def __init__(self, token=TOKEN, remote=REMOTE_ADDR, client='stdout', username=None, feed=None, archiver=None,
fireball=False, no_fetch=False, verify_ssl=True, goback=False, skip_invalid=False, send_retries=5,
send_retries_wait=30):
self.logger = logging.getLogger(__name__)
self.client = None
if client != 'stdout':
plugin_path = os.path.join(os.path.dirname(__file__), 'client')
if getattr(sys, 'frozen', False):
plugin_path = os.path.join(sys._MEIPASS, 'csirtg_smrt', 'client')
self.client = load_plugin(plugin_path, client)
if not self.client:
raise RuntimeError("Unable to load plugin: {}".format(client))
self.client = self.client(remote=remote, token=token, username=username, feed=feed, fireball=fireball,
verify_ssl=verify_ssl)
self.archiver = archiver or NOOPArchiver()
self.fireball = fireball
self.no_fetch = no_fetch
self.goback = goback
self.skip_invalid = skip_invalid
self.verify_ssl = verify_sslÍ
self.last_cache = None
self.send_retries = send_retries
self.send_retries_wait = send_retries_wait
def _run_smrt(options, **kwargs):
args = kwargs.get('args')
goback = kwargs.get('goback')
verify_ssl = kwargs.get('verify_ssl')
data = kwargs.get('data')
service_mode = kwargs.get("service_mode")
archiver = None
if args.remember:
archiver = Archiver(dbfile=args.remember_path)
else:
archiver = NOOPArchiver()
logger.info('starting run...')
with Smrt(options.get('token'), options.get('remote'), client=args.client, username=args.user,
feed=args.feed, archiver=archiver, fireball=args.fireball, no_fetch=args.no_fetch,
verify_ssl=verify_ssl, goback=goback, skip_invalid=args.skip_invalid, send_retries=args.send_retries,
send_retries_wait=args.send_retries_wait) as s:
if s.client:
s.client.ping(write=True)
filters = {}
if args.filter_indicator:
filters['indicator'] = args.filter_indicator
indicators = []
for r, f in s.load_feeds(args.rule, feed=args.feed):
logger.info('processing: {} - {}:{}'.format(args.rule, r.defaults['provider'], f))
try:
for i in s.process(r, f, limit=args.limit, data=data, filters=filters):
if args.client == 'stdout':
indicators.append(i)
except Exception as e:
if not service_mode and not args.skip_broken:
logger.error('may need to remove the old cache file: %s' % s.last_cache)
import traceback
logger.error(traceback.print_exc())
raise e
logger.error(e)
logger.info('skipping: {}'.format(args.feed))
if args.client == 'stdout':
print(FORMATS[options.get('format')](data=indicators, cols=args.fields.split(',')))
logger.info('cleaning up')
archiver.cleanup()
archiver.clear_memcache()
logger.info('finished run')