def processpkt(self, drone, _unused_srcaddr, jsonobj, _discoverychanged): '''Send commands to monitor services for this Systems's listening processes We ignore discoverychanged because we always want to monitor even if a system has just come up with the same discovery as before it went down.''' drone.monitors_activated = True #self.log.debug('In TCPDiscoveryGenerateMonitoring::processpkt for %s with %s (%s)' # % (drone, _discoverychanged, str(jsonobj))) data = jsonobj['data'] # The data portion of the JSON message for procname in data.keys( ): # List of nanoprobe-assigned names of processes... procinfo = data[procname] processproc = self.store.load_or_create( ProcessNode, domain=drone.domain, processname=procname, host=drone.designation, pathname=procinfo.get('exe', 'unknown'), argv=procinfo.get('cmdline', 'unknown'), uid=procinfo.get('uid', 'unknown'), gid=procinfo.get('gid', 'unknown'), cwd=procinfo.get('cwd', '/')) if 'listenaddrs' not in procinfo: # We only monitor services, not clients... continue montuple = MonitoringRule.findbestmatch((processproc, drone)) if montuple[0] == MonitoringRule.NOMATCH: processproc.is_monitored = False print >> sys.stderr, "**don't know how to monitor %s" % str( processproc.argv) self.log.warning('No rules to monitor %s service %s' % (drone.designation, str(processproc.argv))) elif montuple[0] == MonitoringRule.PARTMATCH: processproc.is_monitored = False print >> sys.stderr, ( 'Automatic monitoring not possible for %s -- %s is missing %s' % (str(processproc.argv), str(montuple[1]), str( montuple[2]))) self.log.warning( 'Insufficient information to monitor %s service %s' '. %s is missing %s' % (drone.designation, str(processproc.argv), str( montuple[1]), str(montuple[2]))) else: processproc.is_monitored = True agent = montuple[1] self._add_service_monitoring(drone, processproc, agent) if agent['monitorclass'] == 'NEVERMON': print >> sys.stderr, ('NEVER monitor %s' % (str(agent['monitortype']))) else: print >> sys.stderr, ( 'START monitoring %s using %s agent' % (agent['monitortype'], agent['monitorclass']))
def processpkt(self, drone, unused_srcaddr, jsonobj): "Send commands to monitor services for this Drone's listening processes" unused_srcaddr = unused_srcaddr drone.monitors_activated = True data = jsonobj['data'] # The data portion of the JSON message for procname in data.keys( ): # List of nanoprobe-assigned names of processes... procinfo = data[procname] processproc = self.store.load_or_create( ProcessNode, domain=drone.domain, processname=procname, host=drone.designation, pathname=procinfo.get('exe', 'unknown'), argv=procinfo.get('cmdline', 'unknown'), uid=procinfo.get('uid', 'unknown'), gid=procinfo.get('gid', 'unknown'), cwd=procinfo.get('cwd', '/')) if 'listenaddrs' not in procinfo: # We only monitor services, not clients... continue montuple = MonitoringRule.findbestmatch((processproc, drone)) if montuple[0] == MonitoringRule.NOMATCH: print >> sys.stderr, "**don't know how to monitor %s" % str( processproc.argv) self.log.warning('No rules to monitor %s service %s' % (drone.designation, str(processproc.argv))) elif montuple[0] == MonitoringRule.PARTMATCH: print >> sys.stderr, ( 'Automatic monitoring not possible for %s -- %s is missing %s' % (str(processproc.argv), str(montuple[1]), str( montuple[2]))) self.log.warning( 'Insufficient information to monitor %s service %s' '. %s is missing %s' % (drone.designation, str(processproc.argv), str( montuple[1]), str(montuple[2]))) else: agent = montuple[1] self._add_service_monitoring(drone, processproc, agent) if agent['monitorclass'] == 'NEVERMON': print >> sys.stderr, ('NEVER monitor %s' % (str(agent['monitortype']))) else: print >> sys.stderr, ( 'START monitoring %s using %s agent' % (agent['monitortype'], agent['monitorclass']))
