def test_all_probes(self):
     probes = list(all_probes.class_filter(OsqueryFIMProbe))
     self.assertEqual(len(probes), 3)
 def test_all_probes(self):
     probes = list(all_probes.class_filter(OsqueryComplianceProbe))
     self.assertEqual(len(probes), 4)
 def test_all_probes(self):
     probes = list(all_probes.class_filter(OsqueryComplianceProbe))
     self.assertEqual(len(probes), 4)
 def test_all_probes(self):
     probes = list(all_probes.class_filter(OsqueryDistributedQueryProbe))
     self.assertEqual(len(probes), 3)
示例#5
0
文件: conf.py 项目: arubdesu/zentral
from zentral.core.probes.conf import ProbeList, all_probes
from zentral.core.exceptions import ImproperlyConfigured
from .probes import OSQueryProbe

DEFAULT_ZENTRAL_INVENTORY_QUERY = "__default_zentral_inventory_query__"


def item_func(probe):
    for osquery_query_key, osquery_query in probe.iter_schedule_queries():
        yield (osquery_query_key, (probe, osquery_query))

queries_lookup_dict = all_probes.class_filter(OSQueryProbe).dict(item_func)


def build_osquery_conf(machine):
    schedule = {
        DEFAULT_ZENTRAL_INVENTORY_QUERY: {
            'query': "SELECT 'os_version' as table_name, name, major, minor, "
                     "patch, build from os_version;"
                     "SELECT 'system_info' as table_name, "
                     "computer_name, hostname, hardware_model, hardware_serial, "
                     "cpu_type, cpu_subtype, cpu_brand, cpu_physical_cores, "
                     "cpu_logical_cores, physical_memory from system_info",
            'snapshot': True,
            'interval': 600
        }
    }
    file_paths = {}
    osquery_probes = ProbeList().class_filter(OSQueryProbe)  # ProbeList to avoid cache inconsistency
    for probe in osquery_probes.machine_filtered(machine):
        for osquery_query_key, osquery_query in probe.iter_schedule_queries():
示例#6
0
文件: conf.py 项目: arubdesu/zentral
from zentral.core.probes.conf import ProbeList, all_probes
from .probes import SantaProbe


def iter_santa_policies(probe):
    for santa_p in probe.policies:
        yield (santa_p["sha256"], probe)

probes_lookup_dict = all_probes.class_filter(SantaProbe).dict(iter_santa_policies,
                                                              unique_key=False)


def build_santa_conf(machine):
    """
    Build the santa conf.

    The santa conf is the source of the json document that is sent to the santa
    client when it connects to zentral. It is a list of all the rules found in
    all the configured probes for that client.
    """
    rules = []
    santa_probes = ProbeList().class_filter(SantaProbe)  # ProbeList to avoid cache inconsistency
    for probe in santa_probes.machine_filtered(machine):
        rules.extend(probe.policies)
    return {'rules': rules}