # otherwise we are some form of standard control message elif command == "nessus": if self.__nessusmanager == None: self.__nessusmanager = NessusManager response = self.__nessusmanager.process(line) elif command == "nagios": if self.__nagiosmanager == None: self.__nagiosmanager = NagiosManager(OssimConf(Const.CONFIG_FILE)) response = self.__nagiosmanager.process(line) elif command == "ping": response = "pong\n" elif command == "add_asset" or command == "remove_asset" or command == "refresh_asset_list": linebk = "" if controlmanager == None: controlmanager = ControlManager(OssimConf(Const.CONFIG_FILE)) linebk = "action=\"refresh_asset_list\"\n" response = controlmanager.process(self, command, linebk) elif command == "refresh_sensor_list": logger.info("Check ntop proxy configuration ...") ap = ApacheNtopProxyManager(OssimConf(Const.CONFIG_FILE)) ap.refreshConfiguration() else: a = Action.Action(line) a.start() # Group Alarms #ag = AlarmGroup.AlarmGroup() #ag.start() # return the response as appropriate if len(response) > 0: self.wfile.write(response) line = "" else: return except socket.error, e: logger.warning("Client disconnected..." ) except IndexError: logger.error("IndexError")
class Scheduler(threading.Thread): def __init__(self): self.__conf = OssimConf(Const.CONFIG_FILE) self.__db = OssimDB() self.__stored_id = 0 self.__stored_num = 0 self.__header_id = 0 self.__ntop_apache_manager = ApacheNtopProxyManager(self.__conf) self.__last_ntop_link = "" threading.Thread.__init__(self) def __check_last_db_id(self): db_last_id = self.__get_last_db_id() if db_last_id == self.__stored_id: # we're up to date return False return True def __check_db_scheduler_count(self): db_id_num = self.__get_db_scheduler_count() if db_id_num == self.__stored_num: # we're up to date return False return True def __get_last_db_id(self): query = "select max(id) as id from plugin_scheduler" hash = self.__db.exec_query(query) if hash != []: if hash[0]["id"] is not None: return hash[0]["id"] return 0 def __get_db_scheduler_count(self): query = "select count(id) as id from plugin_scheduler" hash = self.__db.exec_query(query) for row in hash: return row["id"] return 0 def __get_crontab(self): crontab = [] cmd = "crontab -l" output = os.popen(cmd) pattern = "#### OSSIM scheduling information, everything below this line will be erased. Last schedule:\s*\((\d+)\)\s* ####" for line in output.readlines(): result = re.findall(pattern, line) if result != []: # We fond our header. Let's see how many entries are in there and # return without the header line self.__header_id = result[0] output.close() return crontab else: # Just append the line crontab.append(line) # We didn't find the header output.close() return crontab def __set_crontab(self, crontab): if len(crontab) < 1: logger.debug( "Since at least the warning line has to be present, something went wrong if crontab has less than 1 entry. Not overwriting crontab" ) return False tmp_name = tempfile.mktemp(".ossim.scheduler") outfile = open(tmp_name, "w") try: for line in crontab: outfile.write(line) finally: outfile.close() cmd = "crontab %s" % tmp_name status = os.system(cmd) os.unlink(tmp_name) if status < 0: return False return True def run(self): self.__db.connect( self.__conf["ossim_host"], self.__conf["ossim_base"], self.__conf["ossim_user"], self.__conf["ossim_pass"] ) self.__last_ntop_link = self.__ntop_apache_manager.getNtopLink() while 1: try: new_ntop_link = self.__ntop_apache_manager.getNtopLink() if self.__last_ntop_link != new_ntop_link: self.__ntop_apache_manager.refreshDefaultNtopConfiguration(must_reload=True) # Check if we already have the latest DB id stored in memory # during this run if self.__check_last_db_id() == True or self.__check_db_scheduler_count() == True: # Let's fetch the crontab up until our header (if present) # and check if we have to recreate it crontab = self.__get_crontab() last_id = self.__get_last_db_id() id_num = self.__get_db_scheduler_count() for line in crontab: logger.debug(line.strip()) # Ok, we have to redo the crontab entry ossim_tag = ( "#### OSSIM scheduling information, everything below this line will be erased. Last schedule: (%d) ####" % int(last_id) ) logger.debug(ossim_tag) crontab.append(ossim_tag + "\n") query = "SELECT * FROM plugin_scheduler" hash = self.__db.exec_query(query) FRAMEWORKD_DIR = self.__conf["frameworkd_dir"] or "/usr/share/ossim-framework/ossimframework" for row in hash: donessus_command = ( "python " + os.path.join(FRAMEWORKD_DIR, "DoNessus.py") + " -i " + str(row["id"]) ) entry = "%s\t%s\t%s\t%s\t%s\t%s\n" % ( row["plugin_minute"], row["plugin_hour"], row["plugin_day_month"], row["plugin_month"], row["plugin_day_week"], donessus_command, ) crontab.append(entry) logger.debug(entry) logger.debug("Setting crontab") if self.__set_crontab(crontab) == True: logger.debug("Crontab successfully updated") self.__stored_id = self.__header_id = last_id self.__stored_num = id_num else: logger.debug("Crontab not updated, something went wrong (check output)") except Exception, e: logger.error(e) logger.debug("Iteration...") time.sleep(float(Const.SLEEP)) # never reached.. self.__db.close()
