def __init__(self,
stdout: Optional[bool] = True,
verbose: Optional[bool] = False,
pretty_print_status: Optional[bool] = False):
"""Manage Logstash Process
Args:
stdout: Print output to console
verbose: Include detailed debug messages
pretty_print_status: If enabled, status will be printed in a tabulated style
Returns:
None
"""
environ = utilities.get_environment_file_dict()
process.BaseProcessManager.__init__(
self,
'logstash.service',
'logstash.process',
log_path=environ.get('LS_LOGS'),
stdout=stdout,
verbose=verbose,
pretty_print_status=pretty_print_status)
if not logstash_profile.ProcessProfiler().is_installed():
self.logger.error(
"LogStash is not installed. Install it with 'dynamite logstash install -h'"
)
raise CallLogstashProcessError("LogStash is not installed.")
def __init__(self, prompt_user, stdout, verbose):
execution_strategy.BaseExecStrategy.__init__(
self,
strategy_name="monitor_uninstall",
strategy_description="Uninstall Monitor.",
functions=(
utilities.create_dynamite_environment_file,
prompt_monitor_uninstall,
),
arguments=(
# utilities.create_dynamite_environment_file
{},
# prompt_user
{
"prompt_user": bool(prompt_user),
"stdout": bool(stdout)
},
),
return_formats=(None, None))
if kb_profile.ProcessProfiler().is_installed():
self.add_function(func=kb_install.uninstall_kibana,
argument_dict={
'prompt_user': False,
'stdout': bool(stdout),
'verbose': bool(verbose)
})
if ls_profile.ProcessProfiler().is_installed():
self.add_function(func=ls_install.uninstall_logstash,
argument_dict={
'prompt_user': False,
'stdout': bool(stdout),
'verbose': bool(verbose)
})
if es_profile.ProcessProfiler().is_installed():
self.add_function(func=es_install.uninstall_elasticsearch,
argument_dict={
'prompt_user': False,
'stdout': bool(stdout),
'verbose': bool(verbose)
})
self.add_function(func=log_message,
argument_dict={
"msg":
'*** Monitor uninstalled successfully. ***',
'stdout': bool(stdout),
'verbose': bool(verbose)
})
def stop(self) -> bool:
"""Stop the monitor services
Returns:
True, if successfully stopped
"""
kibana_res, logstash_res, elasticsearch_res = True, True, True
if not elasticsearch_profile.ProcessProfiler().is_installed():
self.logger.error('You must install kibana to run this command.')
return False
elasticsearch_res = elasticsearch_process.ProcessManager().stop()
if logstash_profile.ProcessProfiler().is_installed():
logstash_res = logstash_process.ProcessManager().stop()
if kibana_profile.ProcessProfiler().is_installed():
kibana_res = kibana_process.ProcessManager().stop()
return kibana_res and elasticsearch_res and logstash_res
def uninstall(self):
from dynamite_nsm.services.elasticsearch import profile as elasticsearch_profile
from dynamite_nsm.services.logstash import profile as logstash_profile
from dynamite_nsm.services.kibana import profile as kibana_profile
if elasticsearch_profile.ProcessProfiler().is_installed():
elasticsearch_install.UninstallManager(
purge_config=True, stdout=self.stdout,
verbose=self.verbose).uninstall()
if logstash_profile.ProcessProfiler().is_installed():
logstash_install.UninstallManager(
purge_config=True, stdout=self.stdout,
verbose=self.verbose).uninstall()
if kibana_profile.ProcessProfiler().is_installed():
kibana_install.UninstallManager(purge_config=True,
stdout=self.stdout,
verbose=self.verbose).uninstall()
def change_logstash_elasticsearch_password(password='******',
prompt_user=True,
stdout=True,
verbose=False):
"""
Change the password used by Logstash to authenticate to Elasticsearch
:param password: The new Elasticsearch password
:param prompt_user: If True, warning prompt is displayed before proceeding
:param stdout: Print status to stdout
:param verbose: Include detailed debug messages
:return: True, if successful
"""
from dynamite_nsm.services.logstash import process as logstash_process
from dynamite_nsm.services.logstash import profile as logstash_profile
log_level = logging.INFO
if verbose:
log_level = logging.DEBUG
logger = get_logger('LOGSTASH', level=log_level, stdout=stdout)
environment_variables = utilities.get_environment_file_dict()
if not logstash_profile.ProcessProfiler().is_installed():
logger.error(
"Password reset failed. LogStash is not installed on this host.")
