def selftest_function(opts):
"""
Placeholder for selftest function. An example use would be to test package api connectivity.
Suggested return values are be unimplemented, success, or failure.
"""
options = opts.get("fn_rsa_netwitness", {})
nw_packet_server_url = options.get("nw_packet_server_url")
nw_packet_server_user = options.get("nw_packet_server_user")
nw_packet_server_password = options.get("nw_packet_server_password")
nw_packet_server_verify = str_to_bool(options.get("nw_packet_server_verify"))
nw_log_server_url = options.get("nw_log_server_url")
nw_log_server_user = options.get("nw_log_server_user")
nw_log_server_password = options.get("nw_log_server_password")
nw_log_server_verify = str_to_bool(options.get("nw_log_server_verify"))
try:
request_common = RequestsCommon(options, opts)
# Test PCAP server connection
headers = get_headers(nw_packet_server_user, nw_packet_server_password)
request_url = "{}/sdk/packets?sessions={}&render=pcap".format(nw_packet_server_url, "100")
request_common.execute_call_v2("GET", request_url, verify=nw_packet_server_verify,\
headers=headers).content
# Test Logger server connection
time1 = int(time.time()) * 1000
time2 = int(time.time()) * 1000
headers = get_headers(nw_log_server_user, nw_log_server_password)
request_url = "{}/sdk/packets?time1={}&time2={}&render={}"\
.format(nw_log_server_url, time1, time2, "logs")
request_common.execute_call_v2("GET", request_url,\
verify=nw_log_server_verify, headers=headers).text
return {"state": "success"}
except Exception as err:
err_reason_msg = """Could not connect to NetWitness.
error: {0}
---------
Current Configs in app.config file::
---------
nw_packet_server_url: {1}
nw_packet_server_user: {2}
nw_packet_server_verify: {3}
nw_log_server_url: {4}
nw_log_server_user: {5}
nw_log_server_verify: {6}\n""".format(
err,
nw_packet_server_url,
nw_packet_server_user,
nw_packet_server_verify,
nw_log_server_url,
nw_log_server_user,
nw_log_server_verify)
log.error(err_reason_msg)
return {"state": "failed"}
def get_nw_session_logs_file(url,
user,
passw,
cafile,
time1,
time2,
req_common,
render_format,
resp_type="text"):
headers = get_headers(user, passw)
request_url = "{}/sdk/packets?time1={}&time2={}&render={}"\
.format(url, time1, time2, render_format)
resp = req_common.execute_call_v2("GET",
request_url,
verify=cafile,
headers=headers)
if resp.text == '</Logs>\n' or resp.text == '\n]}\n':
resp = ''
elif resp_type == "json" and '"logs":' in resp.text:
resp = resp.json()
else:
resp = resp.text
return resp
def query_netwitness(url, user, pw, cafile, query, req_common, size=""):
headers = get_headers(user, pw)
if size:
size = "&size={}".format(size)
request_url = "{}/sdk?msg=query&query={}&force-content-type=application/json{}".format(url, query, size)
return req_common.execute_call("GET", request_url, verify_flag=cafile, headers=headers)
def test_get_headers(self):
expected_headers = {
"Authorization": "Basic dXNlcm5hbWU6cGFzc3dvcmQ=",
"Content-Type": "application/x-www-form-urlencoded",
"Cache-Control": "no-cache"
}
headers = get_headers("username", "password")
assert headers == expected_headers
def get_nw_session_pcap_file_time(url, user, passw, cafile, start_time,
end_time, req_common):
headers = get_headers(user, passw)
request_url = "{}/sdk/packets?time1={}&time2={}&render=pcap".format(
url, start_time, end_time)
return req_common.execute_call_v2("GET",
request_url,
verify=cafile,
headers=headers).content
def get_nw_session_pcap_file(url, user, passw, cafile, event_session_id,
req_common):
headers = get_headers(user, passw)
request_url = "{}/sdk/packets?sessions={}&render=pcap".format(
url, event_session_id)
return req_common.execute_call_v2("GET",
request_url,
verify=cafile,
headers=headers).content
def get_meta_values(url, user, passw, cafile, id1, id2, req_common, size=""):
headers = get_headers(user, passw)
if size:
size = "&size={}".format(size)
request_url = "{}/sdk?msg=query&force-content-type=application/"\
"json&id1={}&id2={}&query=select%20*{}".format(url, id1, id2, size)
return req_common.execute_call_v2("GET",
request_url,
verify=cafile,
headers=headers).json()
def get_nw_session_pcap_file_time(url, user, pw, cafile, start_time, end_time,
req_common):
headers = get_headers(user, pw)
request_url = "{}/sdk/packets?time1={}&time2={}&render=pcap".format(
url, start_time, end_time)
return req_common.execute_call("GET",
request_url,
verify_flag=cafile,
headers=headers,
resp_type="bytes")
def get_nw_session_pcap_file(url, user, pw, cafile, event_session_id,
req_common):
headers = get_headers(user, pw)
request_url = "{}/sdk/packets?sessions={}&render=pcap".format(
url, event_session_id)
return req_common.execute_call("GET",
request_url,
verify_flag=cafile,
headers=headers,
resp_type='bytes')
def get_meta_id_ranges(url, user, pw, cafile, id1, id2, req_common, size=""):
headers = get_headers(user, pw)
if size:
size = "&size={}".format(size)
request_url = "{}/sdk?msg=session&id1={}&id2={}&force-content-type=application/json{}".format(
url, id1, id2, size)
return req_common.execute_call("GET",
request_url,
verify_flag=cafile,
headers=headers)
def get_nw_session_logs_file(url,
user,
pw,
cafile,
time1,
time2,
req_common,
render_format,
resp_type="text"):
headers = get_headers(user, pw)
request_url = "{}/sdk/packets?time1={}&time2={}&render={}".format(
url, time1, time2, render_format)
return req_common.execute_call("GET",
request_url,
verify_flag=cafile,
headers=headers,
resp_type=resp_type)