def processpkt(self, drone, _unused_srcaddr, jsonobj, _discoverychanged): '''Send commands to monitor services for this Systems's listening processes We ignore discoverychanged because we always want to monitor even if a system has just come up with the same discovery as before it went down.''' drone.monitors_activated = True #self.log.debug('In TCPDiscoveryGenerateMonitoring::processpkt for %s with %s (%s)' # % (drone, _discoverychanged, str(jsonobj))) data = jsonobj['data'] # The data portion of the JSON message for procname in data.keys(): # List of nanoprobe-assigned names of processes... procinfo = data[procname] processproc = self.store.load_or_create(ProcessNode, domain=drone.domain , processname=procname, host=drone.designation , pathname=procinfo.get('exe', 'unknown'), argv=procinfo.get('cmdline', 'unknown') , uid=procinfo.get('uid','unknown'), gid=procinfo.get('gid', 'unknown') , cwd=procinfo.get('cwd', '/')) if 'listenaddrs' not in procinfo: # We only monitor services, not clients... continue montuple = MonitoringRule.findbestmatch((processproc, drone)) if montuple[0] == MonitoringRule.NOMATCH: processproc.is_monitored = False print >> sys.stderr, "**don't know how to monitor %s" % str(processproc.argv) self.log.warning('No rules to monitor %s service %s' % (drone.designation, str(processproc.argv))) elif montuple[0] == MonitoringRule.PARTMATCH: processproc.is_monitored = False print >> sys.stderr, ( 'Automatic monitoring not possible for %s -- %s is missing %s' % (str(processproc.argv), str(montuple[1]), str(montuple[2]))) self.log.warning('Insufficient information to monitor %s service %s' '. %s is missing %s' % (drone.designation, str(processproc.argv) , str(montuple[1]), str(montuple[2]))) else: processproc.is_monitored = True agent = montuple[1] self._add_service_monitoring(drone, processproc, agent) if agent['monitorclass'] == 'NEVERMON': print >> sys.stderr, ('NEVER monitor %s' % (str(agent['monitortype']))) else: print >> sys.stderr, ('START monitoring %s using %s agent' % (agent['monitortype'], agent['monitorclass']))
def processpkt(self, drone, unused_srcaddr, jsonobj): "Send commands to monitor services for this Drone's listening processes" unused_srcaddr = unused_srcaddr drone.monitors_activated = True data = jsonobj['data'] # The data portion of the JSON message for procname in data.keys(): # List of nanoprobe-assigned names of processes... procinfo = data[procname] processproc = self.store.load_or_create(ProcessNode, domain=drone.domain , processname=procname, host=drone.designation , pathname=procinfo.get('exe', 'unknown'), argv=procinfo.get('cmdline', 'unknown') , uid=procinfo.get('uid','unknown'), gid=procinfo.get('gid', 'unknown') , cwd=procinfo.get('cwd', '/')) if 'listenaddrs' not in procinfo: # We only monitor services, not clients... continue montuple = MonitoringRule.findbestmatch((processproc, drone)) if montuple[0] == MonitoringRule.NOMATCH: processproc.is_monitored = False print >> sys.stderr, "**don't know how to monitor %s" % str(processproc.argv) self.log.warning('No rules to monitor %s service %s' % (drone.designation, str(processproc.argv))) elif montuple[0] == MonitoringRule.PARTMATCH: processproc.is_monitored = False print >> sys.stderr, ( 'Automatic monitoring not possible for %s -- %s is missing %s' % (str(processproc.argv), str(montuple[1]), str(montuple[2]))) self.log.warning('Insufficient information to monitor %s service %s' '. %s is missing %s' % (drone.designation, str(processproc.argv) , str(montuple[1]), str(montuple[2]))) else: processproc.is_monitored = True agent = montuple[1] self._add_service_monitoring(drone, processproc, agent) if agent['monitorclass'] == 'NEVERMON': print >> sys.stderr, ('NEVER monitor %s' % (str(agent['monitortype']))) else: print >> sys.stderr, ('START monitoring %s using %s agent' % (agent['monitortype'], agent['monitorclass']))
