def set_config_general(system_id): param_names = [ 'general_admin_dns', 'general_admin_gateway', 'general_admin_ip', 'general_admin_netmask', 'general_hostname', 'general_mailserver_relay', 'general_mailserver_relay_passwd', 'general_mailserver_relay_port', 'general_mailserver_relay_user', 'general_ntp_server', 'firewall_active' ] (success, system_ip) = ret = get_system_ip_from_system_id(system_id) if not success: return make_error(system_ip, 500) set_values = {} for key, value in request.args.iteritems(): if key not in param_names: return make_error("Bad param %s" % key, 400) else: set_values[key] = value (success, config_values) = set_av_config(system_ip, set_values) if not success: current_app.logger.error("system: set_config_general error: " + str(config_values)) return make_error( "Cannot set general configuration info %s" % str(config_values), 500) flush_cache(namespace="system") if 'general_hostname' in set_values: success, msg = db_system_update_hostname( system_id, set_values['general_hostname']) if not success: return make_error("Error setting values: %s" % msg, 500) if 'general_admin_ip' in set_values: success, msg = db_system_update_admin_ip( system_id, set_values['general_admin_ip']) if not success: return make_error("Error setting values: %s" % msg, 500) success, msg = ansible_add_ip_to_inventory( set_values['general_admin_ip']) if not success: return make_error("Error setting the admin IP address", 500) job = alienvault_asynchronous_reconfigure.delay(system_id) return make_ok(job_id=job.id)
def set_system_config(system_id, set_values): """ Set the configuration values to the system Args: system_id(str): The system id where the configuration will be setted set_values: key-value dictionary with the configuration settings Returns: (success, job_id): success=True when the operation when ok, otherwise success=False. On success job_id: id of the async reconfig job, error message string otherwise """ (success, system_ip) = get_system_ip_from_system_id(system_id) if not success: return (False, system_ip) (success, config_values) = set_av_config(system_ip, set_values) if not success: api_log.error("system: set_config_general error: " + str(config_values)) return (False, "Cannot set general configuration info: %s" % str(config_values)) flush_cache(namespace="system_config") if 'general_hostname' in set_values: success, msg = db_system_update_hostname( system_id, set_values['general_hostname']) if not success: return (False, "Error setting values: %s" % msg) new_admin_ip = None if 'general_admin_ip' in set_values: new_admin_ip = set_values['general_admin_ip'] success, msg = db_system_update_admin_ip( system_id, set_values['general_admin_ip']) if not success: return (False, "Error setting values: %s" % msg) success, msg = ansible_add_ip_to_inventory( set_values['general_admin_ip']) if not success: return (False, "Error setting the admin IP address") job = alienvault_asynchronous_reconfigure.delay(system_ip, new_admin_ip) return (True, job.id)
def set_system_config(system_id, set_values): """ Set the configuration values to the system Args: system_id(str): The system id where the configuration will be setted set_values: key-value dictionary with the configuration settings Returns: (success, job_id): success=True when the operation when ok, otherwise success=False. On success job_id: id of the async reconfig job, error message string otherwise """ (success, system_ip) = get_system_ip_from_system_id(system_id) if not success: return (False, system_ip) (success, config_values) = set_av_config(system_ip, set_values) if not success: api_log.error("system: set_config_general error: " + str(config_values)) return (False, "Cannot set general configuration info: %s" % str(config_values)) flush_cache(namespace="system_config") if "general_hostname" in set_values: success, msg = db_system_update_hostname(system_id, set_values["general_hostname"]) if not success: return (False, "Error setting values: %s" % msg) new_admin_ip = None if "general_admin_ip" in set_values: new_admin_ip = set_values["general_admin_ip"] success, msg = db_system_update_admin_ip(system_id, set_values["general_admin_ip"]) if not success: return (False, "Error setting values: %s" % msg) success, msg = ansible_add_ip_to_inventory(set_values["general_admin_ip"]) if not success: return (False, "Error setting the admin IP address") job = alienvault_asynchronous_reconfigure.delay(system_ip, new_admin_ip) return (True, job.id)
