Compare commits
28 Commits
6f6e38fe13
...
v.1.0.0
| Author | SHA1 | Date | |
|---|---|---|---|
| 5d6427698d | |||
| 8384d714f9 | |||
| 42880bb334 | |||
| 494edd98ee | |||
| ebe10f80ba | |||
| 7e5a8a2603 | |||
| 5c37b2fca2 | |||
| cd9c6d535e | |||
| 643aaa946e | |||
| cc8adbebad | |||
| c7b4e8ef85 | |||
| 09d9b78e15 | |||
| de17d1d45b | |||
| f99801fa2b | |||
| b076be8333 | |||
| 5cae8105d0 | |||
| 17155120ab | |||
| 7c65c0e357 | |||
| 8fbd10d9df | |||
| cfa23470a8 | |||
| 73acbb6646 | |||
| 82ad280aa8 | |||
| 0174336f39 | |||
| 165ba4533c | |||
| 822fb79fd4 | |||
| 9ca8631abb | |||
| 6615637d07 | |||
| c4bd226b7e |
@ -1,35 +1,41 @@
|
||||
name: Build
|
||||
on: push
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- '*'
|
||||
|
||||
jobs:
|
||||
# build-linux-binary:
|
||||
# runs-on: ubuntu-latest
|
||||
# steps:
|
||||
# - uses: actions/checkout@v4
|
||||
# - uses: actions/setup-python@v5
|
||||
# with:
|
||||
# python-version: '3.12.4'
|
||||
# cache: 'pip' # caching pip dependencies
|
||||
# - run: apt-get update
|
||||
# - run: apt-get install unixodbc -y
|
||||
# - run: pip install -r requirements.txt
|
||||
# - run: pyinstaller --noconfirm --onefile --console ${{ gitea.workspace }}/inex.py
|
||||
# - uses: softprops/action-gh-release@v2
|
||||
# - name: Release
|
||||
# uses: softprops/action-gh-release@v2
|
||||
# if: startsWith(gitea.ref, 'refs/tags/')
|
||||
# with:
|
||||
# files: ${{ gitea.workspace }}/dist/inex
|
||||
build-linux-binary:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: write # release changes require contents write
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: '3.12.4'
|
||||
cache: 'pip' # caching pip dependencies
|
||||
- run: lsb_release -a
|
||||
- run: apt-get update
|
||||
- run: apt-get install unixodbc -y
|
||||
- run: pip install -r requirements.txt
|
||||
- run: pyinstaller --noconfirm --onefile --console ${{ gitea.workspace }}/inex.py
|
||||
- uses: softprops/action-gh-release@v2
|
||||
with:
|
||||
files: ${{ gitea.workspace }}/dist/inex
|
||||
|
||||
build-windows-binary:
|
||||
runs-on: windows
|
||||
permissions:
|
||||
contents: write # release changes require contents write
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Upload Release Asset
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
run: pip install -r requirements.txt
|
||||
run: pyinstaller --noconfirm --onefile --console ${{ gitea.workspace }}/inex.py
|
||||
# run: gh release upload <release_tag> <a_file>
|
||||
|
||||
- uses: actions/setup-python@v4
|
||||
with:
|
||||
python-version: '3.12.4'
|
||||
cache: 'pip' # caching pip dependencies
|
||||
- run: python -m pip install -r requirements.txt
|
||||
- run: pyinstaller --noconfirm --onefile --console ${{ gitea.workspace }}/inex.py
|
||||
- uses: softprops/action-gh-release@v2
|
||||
with:
|
||||
files: ${{ gitea.workspace }}/dist/inex.exe
|
||||
4
LICENSE
4
LICENSE
@ -209,7 +209,7 @@ If you develop a new program, and you want it to be of the greatest possible use
|
||||
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
|
||||
|
||||
Inex
|
||||
Copyright (C) 2024 jblu
|
||||
Copyright (C) 2024 Jonathan Branan
|
||||
|
||||
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
||||
|
||||
@ -221,7 +221,7 @@ Also add information on how to contact you by electronic and paper mail.
|
||||
|
||||
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
|
||||
|
||||
Inex Copyright (C) 2024 jblu
|
||||
Inex Copyright (C) 2024 Jonathan Branan
|
||||
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
|
||||
This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details.
