def __init__(self,
agent_id,
offset,
limit,
sort,
search,
select,
query,
count,
get_data,
default_query=default_query_sca,
default_sort_field='policy_id',
filters={},
fields=fields_translation_sca,
count_field='policy_id'):
self.default_query = default_query
self.count_field = count_field
WazuhDBQuery.__init__(self,
offset=offset,
limit=limit,
table='sca_policy',
sort=sort,
search=search,
select=select,
fields=fields,
default_sort_field=default_sort_field,
default_sort_order='DESC',
filters=filters,
query=query,
count=count,
get_data=get_data,
date_fields={'end_scan', 'start_scan'},
backend=WazuhDBBackend(agent_id))
def __init__(self, agent_id, offset, limit, sort, search, select, query, count, get_data, default_sort_field='date_last', filters={}, fields=fields):
Agent(agent_id).get_basic_information() # check if the agent exists
db_path = glob('{0}/{1}-*.db'.format(common.database_path_agents, agent_id))
if not db_path:
raise WazuhException(1600)
WazuhDBQuery.__init__(self, offset=offset, limit=limit, table='pm_event', sort=sort, search=search, select=select,
fields=fields, default_sort_field=default_sort_field, default_sort_order='DESC', filters=filters,
query=query, db_path=db_path[0], min_select_fields=set(), count=count, get_data=get_data,
date_fields={'oldDay','readDate'})
def _parse_filters(self):
WazuhDBQuery._parse_filters(self)
# status filter can only appear once in the filter list
statuses = list(filter(lambda x: x['field'].startswith('status'), self.query_filters))
if statuses:
for status in statuses:
self.query_filters.remove(status)
first_status = statuses[0]
first_status['separator'] = 'AND' if first_status['separator'] == '' else first_status['separator']
self.query_filters.insert(0, statuses[0])
self.query_filters[-1]['separator'] = ''
def __init__(self, agent_id, offset, limit, sort, search, select, query, count,
get_data, default_sort_field='policy_id', filters={}, fields=fields_translation_sca,
default_query=default_query_sca, count_field='policy_id'):
self.agent_id = agent_id
self._default_query_str = default_query
self.count_field = count_field
Agent(agent_id).get_basic_information() # check if the agent exists
WazuhDBQuery.__init__(self, offset=offset, limit=limit, table='sca_policy', sort=sort,
search=search, select=select, fields=fields, default_sort_field=default_sort_field,
default_sort_order='DESC', filters=filters, query=query, db_path=None,
min_select_fields=set(), count=count, get_data=get_data,
date_fields={'end_scan', 'start_scan'})
self.conn = WazuhDBConnection()
def __init__(self,
agent_id,
offset,
limit,
sort,
search,
select,
query,
count,
get_data,
default_query=default_query_sca,
default_sort_field='policy_id',
filters={},
fields=fields_translation_sca,
count_field='policy_id'):
self.default_query = default_query
self.count_field = count_field
self.special_fields = ('title', 'rationale', 'description',
'remediation', 'reason')
# Replace characters with special meaning in SQL with wildcards.
for field in self.special_fields:
if field in filters:
filters[field] = filters[field].replace("'",
"_").replace('"', "_")
WazuhDBQuery.__init__(self,
offset=offset,
limit=limit,
table='sca_policy',
sort=sort,
search=search,
select=select,
fields=fields,
default_sort_field=default_sort_field,
default_sort_order='DESC',
filters=filters,
query=query,
count=count,
get_data=get_data,
date_fields={'end_scan', 'start_scan'},
backend=WazuhDBBackend(agent_id))
def __init__(self,
agent_id,
offset,
limit,
sort,
search,
select,
query,
count,
get_data,
default_sort_field='policy_id',
filters={},
fields=fields_translation_ca,
default_query=default_query_ca,
count_field='policy_id'):
self.agent_id = agent_id
self._default_query_str = default_query
self.count_field = count_field
Agent(agent_id).get_basic_information() # check if the agent exists
db_path = glob('{0}/{1}.db'.format(common.wdb_path, agent_id))
if not db_path:
raise WazuhException(1600)
WazuhDBQuery.__init__(self,
offset=offset,
limit=limit,
table='configuration_assessment_policy',
sort=sort,
search=search,
select=select,
fields=fields,
default_sort_field=default_sort_field,
default_sort_order='DESC',
filters=filters,
query=query,
db_path=db_path[0],
min_select_fields=set(),
count=count,
get_data=get_data,
date_fields={'end_scan', 'start_scan'})
self.conn = WazuhDBConnection()
def __init__(self,
offset: int = 0,
limit: int = 10,
query: str = '',
count: bool = True,
get_data: bool = True,
table: str = 'attack',
sort: dict = None,
default_sort_field: str = 'id',
fields=None,
search: dict = None,
select: dict = None,
min_select_fields=None):
"""Create an instance of WazuhDBQueryMitre query."""
if min_select_fields is None:
min_select_fields = {'id'}
if fields is None:
fields = mitre_fields
WazuhDBQuery.__init__(self,
offset=offset,
limit=limit,
table=table,
sort=sort,
search=search,
select=select,
fields=fields,
default_sort_field=default_sort_field,
default_sort_order='ASC',
filters=None,
query=query,
count=count,
get_data=get_data,
min_select_fields=min_select_fields,
backend=WazuhDBBackend(query_format='mitre'))