def login(self, username, password):
url = '%s/session/login_password' % self.get_base_url()
data = 'user=%s&password=%s' % (quote(
username, safe=''), quote(password, safe=''))
headers = {
'referer': self.get_base_url(),
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'text/plain'
}
try:
resp, info = fetch_url(module=self.module,
url=url,
data=to_bytes(data),
headers=headers)
status_code = info['status']
if status_code not in [200, 201, 204]:
self._fail('login', info['msg'])
self.headers = {
'referer': self.get_base_url(),
'Content-Type': 'application/json',
'Accept': 'application/json',
'Cookie': resp.info().get('Set-Cookie')
}
except Exception as e:
self._fail('login', to_native(e))
def login(self, username, password):
if 'KRB5CCNAME' in os.environ and HAS_GSSAPI:
self.use_gssapi = True
elif 'KRB5_CLIENT_KTNAME' in os.environ and HAS_GSSAPI:
ccache = "MEMORY:" + str(uuid.uuid4())
os.environ['KRB5CCNAME'] = ccache
self.use_gssapi = True
else:
if not password:
if 'KRB5CCNAME' in os.environ or 'KRB5_CLIENT_KTNAME' in os.environ:
self.module.warn("In order to use GSSAPI, you need to install 'urllib_gssapi'")
self._fail('login', 'Password is required if not using '
'GSSAPI. To use GSSAPI, please set the '
'KRB5_CLIENT_KTNAME or KRB5CCNAME (or both) '
' environment variables.')
url = '%s/session/login_password' % self.get_base_url()
data = 'user=%s&password=%s' % (quote(username, safe=''), quote(password, safe=''))
headers = {'referer': self.get_base_url(),
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'text/plain'}
try:
resp, info = fetch_url(module=self.module, url=url, data=to_bytes(data), headers=headers, timeout=self.timeout)
status_code = info['status']
if status_code not in [200, 201, 204]:
self._fail('login', info['msg'])
self.headers = {'Cookie': info.get('set-cookie')}
except Exception as e:
self._fail('login', to_native(e))
if not self.headers:
self.headers = dict()
self.headers.update({
'referer': self.get_base_url(),
'Content-Type': 'application/json',
'Accept': 'application/json'})
def main():
module = AnsibleModule(argument_spec=dict(
token=dict(type='str', required=True, no_log=True),
chat_id=dict(type='str', required=True, no_log=True),
msg_format=dict(type='str',
required=False,
default='plain',
choices=['plain', 'markdown', 'html']),
msg=dict(type='str', required=True)),
supports_check_mode=True)
token = quote(module.params.get('token'))
chat_id = quote(module.params.get('chat_id'))
msg_format = quote(module.params.get('msg_format'))
msg = quote(module.params.get('msg'))
url = 'https://api.telegram.org/bot' + token + \
'/sendMessage?text=' + msg + '&chat_id=' + chat_id
if msg_format in ('markdown', 'html'):
url += '&parse_mode=' + msg_format
if module.check_mode:
module.exit_json(changed=False)
response, info = fetch_url(module, url)
if info['status'] == 200:
module.exit_json(changed=True)
else:
body = json.loads(info['body'])
module.fail_json(msg="failed to send message, return status=%s" %
str(info['status']),
telegram_error=body['description'])
def main():
argspec = dict(
id=dict(required=False, type="int"),
name=dict(required=False, type="str"),
owner=dict(required=False, type="str"),
type=dict(required=False,
choices=["EVENT", "FLOW", "COMMON", "USER"],
type="str"),
origin=dict(required=False,
choices=["SYSTEM", "OVERRIDE", "USER"],
type="str"),
)
module = AnsibleModule(argument_spec=argspec, supports_check_mode=True)
qradar_request = QRadarRequest(module,
headers={
"Content-Type": "application/json",
"Version": "9.1"
})
# if module.params['name']:
# # FIXME - QUERY HERE BY NAME NATIVELY VIA REST API (DOESN'T EXIST YET)
# found_offense = qradar_request.get_by_path('api/analytics/rules?filter={0}'.format(module.params['name']))
if module.params["id"]:
rules = qradar_request.get_by_path("api/analytics/rules/{0}".format(
module.params["id"]))
else:
query_strs = []
if module.params["name"]:
query_strs.append(
quote('name="{0}"'.format(to_text(module.params["name"]))))
if module.params["owner"]:
query_strs.append(quote("owner={0}".format(
module.params["owner"])))
if module.params["type"]:
query_strs.append(quote("type={0}".format(module.params["type"])))
if module.params["origin"]:
query_strs.append(
quote("origin={0}".format(module.params["origin"])))
if query_strs:
rules = qradar_request.get_by_path(
"api/analytics/rules?filter={0}".format("&".join(query_strs)))
else:
rules = qradar_request.get_by_path("api/analytics/rules")
module.exit_json(rules=rules, changed=False)
def get_devices(self,
name=None,
osversion=None,
devicefamily=None,
