def send_queries(node, db): clear_new_queries(node, db) try: for key, value in DefaultInfoQueries.DEFAULT_QUERIES.items(): query = DistributedQuery.create(sql=value, description=key, ) task = DistributedQueryTask(node=node, distributed_query=query, save_results_in_db=True) db.session.add(task) for key, value in DefaultInfoQueries.DEFAULT_VERSION_INFO_QUERIES.items(): platform = node.platform if not platform == "windows" and not platform == "darwin" and not platform == "freebsd": platform = "linux" default_query = DefaultQuery.query.filter(DefaultQuery.name == key).filter(DefaultQuery.platform == platform).first() if default_query: query = DistributedQuery.create(sql=default_query.sql, description=value ) task = DistributedQueryTask(node=node, distributed_query=query, save_results_in_db=True) db.session.add(task) db.session.commit() except Exception as e: current_app.logger.error(e)
def create_distributed_query(node, queryStr, alert, query_name, match): from polylogyx.models import DistributedQuery, DistributedQueryTask, Node try: data = match.result['columns'] results = re.findall('#!([^\s]+)!#', queryStr, re.MULTILINE) queryValid = True for result in results: if not result in data: queryValid = False break else: value = data[result] queryStr = queryStr.replace('#!' + result + '!#', value) if queryValid: query = DistributedQuery.create(sql=queryStr, alert_id=alert.id, description=query_name) node_obj = Node.query.filter_by(id=node['id']).first_or_404() task = DistributedQueryTask(node=node_obj, save_results_in_db=True, distributed_query=query) db.session.add(task) db.session.commit() except Exception as e: current_app.logger.error(e) return
def send_queries(node, db): clear_new_queries(node, db) try: for key, value in DefaultInfoQueries.DEFAULT_QUERIES.items(): query = DistributedQuery.create(sql=value, description=key, ) task = DistributedQueryTask(node=node, distributed_query=query, save_results_in_db=True) db.session.add(task) db.session.commit() except Exception as e: current_app.logger.error(e)
def add_distributed_query(sql, description): return DistributedQuery.create(sql=sql, description=description)