|
||||
|
||||
|
||||
@ -23,41 +23,19 @@ client_id = "eft-event-generator-confidential"
|
||||
secret = ""
|
||||
|
||||
[database]
|
||||
overrideEmbeddedquery = false
|
||||
driver = "ODBC Driver 18 for SQL Server"
|
||||
server = "192.168.x.x"
|
||||
database = "EFTDB"
|
||||
user = "a"
|
||||
password = "a"
|
||||
query = """DECLARE @stopTime DATETIME2
|
||||
SET @stopTime = DATEADD(DAY, -30, GETDATE())
|
||||
SELECT p.[ProtocolCommandID]
|
||||
,t.[Time_stamp]
|
||||
,p.[RemoteIP]
|
||||
,p.[RemotePort]
|
||||
,p.[LocalIP]
|
||||
,p.[LocalPort]
|
||||
,p.[Protocol]
|
||||
,p.[SiteName]
|
||||
,p.[Command]
|
||||
,p.[CommandParameters]
|
||||
,p.[FileName]
|
||||
,p.[VirtualFolderName]
|
||||
,p.[PhysicalFolderName]
|
||||
,p.[IsInternal]
|
||||
,p.[FileSize]
|
||||
,p.[TransferTime]
|
||||
,p.[BytesTransferred]
|
||||
,p.[ResultID]
|
||||
,t.[TransactionID]
|
||||
,p.[Description]
|
||||
,p.[Actor]
|
||||
,t.ParentTransactionID
|
||||
,t.TransactionObject
|
||||
,t.NodeName
|
||||
,t.TransactionGUID
|
||||
,a.Protocol user_type
|
||||
FROM [EFTDB].[dbo].[tbl_Transactions] t Full JOIN tbl_ProtocolCommands p ON (t.TransactionID = p.TransactionID) Full join tbl_Authentications a ON (t.TransactionID = a.TransactionID)
|
||||
WHERE p.Time_stamp > @stopTime"""
|
||||
query = """DECLARE @stopTime DATETIME2
|
||||
SET @stopTime=DATEADD(DAY, -30, GETDATE())
|
||||
SELECT p.ProtocolCommandID, t.Time_stamp, p.RemoteIP, p.RemotePort, p.LocalIP, p.LocalPort, p.Protocol, p.SiteName, p.Command, p.FileName, p.VirtualFolderName, p.FileSize, p.TransferTime, p.BytesTransferred, p.Description, p.ResultID, t.TransactionID, p.Actor, t.TransactionObject, t.NodeName, t.TransactionGUID, a.Protocol user_type
|
||||
FROM tbl_Transactions t
|
||||
Full JOIN tbl_ProtocolCommands p ON(t.TransactionID=p.TransactionID)
|
||||
Full JOIN tbl_Authentications a ON(t.TransactionID=a.TransactionID)
|
||||
WHERE p.Time_stamp>@stopTime AND p.Command IS NOT NULL"""
|
||||
|
||||
[immutables]
|
||||
prd_instance_id = 1
|
||||
|
||||
@ -1,35 +0,0 @@
|
||||
[database]
|
||||
driver = "ODBC Driver 18 for SQL Server"
|
||||
server = "192.168.x.x"
|
||||
database = "EFTDB"
|
||||
user = "a"
|
||||
password = "a"
|
||||
query = """SELECT TOP (1) [ProtocolCommandID]
|
||||
,[Time_stamp]
|
||||
,[RemoteIP]
|
||||
,[RemotePort]
|
||||
,[LocalIP]
|
||||
,[LocalPort]
|
||||
,[Protocol]
|
||||
,[SiteName]
|
||||
,[Command]
|
||||
,[CommandParameters]
|
||||
,[FileName]
|
||||
,[VirtualFolderName]
|
||||
,[PhysicalFolderName]
|
||||
,[IsInternal]
|
||||
,[FileSize]
|
||||
,[TransferTime]
|
||||
,[BytesTransferred]
|
||||
,[ResultID]
|
||||
,[TransactionID]
|
||||
,[Description]
|
||||
,[Actor]
|
||||
FROM [EFTDB].[dbo].[tbl_ProtocolCommands]"""
|
||||
[output]
|
||||
filename ="./data.json"
|
||||
|
||||
[logging]
|
||||
use_log = true
|
||||
logLevel = "debug"
|
||||
logPath = "./inex.log"
|
||||
Binary file not shown.