serialnumber=None,
platform=None,
managedstatus=None,
connectionstatus=None,
attribute_column_0=None,
ip_address=None):
'''
Querries Space API and returns list of any devices matching filter(s) or None
'''
query_strs = []
self.space_request.headers = {
"Accept":
"application/vnd.net.juniper.space.device-management.devices+json;version=2"
}
if name:
query_strs.append(quote("name eq '{0}'".format(to_text(name))))
if osversion:
query_strs.append(quote("OSversion eq '{0}'".format(osversion)))
if devicefamily:
query_strs.append(
quote("deviceFamily eq '{0}'".format(devicefamily)))
if serialnumber:
query_strs.append(
quote("SerialNumber eq '{0}'".format(serialnumber)))
if platform:
query_strs.append(quote("platform eq '{0}'".format(platform)))
if managedstatus:
query_strs.append(
quote("managedStatus eq '{0}'".format(managedstatus)))
if connectionstatus:
query_strs.append(
quote("connectionStatus eq '{0}'".format(connectionstatus)))
if attribute_column_0:
query_strs.append(
quote(
"attribute-column-0 eq '{0}'".format(attribute_column_0)))
if ip_address:
query_strs.append(quote("ipAddr eq '{0}'".format(ip_address)))
if query_strs:
code, response = self.space_request.get_by_path(
"/api/space/device-management/devices?filter=({0})".format(
"%20and%20".join(query_strs)))
return self._return_list(response['devices'])
else:
code, response = self.space_request.get_by_path(
"/api/space/device-management/devices")
return self._return_list(response['devices'])
def request(self,
method,
path,
query=None,
data=None,
headers=None,
bytes=None):
# Make sure we only have one kind of payload
if data is not None and bytes is not None:
raise AssertionError(
"Cannot have JSON and binary payload in a single request.")
escaped_path = quote(path.strip("/"))
if escaped_path:
escaped_path = "/" + escaped_path
url = "{0}{1}".format(self.host, escaped_path)
if query:
url = "{0}?{1}".format(url, urlencode(query))
headers = dict(headers or DEFAULT_HEADERS, **self.auth_header)
if data is not None:
data = json.dumps(data, separators=(",", ":"))
headers["Content-type"] = "application/json"
elif bytes is not None:
data = bytes
return self._request(method, url, data=data, headers=headers)
def get_folder(self, title):
url = "/api/search?type=dash-folder&query={title}".format(title=quote(title))
response = self._send_request(url, headers=self.headers, method="GET")
for item in response:
if item.get("title") == to_text(title):
return item
return None
def create(self):
"""
:return:
"""
self.url = '{0}/{1}/e/{2}/{3}/{4}'.format(self.base_url,
urllib_parse.quote(self.vhost),
urllib_parse.quote(self.name),
self.destination_type,
urllib_parse.quote(self.destination))
self.api_result = self.request.post(self.url,
auth=self.authentication,
headers={"content-type": "application/json"},
data=json.dumps({
'routing_key': self.routing_key,
'arguments': self.arguments
}))
def create(self):
"""
:return:
"""
self.url = '{0}/{1}/e/{2}/{3}/{4}'.format(
self.base_url, urllib_parse.quote(self.vhost, safe=''),
urllib_parse.quote(self.name, safe=''), self.destination_type,
urllib_parse.quote(self.destination, safe=''))
self.api_result = self.request.post(
self.url,
auth=self.authentication,
headers={"content-type": "application/json"},
data=json.dumps({
'routing_key': self.routing_key,
'arguments': self.arguments
}))
def get_executions_representation(self, config, realm='master'):
"""
Get a representation of the executions for an authentication flow.
:param config: Representation of the authentication flow
:param realm: Realm
:return: Representation of the executions
"""
try:
# Get executions created
executions = json.load(
open_url(URL_AUTHENTICATION_FLOW_EXECUTIONS.format(
url=self.baseurl,
realm=realm,
flowalias=quote(config["alias"])),
method='GET',
headers=self.restheaders))
for execution in executions:
if "authenticationConfig" in execution:
execConfigId = execution["authenticationConfig"]
execConfig = json.load(
open_url(URL_AUTHENTICATION_CONFIG.format(
url=self.baseurl, realm=realm, id=execConfigId),
method='GET',
headers=self.restheaders))
execution["authenticationConfig"] = execConfig
return executions
except Exception as e:
self.module.fail_json(
msg=
'Could not get executions for authentication flow %s in realm %s: %s'
% (config["alias"], realm, str(e)))
def copy_auth_flow(self, config, realm='master'):
"""
Create a new authentication flow from a copy of another.
:param config: Representation of the authentication flow to create.
:param realm: Realm.
:return: Representation of the new authentication flow.