raise general_exceptions.ResetPasswordError(
"Password reset failed. LogStash is not installed on this host.")
if prompt_user:
resp = utilities.prompt_input(
'\n\033[93m[-] WARNING! Changing the LogStash password can cause LogStash to lose communication with '
'ElasticSearch. \n[?] Are you sure you wish to continue? [no]|yes):\033[0m '
)
while resp not in ['', 'no', 'yes']:
resp = utilities.prompt_input(
'\033[93m[?] Are you sure you wish to continue? ([no]|yes):\033[0m '
)
if resp != 'yes':
if stdout:
sys.stdout.write('\n[+] Exiting\n')
exit(0)
ConfigManager(
environment_variables.get('LS_PATH_CONF')).set_elasticsearch_password(
password=password)
logstash_process.ProcessManager().restart()
def __init__(self, old_password, new_password, stdout, verbose):
execution_strategy.BaseExecStrategy.__init__(
self,
strategy_name="monitor_change_password",
strategy_description=
"Change the password for all monitor components.",
)
if es_profile.ProcessProfiler().is_installed():
self.add_function(func=es_config.change_elasticsearch_password,
argument_dict={
'old_password': str(old_password),
'password': str(new_password),
'prompt_user': False,
'stdout': bool(stdout),
'verbose': bool(verbose)
})
if ls_profile.ProcessProfiler().is_installed():
self.add_function(
func=ls_config.change_logstash_elasticsearch_password,
argument_dict={
'password': str(new_password),
'prompt_user': False,
'stdout': bool(stdout),
'verbose': bool(verbose)
})
if kb_profile.ProcessProfiler().is_installed():
self.add_function(
func=kb_config.change_kibana_elasticsearch_password,
argument_dict={
'password': str(new_password),
'prompt_user': False,
'stdout': bool(stdout),
'verbose': bool(verbose)
})
self.add_function(func=log_message,
argument_dict={
'msg': 'Monitor passwords changed successfully!',
'stdout': bool(stdout),
'verbose': bool(verbose)
})
def __init__(self, stdout=True, verbose=False, pretty_print_status=False):
environ = utilities.get_environment_file_dict()
try:
process.BaseProcessManager.__init__(
self,
'logstash.service',
'logstash',
log_path=environ.get('LS_LOGS'),
stdout=stdout,
verbose=verbose,
pretty_print_status=pretty_print_status)
except general_exceptions.CallProcessError:
self.logger.error("Could not find systemctl on this system.")
raise logstash_exceptions.CallLogstashProcessError(
"Could not find systemctl.")
if not logstash_profile.ProcessProfiler().is_installed():
self.logger.error(
"LogStash is not installed. Install it with 'dynamite logstash install -h'"
)
raise logstash_exceptions.CallLogstashProcessError(
"LogStash is not installed.")
def uninstall_logstash(prompt_user=True, stdout=True, verbose=False):
"""
Install Logstash with ElastiFlow & Synesis
:param prompt_user: Print a warning before continuing
:param stdout: Print the output to console
:param verbose: Include detailed debug messages
"""
log_level = logging.INFO
if verbose:
log_level = logging.DEBUG
logger = get_logger('LOGSTASH', level=log_level, stdout=stdout)
env_file = os.path.join(const.CONFIG_PATH, 'environment')
environment_variables = utilities.get_environment_file_dict()
configuration_directory = environment_variables.get('LS_PATH_CONF')
ls_profiler = logstash_profile.ProcessProfiler()
ls_config = logstash_config.ConfigManager(
configuration_directory=configuration_directory)
if not ls_profiler.is_installed():
logger.error('LogStash is not installed.')