53
inex.py
53
inex.py
@ -1,23 +1,21 @@
|
||||
import pyodbc
|
||||
import os
|
||||
import logging
|
||||
import datetime
|
||||
import tomllib
|
||||
from inexLogging import inexLog
|
||||
import inexConnect
|
||||
from inexDataModel import dataTemplate
|
||||
from inexDataProcessing import processData
|
||||
import json
|
||||
import decimal
|
||||
import requests
|
||||
import inexEncoder
|
||||
import inexSqlquery
|
||||
|
||||
class Inex:
|
||||
def __init__(self):
|
||||
"""Initilize config, calls functions from inex-connect.py and inex-logging.py"""
|
||||
# assign libraries
|
||||
self.db = pyodbc
|
||||
self.tm = datetime
|
||||
self.il = logging
|
||||
self.ic = inexConnect
|
||||
self.r = requests
|
||||
@ -25,6 +23,7 @@ class Inex:
|
||||
self.os = os
|
||||
self.j = json
|
||||
self.e = inexEncoder.Encoder
|
||||
self.sq = inexSqlquery
|
||||
|
||||
if self.os.path.exists('./config.toml'):
|
||||
config_file_path = './config.toml'
|
||||
@ -32,24 +31,30 @@ class Inex:
|
||||
self.config = self.tl.load(c)
|
||||
|
||||
# set config
|
||||
self.dbDriver = self.config["database"]["driver"]
|
||||
self.dbServer = self.config["database"]["server"]
|
||||
self.dbDatabase = self.config["database"]["database"]
|
||||
self.dbUser = self.config["database"]["user"]
|
||||
self.dbPassword = self.config["database"]["password"]
|
||||
self.dbQuery = self.config["database"]["query"]
|
||||
self.outputFile = self.config["output"]["filename"]
|
||||
self.useLog = self.config["logging"]["useLog"]
|
||||
self.logPath = self.config["logging"]["logPath"]
|
||||
self.logLevel = self.config["logging"]["logLevel"]
|
||||
self.prdInstanceID = self.config["immutables"]["prd_instance_id"]
|
||||
self.productGUID = self.config["immutables"]["product_guid"]
|
||||
self.productName = self.config["immutables"]["product_name"]
|
||||
self.productVersion = self.config["immutables"]["product_version"]
|
||||
self.tokenFilepath = self.config["output"]["token"]
|
||||
self.selectedPlatform = self.config["fortraPlatform"]["selectedPlatform"]
|
||||
self.writeJsonfile = self.config["output"]["dumpTojson"]
|
||||
self.pushToplatform = self.config["output"]["pushToplatform"]
|
||||
try:
|
||||
if self.config:
|
||||
self.dbDriver = self.config["database"]["driver"]
|
||||
self.dbServer = self.config["database"]["server"]
|
||||
self.dbDatabase = self.config["database"]["database"]
|
||||
self.dbUser = self.config["database"]["user"]
|
||||
self.dbPassword = self.config["database"]["password"]
|
||||
self.dbQuery = self.config["database"]["query"]
|
||||
self.outputFile = self.config["output"]["filename"]
|
||||
self.useLog = self.config["logging"]["useLog"]
|
||||
self.logPath = self.config["logging"]["logPath"]
|
||||
self.logLevel = self.config["logging"]["logLevel"]
|
||||
self.prdInstanceID = self.config["immutables"]["prd_instance_id"]
|
||||
self.productGUID = self.config["immutables"]["product_guid"]
|
||||
self.productName = self.config["immutables"]["product_name"]
|
||||
self.productVersion = self.config["immutables"]["product_version"]
|
||||
self.tokenFilepath = self.config["output"]["token"]
|
||||
self.selectedPlatform = self.config["fortraPlatform"]["selectedPlatform"]
|
||||
self.writeJsonfile = self.config["output"]["dumpTojson"]
|
||||
self.pushToplatform = self.config["output"]["pushToplatform"]
|
||||
self.queryOverride = self.config["database"]["overrideEmbeddedquery"]
|
||||
except:
|
||||
print("No config.toml. Please use example file and configure appropriately")