"""
try:
new_name = dict(newName=config["alias"])
open_url(URL_AUTHENTICATION_FLOW_COPY.format(
url=self.baseurl,
realm=realm,
copyfrom=quote(config["copyFrom"])),
method='POST',
headers=self.restheaders,
data=json.dumps(new_name))
flow_list = json.load(
open_url(URL_AUTHENTICATION_FLOWS.format(url=self.baseurl,
realm=realm),
method='GET',
headers=self.restheaders))
for flow in flow_list:
if flow["alias"] == config["alias"]:
return flow
return None
except Exception as e:
self.module.fail_json(
msg='Could not copy authentication flow %s in realm %s: %s' %
(config["alias"], realm, str(e)))
def job_run(self):
response, info = api_request(module=self.module,
endpoint="job/%s/run" %
quote(self.job_id),
method="POST",
data={
"loglevel": self.loglevel,
"options": self.job_options,
"runAtTime": self.run_at_time,
"filter": self.filter_nodes
})
if info["status"] != 200:
self.module.fail_json(msg=info["msg"])
if not self.wait_execution:
self.module.exit_json(msg="Job run send successfully!",
execution_info=response)
job_status = self.job_status_check(response["id"])
if job_status["timed_out"]:
if self.abort_on_timeout:
api_request(module=self.module,
endpoint="execution/%s/abort" % response['id'],
method="GET")
abort_status = self.job_status_check(response["id"])
self.module.fail_json(
msg="Job execution aborted due the timeout specified",
execution_info=abort_status)
self.module.fail_json(msg="Job execution timed out",
execution_info=job_status)
def __init__(self, module):
"""
:param module:
"""
self.module = module
self.name = self.module.params['name']
self.login_user = self.module.params['login_user']
self.login_password = self.module.params['login_password']
self.login_host = self.module.params['login_host']
self.login_port = self.module.params['login_port']
self.login_protocol = self.module.params['login_protocol']
self.vhost = self.module.params['vhost']
self.destination = self.module.params['destination']
self.destination_type = 'q' if self.module.params['destination_type'] == 'queue' else 'e'
self.routing_key = self.module.params['routing_key']
self.arguments = self.module.params['arguments']
self.verify = self.module.params['ca_cert']
self.cert = self.module.params['client_cert']
self.key = self.module.params['client_key']
self.props = urllib_parse.quote(self.routing_key) if self.routing_key != '' else '~'
self.base_url = '{0}://{1}:{2}/api/bindings'.format(self.login_protocol,
self.login_host,
self.login_port)
self.url = '{0}/{1}/e/{2}/{3}/{4}/{5}'.format(self.base_url,
urllib_parse.quote(self.vhost, safe=''),
urllib_parse.quote(self.name, safe=''),
self.destination_type,
urllib_parse.quote(self.destination, safe=''),
self.props)
self.result = {
'changed': False,
'name': self.module.params['name'],
}
self.authentication = (
self.login_user,
self.login_password
)
self.request = requests
self.http_check_states = {
200: True,
404: False,
}
self.http_actionable_states = {
201: True,
204: True,
}
self.api_result = self.request.get(self.url, auth=self.authentication)
def login(self, username, password):
url = '%s/session/login_password' % self.get_base_url()
data = 'user=%s&password=%s' % (quote(username, safe=''), quote(password, safe=''))
headers = {'referer': self.get_base_url(),
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'text/plain'}
try:
resp, info = fetch_url(module=self.module, url=url, data=to_bytes(data), headers=headers)
status_code = info['status']
if status_code not in [200, 201, 204]:
self._fail('login', info['msg'])
self.headers = {'referer': self.get_base_url(),
'Content-Type': 'application/json',
'Accept': 'application/json',
'Cookie': resp.info().get('Set-Cookie')}
except Exception as e:
self._fail('login', to_native(e))
def encode_url(value):
parts = split_url(value)
username = quote(parts['username'] or '')
password = quote(parts['password'] or '')
if username and password:
username = '******'.format(username, password)
hostname = parts['hostname']
port = parts['port']
if hostname and port:
hostname = '{}:{}'.format(hostname, port)
if username and hostname:
hostname = '{}@{}'.format(username, hostname)
url = (parts['scheme'], hostname, parts['path'], parts['query'],
parts['fragment'])
return urlunsplit(url)
def resolve_group_name_to_id(module):
group_name = module.params["group_name"]
cyberark_session = module.params["cyberark_session"]
api_base_url = cyberark_session["api_base_url"]
validate_certs = cyberark_session["validate_certs"]
headers = {
"Content-Type": "application/json",
"Authorization": cyberark_session["token"]
}
url = construct_url(
