def set_config_general(system_id):
param_names = [
'general_admin_dns', 'general_admin_gateway', 'general_admin_ip',
'general_admin_netmask', 'general_hostname',
'general_mailserver_relay', 'general_mailserver_relay_passwd',
'general_mailserver_relay_port', 'general_mailserver_relay_user',
'general_ntp_server', 'firewall_active'
]
(success, system_ip) = ret = get_system_ip_from_system_id(system_id)
if not success:
return make_error(system_ip, 500)
set_values = {}
for key, value in request.args.iteritems():
if key not in param_names:
return make_error("Bad param %s" % key, 400)
else:
set_values[key] = value
(success, config_values) = set_av_config(system_ip, set_values)
if not success:
current_app.logger.error("system: set_config_general error: " +
str(config_values))
return make_error(
"Cannot set general configuration info %s" % str(config_values),
500)
flush_cache(namespace="system")
if 'general_hostname' in set_values:
success, msg = db_system_update_hostname(
system_id, set_values['general_hostname'])
if not success:
return make_error("Error setting values: %s" % msg, 500)
if 'general_admin_ip' in set_values:
success, msg = db_system_update_admin_ip(
system_id, set_values['general_admin_ip'])
if not success:
return make_error("Error setting values: %s" % msg, 500)
success, msg = ansible_add_ip_to_inventory(
set_values['general_admin_ip'])
if not success:
return make_error("Error setting the admin IP address", 500)
job = alienvault_asynchronous_reconfigure.delay(system_id)
return make_ok(job_id=job.id)
def set_system_config(system_id, set_values):
"""
Set the configuration values to the system
Args:
system_id(str): The system id where the configuration will be setted
set_values: key-value dictionary with the configuration settings
Returns:
(success, job_id): success=True when the operation when ok, otherwise success=False.
On success job_id: id of the async reconfig job, error message string otherwise
"""
(success, system_ip) = get_system_ip_from_system_id(system_id)
if not success:
return (False, system_ip)
(success, config_values) = set_av_config(system_ip, set_values)
if not success:
api_log.error("system: set_config_general error: " +
str(config_values))
return (False, "Cannot set general configuration info: %s" %
str(config_values))
flush_cache(namespace="system_config")
if 'general_hostname' in set_values:
success, msg = db_system_update_hostname(
system_id, set_values['general_hostname'])
if not success:
return (False, "Error setting values: %s" % msg)
new_admin_ip = None
if 'general_admin_ip' in set_values:
new_admin_ip = set_values['general_admin_ip']
success, msg = db_system_update_admin_ip(
system_id, set_values['general_admin_ip'])
if not success:
return (False, "Error setting values: %s" % msg)
success, msg = ansible_add_ip_to_inventory(
set_values['general_admin_ip'])
if not success:
return (False, "Error setting the admin IP address")
job = alienvault_asynchronous_reconfigure.delay(system_ip, new_admin_ip)
return (True, job.id)
def set_system_config(system_id, set_values):
"""
Set the configuration values to the system
Args:
system_id(str): The system id where the configuration will be setted
set_values: key-value dictionary with the configuration settings
Returns:
(success, job_id): success=True when the operation when ok, otherwise success=False.
On success job_id: id of the async reconfig job, error message string otherwise
"""
(success, system_ip) = get_system_ip_from_system_id(system_id)
if not success:
return (False, system_ip)
(success, config_values) = set_av_config(system_ip, set_values)
if not success:
api_log.error("system: set_config_general error: " + str(config_values))
return (False, "Cannot set general configuration info: %s" % str(config_values))
flush_cache(namespace="system_config")
if "general_hostname" in set_values:
success, msg = db_system_update_hostname(system_id, set_values["general_hostname"])
if not success:
return (False, "Error setting values: %s" % msg)
new_admin_ip = None
if "general_admin_ip" in set_values:
new_admin_ip = set_values["general_admin_ip"]
success, msg = db_system_update_admin_ip(system_id, set_values["general_admin_ip"])
if not success:
return (False, "Error setting values: %s" % msg)
success, msg = ansible_add_ip_to_inventory(set_values["general_admin_ip"])
if not success:
return (False, "Error setting the admin IP address")
job = alienvault_asynchronous_reconfigure.delay(system_ip, new_admin_ip)
return (True, job.id)
def set_config_general(system_id):