raise logstash_exceptions.UninstallLogstashError(
"LogStash is not installed.")
if prompt_user:
sys.stderr.write(
'\n\033[93m[-] WARNING! Removing Logstash Will Prevent ElasticSearch From Receiving Events.\033[0m\n'
)
resp = utilities.prompt_input(
'\n\033[93m[?] Are you sure you wish to continue? ([no]|yes):\033[0m '
)
while resp not in ['', 'no', 'yes']:
resp = utilities.prompt_input(
'\033[93m[?] Are you sure you wish to continue? ([no]|yes): \033[0m'
)
if resp != 'yes':
if stdout:
sys.stdout.write('\n[+] Exiting\n')
exit(0)
if ls_profiler.is_running():
logstash_process.ProcessManager().stop()
try:
shutil.rmtree(ls_config.ls_path_conf)
shutil.rmtree(ls_config.ls_home)
shutil.rmtree(ls_config.path_logs)
shutil.rmtree(const.INSTALL_CACHE, ignore_errors=True)
env_lines = ''
with open(env_file) as env_fr:
for line in env_fr.readlines():
if 'LS_PATH_CONF' in line:
continue
elif 'LS_HOME' in line:
continue
elif 'LS_LOGS' in line:
continue
elif 'ELASTIFLOW_' in line:
continue
elif 'SYNLITE_' in line:
continue
elif 'ES_PASSWD' in line:
continue
elif line.strip() == '':
continue
env_lines += line.strip() + '\n'
with open(env_file, 'w') as env_fw:
env_fw.write(env_lines)
except Exception as e:
logger.error(
"General error occurred while attempting to uninstall LogStash.".
format(e))
logger.debug(
"General error occurred while attempting to uninstall LogStash; {}"
.format(e))
raise logstash_exceptions.UninstallLogstashError(
"General error occurred while attempting to uninstall LogStash; {}"
.format(e))
try:
sysctl = systemctl.SystemCtl()
except general_exceptions.CallProcessError:
raise logstash_exceptions.UninstallLogstashError(
"Could not find systemctl.")
sysctl.uninstall_and_disable('logstash')
def install_logstash(configuration_directory,
install_directory,
log_directory,
host='0.0.0.0',
elasticsearch_host='localhost',
elasticsearch_port=9200,
elasticsearch_password='******',
heap_size_gigs=4,
install_jdk=True,
create_dynamite_user=True,
stdout=False,
verbose=False):
"""
Install Logstash with ElastiFlow & Synesis
:param configuration_directory: Path to the configuration directory (E.G /etc/dynamite/logstash/)
:param install_directory: Path to the install directory (E.G /opt/dynamite/logstash/)
:param log_directory: Path to the log directory (E.G /var/log/dynamite/logstash/)
:param host: The IP address to bind LogStash listeners too
:param elasticsearch_password: The password used for authentication across all builtin ES users
:param elasticsearch_host: A hostname/IP of the target elasticsearch instance
:param elasticsearch_port: A port number for the target elasticsearch instance
:param elasticsearch_password: The password used for authentication across all builtin ES users
:param heap_size_gigs: The initial/max java heap space to allocate
:param install_jdk: Install the latest OpenJDK that will be used by Logstash/ElasticSearch
:param create_dynamite_user: Automatically create the 'dynamite' user, who has privs to run Logstash/ElasticSearch
:param stdout: Print the output to console
:param verbose: Include output from system utilities
:return: True, if installation succeeded
"""
log_level = logging.INFO
if verbose:
log_level = logging.DEBUG
logger = get_logger('LOGSTASH', level=log_level, stdout=stdout)
ls_profiler = logstash_profile.ProcessProfiler()
if ls_profiler.is_installed():
logger.error('LogStash is already installed.')