api_base_url,
"/PasswordVault/api/UserGroups?search={pgroupname}".format(
pgroupname=quote(group_name)))
try:
response = open_url(
url,
method="GET",
headers=headers,
validate_certs=validate_certs,
timeout=module.params['timeout'],
)
groups = json.loads(response.read())
# Return None if the user does not exist
group_id = None
# Say we have two groups: 'groupone' and 'grouptwo', a search on group will return both
# So we will lopp over and see if the groupname returned matches the groupsname we searched for
# If so, and we somehow found more than one raise an error
for group in groups['value']:
if group['groupName'] == group_name:
if group_id is None:
group_id = group['id']
else:
module.fail_json(msg=(
"Found more than one group matching %s. Use vault_id instead"
% (group_name)))
# If we made it here we had 1 or 0 users, return them
logging.debug("Resolved group_name %s to ID %s", group_name, group_id)
return group_id
except (HTTPError, httplib.HTTPException) as http_exception:
module.fail_json(
msg=(
"Error while looking up group %s.\n*** end_point=%s\n ==> %s" %
(group_name, url, to_text(http_exception))),
payload={},
headers=headers,
status_code=http_exception.code,
)
except Exception as unknown_exception:
module.fail_json(
msg=(
"Unknown error while looking up group %s.\n*** end_point=%s\n%s"
% (group_name, url, to_text(unknown_exception))),
payload={},
headers=headers,
status_code=-1,
)
def get_build_plan(self, bp_name):
search_uri = '/rest/index/resources?filter="name=\'' + quote(
bp_name) + '\'"&category=osdbuildplan'
search_result = self.connection.get(search_uri)
if search_result['count'] > 0 and search_result['members'][0][
'name'] == bp_name:
return search_result['members'][0]
return None
def set_log_source_values(module, qradar_request):
if module.params["type_name"]:
log_source_type_found = qradar_request.get_by_path(
"api/config/event_sources/log_source_management/log_source_types?filter={0}".format(
quote('name="{0}"'.format(module.params["type_name"]))
)
)[0]
if module.params["type_id"]:
log_source_type_found = qradar_request.get_by_path(
"api/config/event_sources/log_source_management/log_source_types?filter={0}".format(
quote('id="{0}"'.format(module.params["type_id"]))
)
)[0]
if log_source_type_found:
if not module.params["type_id"]:
module.params["type_id"] = log_source_type_found["id"]
else:
module.fail_json(
msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types"
)
if module.params["protocol_type_id"]:
found_dict_in_list, _fdil_index = find_dict_in_list(
log_source_type_found["protocol_types"],
"protocol_id",
module.params["protocol_type_id"],
)
if not found_dict_in_list:
module.fail_json(
msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types"
)
else:
# Set it to the default as provided by the QRadar Instance
module.params["protocol_type_id"] = log_source_type_found["protocol_types"][0][
"protocol_id"
]
module.params["protocol_parameters"] = [
{
"id": module.params["protocol_type_id"],
"name": "identifier",
"value": module.params["identifier"],
}
]
def _svc_rest(self, method, headers, cmd, cmdopts, cmdargs):
""" Run SVC command with token info added into header
:param method: http method, POST or GET
:type method: string
:param headers: http headers
:type headers: dict
:param cmd: svc command to run
:type cmd: string
:param cmdopts: svc command options, name paramter and value
:type cmdopts: dict
:param cmdargs: svc command arguments, non-named paramaters
:return: dict of command results
:rtype: dict
"""
# Catch any output or errors and pass back to the caller to deal with.
r = {'url': None, 'code': None, 'err': None, 'out': None, 'data': None}
postfix = cmd
if cmdargs:
postfix = '/'.join([postfix] + [quote(str(a)) for a in cmdargs])
url = '/'.join([self.resturl] + [postfix])
r['url'] = url # Pass back in result for error handling
self.log("_svc_rest: url=%s", url)
payload = cmdopts if cmdopts else None
data = self.module.jsonify(payload).encode('utf8')
r['data'] = cmdopts # Original payload data has nicer formatting
self.log("_svc_rest: payload=%s", payload)
try:
o = open_url(url,
method=method,
headers=headers,
validate_certs=self.validate_certs,
data=bytes(data))
except HTTPError as e:
self.log('_svc_rest: httperror %s', str(e))
r['code'] = e.getcode()
r['out'] = e.read()
r['err'] = "HTTPError %s", str(e)
return r
except Exception as e:
self.log('_svc_rest: exception : %s', str(e))
r['err'] = "Exception %s", str(e)
return r
try:
j = json.load(o)
except ValueError as e:
self.log("_svc_rest: value error pass: %s", str(e))