param_names = ['general_admin_dns', 'general_admin_gateway', 'general_admin_ip', 'general_admin_netmask', 'general_hostname',
'general_mailserver_relay', 'general_mailserver_relay_passwd', 'general_mailserver_relay_port', 'general_mailserver_relay_user',
'general_ntp_server', 'firewall_active']
(success, system_ip) = ret = get_system_ip_from_system_id(system_id)
if not success:
return make_error(system_ip, 500)
set_values = {}
for key, value in request.args.iteritems():
if key not in param_names:
return make_error ("Bad param %s" % key, 400)
else:
set_values[key] = value
(success, config_values) = set_av_config(system_ip, set_values)
if not success:
current_app.logger.error("system: set_config_general error: " + str(config_values))
return make_error("Cannot set general configuration info %s" % str(config_values), 500)
flush_cache(namespace="system")
if 'general_hostname' in set_values:
success, msg = db_system_update_hostname(system_id, set_values['general_hostname'])
if not success:
return make_error("Error setting values: %s" % msg, 500)
if 'general_admin_ip' in set_values:
success, msg = db_system_update_admin_ip(system_id, set_values['general_admin_ip'])
if not success:
return make_error("Error setting values: %s" % msg, 500)
success, msg = ansible_add_ip_to_inventory(set_values['general_admin_ip'])
if not success:
return make_error("Error setting the admin IP address", 500)
job = alienvault_asynchronous_reconfigure.delay(system_id)
return make_ok(job_id=job.id)
def start(self):
try:
self.remove_monitor_data()
rc, system_list = get_systems(directly_connected=False)
if not rc:
logger.error("Can't retrieve systems..%s" % str(system_list))
return False
for (system_id, system_ip) in system_list:
success, sensor_id = get_sensor_id_from_system_id(system_id)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"get_sensor_id_from_system_id failed for system %s (%s)"
% (system_ip, system_id))
sensor_id = None
ha_name = None
success, result = system_all_info(system_id, no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"system_all_info failed for system %s (%s)" %
(system_ip, system_id))
continue
if 'ha_status' in result:
ha_name = 'active' if result[
'ha_status'] == 'up' else 'passive'
success, result = network_status(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"network_status failed for system %s (%s)" %
(system_ip, system_id))
continue
success, result = alienvault_status(system_id, no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"alienvault_status failed for system %s (%s)" %
(system_ip, system_id))
continue
success, result = status_tunnel(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoreInfo] "
"status_tunnel failed for system %s (%s)" %
(system_ip, system_id))
continue
success, result = get_system_config_general(system_id,
no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"get_system_config_general failed for system %s (%s)" %
(system_ip, system_id))
continue
hostname = result.get('general_hostname', None)
if hostname is not None:
success, hostname_old = db_get_hostname(system_id)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"db_get_hostname failed for system %s (%s)" %
(system_ip, system_id))
continue
if hostname == hostname_old:
hostname = None
# Getting config params from the system,
# we do use this result var so do not change the order of the calls!
success, config_alienvault = get_system_config_alienvault(
system_id, no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"get_system_config_alienvault failed for system %s (%s)"
% (system_ip, system_id))
continue
ha_ip = None
ha_role = None
if 'ha_ha_virtual_ip' in config_alienvault:
ha_ip = config_alienvault['ha_ha_virtual_ip']
if not is_valid_ipv4(ha_ip):
ha_ip = None
if 'ha_ha_role' in config_alienvault:
ha_role = config_alienvault['ha_ha_role']
if ha_role not in ['master', 'slave']:
ha_role = None
# Update interfaces cache
success, result = get_interfaces(system_id, no_cache=True)
if not success:
continue
# Update system setup data cache
success, result = system_get(system_id, no_cache=True)
if not success:
continue
vpn_ip = None
if "ansible_tun0" in result:
try:
vpn_ip = result['ansible_tun0']['ipv4']['address']
except Exception:
vpn_ip = None
# Sensor exclusive
if sensor_id is not None and sensor_id != '':
self.__update_sensor_properties(
sensor_id=sensor_id,
config_alienvault=config_alienvault)
# Refresh sensor plugins cache
try:
get_sensor_plugins(sensor_id, no_cache=True)
except APIException:
logger.warning(
"[MonitorRetrievesRemoteInfo] "
"error getting plugins from sensor '{0}' {1}".
