def ossec_win_deploy(sensor_id): # First obtain the admin_ip param_names = ['agent_name', 'windows_ip', 'windows_username', 'windows_domain', 'windows_password'] (result, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id, local_loopback=False) if result is False: current_app.logger.error("ossec_win_deploy: ossec_win_deploy error: " % str(sensor_ip)) return api.lib.common.make_error("Error deploying ossec from sensor %s" % sensor_ip, 404) # Now the params. We need # agent_name # windows_ip # windows_user # windows_domain # windows_password for k in param_names: if request.args.get(k) is None: current_app.logger.error("ossec_win_deploy: ossec_win_deploy error: Bad param %s" % k) return api.lib.common.make_error("Bad param %s" % k, 400) # Ok, all params presents and with value job = celerymethods.jobs.ossec_win_deploy.ossec_win_deploy.delay(sensor_ip, request.args['agent_name'], request.args['windows_ip'], request.args['windows_username'], request.args['windows_domain'], request.args['windows_password']) current_job_id = job.id is_finished = False job_status = job.status job_data = job.info jobs_active = None msg = "Job launched!" return api.lib.common.make_ok(job_id=current_job_id, finished=is_finished, status=job_status, task_data=job_data, active_jobs=jobs_active, message=msg)
def apimethod_get_agentless_passlist(sensor_id): (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Invalid sensor id %s" % sensor_id success, base_path = get_base_path_from_sensor_id(sensor_id) if not success: return False, "Can't retrieve the destination path: %s" % base_path destination_path = base_path + "/ossec/agentless/" success, msg = create_local_directory(destination_path) if not success: api_log.error(str(msg)) return False, "Error creating directory '%s'" % destination_path dst_filename = destination_path+".passlist" success, msg = ans_ossec_get_agentless_passlist(system_ip=system_ip, destination_path=dst_filename) if not success: if str(msg).find('the remote file does not exist') > 0: if touch_file(dst_filename): success = True msg = dst_filename success, result = set_ossec_file_permissions(dst_filename) if not success: return False, str(result) return success, msg
def get_sensor_detector_by_device(sensor_id): """ Return the [sensor]/plugin list for a given sensor :param sensor_id: The sensor which we want to get the data :param device_id: Filter by device (canonical uuid) """ (success, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: current_app.logger.error( "detector: get_sensor_detector: Bad 'sensor_id'") return make_bad_request("Bad sensor_id") device_id = request.args.get('device_id', None) # Now call the ansible module to obtain the [sensor]/iface (success, data) = get_sensor_detectors_from_yaml(sensor_ip) if not success: current_app.logger.error( "detector: get_sensor_detector_by_device: %s" % str(data)) return make_error("Error getting sensor plugins", 500) try: yaml_data = get_plugin_get_request_from_yml( data['contacted'][sensor_ip]['plugins'], device_id) except: return make_error( "Something wrong while parsing the yml file. %s" % data, 500) # Now format the list by a dict which key is the sensor_id and the value if the list of ifaces return make_ok(plugins=yaml_data)
def put_sensor_detector_by_device(sensor_id): """ Set the [sensor]/detectors list on config.yml of the sensor """ # Get the 'plugins' param list, with contains the detector plugins # It must be a comma separate list plugins = request.form['plugins'] if plugins is None: current_app.logger.error( "detector: put_sensor_detector error: Missing parameter 'plugins'") return make_bad_request("Missing parameter plugins") (success, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: current_app.logger.error( "detector: put_sensor_detector error: Bad 'sensor_id'") return make_bad_request("Bad sensor_id") plugins_hash = {} try: plugins = json.loads(plugins) for device_id, plugins in plugins.iteritems(): ips = get_asset_ip_from_id(device_id) if len(ips) > 0: plugins_hash[device_id] = { "device_ip": ips[0], # A device should never have more than one IP "plugins": plugins } except Exception, e: return make_bad_request("Invalid JSON: %s , p=%s" % ("", str(plugins)))