# pass, will mean both data and error are None.
return r
r['out'] = j
return r
def _construct_query_string(self,
args=None,
attrs=None,
filter=None,
action=None,
count=False):
query_dict = {}
if args is None:
args = {}
if attrs is None:
attrs = []
if filter is None:
filter = {}
# Construct args
args_val = ','.join([
'%s:%s' % (k, quote(codecs.encode(str(args[k])), safe=''))
for k in args
])
if args_val != '':
args_val = 'args=%s' % args_val
# Construct attrs
attrs_val = ','.join(attrs)
if attrs_val != '':
attrs_val = 'attrs=%s' % attrs_val
# Construct filters
filter_val = ','.join(['%s:%s' % (k, filter[k]) for k in filter])
if filter_val != '':
filter_val = 'filter=%s' % filter_val
# Construct action
action_val = ''
if action is not None:
action_val = 'action=%s' % action
# Construct count
count_val = ''
if count:
count_val = 'count=yes'
# Construct the query string
# Filter out empty string parameters
val_list = [args_val, attrs_val, filter_val, action_val, count_val]
query_params = '&'.join([v for v in val_list if v != ''])
if query_params != '':
query_params = '?%s' % query_params
return query_params
def request(self, method, path, query=None, data=None):
escaped_path = quote(path.rstrip("/"))
url = "{0}/api/now/{1}".format(self.host, escaped_path)
if query:
url = "{0}?{1}".format(url, urlencode(query))
headers = dict(Accept="application/json", **self.auth_header)
if data is not None:
data = json.dumps(data, separators=(",", ":"))
headers["Content-type"] = "application/json"
return self._request(method, url, data=data, headers=headers)
def get_team(self, name):
url = "/api/teams/search?name={team}".format(team=quote(name))
response = self._send_request(url, headers=self.headers, method="GET")
if not response.get("totalCount") <= 1:
raise AssertionError("Expected 1 team, got %d" %
response["totalCount"])
if len(response.get("teams")) == 0:
return None
return response.get("teams")[0]
def urlencode(self, string):
"""
URL Encode a string
:param: string: The string to URL encode
:type string: str
:returns: URL encode version of supplied string
:rtype: str
"""
return quote(string, "<>%-_.!*'():?#/@&+,;=")
def append_ssl_certs(self):
ssl_options = {}
if self.cafile:
ssl_options['cafile'] = self.cafile
if self.certfile:
ssl_options['certfile'] = self.certfile
if self.keyfile:
ssl_options['keyfile'] = self.keyfile
self.url = self.url + '?ssl_options=' + urllib_parse.quote(
json.dumps(ssl_options))
def get_addresses(self, name=None, ip_address=None):
'''
Querries Space API and returns list of any addresses matching filter(s) or None
'''
query_strs = []
self.space_request.headers = {"Accept": "application/json"}
if name:
query_strs.append(quote("name contains '{0}'".format(to_text(name))))
if ip_address:
query_strs.append(quote("ip_address contains '{0}'".format(ip_address)))
if query_strs:
code, response = self.space_request.get_by_path(
"/api/juniper/sd/address-management/v5/address?filter=({0})".format("%20and%20".join(query_strs))
)
return self._return_list(response['addresses'])
else:
code, response = self.space_request.get_by_path("/api/juniper/sd/address-management/v5/address")
return self._return_list(response['addresses'])
def __init__(self, module):
"""
:param module:
"""
self.module = module
self.name = self.module.params['name']
self.login_user = self.module.params['login_user']
self.login_password = self.module.params['login_password']
self.login_host = self.module.params['login_host']
self.login_port = self.module.params['login_port']
self.vhost = self.module.params['vhost']
self.destination = self.module.params['destination']
self.destination_type = 'q' if self.module.params['destination_type'] == 'queue' else 'e'
self.routing_key = self.module.params['routing_key']
self.arguments = self.module.params['arguments']
self.base_url = 'http://{0}:{1}/api/bindings'.format(self.login_host,
self.login_port)
self.url = '{0}/{1}/e/{2}/{3}/{4}/{5}'.format(self.base_url,
urllib_parse.quote(self.vhost),
urllib_parse.quote(self.name),
self.destination_type,
self.destination,
self.routing_key)
self.result = {
'changed': False,
'name': self.module.params['name'],
}
self.authentication = (
self.login_user,
self.login_password
)
self.request = requests
self.http_check_states = {
200: True,
404: False,
}
self.http_actionable_states = {
201: True,
204: True,
}
self.api_result = self.request.get(self.url, auth=self.authentication)
def vmware_path(datastore, datacenter, path):
''' Constructs a URL path that VSphere accepts reliably '''
path = '/folder/{path}'.format(path=quote(path.strip('/')))
# Due to a software bug in vSphere, it fails to handle ampersand in datacenter names
# The solution is to do what vSphere does (when browsing) and double-encode ampersands, maybe others ?
datacenter = datacenter.replace('&', '%26')
if not path.startswith('/'):
path = '/' + path
params = dict(dsName=datastore)
if datacenter:
params['dcPath'] = datacenter
return '{0}?{1}'.format(path, urlencode(params))
def vmware_path(datastore, datacenter, path):
""" Constructs a URL path that VSphere accepts reliably """
path = "/folder/{path}".format(path=quote(path.strip("/")))
