diff --git a/inexConnect.py b/inexConnect.py index ca57b0e..e653ece 100644 --- a/inexConnect.py +++ b/inexConnect.py @@ -41,39 +41,6 @@ class inexSql: if self.useLog: self.il.debug(f"Database connection closed") return r - def queryData(): - """Embedded query data""" - q ="""DECLARE @stopTime DATETIME2 - SET @stopTime = DATEADD(DAY, -30, GETDATE()) - SELECT p.[ProtocolCommandID] - ,t.[Time_stamp] - ,p.[RemoteIP] - ,p.[RemotePort] - ,p.[LocalIP] - ,p.[LocalPort] - ,p.[Protocol] - ,p.[SiteName] - ,p.[Command] - ,p.[CommandParameters] - ,p.[FileName] - ,p.[VirtualFolderName] - ,p.[PhysicalFolderName] - ,p.[IsInternal] - ,p.[FileSize] - ,p.[TransferTime] - ,p.[BytesTransferred] - ,p.[ResultID] - ,t.[TransactionID] - ,p.[Description] - ,p.[Actor] - ,t.ParentTransactionID - ,t.TransactionObject - ,t.NodeName - ,t.TransactionGUID - ,a.Protocol user_type - FROM [EFTDB].[dbo].[tbl_Transactions] t Full JOIN tbl_ProtocolCommands p ON (t.TransactionID = p.TransactionID) Full join tbl_Authentications a ON (t.TransactionID = a.TransactionID) - WHERE p.Time_stamp > @stopTime""" - return q class fortraEFC: def getToken(self): diff --git a/inexDataModel.py b/inexDataModel.py index 132ced3..86fe862 100644 --- a/inexDataModel.py +++ b/inexDataModel.py @@ -45,4 +45,167 @@ def dataTemplate(**kwargs): "utype": kwargs.get('utype') } - return template \ No newline at end of file + return template + +FileUploaded = { + "bytes" : 2490, + "dst_endpoint": { + "port": 22, + "ip": "10.91.160.77", + "type": "SFTP" + }, + "duration": 200, + "file": { + "created_time": 1722485724000, + "size": 2490, + "name": "Case9.vbs", + "path": "\\\\10.255.255.9\\shared\\HASite\\InetPub\\EFTRoot\\MySite\\Usr\\Ivan //" + }, + "guid": "48D9C7A3-2DC6-11EF-AA59-00155D641204", + "node_name":"PERF01-S2019-77", + "prd_ext_tenant_id": "e71851c2-593f-4f49-9c07-91727b1be94b", + "product_name": "GlobalScape EFT", + "prd_ext_tenant_name": "GlobalScape EFT", + "classifications": [{ + "ref_id": "globalscape:48D9C7A3-2DC6-11EF-AA59-00155D641204", + "time":1722485724000, + }], + "session": { + "created_time":1722485724000, + "uid": "3615136" + }, + "src_endpoint": { + "port": 58868, + "ip": "10.91.160.45", + "type":"SFTP" + }, + "tenant": "e71851c2-593f-4f49-9c07-91727b1be94b", + "tenant_name":"GlobalScape", + "time":1722485724000, + "status_code":226, + "status_detail":"Upload Successful", + "user": { + "home_directory": "/Usr/Ivan/", + "uuid":"48D9C7A3-2DC6-11EF-AA59-00155D641204", + "uid": "3978403", + "type": "User", + "name": "Ivan" + }, + "utype": "file_uploaded" +} + +FileDownloaded = { +"bytes" : 4891, +"dst_endpoint": { + "port": 443, + "ip": "10.91.160.77", + "type": "HTTPS" +}, +"duration": 200, +"file": { + "created_time": 1722518124000, + "size": 4891, + "name": "FileDownload1.exe", + "path": "\\\\10.255.255.9\\shared\\HASite\\InetPub\\EFTRoot\\MySite\\Usr\\Ivan //" +}, +"guid": "48D9C7A3-2DC6-11EF-AA59-00155D641205", +"node_name":"PERF01-S2019-77", +"prd_ext_tenant_id": "e71851c2-593f-4f49-9c07-91727b1be94b", +"product_name": "GlobalScape EFT", +"prd_ext_tenant_name": "GlobalScape EFT", +"classifications": [{ + "ref_id": "globalscape:48D9C7A3-2DC6-11EF-AA59-00155D641205", + "time":1722518124000, +}], +"session": { + "created_time":1722518124000, + "uid": "3615137" +}, +"src_endpoint": { + "port": 443, + "ip": "10.91.160.45", + "type":"HTTPS" +}, +"tenant": "e71851c2-593f-4f49-9c07-91727b1be94b", +"tenant_name":"GlobalScape", +"time":1722518124000, +"status_code":226, +"status_detail":"Download Successful", +"user": { + "home_directory": "/Usr/Ivan/", + "uuid":"48D9C7A3-2DC6-11EF-AA59-00155D641205", + "uid": "3978404", + "type": "User", + "name": "Ivan" +}, +"utype": "file_downloaded"} + +FileDeleted = { + "file": { + "size": 304673, + "path": "\\\\10.255.255.9\\shared\\HASite\\InetPub\\EFTRoot\\MySite\\Usr\\Ivan", +"name": "DeleteME.txt" +}, +"guid": "48D9C7A3-2DC6-11EF-AA59-00155D641207", +"classifications": [{ + "ref_id": "globalscape:48D9C7A3-2DC6-11EF-AA59-00155D641207", + "time":1722515664000, +}], +"prd_ext_tenant_name": "Globalscape EFT", +"prd_ext_tenant_id": "e71851c2-593f-4f49-9c07-91727b1be94b", +"product_name": "Globalscape EFT", +"session": { + "created_time":1722515664000, + "uid": "3615138" +}, +"src_endpoint": { + "port": 443, + "ip": "10.91.160.45", + "type":"HTTPS" +}, +"dst_endpoint": { + "port": 443, + "ip": "10.91.160.77", + "type": "HTTPS" +}, +"time": 1722515664000, +"user": { + "home_directory": "/Usr/Ivan/", + "uuid":"48D9C7A3-2DC6-11EF-AA59-00155D641207", + "uid": "3978406", + "type": "User", + "name": "Ivan" +}, +"utype": "file_deleted" +} + +Logon ={ +"classifications": [{ + "ref_id": "globalscape:48D9C7A3-2DC6-11EF-AA59-00155D641206", + "time": 1722510924000, + +}], +"dst_endpoint": { + "port": 443, + "ip": "10.91.160.77", + "type": "HTTPS" +}, +"guid": "48D9C7A3-2DC6-11EF-AA59-00155D641206", +"prd_ext_tenant_id": "e71851c2-593f-4f49-9c07-91727b1be94b", +"product_name": "GlobalScape EFT", +"prd_ext_tenant_name": "GlobalScape EFT", +"src_endpoint": { + "port": 443, + "ip": "10.91.160.45", + "type":"HTTPS" +}, +"time": 1722510924000, +"user": { + "home_directory": "/Usr/Ivan/", + "uuid":"48D9C7A3-2DC6-11EF-AA59-00155D641206", + "uid": "3978405", + "type": "User", + "name": "Ivan" +}, +"utype": "user_logged_on" +} \ No newline at end of file