format(sensor_id, system_ip))
if vpn_ip is not None:
success, message = set_system_vpn_ip(system_id, vpn_ip)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_vpn_ip failed: %s"
% message)
if ha_role is not None:
success, message = set_system_ha_role(system_id, ha_role)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s"
% message)
else:
success, message = set_system_ha_role(system_id, 'NULL')
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s"
% message)
if ha_ip is not None:
success, message = set_system_ha_ip(system_id, ha_ip)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_ip: %s"
% message)
success, message = fix_system_references()
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] fix_system_references: %s"
% message)
if ha_name is not None:
success, message = set_system_ha_name(
system_id, ha_name)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_name failed: %s"
% message)
else:
success, message = set_system_ha_ip(system_id, '')
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] set_system_ha_ip failed: %s"
% message)
if hostname is not None:
success, message = db_system_update_hostname(
system_id, hostname)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] db_system_update_hostname failed: %s"
% message)
# Backups
success, message = get_backup_list(system_id=system_id,
backup_type="configuration",
no_cache=True)
if not success:
logger.warning(
"[MonitorRetrievesRemoteInfo] get_backup_list failed: %s"
% message)
except Exception as err:
api_log.error(
"Something wrong happened while running the MonitorRetrievesRemoteInfo monitor %s"
% str(err))
return False
return True
def start(self):
try:
self.remove_monitor_data()
rc, system_list = get_systems(directly_connected=False)
if not rc:
logger.error("Can't retrieve systems..%s" % str(system_list))
return False
for (system_id, system_ip) in system_list:
success, sensor_id = get_sensor_id_from_system_id(system_id)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"get_sensor_id_from_system_id failed for system %s (%s)" % (system_ip, system_id))
sensor_id = None
ha_name = None
success, result = system_all_info(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"system_all_info failed for system %s (%s)" % (system_ip, system_id))
continue
if 'ha_status' in result:
ha_name = 'active' if result['ha_status'] == 'up' else 'passive'
success, result = network_status(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"network_status failed for system %s (%s)" % (system_ip, system_id))
continue
success, result = alienvault_status(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"alienvault_status failed for system %s (%s)" % (system_ip, system_id))
continue
success, result = status_tunnel(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoreInfo] "
"status_tunnel failed for system %s (%s)" % (system_ip, system_id))
continue
success, result = get_system_config_general(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"get_system_config_general failed for system %s (%s)" % (system_ip, system_id))
continue
hostname = result.get('general_hostname', None)
if hostname is not None:
success, hostname_old = db_get_hostname(system_id)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"db_get_hostname failed for system %s (%s)" % (system_ip, system_id))
continue
if hostname == hostname_old:
hostname = None
# Getting config params from the system,
# we do use this result var so do not change the order of the calls!
success, config_alienvault = get_system_config_alienvault(system_id, no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] "
"get_system_config_alienvault failed for system %s (%s)" % (system_ip, system_id))
continue
ha_ip = None
ha_role = None
if 'ha_ha_virtual_ip' in config_alienvault:
ha_ip = config_alienvault['ha_ha_virtual_ip']
if not is_valid_ipv4(ha_ip):
ha_ip = None
if 'ha_ha_role' in config_alienvault:
ha_role = config_alienvault['ha_ha_role']
if ha_role not in ['master', 'slave']:
ha_role = None
# Update interfaces cache
success, result = get_interfaces(system_id, no_cache=True)
if not success:
continue
# Update system setup data cache
success, result = system_get(system_id, no_cache=True)
if not success:
continue
vpn_ip = None
if "ansible_tun0" in result:
try:
vpn_ip = result['ansible_tun0']['ipv4']['address']
except Exception:
vpn_ip = None
# Sensor exclusive
if sensor_id is not None and sensor_id != '':
self.__update_sensor_properties(sensor_id=sensor_id,
config_alienvault=config_alienvault)
# Refresh sensor plugins cache
try:
get_sensor_plugins(sensor_id, no_cache=True)
except APIException:
logger.warning("[MonitorRetrievesRemoteInfo] "
"error getting plugins from sensor '{0}' {1}".format(sensor_id, system_ip))
if vpn_ip is not None:
success, message = set_system_vpn_ip(system_id, vpn_ip)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_vpn_ip failed: %s" % message)
if ha_role is not None:
success, message = set_system_ha_role(system_id, ha_role)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message)
else:
success, message = set_system_ha_role(system_id, 'NULL')
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_role failed: %s" % message)
if ha_ip is not None:
success, message = set_system_ha_ip(system_id, ha_ip)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_ip: %s" % message)
success, message = fix_system_references()
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] fix_system_references: %s" % message)
if ha_name is not None:
success, message = set_system_ha_name(system_id, ha_name)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_name failed: %s" % message)
else:
success, message = set_system_ha_ip(system_id, '')
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] set_system_ha_ip failed: %s" % message)
if hostname is not None:
success, message = db_system_update_hostname(system_id, hostname)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] db_system_update_hostname failed: %s" % message)
# Backups
success, message = get_backup_list(system_id=system_id,
backup_type="configuration",
no_cache=True)
if not success:
logger.warning("[MonitorRetrievesRemoteInfo] get_backup_list failed: %s" % message)
except Exception as err:
api_log.error("Something wrong happened while running the MonitorRetrievesRemoteInfo monitor %s" % str(err))
return False
return True