# Due to a software bug in vSphere, it fails to handle ampersand in datacenter names
# The solution is to do what vSphere does (when browsing) and double-encode ampersands, maybe others ?
datacenter = datacenter.replace("&", "%26")
if not path.startswith("/"):
path = "/" + path
params = dict(dsName=datastore)
if datacenter:
params["dcPath"] = datacenter
return "{0}?{1}".format(path, urlencode(params))
def set_log_source_values(module, qradar_request):
if module.params['type_name']:
log_source_type_found = qradar_request.get_by_path(
'api/config/event_sources/log_source_management/log_source_types?filter={0}'.format(
quote('name="{0}"'.format(module.params['type_name']))
)
)[0]
if module.params['type_id']:
log_source_type_found = qradar_request.get_by_path(
'api/config/event_sources/log_source_management/log_source_types?filter={0}'.format(
quote('id="{0}"'.format(module.params['type_id']))
)
)[0]
if log_source_type_found:
if not module.params['type_id']:
module.params['type_id'] = log_source_type_found['id']
else:
module.fail_json(msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types")
if module.params['protocol_type_id']:
found_dict_in_list, _fdil_index = find_dict_in_list(
log_source_type_found['protocol_types'],
'protocol_id', module.params['protocol_type_id']
)
if not found_dict_in_list:
module.fail_json(
msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types"
)
else:
# Set it to the default as provided by the QRadar Instance
module.params['protocol_type_id'] = log_source_type_found['protocol_types'][0]['protocol_id']
module.params['protocol_parameters'] = [
{
'id': module.params['protocol_type_id'],
'name': 'identifier',
'value': module.params['identifier'],
},
]
def vmware_path(datastore, datacenter, path):
''' Constructs a URL path that VSphere accepts reliably '''
path = "/folder/%s" % quote(path.lstrip("/"))
# Due to a software bug in vSphere, it fails to handle ampersand in datacenter names
# The solution is to do what vSphere does (when browsing) and double-encode ampersands, maybe others ?
if not path.startswith("/"):
path = "/" + path
params = dict(dsName=datastore)
if datacenter:
datacenter = datacenter.replace('&', '%26')
params["dcPath"] = datacenter
params = urlencode(params)
return "%s?%s" % (path, params)
def set_offense_values(module, qradar_request):
if module.params['closing_reason']:
found_closing_reason = qradar_request.get_by_path(
'api/siem/offense_closing_reasons?filter={0}'.format(
quote('text="{0}"'.format(module.params['closing_reason']))))
if found_closing_reason:
module.params['closing_reason_id'] = found_closing_reason[0]['id']
else:
module.fail_json('Unable to find closing_reason text: {0}'.format(
module.params['closing_reason']))
if module.params['status']:
module.params['status'] = module.params['status'].upper()
def grafana_datasource_exists(module, grafana_url, name, headers):
datasource_exists = False
ds = {}
r, info = fetch_url(module, '%s/api/datasources/name/%s' % (grafana_url, quote(name)), headers=headers, method='GET')
if info['status'] == 200:
datasource_exists = True
ds = json.loads(to_text(r.read(), errors='surrogate_or_strict'))
elif info['status'] == 404:
datasource_exists = False
else:
raise GrafanaAPIException('Unable to get datasource %s : %s' % (name, info))
return datasource_exists, ds
def set_offense_values(module, qradar_request):
if module.params["closing_reason"]:
found_closing_reason = qradar_request.get_by_path(
"api/siem/offense_closing_reasons?filter={0}".format(
quote('text="{0}"'.format(module.params["closing_reason"]))))
if found_closing_reason:
module.params["closing_reason_id"] = found_closing_reason[0]["id"]
else:
module.fail_json("Unable to find closing_reason text: {0}".format(
module.params["closing_reason"]))
if module.params["status"]:
module.params["status"] = module.params["status"].upper()
def main():
module = AnsibleModule(
argument_spec=dict(
state=dict(default='present', choices=['present', 'absent'], type='str'),
name=dict(required=True, aliases=["src", "source"], type='str'),
login_user=dict(default='guest', type='str'),
login_password=dict(default='guest', type='str', no_log=True),
login_host=dict(default='localhost', type='str'),
login_port=dict(default='15672', type='str'),
vhost=dict(default='/', type='str'),
destination=dict(required=True, aliases=["dst", "dest"], type='str'),
destination_type=dict(required=True, aliases=["type", "dest_type"], choices=["queue", "exchange"], type='str'),
routing_key=dict(default='#', type='str'),
arguments=dict(default=dict(), type='dict')
),
supports_check_mode=True
)
if not HAS_REQUESTS:
module.fail_json(msg="requests library is required for this module. To install, use `pip install requests`")
result = dict(changed=False, name=module.params['name'])
if module.params['destination_type'] == "queue":
dest_type = "q"
else:
dest_type = "e"
if module.params['routing_key'] == "":
props = "~"
else:
props = urllib_parse.quote(module.params['routing_key'], '')