def set_config_general(system_id): param_names = ['general_admin_dns', 'general_admin_gateway', 'general_admin_ip', 'general_admin_netmask', 'general_hostname', 'general_mailserver_relay', 'general_mailserver_relay_passwd', 'general_mailserver_relay_port', 'general_mailserver_relay_user', 'general_ntp_server', 'firewall_active'] (success, system_ip) = ret = get_system_ip_from_system_id(system_id) if not success: return make_error(system_ip, 500) set_values = {} for key, value in request.args.iteritems(): if key not in param_names: return make_error ("Bad param %s" % key, 400) else: set_values[key] = value (success, config_values) = set_av_config(system_ip, set_values) if not success: current_app.logger.error("system: set_config_general error: " + str(config_values)) return make_error("Cannot set general configuration info %s" % str(config_values), 500) flush_cache(namespace="system") if 'general_hostname' in set_values: success, msg = db_system_update_hostname(system_id, set_values['general_hostname']) if not success: return make_error("Error setting values: %s" % msg, 500) if 'general_admin_ip' in set_values: success, msg = db_system_update_admin_ip(system_id, set_values['general_admin_ip']) if not success: return make_error("Error setting values: %s" % msg, 500) success, msg = ansible_add_ip_to_inventory(set_values['general_admin_ip']) if not success: return make_error("Error setting the admin IP address", 500) job = alienvault_asynchronous_reconfigure.delay(system_id) return make_ok(job_id=job.id)
def start(self): try: self.remove_monitor_data() rc, system_list = get_systems(directly_connected=False) if not rc: logger.error("Can't retrieve systems..%s" % str(system_list)) return False for (system_id, system_ip) in system_list: success, sensor_id = get_sensor_id_from_system_id(system_id) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "get_sensor_id_from_system_id failed for system %s (%s)" % (system_ip, system_id)) sensor_id = None ha_name = None success, result = system_all_info(system_id, no_cache=True) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "system_all_info failed for system %s (%s)" % (system_ip, system_id)) continue if 'ha_status' in result: ha_name = 'active' if result[ 'ha_status'] == 'up' else 'passive' success, result = network_status(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "network_status failed for system %s (%s)" % (system_ip, system_id)) continue success, result = alienvault_status(system_id, no_cache=True) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "alienvault_status failed for system %s (%s)" % (system_ip, system_id)) continue success, result = status_tunnel(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoreInfo] " "status_tunnel failed for system %s (%s)" % (system_ip, system_id)) continue success, result = get_system_config_general(system_id, no_cache=True) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "get_system_config_general failed for system %s (%s)" % (system_ip, system_id)) continue hostname = result.get('general_hostname', None) if hostname is not None: success, hostname_old = db_get_hostname(system_id) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "db_get_hostname failed for system %s (%s)" % (system_ip, system_id)) continue if hostname == hostname_old: hostname = None # Getting config params from the system, # we do use this result var so do not change the order of the calls! success, config_alienvault = get_system_config_alienvault( system_id, no_cache=True) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] " "get_system_config_alienvault failed for system %s (%s)" % (system_ip, system_id)) continue ha_ip = None ha_role = None if 'ha_ha_virtual_ip' in config_alienvault: ha_ip = config_alienvault['ha_ha_virtual_ip'] if not is_valid_ipv4(ha_ip): ha_ip = None if 'ha_ha_role' in config_alienvault: ha_role = config_alienvault['ha_ha_role'] if ha_role not in ['master', 'slave']: ha_role = None # Update interfaces cache success, result = get_interfaces(system_id, no_cache=True) if not success: continue # Update system setup data cache success, result = system_get(system_id, no_cache=True) if not success: continue vpn_ip = None if "ansible_tun0" in result: try: vpn_ip = result['ansible_tun0']['ipv4']['address'] except Exception: vpn_ip = None # Sensor exclusive if sensor_id is not None and sensor_id != '': self.__update_sensor_properties( sensor_id=sensor_id, config_alienvault=config_alienvault) # Refresh sensor plugins cache try: get_sensor_plugins(sensor_id, no_cache=True) except APIException: logger.warning( "[MonitorRetrievesRemoteInfo] " "error getting plugins from sensor '{0}' {1}". format(sensor_id, system_ip)) if vpn_ip is not None: success, message = set_system_vpn_ip(system_id, vpn_ip) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_vpn_ip failed: %s" % message) if ha_role is not None: success, message = set_system_ha_role(system_id, ha_role) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message) else: success, message = set_system_ha_role(system_id, 'NULL') if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message) if ha_ip is not None: success, message = set_system_ha_ip(system_id, ha_ip) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_ha_ip: %s" % message) success, message = fix_system_references() if not success: logger.warning( "[MonitorRetrievesRemoteInfo] fix_system_references: %s" % message) if ha_name is not None: success, message = set_system_ha_name( system_id, ha_name) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_ha_name failed: %s" % message) else: success, message = set_system_ha_ip(system_id, '') if not success: logger.warning( "[MonitorRetrievesRemoteInfo] set_system_ha_ip failed: %s" % message) if hostname is not None: success, message = db_system_update_hostname( system_id, hostname) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] db_system_update_hostname failed: %s" % message) # Backups success, message = get_backup_list(system_id=system_id, backup_type="configuration", no_cache=True) if not success: logger.warning( "[MonitorRetrievesRemoteInfo] get_backup_list failed: %s" % message) except Exception as err: api_log.error( "Something wrong happened while running the MonitorRetrievesRemoteInfo monitor %s" % str(err)) return False return True