def ossec_put_server_config(sensor_id): (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Invalid sensor id %s" % sensor_id success, ossec_directory = get_ossec_directory(sensor_id) if not success: api_log.error(str(ossec_directory)) return False, ossec_directory server_config_file = os.path.join(ossec_directory, OSSEC_CONFIG_SERVER_FILE_NAME) success, local_system_ip = get_system_ip_from_local(local_loopback=False) if not success: api_log.error(str(local_system_ip)) return False, "Error getting the local system ip" # Sanity Check of the file success, msg = ossec_verify_server_config_file(local_system_ip, server_config_file) if not success: api_log.error(str(msg)) return False, "Error verifiying the ossec server configuration file\n%s" % msg success, msg = copy_file(host_list=[system_ip], args="src=%s dest=%s owner=root group=ossec mode=644" % (server_config_file, OSSEC_CONFIG_SERVER_PATH)) if not success: api_log.error(str(msg)) return False, "Error setting the HIDS server configuration file" return True, ''
def put_sensor_interface(sensor_id): """ Set the [sensor]/interfaces list on ossim_setup.conf of the sensor """ # Get the 'ifaces' param list, with contains the ifaces # It must be a comma separate list ifaces = request.args.get('ifaces') if ifaces is None: current_app.logger.error("interfaces: put_sensor_interface error: Missing parameter 'ifaces'") return make_bad_request("Missing parameter ifaces") (success, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: current_app.logger.error("interfaces: put_sensor_interface error: Bad 'sensor_id'") return make_bad_request("Bad sensor_id") # Call the ansible module to obtain the [sensor]/iface (success, data) = set_sensor_interfaces(sensor_ip, ifaces) if not success: current_app.logger.error("interfaces: put_sensor_interfaces_from_conf error: %s" % data) return make_error("Error setting sensor interfaces", 500) # Now launch reconfig task job = alienvault_reconfigure.delay(sensor_ip) # Now format the list by a dict which key is the sensor_id and the value if the list of ifaces return make_ok(job_id_reconfig=job.id)
def put_sensor_detector(sensor_id): """ Set the [sensor]/detectors list on ossim_setup.conf of the sensor """ # Get the 'plugins' param list, with contains the detector plugins # It must be a comma separate list plugins = request.args.get('plugins') if plugins is None: current_app.logger.error( "detector: put_sensor_detector error: Missing parameter 'plugins'") return make_bad_request("Missing parameter plugins") (success, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: current_app.logger.error( "detector: put_sensor_detector error: Bad 'sensor_id'") return make_bad_request("Bad sensor_id") (success, data) = set_sensor_detectors(sensor_ip, plugins) if not success: current_app.logger.error("detector: put_sensor_detector error %s" % data) return make_error("Error setting sensor detector plugins", 500) # Now launch reconfig task job = alienvault_reconfigure.delay(sensor_ip) # Now format the list by a dict which key is the sensor_id and the value if the list of ifaces return make_ok(job_id_reconfig=job.id)
def put_sensor_detector(sensor_id): """ Set the [sensor]/detectors list on ossim_setup.conf of the sensor """ # Get the 'plugins' param list, with contains the detector plugins # It must be a comma separate list plugins = request.args.get('plugins') if plugins is None: current_app.logger.error("detector: put_sensor_detector error: Missing parameter 'plugins'") return make_bad_request("Missing parameter plugins") (success, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: current_app.logger.error("detector: put_sensor_detector error: Bad 'sensor_id'") return make_bad_request("Bad sensor_id") (success, data) = set_sensor_detectors(sensor_ip, plugins) if not success: current_app.logger.error("detector: put_sensor_detector error %s" % data) return make_error("Error setting sensor detector plugins", 500) # Now launch reconfig task job = alienvault_reconfigure.delay(sensor_ip) # Now format the list by a dict which key is the sensor_id and the value if the list of ifaces return make_ok(job_id_reconfig=job.id)