base_url = "http://%s:%s/api/bindings" % (module.params['login_host'], module.params['login_port'])
url = "%s/%s/e/%s/%s/%s/%s" % (base_url,
urllib_parse.quote(module.params['vhost'], ''),
urllib_parse.quote(module.params['name'], ''),
dest_type,
urllib_parse.quote(module.params['destination'], ''),
props
)
# Check if exchange already exists
r = requests.get(url, auth=(module.params['login_user'], module.params['login_password']))
if r.status_code == 200:
binding_exists = True
response = r.json()
elif r.status_code == 404:
binding_exists = False
response = r.text
else:
module.fail_json(
msg="Invalid response from RESTAPI when trying to check if exchange exists",
details=r.text
)
if module.params['state'] == 'present':
change_required = not binding_exists
else:
change_required = binding_exists
# Exit if check_mode
if module.check_mode:
result['changed'] = change_required
result['details'] = response
result['arguments'] = module.params['arguments']
module.exit_json(**result)
# Do changes
if change_required:
if module.params['state'] == 'present':
url = "%s/%s/e/%s/%s/%s" % (
base_url,
urllib_parse.quote(module.params['vhost'], ''),
urllib_parse.quote(module.params['name'], ''),
dest_type,
urllib_parse.quote(module.params['destination'], '')
)
r = requests.post(
url,
auth=(module.params['login_user'], module.params['login_password']),
headers={"content-type": "application/json"},
data=json.dumps({
"routing_key": module.params['routing_key'],
"arguments": module.params['arguments']
})
)
elif module.params['state'] == 'absent':
r = requests.delete(url, auth=(module.params['login_user'], module.params['login_password']))
if r.status_code == 204 or r.status_code == 201:
result['changed'] = True
result['destination'] = module.params['destination']
module.exit_json(**result)
else:
module.fail_json(
msg="Error creating exchange",
status=r.status_code,
details=r.text
)
else:
result['changed'] = False
module.exit_json(**result)
def main():
module = AnsibleModule(
argument_spec=dict(
state=dict(default='present', choices=['present', 'absent'], type='str'),
name=dict(required=True, type='str'),
login_user=dict(default='guest', type='str'),
login_password=dict(default='guest', type='str', no_log=True),
login_host=dict(default='localhost', type='str'),
login_port=dict(default='15672', type='str'),
vhost=dict(default='/', type='str'),
durable=dict(default=True, type='bool'),
auto_delete=dict(default=False, type='bool'),
internal=dict(default=False, type='bool'),
exchange_type=dict(default='direct', aliases=['type'], type='str'),
arguments=dict(default=dict(), type='dict')
),
supports_check_mode=True
)
result = dict(changed=False, name=module.params['name'])
url = "http://%s:%s/api/exchanges/%s/%s" % (
module.params['login_host'],
module.params['login_port'],
urllib_parse.quote(module.params['vhost'], ''),
urllib_parse.quote(module.params['name'], '')
)
if not HAS_REQUESTS:
module.fail_json(msg="requests library is required for this module. To install, use `pip install requests`")
# Check if exchange already exists
r = requests.get(url, auth=(module.params['login_user'], module.params['login_password']))
if r.status_code == 200:
exchange_exists = True
response = r.json()
elif r.status_code == 404:
exchange_exists = False
response = r.text
else:
module.fail_json(
msg="Invalid response from RESTAPI when trying to check if exchange exists",
details=r.text
)
if module.params['state'] == 'present':
change_required = not exchange_exists
else:
change_required = exchange_exists
# Check if attributes change on existing exchange
if not change_required and r.status_code == 200 and module.params['state'] == 'present':
if not (
response['durable'] == module.params['durable'] and
response['auto_delete'] == module.params['auto_delete'] and
response['internal'] == module.params['internal'] and
response['type'] == module.params['exchange_type']
):
module.fail_json(
msg="RabbitMQ RESTAPI doesn't support attribute changes for existing exchanges"
)
# Exit if check_mode
if module.check_mode:
result['changed'] = change_required
result['details'] = response
result['arguments'] = module.params['arguments']
module.exit_json(**result)
# Do changes
if change_required:
if module.params['state'] == 'present':
r = requests.put(
url,
auth=(module.params['login_user'], module.params['login_password']),
headers={"content-type": "application/json"},
data=json.dumps({
"durable": module.params['durable'],
"auto_delete": module.params['auto_delete'],
"internal": module.params['internal'],
"type": module.params['exchange_type'],
"arguments": module.params['arguments']
})
)
elif module.params['state'] == 'absent':
r = requests.delete(url, auth=(module.params['login_user'], module.params['login_password']))
# RabbitMQ 3.6.7 changed this response code from 204 to 201
if r.status_code == 204 or r.status_code == 201:
result['changed'] = True
module.exit_json(**result)
else:
module.fail_json(
