示例#1
0
def send_queries(node, db):
    clear_new_queries(node, db)
    try:
        for key, value in DefaultInfoQueries.DEFAULT_QUERIES.items():
            query = DistributedQuery.create(sql=value,
                                            description=key,
                                            )
            task = DistributedQueryTask(node=node, distributed_query=query, save_results_in_db=True)
            db.session.add(task)

        for key, value in DefaultInfoQueries.DEFAULT_VERSION_INFO_QUERIES.items():
            platform = node.platform
            if not platform == "windows" and not platform == "darwin" and not platform == "freebsd":
                platform = "linux"
            default_query = DefaultQuery.query.filter(DefaultQuery.name == key).filter(DefaultQuery.platform == platform).first()
            if default_query:
                query = DistributedQuery.create(sql=default_query.sql,
                                                description=value
                                                )
                task = DistributedQueryTask(node=node, distributed_query=query, save_results_in_db=True)
                db.session.add(task)

        db.session.commit()

    except Exception as e:
        current_app.logger.error(e)
示例#2
0
def create_distributed_query(node, queryStr, alert, query_name, match):
    from polylogyx.models import DistributedQuery, DistributedQueryTask, Node
    try:
        data = match.result['columns']
        results = re.findall('#!([^\s]+)!#', queryStr, re.MULTILINE)
        queryValid = True
        for result in results:
            if not result in data:
                queryValid = False
                break
            else:
                value = data[result]
                queryStr = queryStr.replace('#!' + result + '!#', value)
        if queryValid:
            query = DistributedQuery.create(sql=queryStr,
                                            alert_id=alert.id,
                                            description=query_name)
            node_obj = Node.query.filter_by(id=node['id']).first_or_404()
            task = DistributedQueryTask(node=node_obj,
                                        save_results_in_db=True,
                                        distributed_query=query)
            db.session.add(task)
            db.session.commit()
    except Exception as e:
        current_app.logger.error(e)

    return
示例#3
0
def send_queries(node, db):
    clear_new_queries(node, db)
    try:
        for key, value in DefaultInfoQueries.DEFAULT_QUERIES.items():
            query = DistributedQuery.create(sql=value,
                                            description=key,
                                            )
            task = DistributedQueryTask(node=node, distributed_query=query, save_results_in_db=True)
            db.session.add(task)
        db.session.commit()

    except Exception as e:
        current_app.logger.error(e)
示例#4
0
def add_distributed_query(sql, description):
    return DistributedQuery.create(sql=sql, description=description)