def apimethod_run_nmap_scan(sensor_id, target, idm, scan_type, rdns, scan_timing, autodetect, scan_ports, output_file_prefix="", save_to_file=False, job_id=""): """Launches an MAP scan Args: sensor_id: The system IP where you want to get the [sensor]/interfaces from ossim_setup.conf target: IP address of the component where the NMAP will be executed idm: Convert results into idm events scan_type: Sets the NMAP scan type rdns: Tells Nmap to do reverse DNS resolution on the active IP addresses it finds scan_timing: Set the timing template autodetect: Aggressive scan options (enable OS detection) scan_ports: Only scan specified ports output_file_prefix: Prefix string to be added to the output filename save_to_file: Indicates whether you want to save the NMAP report to a file or not. job_id: Celery job ID. Returns: nmap_report: The NMAP report or the filename where the report has been saved. Raises: APINMAPScanCannotRun APICannotResolveSensorID APINMAPScanCannotRetrieveBaseFolder APINMAPScanCannotCreateLocalFolder """ (result, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id, local_loopback=False) if result is False: api_log.error( "[apimethod_run_nmap_scan] Cannot retrieve the sensor ip from the given sensor id <%s>" % sensor_id) raise APICannotResolveSensorID(sensor_id) success, nmap_report = ansible_run_nmap_scan(sensor_ip=sensor_ip, target=target, scan_type=scan_type, rdns=rdns, scan_timing=scan_timing, autodetect=autodetect, scan_ports=scan_ports, job_id=job_id) if not success: api_log.error('Failed to launch NMAP scan: %s' % nmap_report) raise APINMAPScanCannotRun(nmap_report) filename = None if save_to_file: base_path = get_nmap_directory(sensor_id) filename = "%s/nmap_report_%s.json" % (base_path, output_file_prefix) with open(filename, "w") as f: f.write(json.dumps(nmap_report)) if idm: conn = IDMConnection(sensor_id=sensor_id) if conn.connect(): conn.send_events_from_hosts(nmap_report) try: if filename is not None: os.remove(filename) except Exception: pass else: api_log.error("[apimethod_run_nmap_scan] Cannot connect with the IDM Service") try: apimethods_nmap_purge_scan_files(job_id) except Exception as exp: api_log.warning("[apimethod_run_nmap_scan] Cannot purge the scan files %s" % str(exp)) return nmap_report
def put_sensor_detector_by_device(sensor_id): """ Set the [sensor]/detectors list on config.yml of the sensor """ # Get the 'plugins' param list, with contains the detector plugins # It must be a comma separate list plugins = request.form['plugins'] if plugins is None: current_app.logger.error("detector: put_sensor_detector error: Missing parameter 'plugins'") return make_bad_request("Missing parameter plugins") (success, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: current_app.logger.error("detector: put_sensor_detector error: Bad 'sensor_id'") return make_bad_request("Bad sensor_id") plugins_hash = {} try: plugins = json.loads(plugins) for device_id, plugins in plugins.iteritems(): ips = get_asset_ip_from_id(device_id) if len(ips) > 0: plugins_hash[device_id] = {"device_ip": ips[0], # A device should never have more than one IP "plugins": plugins} except Exception, e: return make_bad_request("Invalid JSON: %s , p=%s" % ("", str(plugins)))
def ossec_get_agent_config(sensor_id): (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Invalid sensor id %s" % sensor_id success, ossec_directory = get_ossec_directory(sensor_id) if not success: api_log.error(str(ossec_directory)) return False, ossec_directory agent_config_file = os.path.join(ossec_directory, OSSEC_CONFIG_AGENT_FILE_NAME) success, filename = fetch_file(system_ip=system_ip, src_file_path=OSSEC_CONFIG_AGENT_PATH, dst_file_path=agent_config_file, fail_on_missing=True, flat=True) try: if not success: if str(filename).find('the remote file does not exist') > 0: if touch_file(agent_config_file): success = True filename = agent_config_file except Exception as err: import traceback api_log.error("EX: %s, %s" % (str(err), traceback.format_exc())) if not success: api_log.error(str(filename)) return False, "Something wrong happened getting the HIDS agent configuration file" success, result = set_ossec_file_permissions(agent_config_file) if not success: return False, str(result) return True, filename