def test_automonitor_search_basic(self): drone = FakeDrone({ 'data': { 'ocf': { 'assimilation/neo4j', }, 'lsb': { 'neo4j-service', } } }) MonitoringRule.monitor_objects = {'service': {}, 'host': {}} ocf_string = '''{ "class": "ocf", "type": "neo4j", "provider": "assimilation", "classconfig": [ [null, "@basename()", "java$"], [null, "$argv[-1]", "org\\.neo4j\\.server\\.Bootstrapper$"], ["PORT", "$serviceport"], ["NEOHOME", "@argequals(-Dneo4j.home)", "/.*"] ] }''' MonitoringRule.ConstructFromString(ocf_string) lsb_string = '''{ "class": "lsb", "type": "neo4j-service", "classconfig": [ ["@basename()", "java$"], ["$argv[-1]", "org\\.neo4j\\.server\\.Bootstrapper$"], ] }''' MonitoringRule.ConstructFromString(lsb_string) neoprocargs = ( "/usr/bin/java", "-cp", "/var/lib/neo4j/lib/concurrentlinkedhashmap-lru-1.3.1.jar:" "AND SO ON:" "/var/lib/neo4j/system/lib/slf4j-api-1.6.2.jar:" "/var/lib/neo4j/conf/", "-server", "-XX:" "+DisableExplicitGC", "-Dneo4j.home=/var/lib/neo4j", "-Dneo4j.instance=/var/lib/neo4j", "-Dfile.encoding=UTF-8", "org.neo4j.server.Bootstrapper") neonode = ProcessNode('global', 'foofred', 'fred', '/usr/bin/java', neoprocargs, 'root', 'root', '/', roles=(CMAconsts.ROLE_server, )) #neonode.serviceport=7474 context = ExpressionContext((neonode, drone)) first = MonitoringRule.findbestmatch(context) second = MonitoringRule.findbestmatch(context, False) list1 = MonitoringRule.findallmatches(context) neonode.serviceport = 7474 third = MonitoringRule.findbestmatch(context) list2 = MonitoringRule.findallmatches(context) # first should be the LSB instance self.assertEqual(first[1]['monitorclass'], 'lsb') self.assertEqual(first[0], MonitoringRule.LOWPRIOMATCH) # second should be the incomplete OCF instance self.assertEqual(second[1]['monitorclass'], 'ocf') self.assertEqual(second[0], MonitoringRule.PARTMATCH) # third should be the high priority OCF instance self.assertEqual(third[1]['monitorclass'], 'ocf') self.assertEqual(third[0], MonitoringRule.HIGHPRIOMATCH) # list1 should be the incomplete OCF and the complete LSB - in that order self.assertEqual(len(list1), 2) # They should come out sorted by monitorclass self.assertEqual(list1[0][0], MonitoringRule.LOWPRIOMATCH) self.assertEqual(list1[0][1]['monitorclass'], 'lsb') self.assertEqual(list1[1][0], MonitoringRule.PARTMATCH) self.assertEqual(list1[1][1]['monitorclass'], 'ocf') # third should be a complete OCF match # list2 should be the complete OCF and the complete OCF - in that order self.assertEqual(len(list2), 2) self.assertEqual(list2[0][0], MonitoringRule.LOWPRIOMATCH) self.assertEqual(list2[0][1]['monitorclass'], 'lsb') self.assertEqual(list2[1][0], MonitoringRule.HIGHPRIOMATCH) self.assertEqual(list2[1][1]['monitorclass'], 'ocf')
def test_automonitor_functions(self): MonitoringRule.monitor_objects = {'service': {}, 'host': {}} drone = FakeDrone( {'data': { 'ocf': { 'assimilation/neo4j', }, 'lsb': { 'bacula', }, }}) ocf_string = '''{ "class": "ocf", "type": "neo4j", "provider": "assimilation", "classconfig": [ ["classpath", "@flagvalue(-cp)"], ["ipaddr", "@serviceip($JSON_procinfo.listenaddrs)"], ["port", "@serviceport()", "[0-9]+$"] ] }''' ssh_json = '''{ "exe": "/usr/sbin/sshd", "argv": [ "/usr/sbin/sshd", "-D" ], "uid": "root", "gid": "root", "cwd": "/", "listenaddrs": { "0.0.0.0:22": { "proto": "tcp", "addr": "0.0.0.0", "port": 22 }, ":::22": { "proto": "tcp6", "addr": "::", "port": 22 } } }''' neo4j_json = '''{ "exe": "/usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java", "argv": [ "/usr/bin/java", "-cp", "/var/lib/neo4j/lib/concurrentlinkedhashmap-lru-1.3.1.jar: ...", "-server", "-XX:+DisableExplicitGC", "-Dorg.neo4j.server.properties=conf/neo4 