def handle(self): global controlmanager self.__id = None logger.debug("Request from: %s:%i" % (self.client_address)) while 1: try: line = self.rfile.readline().rstrip('\n') if len(line) > 0: command = line.split()[0] # set sane default response response = "" # check if we are a "control" request message if command == "control": # spawn our control timer if controlmanager == None: controlmanager = ControlManager( OssimConf(Const.CONFIG_FILE)) response = controlmanager.process(self, command, line) # otherwise we are some form of standard control message elif command == "nessus": if self.__nessusmanager == None: self.__nessusmanager = NessusManager response = self.__nessusmanager.process(line) elif command == "nagios": if self.__nagiosmanager == None: self.__nagiosmanager = NagiosManager( OssimConf(Const.CONFIG_FILE)) response = self.__nagiosmanager.process(line) elif command == "ping": response = "pong\n" elif command == "add_asset" or command == "remove_asset" or command == "refresh_asset_list": linebk = "" if controlmanager == None: controlmanager = ControlManager( OssimConf(Const.CONFIG_FILE)) linebk = "action=\"refresh_asset_list\"\n" response = controlmanager.process( self, command, linebk) elif command == "refresh_sensor_list": logger.info("Check ntop proxy configuration ...") ap = ApacheNtopProxyManager( OssimConf(Const.CONFIG_FILE)) ap.refreshConfiguration() else: a = Action.Action(line) a.start() # Group Alarms #ag = AlarmGroup.AlarmGroup() #ag.start() # return the response as appropriate if len(response) > 0: self.wfile.write(response) line = "" else: return except socket.error, e: logger.warning("Client disconnected...") except IndexError: logger.error("IndexError")
class Scheduler(threading.Thread): def __init__(self): self.__conf = OssimConf() self.__db = OssimDB(self.__conf[VAR_DB_HOST], self.__conf[VAR_DB_SCHEMA], self.__conf[VAR_DB_USER], self.__conf[VAR_DB_PASSWORD]) self.__stored_id = 0 self.__stored_num = 0 self.__header_id = 0 self.__ntop_apache_manager = ApacheNtopProxyManager(self.__conf) self.__last_ntop_link = "" threading.Thread.__init__(self) def __check_last_db_id(self): db_last_id = self.__get_last_db_id() if db_last_id == self.__stored_id: # we're up to date return False return True def __check_db_scheduler_count(self): db_id_num = self.__get_db_scheduler_count() if db_id_num == self.__stored_num: # we're up to date return False return True def __get_last_db_id(self): query = "select max(id) as id from plugin_scheduler" hash = self.__db.exec_query(query) if hash != []: if hash[0]["id"] is not None: return hash[0]["id"] return 0 def __get_db_scheduler_count(self): query = "select count(id) as id from plugin_scheduler" hash = self.__db.exec_query(query) for row in hash: return row["id"] return 0 def __get_crontab(self): crontab = [] cmd = "crontab -l" output = os.popen(cmd) pattern = "#### OSSIM scheduling information, everything below this line will be erased. Last schedule:\s*\((\d+)\)\s* ####" for line in output.readlines(): result = re.findall(pattern, line) if result != []: # We fond our header. Let's see how many entries are in there and # return without the header line self.__header_id = result[0] output.close() return crontab else: # Just append the line crontab.append(line) # We didn't find the header output.close() return crontab def __set_crontab(self, crontab): if len(crontab) < 1: logger.debug( "Since at least the warning line has to be present, something went wrong if crontab has less than 1 entry. Not overwriting crontab" ) return False tmp_name = tempfile.mktemp(".ossim.scheduler") outfile = open(tmp_name, "w") try: for line in crontab: outfile.write(line) finally: outfile.close() cmd = "crontab %s" % tmp_name status = os.system(cmd) os.unlink(tmp_name) if (status < 0): return False return True def run(self): self.__db.connect() self.__last_ntop_link = self.__ntop_apache_manager.getNtopLink() while 1: try: new_ntop_link = self.__ntop_apache_manager.getNtopLink() if self.__last_ntop_link != new_ntop_link: self.__ntop_apache_manager.refreshDefaultNtopConfiguration( must_reload=True) # Check if we already have the latest DB id stored in memory # during this run if self.__check_last_db_id( ) == True or self.__check_db_scheduler_count() == True: # Let's fetch the crontab up until our header (if present) # and check if we have to recreate it crontab = self.__get_crontab() last_id = self.__get_last_db_id() id_num = self.__get_db_scheduler_count() for line in crontab: logger.debug(line.strip()) # Ok, we have to redo the crontab entry ossim_tag = "#### OSSIM scheduling information, everything below this line will be erased. Last schedule: (%d) ####" % int( last_id) logger.debug(ossim_tag) crontab.append(ossim_tag + "\n") query = "SELECT * FROM plugin_scheduler" hash = self.__db.exec_query(query) FRAMEWORKD_DIR = self.__conf["frameworkd_dir"] or \ "/usr/share/ossim-framework/ossimframework" for row in hash: donessus_command = "python " +\ os.path.join(FRAMEWORKD_DIR, "DoNessus.py") +\ " -i " + str(row["id"]) entry = "%s\t%s\t%s\t%s\t%s\t%s\n" % \ (row["plugin_minute"],\ row["plugin_hour"],\ row["plugin_day_month"],\ row["plugin_month"],\ row["plugin_day_week"],\ donessus_command) crontab.append(entry) logger.debug(entry) logger.debug("Setting crontab") if self.__set_crontab(crontab) == True: logger.debug("Crontab successfully updated") self.__stored_id = self.__header_id = last_id self.__stored_num = id_num else: logger.debug( "Crontab not updated, something went wrong (check output)" ) except Exception, e: logger.error(e) logger.debug("Iteration...") time.sleep(float(self.__conf[VAR_SCHEDULED_PERIOD])) # never reached.. self.__db.close()