def ossec_add_new_agent(sensor_id, agent_name, agent_ip, asset_id): """ Add a new agent """ (success, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Bad sensor_id" (success, data) = ans_ossec_add_new_agent(sensor_ip, agent_name, agent_ip) # Add HIDS information to database and restart ossec server if it is necessary if success: # Default values agent_id = data agent_status = 'Never connected' try: add_hids_agent(agent_id, sensor_id, agent_name, agent_ip, agent_status, asset_id) except APIException as e: success = False data = str(e) (result, status) = ans_ossec_control(sensor_ip, 'status', '') if result and status['general_status']['remoted'] == 'DOWN': ans_ossec_control(sensor_ip, 'restart', '') return success, data
def ossec_get_server_config(sensor_id): (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Invalid sensor id %s" % sensor_id success, ossec_directory = get_ossec_directory(sensor_id) if not success: api_log.error(str(ossec_directory)) return False, ossec_directory server_config_file = os.path.join(ossec_directory, OSSEC_CONFIG_SERVER_FILE_NAME) success, filename = fetch_file(system_ip=system_ip, src_file_path=OSSEC_CONFIG_SERVER_PATH, dst_file_path=server_config_file, fail_on_missing=True, flat=True) if not success: if str(filename).find('the remote file does not exist') > 0: if touch_file(server_config_file): filename = server_config_file else: api_log.error(str(filename)) return False, "Something wrong happened getting the HIDS server configuration file" success, result = set_ossec_file_permissions(server_config_file) if not success: return False, str(result) return True, filename
def apimethod_ossec_control(sensor_id, operation, option): (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Invalid sensor id %s" % sensor_id return ans_ossec_control(system_ip=system_ip, operation=operation, option=option)
def ossec_add_new_agent(sensor_id, agent_name, agent_ip): """ Add a new agent """ (success, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Bad sensor_id" (success, data) = ans_ossec_add_new_agent(sensor_ip, agent_name, agent_ip) return success, data
def get_service_status_by_id(sensor_id): """ Return a list of processes with their statuses (snort, suricata, prads, ntop and ossec) """ (success, ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, ip return get_service_status_by_ip(ip)
def ossec_get_check(sensor_id, agent_ip, agent_name, check_type): (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Invalid sensor id" % sensor_id return ans_ossec_get_check(system_ip=system_ip, check_type=check_type, agent_ip=agent_ip, agent_name=agent_name)
def apimethod_put_agentless_passlist(sensor_id): (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Invalid sensor id %s" % sensor_id success, base_path = get_base_path_from_sensor_id(sensor_id) if not success: return False, "Can't retrieve the destination path: %s" % base_path src_file = base_path + "/ossec/agentless/.passlist" return ans_ossec_put_agentless_passlist(system_ip=system_ip, local_passfile=src_file)
def ossec_rootcheck(sensor_id, agent_id): """ Rootcheck @param sensor_id: Sensor id @param agent_id: Agent id [0-9]{1,4} """ (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return (False, system_ip) return ans_ossec_rootcheck(system_ip, agent_id)
def get_plugin_package_info(sensor_id): """ Return the current version of package alienvault-api-sids in sensor with id sensor_id """ (success, ip) = get_sensor_ip_from_sensor_id(sensor_id) if success: return ans_get_plugin_package_info(ip) else: return (False, ip)
