def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "") try: ip = "10.1.33.100" # creds = json.loads(open("/tmp/config.json").read()) dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("swconfig") creds = json.loads(dbresult["configstring"]) SW_SERVER = creds["sw_server"] SW_USERNAME = creds["sw_username"] SW_PASSWORD = creds["sw_password"] # print("connecting to ....{} {} {}".format(SW_SERVER,SW_USERNAME,SW_PASSWORD)) sw = cats.SW(server=SW_SERVER, username=SW_USERNAME, password=SW_PASSWORD, debug=False) rsp = sw.flowsFromIP(ipaddress=ip, days=3, hours=0) rsp.update({"rtcResult": "OK"}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") print(json.dumps(rsp, indent=4, sort_keys=True))
def __init__(self,threadname,logthreshold,logfilename): rtcBASE.__init__(self,threadname,logthreshold,logfilename) self.penalties = self.rtcConfig["swEventsConfig"] self.event_table = "swevents" dbresultSW = self.db.getXconfig("swconfig") credsSW = json.loads(dbresultSW["configstring"]) SW_server = credsSW["sw_server"] SW_username = credsSW["sw_username"] SW_password = credsSW["sw_password"] self.logger.log_debug(1,"SW object initialized") (debug,logfile) = self.logtocats() self.sw = cats.SW(SW_server,SW_username,SW_password,debug=debug,logfile=logfile)
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("SWevents", debug_level, "") try: if 'REQUEST_METHOD' in os.environ: ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) request = json.loads(post) days = int(request["days"]) hours = int(request["hours"]) minutes = int(request["hours"]) else: ### this is called via CLI for troubleshooting recurring = "True" debug = True days = 0 hours = 1 minutes = 0 dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("swconfig") creds = json.loads(dbresult["configstring"]) SW_SERVER = creds["sw_server"] SW_USERNAME = creds["sw_username"] SW_PASSWORD = creds["sw_password"] # print("connecting to ....{} {} {}".format(SW_SERVER,SW_USERNAME,SW_PASSWORD)) sw = cats.SW(server=SW_SERVER, username=SW_USERNAME, password=SW_PASSWORD, debug=False) sw_rsp = sw.searchSecurityEvents(days=days, hours=hours, minutes=minutes, sourceip="", targetip="", wait=5) rsp = {"rtcResult": "OK"} rsp.update({"events": sw_rsp["data"]["results"]}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") print(json.dumps(rsp))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "") try: if 'REQUEST_METHOD' in os.environ: ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) IPinfo = json.loads(post) ip = IPinfo["IP"] else: ### this is called via CLI for troubleshooting debug = True ip = "10.1.33.10" dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("swconfig") creds = json.loads(dbresult["configstring"]) SW_SERVER = creds["sw_server"] SW_USERNAME = creds["sw_username"] SW_PASSWORD = creds["sw_password"] sw = cats.SW(server=SW_SERVER, username=SW_USERNAME, password=SW_PASSWORD, debug=False) rsp = sw.getFlows(sip=[ip], days=3, hours=0) rsp.update({"rtcResult": "OK"}) except Exception as err: rsp = {"rtcResult": mylogger.exception_info(err)} print("Content-type:application/json\n\n") if debug: print(json.dumps(rsp, indent=4, sort_keys=True)) else: print(json.dumps(rsp))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("AMPeventDetails", debug_level, "") try: dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("adconfig") ad_config = json.loads(dbresult["configstring"]) ADgroups = [] if "ad_server" in ad_config: ad_server = Server(ad_config["ad_server"], get_info=ALL) ad_conn = Connection(ad_server,user=ad_config["ad_username"],password=ad_config["ad_password"], auto_bind\ = True) ad_conn.search(search_base=ad_config["ad_base_dn"], search_filter='(objectclass=Group)', attributes=['cn']) groups = ad_conn.entries for group in groups: ADgroups.append(group.cn.values[0]) dbresult = dbconn.getXconfig("iseconfig") iseconfig = json.loads(dbresult["configstring"]) server = iseconfig["ise_server"] username = iseconfig["ise_username"] password = iseconfig["ise_password"] ise = cats.ISE_ANC(server=server, username=username, password=password, debug=False) isePolicies = ise.listPolicies() dbresult = dbconn.getXconfig("swconfig") swconfig = json.loads(dbresult["configstring"]) server = swconfig["sw_server"] username = swconfig["sw_username"] password = swconfig["sw_password"] sw = cats.SW(server=server, username=username, password=password, debug=False) swEvents = sw.eventList() dbresult = dbconn.getXconfig("ampconfig") ampConfig = json.loads(dbresult["configstring"]) API_CLIENT_ID = ampConfig["amp_api_client_id"] API_KEY = ampConfig["amp_api_key"] amp = cats.AMP(cloud="us", api_client_id=API_CLIENT_ID, api_key=API_KEY, debug=False, logfile="") ampEvents = amp.eventTypes() rsp = {"rtcResult": "OK"} rsp.update({"ADgroups": ADgroups}) rsp.update({"swEvents": swEvents}) rsp.update({"ampEvents": ampEvents}) rsp.update({"isePolicies": isePolicies}) print("Content-type:application/json\n\n") ret = json.dumps(rsp) print(ret) except Exception as err: print("Content-type:application/json\n\n") result = { "rtcResult": "Error", "info": "some error {}".format(mylogger.exception_info(err)) } print(json.dumps(result))
def main(argv): debug_level = 0 mylogger = rtclogger.LOGGER("GetDynOptions",debug_level,"") try: if 'REQUEST_METHOD' in os.environ : ### this is called as CGI script and we should avoid printouts debug = False post = str(sys.stdin.read()) temp = json.loads(post) item = temp["item"] else : ### this is called via CLI for troubleshooting item = "all" recurring = "True" debug = True item = "all" dbconn = rtcdb.RTCDB() dbresult = dbconn.getXconfig("adconfig") ADgroups = [] if item == "all" or item=="adconfig": ad_config = json.loads(dbresult["configstring"]) if "ad_server" in ad_config: ad_server = Server(ad_config["ad_server"],get_info = ALL) ad_conn = Connection(ad_server,user=ad_config["ad_username"],password=ad_config["ad_password"], auto_bind\ = True) ad_conn.search(search_base=ad_config["ad_base_dn"],search_filter = '(objectclass=Group)',attributes=['cn']) groups = ad_conn.entries for group in groups: ADgroups.append(group.cn.values[0]) isePolicies = [] if item == "all" or item=="iseconfig": dbresult = dbconn.getXconfig("iseconfig") iseconfig = json.loads(dbresult["configstring"]) if "ise_server" in iseconfig: server = iseconfig["ise_server"] username = iseconfig["ise_username"] password = iseconfig["ise_password"] ise = cats.ISE_ANC(server=server,username=username,password=password,debug=False) isePolicies = ise.listPolicies() swEvents = [] swHostGroups = [] if item == "all" or item=="swconfig": dbresult = dbconn.getXconfig("swconfig") swconfig = json.loads(dbresult["configstring"]) if "sw_server" in swconfig: server = swconfig["sw_server"] username = swconfig["sw_username"] password = swconfig["sw_password"] sw = cats.SW(server=server,username=username,password=password,debug=False) swEvents = sw.eventList() swHostGroups = sw.getHostGroups() ampEvents = [] if item == "all" or item=="ampconfig": dbresult = dbconn.getXconfig("ampconfig") ampConfig = json.loads(dbresult["configstring"]) if "amp_api_client_id" in ampConfig: API_CLIENT_ID = ampConfig["amp_api_client_id"] API_KEY = ampConfig["amp_api_key"] amp = cats.AMP(cloud="us",api_client_id=API_CLIENT_ID,api_key=API_KEY,debug=False,logfile="") ampEvents = amp.eventTypes() rsp = {"rtcResult":"OK"} rsp.update({"item": item}) rsp.update({"ADgroups": ADgroups}) rsp.update({"swEvents": swEvents}) rsp.update({"swHostGroups": swHostGroups}) rsp.update({"ampEvents": ampEvents}) rsp.update({"isePolicies": isePolicies}) print("Content-type:application/json\n\n") ret = json.dumps(rsp) print (ret) except Exception as err: print("Content-type:application/json\n\n") result = { "rtcResult":"Error","info":"some error {}".format(mylogger.exception_info(err)) } print(json.dumps(result))