def start(self): try: self.remove_monitor_data() rc, system_list = get_systems(directly_connected=False) if not rc: logger.error("Can't retrieve systems..%s" % str(system_list)) return False for (system_id, system_ip) in system_list: success, sensor_id = get_sensor_id_from_system_id(system_id) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "get_sensor_id_from_system_id failed for system %s (%s)" % (system_ip, system_id)) sensor_id = None ha_name = None success, result = system_all_info(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "system_all_info failed for system %s (%s)" % (system_ip, system_id)) continue if 'ha_status' in result: ha_name = 'active' if result['ha_status'] == 'up' else 'passive' success, result = network_status(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "network_status failed for system %s (%s)" % (system_ip, system_id)) continue success, result = alienvault_status(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "alienvault_status failed for system %s (%s)" % (system_ip, system_id)) continue success, result = status_tunnel(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoreInfo] " "status_tunnel failed for system %s (%s)" % (system_ip, system_id)) continue success, result = get_system_config_general(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "get_system_config_general failed for system %s (%s)" % (system_ip, system_id)) continue hostname = result.get('general_hostname', None) if hostname is not None: success, hostname_old = db_get_hostname(system_id) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "db_get_hostname failed for system %s (%s)" % (system_ip, system_id)) continue if hostname == hostname_old: hostname = None # Getting config params from the system, # we do use this result var so do not change the order of the calls! success, config_alienvault = get_system_config_alienvault(system_id, no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] " "get_system_config_alienvault failed for system %s (%s)" % (system_ip, system_id)) continue ha_ip = None ha_role = None if 'ha_ha_virtual_ip' in config_alienvault: ha_ip = config_alienvault['ha_ha_virtual_ip'] if not is_valid_ipv4(ha_ip): ha_ip = None if 'ha_ha_role' in config_alienvault: ha_role = config_alienvault['ha_ha_role'] if ha_role not in ['master', 'slave']: ha_role = None # Update interfaces cache success, result = get_interfaces(system_id, no_cache=True) if not success: continue # Update system setup data cache success, result = system_get(system_id, no_cache=True) if not success: continue vpn_ip = None if "ansible_tun0" in result: try: vpn_ip = result['ansible_tun0']['ipv4']['address'] except Exception: vpn_ip = None # Sensor exclusive if sensor_id is not None and sensor_id != '': self.__update_sensor_properties(sensor_id=sensor_id, config_alienvault=config_alienvault) # Refresh sensor plugins cache try: get_sensor_plugins(sensor_id, no_cache=True) except APIException: logger.warning("[MonitorRetrievesRemoteInfo] " "error getting plugins from sensor '{0}' {1}".format(sensor_id, system_ip)) if vpn_ip is not None: success, message = set_system_vpn_ip(system_id, vpn_ip) if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_vpn_ip failed: %s" % message) if ha_role is not None: success, message = set_system_ha_role(system_id, ha_role) if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message) else: success, message = set_system_ha_role(system_id, 'NULL') if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message) if ha_ip is not None: success, message = set_system_ha_ip(system_id, ha_ip) if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_ip: %s" % message) success, message = fix_system_references() if not success: logger.warning("[MonitorRetrievesRemoteInfo] fix_system_references: %s" % message) if ha_name is not None: success, message = set_system_ha_name(system_id, ha_name) if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_name failed: %s" % message) else: success, message = set_system_ha_ip(system_id, '') if not success: logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_ip failed: %s" % message) if hostname is not None: success, message = db_system_update_hostname(system_id, hostname) if not success: logger.warning("[MonitorRetrievesRemoteInfo] db_system_update_hostname failed: %s" % message) # Backups success, message = get_backup_list(system_id=system_id, backup_type="configuration", no_cache=True) if not success: logger.warning("[MonitorRetrievesRemoteInfo] get_backup_list failed: %s" % message) except Exception as err: api_log.error("Something wrong happened while running the MonitorRetrievesRemoteInfo monitor %s" % str(err)) return False return True