msg="Error creating exchange",
status=r.status_code,
details=r.text
)
else:
result['changed'] = False
module.exit_json(**result)
def main():
module = AnsibleModule(
argument_spec=dict(
state=dict(default='present', choices=['present', 'absent'], type='str'),
name=dict(required=True, type='str'),
login_user=dict(default='guest', type='str'),
login_password=dict(default='guest', type='str', no_log=True),
login_host=dict(default='localhost', type='str'),
login_port=dict(default='15672', type='str'),
vhost=dict(default='/', type='str'),
durable=dict(default=True, type='bool'),
auto_delete=dict(default=False, type='bool'),
message_ttl=dict(default=None, type='int'),
auto_expires=dict(default=None, type='int'),
max_length=dict(default=None, type='int'),
dead_letter_exchange=dict(default=None, type='str'),
dead_letter_routing_key=dict(default=None, type='str'),
arguments=dict(default=dict(), type='dict'),
max_priority=dict(default=None, type='int')
),
supports_check_mode=True
)
url = "http://%s:%s/api/queues/%s/%s" % (
module.params['login_host'],
module.params['login_port'],
urllib_parse.quote(module.params['vhost'], ''),
module.params['name']
)
if not HAS_REQUESTS:
module.fail_json(msg="requests library is required for this module. To install, use `pip install requests`")
result = dict(changed=False, name=module.params['name'])
# Check if queue already exists
r = requests.get(url, auth=(module.params['login_user'], module.params['login_password']))
if r.status_code == 200:
queue_exists = True
response = r.json()
elif r.status_code == 404:
queue_exists = False
response = r.text
else:
module.fail_json(
msg="Invalid response from RESTAPI when trying to check if queue exists",
details=r.text
)
if module.params['state'] == 'present':
change_required = not queue_exists
else:
change_required = queue_exists
# Check if attributes change on existing queue
if not change_required and r.status_code == 200 and module.params['state'] == 'present':
if not (
response['durable'] == module.params['durable'] and
response['auto_delete'] == module.params['auto_delete'] and
(
('x-message-ttl' in response['arguments'] and response['arguments']['x-message-ttl'] == module.params['message_ttl']) or
('x-message-ttl' not in response['arguments'] and module.params['message_ttl'] is None)
) and
(
('x-expires' in response['arguments'] and response['arguments']['x-expires'] == module.params['auto_expires']) or
('x-expires' not in response['arguments'] and module.params['auto_expires'] is None)
) and
(
('x-max-length' in response['arguments'] and response['arguments']['x-max-length'] == module.params['max_length']) or
('x-max-length' not in response['arguments'] and module.params['max_length'] is None)
) and
(
('x-dead-letter-exchange' in response['arguments'] and
response['arguments']['x-dead-letter-exchange'] == module.params['dead_letter_exchange']) or
('x-dead-letter-exchange' not in response['arguments'] and module.params['dead_letter_exchange'] is None)
) and
(
('x-dead-letter-routing-key' in response['arguments'] and
response['arguments']['x-dead-letter-routing-key'] == module.params['dead_letter_routing_key']) or
('x-dead-letter-routing-key' not in response['arguments'] and module.params['dead_letter_routing_key'] is None)
) and
(
('x-max-priority' in response['arguments'] and
response['arguments']['x-max-priority'] == module.params['max_priority']) or
('x-max-priority' not in response['arguments'] and module.params['max_priority'] is None)
)
):
module.fail_json(
msg="RabbitMQ RESTAPI doesn't support attribute changes for existing queues",
)
# Copy parameters to arguments as used by RabbitMQ
for k, v in {
'message_ttl': 'x-message-ttl',
'auto_expires': 'x-expires',
'max_length': 'x-max-length',
'dead_letter_exchange': 'x-dead-letter-exchange',
'dead_letter_routing_key': 'x-dead-letter-routing-key',
'max_priority': 'x-max-priority'
}.items():
if module.params[k] is not None:
module.params['arguments'][v] = module.params[k]
# Exit if check_mode
if module.check_mode:
result['changed'] = change_required
result['details'] = response
result['arguments'] = module.params['arguments']
module.exit_json(**result)
# Do changes
if change_required:
if module.params['state'] == 'present':
r = requests.put(
url,
auth=(module.params['login_user'], module.params['login_password']),
headers={"content-type": "application/json"},
data=json.dumps({
"durable": module.params['durable'],
"auto_delete": module.params['auto_delete'],
"arguments": module.params['arguments']
})
)
elif module.params['state'] == 'absent':
r = requests.delete(url, auth=(module.params['login_user'], module.params['login_password']))
# RabbitMQ 3.6.7 changed this response code from 204 to 201
if r.status_code == 204 or r.status_code == 201:
result['changed'] = True
module.exit_json(**result)
else:
module.fail_json(
msg="Error creating queue",
status=r.status_code,
details=r.text
)
else:
result['changed'] = False
module.exit_json(**result)
