From 8384d714f9bc8b41172bf916e0a0e37f2ed613a7 Mon Sep 17 00:00:00 2001 From: jblu Date: Sat, 10 Aug 2024 02:20:26 -0500 Subject: [PATCH] fix: #14 now correctly handles 'other' transactions --- inex.py | 44 ++++++++++++---------- inexDataModel.py | 2 + inexDataProcessing.py | 86 +++++++++++++++++++++++-------------------- 3 files changed, 74 insertions(+), 58 deletions(-) diff --git a/inex.py b/inex.py index 5c85b11..1d1af51 100644 --- a/inex.py +++ b/inex.py @@ -10,6 +10,7 @@ import json import requests import inexEncoder import inexSqlquery + class Inex: def __init__(self): """Initilize config, calls functions from inex-connect.py and inex-logging.py""" @@ -30,25 +31,30 @@ class Inex: self.config = self.tl.load(c) # set config - self.dbDriver = self.config["database"]["driver"] - self.dbServer = self.config["database"]["server"] - self.dbDatabase = self.config["database"]["database"] - self.dbUser = self.config["database"]["user"] - self.dbPassword = self.config["database"]["password"] - self.dbQuery = self.config["database"]["query"] - self.outputFile = self.config["output"]["filename"] - self.useLog = self.config["logging"]["useLog"] - self.logPath = self.config["logging"]["logPath"] - self.logLevel = self.config["logging"]["logLevel"] - self.prdInstanceID = self.config["immutables"]["prd_instance_id"] - self.productGUID = self.config["immutables"]["product_guid"] - self.productName = self.config["immutables"]["product_name"] - self.productVersion = self.config["immutables"]["product_version"] - self.tokenFilepath = self.config["output"]["token"] - self.selectedPlatform = self.config["fortraPlatform"]["selectedPlatform"] - self.writeJsonfile = self.config["output"]["dumpTojson"] - self.pushToplatform = self.config["output"]["pushToplatform"] - self.queryOverride = self.config["database"]["overrideEmbeddedquery"] + try: + if self.config: + self.dbDriver = self.config["database"]["driver"] + self.dbServer = self.config["database"]["server"] + self.dbDatabase = self.config["database"]["database"] + self.dbUser = self.config["database"]["user"] + self.dbPassword = self.config["database"]["password"] + self.dbQuery = self.config["database"]["query"] + self.outputFile = self.config["output"]["filename"] + self.useLog = self.config["logging"]["useLog"] + self.logPath = self.config["logging"]["logPath"] + self.logLevel = self.config["logging"]["logLevel"] + self.prdInstanceID = self.config["immutables"]["prd_instance_id"] + self.productGUID = self.config["immutables"]["product_guid"] + self.productName = self.config["immutables"]["product_name"] + self.productVersion = self.config["immutables"]["product_version"] + self.tokenFilepath = self.config["output"]["token"] + self.selectedPlatform = self.config["fortraPlatform"]["selectedPlatform"] + self.writeJsonfile = self.config["output"]["dumpTojson"] + self.pushToplatform = self.config["output"]["pushToplatform"] + self.queryOverride = self.config["database"]["overrideEmbeddedquery"] + except: + print("No config.toml. Please use example file and configure appropriately") + exit(1) if "dev" in self.selectedPlatform.lower(): self.platformConfig = self.config["fortraPlatform"]["dev"] diff --git a/inexDataModel.py b/inexDataModel.py index 19f9e8a..24849f7 100644 --- a/inexDataModel.py +++ b/inexDataModel.py @@ -123,5 +123,7 @@ def dataTemplate(transactionType,**kwargs): template = fileDeleted if transactionType == "user_logged_on": template = logon + if transactionType == "other": + template = {} return template \ No newline at end of file diff --git a/inexDataProcessing.py b/inexDataProcessing.py index b23b26d..8b1e4d0 100644 --- a/inexDataProcessing.py +++ b/inexDataProcessing.py @@ -7,45 +7,21 @@ def processData(data, template, **kwargs): # print(f'Row: {row}') if row.get('Command') == None: continue - - processedData.append(template(identifyUtype(row.get('Command')),\ - prd_ext_tenant_id='',\ - status_code=row.get('ResultID'),\ - file_size=row.get('FileSize'),\ - file_path=row.get('PhysicalFolderName'),\ - file_virtual_path=row.get('VirtualFolderName'),\ - file_name=row.get('FileName'),\ - guid=row.get('TransactionGUID'),\ - ref_id=row.get('ProtocolCommandID'),\ - prd_instance_id=kwargs.get('prd_instance_id'),\ - product_guid=kwargs.get('product_guid'),\ - product_name=kwargs.get('product_name'),\ - product_version=kwargs.get('product_version'),\ - node_name=row.get('NodeName'),\ - src_endpoint_type=row.get('Protocol'),\ - src_endpoint_port=row.get('RemotePort'),\ - src_endpoint_ip=row.get('RemoteIP'),\ - dst_endpoint_port=row.get('LocalPort'),\ - dst_endpoint_ip=row.get('LocalIP'),\ - dst_endpoint_type=row.get('Protocol'),\ - session_uid=row.get('TransactionID'),\ - bytes_out=row.get('BytesTransferred'),\ - duration=row.get('TransferTime'),\ - time=row.get('Time_stamp'),\ - user_type=identifyUserType(row.get('user_type')),\ - user_domain=row.get('SiteName'),\ - user_name=row.get('Actor'),\ - user_home_directory=row.get('VirtualFolderName'),\ - description=row.get('Description'),\ - utype=identifyUtype(row.get('Command')))) - - if row.get('TransactionGUID') not in transactionLoginid: - processedData.append(template(identifyUtype(row.get('TransactionObject')),\ + try: + processedData.append(template(identifyUtype(row.get('Command')),\ + prd_ext_tenant_id='',\ + status_code=row.get('ResultID'),\ + file_size=row.get('FileSize'),\ + file_path=row.get('PhysicalFolderName'),\ + file_virtual_path=row.get('VirtualFolderName'),\ + file_name=row.get('FileName'),\ guid=row.get('TransactionGUID'),\ + ref_id=row.get('ProtocolCommandID'),\ prd_instance_id=kwargs.get('prd_instance_id'),\ product_guid=kwargs.get('product_guid'),\ product_name=kwargs.get('product_name'),\ product_version=kwargs.get('product_version'),\ + node_name=row.get('NodeName'),\ src_endpoint_type=row.get('Protocol'),\ src_endpoint_port=row.get('RemotePort'),\ src_endpoint_ip=row.get('RemoteIP'),\ @@ -54,15 +30,47 @@ def processData(data, template, **kwargs): dst_endpoint_type=row.get('Protocol'),\ session_uid=row.get('TransactionID'),\ bytes_out=row.get('BytesTransferred'),\ - transfer_time=row.get('TransferTime'),\ + duration=row.get('TransferTime'),\ time=row.get('Time_stamp'),\ user_type=identifyUserType(row.get('user_type')),\ user_domain=row.get('SiteName'),\ user_name=row.get('Actor'),\ user_home_directory=row.get('VirtualFolderName'),\ - utype=identifyUtype(row.get('TransactionObject'))\ - )) - transactionLoginid.append(row.get('TransactionGUID')) + description=row.get('Description'),\ + utype=identifyUtype(row.get('Command')))) + except UnboundLocalError: + print(f'Problem row GUID:{row.get("TransactionGUID")} ::: TransactionObject:{row.get("TransactionObject")} Command: {row.get("Command")}') + + continue + + if row.get('TransactionGUID') not in transactionLoginid: + try: + processedData.append(template(identifyUtype(row.get('TransactionObject')),\ + guid=row.get('TransactionGUID'),\ + prd_instance_id=kwargs.get('prd_instance_id'),\ + product_guid=kwargs.get('product_guid'),\ + product_name=kwargs.get('product_name'),\ + product_version=kwargs.get('product_version'),\ + src_endpoint_type=row.get('Protocol'),\ + src_endpoint_port=row.get('RemotePort'),\ + src_endpoint_ip=row.get('RemoteIP'),\ + dst_endpoint_port=row.get('LocalPort'),\ + dst_endpoint_ip=row.get('LocalIP'),\ + dst_endpoint_type=row.get('Protocol'),\ + session_uid=row.get('TransactionID'),\ + bytes_out=row.get('BytesTransferred'),\ + transfer_time=row.get('TransferTime'),\ + time=row.get('Time_stamp'),\ + user_type=identifyUserType(row.get('user_type')),\ + user_domain=row.get('SiteName'),\ + user_name=row.get('Actor'),\ + user_home_directory=row.get('VirtualFolderName'),\ + utype=identifyUtype(row.get('TransactionObject'))\ + )) + transactionLoginid.append(row.get('TransactionGUID')) + except UnboundLocalError: + print(f'Problem row GUID:{row.get("TransactionGUID")} ::: TransactionObject:{row.get("TransactionObject")} Command: {row.get("Command")}') + continue return processedData @@ -89,4 +97,4 @@ def identifyUtype(obj): if obj in file_downloaded: return "file_downloaded" else: - return None \ No newline at end of file + return "other" \ No newline at end of file