j-server.properties", "-Djava.util.logging.config.file=conf/logging.properties", "-Dlog4j.configuration=file:conf/log4j.properties", "-XX: +UseConcMarkSweepGC", "-XX:+CMSClassUnloadingEnabled", "-Dneo4j.home=/var/lib/neo4j", "-Dneo4j.instance=/var/lib/neo4j", "-Dfile.encoding= UTF-8", "org.neo4j.server.Bootstrapper" ], "uid": "neo4j", "gid": "neo4j", "cwd": "/var/lib/neo4j", "listenaddrs": { ":::1337": { "proto": "tcp6", "addr": "::", "port": 1337 }, ":::39185": { "proto": "tcp6", "addr": "::", "port": 39185 } } }''' bacula_json = '''{ "exe": "/usr/sbin/bacula-dir", "argv": [ "/usr/sbin/bacula-dir", "-c", "/etc/bacula/bacula-dir.conf", "-u", "bacula", "-g", "bacula" ], "uid": "bacula", "gid": "bacula", "cwd": "/", "listenaddrs": { "10.10.10.5:9101": { "proto": "tcp", "addr": "10.10.10.5", "port": 9101 } } }''' MonitoringRule.ConstructFromString(ocf_string) neoargs = pyConfigContext(neo4j_json)['argv'] testnode = ProcessNode('global', 'foofred', 'fred', '/usr/bin/java', neoargs, 'root', 'root', '/', roles=(CMAconsts.ROLE_server, )) testnode.JSON_procinfo = neo4j_json context = ExpressionContext((testnode, drone)) (prio, match) = MonitoringRule.findbestmatch(context) self.assertEqual(prio, MonitoringRule.HIGHPRIOMATCH) self.assertEqual(match['arglist']['ipaddr'], '::1') self.assertEqual(match['arglist']['port'], '1337') testnode.JSON_procinfo = ssh_json context = ExpressionContext((testnode, drone)) (prio, match) = MonitoringRule.findbestmatch(context) self.assertEqual(prio, MonitoringRule.HIGHPRIOMATCH) self.assertEqual(match['arglist']['port'], '22') self.assertEqual(match['arglist']['ipaddr'], '127.0.0.1') testnode.JSON_procinfo = bacula_json context = ExpressionContext((testnode, drone)) (prio, match) = MonitoringRule.findbestmatch(context) self.assertEqual(prio, MonitoringRule.HIGHPRIOMATCH) self.assertEqual(match['arglist']['port'], '9101') self.assertEqual(match['arglist']['ipaddr'], '10.10.10.5')
def test_automonitor_functions(self): AssimEvent.disable_all_observers() MonitoringRule.monitor_objects = {'service': {}, 'host':{}} drone = FakeDrone({ 'data': { 'ocf': { 'assimilation/neo4j', }, 'lsb': { 'bacula', }, } }) ocf_string = '''{ "class": "ocf", "type": "neo4j", "provider": "assimilation", "classconfig": [ ["classpath", "@flagvalue(-cp)"], ["ipaddr", "@serviceip($procinfo.listenaddrs)"], ["port", "@serviceport()", "[0-9]+$"] ] }''' ssh_json = '''{ "exe": "/usr/sbin/sshd", "argv": [ "/usr/sbin/sshd", "-D" ], "uid": "root", "gid": "root", "cwd": "/", "listenaddrs": { "0.0.0.0:22": { "proto": "tcp", "addr": "0.0.0.0", "port": 22 }, ":::22": { "proto": "tcp6", "addr": "::", "port": 22 } } }''' neo4j_json = '''{ "exe": "/usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java", "argv": [ "/usr/bin/java", "-cp", "/var/lib/neo4j/lib/concurrentlinkedhashmap-lru-1.3.1.jar: ...", "-server", "-XX:+DisableExplicitGC", "-Dorg.neo4j.server.properties=conf/neo4 j-server.properties", "-Djava.util.logging.config.file=conf/logging.properties", "-Dlog4j.configuration=file:conf/log4j.properties", "-XX: +UseConcMarkSweepGC", "-XX:+CMSClassUnloadingEnabled", "-Dneo4j.home=/var/lib/neo4j", "-Dneo4j.instance=/var/lib/neo4j", "-Dfile.encoding= UTF-8", "org.neo4j.server.Bootstrapper" ], "uid": "neo4j", "gid": "neo4j", "cwd": "/var/lib/neo4j", "listenaddrs": { ":::1337": { "proto": "tcp6", "addr": "::", "port": 1337 }, ":::39185": { "proto": "tcp6", "addr": "::", "port": 39185 } } }''' bacula_json = '''{ "exe": "/usr/sbin/bacula-dir", "argv": [ "/usr/sbin/bacula-dir", "-c", "/etc/bacula/bacula-dir.conf", "-u", "bacula", "-g", "bacula" ], "uid": "bacula", "gid": "bacula", "cwd": "/", "listenaddrs": { "10.10.10.5:9101": { "proto": "tcp", "addr": "10.10.10.5", "port": 9101 } } }''' MonitoringRule.ConstructFromString(ocf_string) neoargs = pyConfigContext(neo4j_json)['argv'] testnode = ProcessNode('global', 'foofred', 'fred', '/usr/bin/java', neoargs , 'root', 'root', '/', roles=(CMAconsts.ROLE_server,)) testnode.procinfo = neo4j_json context = ExpressionContext((testnode, drone)) (prio, match) = MonitoringRule.findbestmatch(context) self.assertEqual(prio, MonitoringRule.HIGHPRIOMATCH) self.assertEqual(match['arglist']['ipaddr'], '::1') self.assertEqual(match['arglist']['port'], '1337') testnode.procinfo = ssh_json context = ExpressionContext((testnode, drone)) (prio, match) = MonitoringRule.findbestmatch(context) self.assertEqual(prio, MonitoringRule.HIGHPRIOMATCH) self.assertEqual(match['arglist']['port'], '22') self.assertEqual(match['arglist']['ipaddr'], '127.0.0.1') testnode.procinfo = bacula_json context = ExpressionContext((testnode, drone)) (prio, match) = MonitoringRule.findbestmatch(context) self.assertEqual(prio, MonitoringRule.HIGHPRIOMATCH) self.assertEqual(match['arglist']['port'], '9101') self.assertEqual(match['arglist']['ipaddr'], '10.10.10.5')
def test_automonitor_search_basic(self): AssimEvent.disable_all_observers() drone = FakeDrone({ 'data': { 'ocf': { 'assimilation/neo4j', }, 'lsb': { 'neo4j-service', } } }) MonitoringRule.monitor_objects = {'service': {}, 'host':{}} ocf_string = '''{ "class": "ocf", "type": "neo4j", "provider": "assimilation", "classconfig": [ [null, "@basename()", "java$"], [null, "$argv[-1]", "org\\.neo4j\\.server\\.Bootstrapper$"], ["PORT", "$serviceport"], ["NEOHOME", "@argequals(-Dneo4j.home)", "/.*"] ] }''' MonitoringRule.ConstructFromString(ocf_string) lsb_string = '''{ "class": "lsb", "type": "neo4j-service", "classconfig": [ ["@basename()", "java$"], ["$argv[-1]", "org\\.neo4j\\.server\\.Bootstrapper$"], ] }''' MonitoringRule.ConstructFromString(lsb_string) neoprocargs = ("/usr/bin/java", "-cp" , "/var/lib/neo4j/lib/concurrentlinkedhashmap-lru-1.3.1.jar:" "AND SO ON:" "/var/lib/neo4j/system/lib/slf4j-api-1.6.2.jar:" "/var/lib/neo4j/conf/", "-server", "-XX:" "+DisableExplicitGC" , "-Dneo4j.home=/var/lib/neo4j" , "-Dneo4j.instance=/var/lib/neo4j" , "-Dfile.encoding=UTF-8" , "org.neo4j.server.Bootstrapper") neonode = ProcessNode('global', 'foofred', 'fred', '/usr/bin/java', neoprocargs , 'root', 'root', '/', roles=(CMAconsts.ROLE_server,)) #neonode.serviceport=7474 context = ExpressionContext((neonode, drone)) first = MonitoringRule.findbestmatch(context) second = MonitoringRule.findbestmatch(context, False) list1 = MonitoringRule.findallmatches(context) neonode.serviceport=7474 third = MonitoringRule.findbestmatch(context) list2 = MonitoringRule.findallmatches(context) # first should be the LSB instance self.assertEqual(first[1]['monitorclass'], 'lsb') self.assertEqual(first[0], MonitoringRule.LOWPRIOMATCH) # second should be the incomplete OCF instance self.assertEqual(second[1]['monitorclass'], 'ocf') self.assertEqual(second[0], MonitoringRule.PARTMATCH) # third should be the high priority OCF instance self.assertEqual(third[1]['monitorclass'], 'ocf') self.assertEqual(third[0], MonitoringRule.HIGHPRIOMATCH) # list1 should be the incomplete OCF and the complete LSB - in that order self.assertEqual(len(list1), 2) # They should come out sorted by monitorclass self.assertEqual(list1[0][0], MonitoringRule.LOWPRIOMATCH) self.assertEqual(list1[0][1]['monitorclass'], 'lsb') self.assertEqual(list1[1][0], MonitoringRule.PARTMATCH) self.assertEqual(list1[1][1]['monitorclass'], 'ocf') # third should be a complete OCF match # list2 should be the complete OCF and the complete OCF - in that order self.assertEqual(len(list2), 2) self.assertEqual(list2[0][0], MonitoringRule.LOWPRIOMATCH) self.assertEqual(list2[0][1]['monitorclass'], 'lsb') self.assertEqual(list2[1][0], MonitoringRule.HIGHPRIOMATCH) self.assertEqual(list2[1][1]['monitorclass'], 'ocf')