def apimethod_ossec_get_agent_detail(sensor_id, agent_id): """Retrieves information about a given agent_id :param sensor_id of the sensor we are going to consult :param agent_id: Agent id [0-9]{1,4} """ (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return (False, "Invalid sensor id %s" % sensor_id) return ans_ossec_get_ossec_agent_detail(system_ip, agent_id)
def apimethod_ossec_get_syscheck(sensor_id, agent_id): """ Return the modified file list detected by ossec agent :param sensor_id of the sensor we are going to consult :param agent_id: Agente id \d{1,4} """ (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return (False, "Invalid sensor id %s" % sensor_id) return ans_ossec_get_syscheck(system_ip, agent_id)
def ossec_get_preconfigured_agent(sensor_id, agent_id, agent_type): (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Invalid sensor id" success, destination_path = get_ossec_directory(sensor_id) if not success: api_log.error(str(destination_path)) return False, destination_path return ossec_create_preconfigured_agent(system_ip, agent_id, agent_type, destination_path)
def ossec_get_logs(sensor_id, ossec_log, number_of_lines): """ Return lines from ossec_log @param sensor_id: Sensor id @param ossce_log: alert or ossec , the where we're going to red @param number_of_logs: Number of line to read from the logs """ (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return (False, system_ip) return ans_ossec_get_logs(system_ip, ossec_log, number_of_lines)
def __build_sensor_from_alchemy_object(self, alchemy_sensor_object): sensor_id = get_uuid_string_from_bytes(alchemy_sensor_object.id) _, sensor_ip = get_sensor_ip_from_sensor_id(sensor_id) sensor_platform = self._platform_repository.get_platform(sensor_ip) sensor_connected = sensor_platform is not None return self._sensor_constructor( sensor_id, alchemy_sensor_object.name, alchemy_sensor_object.descr, sensor_platform and sensor_platform.name, sensor_ip, self.__get_software_version(alchemy_sensor_object.id), sensor_platform and sensor_platform.threat_intelligence_version, sensor_connected)
def apimethod_put_ossec_configuration_file(sensor_id, filename): if filename not in ['local_rules.xml', 'rules_config.xml']: return False, "Invalid configuration file to put: %s" % str(filename) (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Invalid sensor id %s" % sensor_id success, base_path = get_base_path_from_sensor_id(sensor_id) if not success: return False, "Can't retrieve the destination path: %s" % base_path src_file = base_path + "/ossec/rules/%s" % filename return ans_ossec_put_configuration_rule_file(system_ip=system_ip, local_rule_filename=src_file, remote_rule_name=filename)
def get_ossec_rules_filenames(sensor_id): (ret, admin_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not ret: current_app.logger.error("sensor: auth_sensor error: " + str(admin_ip)) return make_bad_request(sensor_id) (success, data) = get_ossec_rule_filenames(admin_ip) if not success: current_app.logger.error("sensor: Can't get sensor networks for " + str(sensor_id) + " msg: " + str(data)) return make_bad_request(sensor_id) else: return make_ok(rules=data)
def ossec_get_available_agents(sensor_id, op_ossec, agent_id=''): """ Exec several ops for a ossec agent @param sensor_id: Sensor id @param op_ossec: Operation. One in list_available_agents, list_online_agents, restart_agent, integrity_check @param agent_id: Agent id [0-9]{1,4} """ (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return (False, system_ip) return ans_ossec_get_available_agents(system_ip, op_ossec, agent_id)
def apimethods_nmap_purge_scan_files(task_id): """Purge the given scan files Raises: APICannotResolveSensorID APINMAPScanKeyNotFound APINMAPScanException """ job = apimethod_get_nmap_scan_status(task_id) (result, sensor_ip) = get_sensor_ip_from_sensor_id(job["sensor_id"], local_loopback=False) if not result: return False, "Cannot retrieve the sensor ip from the given sensor id {0}".format(job["sensor_id"]) success, result = ansible_nmap_purge_scan_files(sensor_ip, task_id) return success, result