raise logstash_exceptions.AlreadyInstalledLogstashError()
if utilities.get_memory_available_bytes() < 6 * (1000**3):
sys.stderr.write(
'\n\033[93m[-] WARNING! LogStash should have at-least 6GB to run '
'currently available [{} GB]\033[0m\n'.format(
utilities.get_memory_available_bytes() / (1000**3)))
if str(utilities.prompt_input(
'\033[93m[?] Continue? [y|N]:\033[0m ')).lower() != 'y':
sys.stdout.write('\n[+] Exiting\n')
exit(0)
ls_installer = InstallManager(
configuration_directory,
install_directory,
log_directory,
host=host,
elasticsearch_host=elasticsearch_host,
elasticsearch_port=elasticsearch_port,
elasticsearch_password=elasticsearch_password,
heap_size_gigs=heap_size_gigs,
download_logstash_archive=not ls_profiler.is_downloaded(),
stdout=stdout,
verbose=verbose)
if install_jdk:
try:
utilities.download_java(stdout=stdout)
utilities.extract_java()
utilities.setup_java()
except Exception as e:
logger.error(
'General error occurred while attempting to setup Java.')
logger.debug(
"General error occurred while attempting to setup Java; {}".
format(e))
raise logstash_exceptions.InstallLogstashError(
"General error occurred while attempting to setup Java; {}".
format(e))
if create_dynamite_user:
utilities.create_dynamite_user(utilities.generate_random_password(50))
ls_installer.setup_logstash()
def status(self) -> Optional[Union[Dict, str]]:
"""Get the statuses of monitor services
Returns:
The statuses of monitor services
"""
agent_status = {}
kibana_status, elasticsearch_status, logstash_status = {}, {}, {}
if not elasticsearch_profile.ProcessProfiler().is_installed():
self.logger.error(
'You must install elasticsearch to run this command.')
return None
elasticsearch_status = elasticsearch_process.ProcessManager().status()
agent_status.update({
'elasticsearch': {
'running':
elasticsearch_status.get('running'),
'enabled_on_startup':
elasticsearch_status.get('enabled_on_startup')
}
})
if logstash_profile.ProcessProfiler().is_installed():
logstash_status = logstash_process.ProcessManager().status()
agent_status.update({
'logstash': {
'running': logstash_status.get('running'),
'enabled_on_startup':
logstash_status.get('enabled_on_startup')
}
})
if kibana_profile.ProcessProfiler().is_installed():
kibana_status = kibana_process.ProcessManager().status()
agent_status.update({
'kibana': {
'running': kibana_status.get('running'),
'enabled_on_startup':
kibana_status.get('enabled_on_startup')
}
})
if self.pretty_print_status:
colorize = utilities.PrintDecorations.colorize
child_services = [
['Service', 'Running', 'Enabled on Startup'],
[
'kibana',
colorize('yes', 'green')
if kibana_status.get('running') else colorize('no', 'red'),
colorize('yes', 'green')
if kibana_status.get('enabled_on_startup') else colorize(
'no', 'red')
]
]
if elasticsearch_status:
child_services.append([
'elasticsearch',
colorize('yes', 'green')
if elasticsearch_status.get('running') else colorize(
'no', 'red'),
colorize('yes', 'green')
if elasticsearch_status.get('enabled_on_startup') else
colorize('no', 'red')
])
if logstash_status:
child_services.append([
'logstash',
colorize('yes', 'green')
if elasticsearch_status.get('running') else colorize(
'no', 'red'),
colorize('yes', 'green')
if elasticsearch_status.get('enabled_on_startup') else
colorize('no', 'red')
])
return tabulate.tabulate(child_services, tablefmt='fancy_grid')
return agent_status
def __init__(self, logstash_listen_address, kibana_listen_address,
kibana_listen_port, elasticsearch_host, elasticsearch_port,
elasticsearch_password, elasticsearch_heap_size_gigs,
logstash_heap_size_gigs, install_jdk, stdout, verbose):