def check_credentials(host_ip): (ret, admin_ip) = get_sensor_ip_from_sensor_id('local') if not ret: abort(500, "local sensor not found") #TODO: the method check_credentials_from_sensor doesn't exist #(success, data) = check_credentials_from_sensor(admin_ip, host_ip, request.args.get('user'), # request.args.get('pass'), request.args.get('method')) success, data = True, "OK" if not success: current_app.logger.error("Cannot check host " + str(host_ip) + " credentials; msg: " + str(data)) abort(500, "Cannot check host " + str(host_ip) + " credentials; msg: " + str(data)) return make_ok(result=data)
def ossec_delete_agent(sensor_id, agent_id): (success, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return False, "Bad sensor_id" (success, data) = ans_ossec_delete_agent(sensor_ip, agent_id) if success: try: delete_hids_agent(agent_id, sensor_id) except APIException as e: data = str(e) success = False return success, data
def ossec_extract_agent_key(sensor_id, agent_id): """ Extract the agente key @param sensor_id: sensor id @param agent_id: A string between 0 and 9999 and [0-9]{1,4} @return: Nothig is OK or the error message """ # Check the agent_id if re.match(r"^[0-9]{1,4}$", agent_id) is None: return (False, "Bad agent_id %s" % agent_id) (success, system_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return (False, system_ip) return ans_ossec_extract_agent_key(system_ip, agent_id)
def get_sensor_plugins(sensor_id, no_cache=False): """ Get the plugins of a sensor Raise: APICannotGetSensorPlugins """ success, sensor_ip = get_sensor_ip_from_sensor_id(sensor_id) if not success: raise APICannotResolveSensorID( sensor_id=sensor_id, log='[get_sensor_plugins] Error getting sensor ip: {0}'.format(str(sensor_ip))) plugins = ansible_get_sensor_plugins(system_ip=sensor_ip) return plugins
def set_sensor_network(sensor_id): netlist = request.args.get('nets').split(",") (ret, admin_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not ret: current_app.logger.error("sensor: auth_sensor error: " + str(admin_ip)) return make_bad_request(sensor_id) (success, data) = set_sensor_networks(admin_ip, netlist) if not success: current_app.logger.error("sensor: Can't set sensor networks to " + str(netlist)) return make_bad_request(sensor_id) # Launch configure job = alienvault_reconfigure.delay(admin_ip) # Now format the list by a dict which key is the sensor_id and the value if the list of ifaces return make_ok(job_id_reconfig=job.id)
def __build_sensor_from_alchemy_object(self, alchemy_sensor_object): sensor_id = get_uuid_string_from_bytes(alchemy_sensor_object.id) _, sensor_ip = get_sensor_ip_from_sensor_id(sensor_id) sensor_platform = self._platform_repository.get_platform(sensor_ip) sensor_connected = sensor_platform is not None return self._sensor_constructor( sensor_id, alchemy_sensor_object.name, alchemy_sensor_object.descr, sensor_platform and sensor_platform.name, sensor_ip, self.__get_software_version(alchemy_sensor_object.id), sensor_platform and sensor_platform.threat_intelligence_version, sensor_connected )
def configure_ntop (sensor_id, force=False): """ Set the Ntop configuration in a Sensor profile. @param sensor_id: Sensor id """ # Do nothing if ntop is already configured in this sensor (success, properties) = get_sensor_properties (sensor_id) if not success: return (False, properties) if properties['has_ntop'] and not force: return (True, 'ntop already configured') (success, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return (False, "Bad sensor id: %s" % str(sensor_id)) return ans_configure_ntop(sensor_ip)
def configure_ntop(sensor_id, force=False): """ Set the Ntop configuration in a Sensor profile. @param sensor_id: Sensor id """ # Do nothing if ntop is already configured in this sensor (success, properties) = get_sensor_properties(sensor_id) if not success: return (False, properties) if properties['has_ntop'] and not force: return (True, 'ntop already configured') (success, sensor_ip) = get_sensor_ip_from_sensor_id(sensor_id) if not success: return (False, "Bad sensor id: %s" % str(sensor_id)) return ans_configure_ntop(sensor_ip)