execution_strategy.BaseExecStrategy.__init__(
self,
strategy_name="monitor_install",
strategy_description=
"Install ElasticSearch, LogStash, and Kibana on the same instance.",
functions=(utilities.create_dynamite_environment_file, ),
arguments=({}, ),
return_formats=(None, ))
self.add_function(func=remove_elasticsearch_tar_archive,
argument_dict={},
return_format=None)
self.add_function(func=remove_logstash_tar_archive,
argument_dict={},
return_format=None)
self.add_function(func=remove_kibana_tar_archive,
argument_dict={},
return_format=None)
if not es_profile.ProcessProfiler().is_installed():
self.add_function(func=es_install.install_elasticsearch,
argument_dict={
"configuration_directory":
"/etc/dynamite/elasticsearch/",
"install_directory":
"/opt/dynamite/elasticsearch/",
"log_directory":
"/var/log/dynamite/elasticsearch/",
"password":
str(elasticsearch_password),
"heap_size_gigs":
int(elasticsearch_heap_size_gigs),
"install_jdk":
bool(install_jdk),
"create_dynamite_user":
True,
"stdout":
bool(stdout),
"verbose":
bool(verbose)
},
return_format=None)
else:
self.add_function(
func=log_message,
argument_dict={
"msg":
'Skipping ElasticSearch installation; already installed.',
'stdout': bool(stdout),
'verbose': bool(verbose)
},
return_format=None)
self.add_function(func=es_process.start,
argument_dict={"stdout": False},
return_format=None)
if not ls_profile.ProcessProfiler().is_installed():
self.add_function(func=ls_install.install_logstash,
argument_dict={
"configuration_directory":
"/etc/dynamite/logstash/",
"install_directory":
"/opt/dynamite/logstash/",
"log_directory":
"/var/log/dynamite/logstash/",
"host":
str(logstash_listen_address),
"elasticsearch_host":
str(elasticsearch_host),
"elasticsearch_port":
int(elasticsearch_port),
"elasticsearch_password":
str(elasticsearch_password),
"heap_size_gigs":
int(logstash_heap_size_gigs),
"install_jdk":
False,
"create_dynamite_user":
False,
"stdout":
bool(stdout),
"verbose":
bool(verbose)
},
return_format=None)
else:
self.add_function(
func=log_message,
argument_dict={
"msg":
'Skipping LogStash installation; already installed.',
'stdout': bool(stdout),
'verbose': bool(verbose)
},
return_format=None)
if not kb_profile.ProcessProfiler().is_installed():
self.add_function(func=kb_install.install_kibana,
argument_dict={
"configuration_directory":
"/etc/dynamite/kibana/",
"install_directory":
"/opt/dynamite/kibana/",
"log_directory":
"/var/log/dynamite/kibana/",
"host":
str(kibana_listen_address),
"port":
int(kibana_listen_port),
"elasticsearch_host":
str(elasticsearch_host),
"elasticsearch_port":
int(elasticsearch_port),
"elasticsearch_password":
str(elasticsearch_password),
"create_dynamite_user":
True,
"stdout":
bool(stdout),
"verbose":
bool(verbose)
},
return_format=None)
else:
self.add_function(
func=log_message,
argument_dict={
"msg": 'Skipping Kibana installation; already installed.',
'stdout': bool(stdout),
'verbose': bool(verbose)
},
return_format=None)
self.add_function(func=kb_process.stop,
argument_dict={"stdout": False},
return_format=None)
self.add_function(func=es_process.stop,
argument_dict={"stdout": False},
return_format=None)
self.add_function(func=log_message,
argument_dict={
"msg": '*** Monitor installed successfully. ***',
'stdout': bool(stdout),
'verbose': bool(verbose)
},
return_format=None)
self.add_function(
func=log_message,
argument_dict={
"msg":
'Next, Start your monitor: '
'\'dynamite monitor start\'. It will be available at: \033[4m{}:{}\033[0m once started.'
''.format(kibana_listen_address, kibana_listen_port),
'stdout':
bool(stdout),
'verbose':
bool(verbose)
},
return_format=None)