|
||||
exit(1)
|
||||
|
||||
if "dev" in self.selectedPlatform.lower():
|
||||
self.platformConfig = self.config["fortraPlatform"]["dev"]
|
||||
@ -57,15 +62,15 @@ class Inex:
|
||||
self.platformConfig = self.config["fortraPlatform"]["stage"]
|
||||
if "prod" in self.selectedPlatform.lower():
|
||||
self.platformConfig = self.config["fortraPlatform"]["prod"]
|
||||
# print(self.platformConfig)
|
||||
|
||||
#Setup logging
|
||||
inexLog(self)
|
||||
|
||||
# create the connection to the database
|
||||
self.cursor = self.ic.connectDatabase(self, self.db, self.dbDriver, self.dbServer, self.dbDatabase, self.dbUser, self.dbPassword)
|
||||
self.cursor = self.ic.inexSql.connectDatabase(self, self.db, self.dbDriver, self.dbServer, self.dbDatabase, self.dbUser, self.dbPassword)
|
||||
|
||||
self.data = self.ic.databaseQuery(self, self.cursor, self.dbQuery)
|
||||
|
||||
self.data = self.ic.inexSql.databaseQuery(self, self.cursor, self.sq.sqlQuerymodel.queryData(self.queryOverride,self.dbQuery))
|
||||
|
||||
self.modifiedData = processData(self.data, dataTemplate, prd_instance_id=self.prdInstanceID,\
|
||||
product_guid=self.productGUID,product_name=self.productName,product_version=self.productVersion)
|
||||
|
||||
@ -1,45 +1,46 @@
|
||||
def connectDatabase(self, lib, driver, server, database, user, password):
|
||||
"""Connects to the database. Requires a windows driver to do so.
|
||||
Typically there is one installed by default"""
|
||||
class inexSql:
|
||||
def connectDatabase(self, lib, driver, server, database, user, password):
|
||||
"""Connects to the database. Requires a windows driver to do so.
|
||||
Typically there is one installed by default"""
|
||||
|
||||
connectionString = f'DRIVER={{{driver}}};SERVER={server};DATABASE={database};UID={user};PWD={password};TrustServerCertificate=yes'
|
||||
if self.useLog:
|
||||
self.il.debug(f"Connection String: connectionString")
|
||||
self.il.info(f"Connecting to {database}@{server} with driver[{driver}].")
|
||||
try:
|
||||
connection = lib.connect(connectionString)
|
||||
except lib.Error as ex:
|
||||
sqlstate = ex.args[1]
|
||||
connectionString = f'DRIVER={{{driver}}};SERVER={server};DATABASE={database};UID={user};PWD={password};TrustServerCertificate=yes'
|
||||
if self.useLog:
|
||||
self.il.error(sqlstate)
|
||||
if self.useLog:
|
||||
self.il.debug(f"Connected.")
|
||||
cursor = connection.cursor()
|
||||
|
||||
return cursor
|
||||
|
||||
def databaseQuery(self, cursor, query, args=()):
|
||||
if self.useLog:
|
||||
self.il.debug(f"Query:")
|
||||
self.il.debug(query)
|
||||
self.il.info(f"Sending query:{query[0:20]}...")
|
||||
|
||||
try:
|
||||
cur = cursor.execute(query, args)
|
||||
except cur.Error as ex:
|
||||
sqlstate = ex.args[1]
|
||||
self.il.debug(f"Connection String: connectionString")
|
||||
self.il.info(f"Connecting to {database}@{server} with driver[{driver}].")
|
||||
try:
|
||||
connection = lib.connect(connectionString)
|
||||
except lib.Error as ex:
|
||||
sqlstate = ex.args[1]
|
||||
if self.useLog:
|
||||
self.il.error(sqlstate)
|
||||
if self.useLog:
|
||||
self.il.error(sqlstate)
|
||||
|
||||
if self.useLog:
|
||||
self.il.debug(f"Processing database response...")
|
||||
r = [dict((cur.description[i][0], value) \
|
||||
for i, value in enumerate(row)) for row in cur.fetchall()]
|
||||
|
||||
cur.connection.close()
|
||||
if self.useLog:
|
||||
self.il.debug(f"Database connection closed")
|
||||
return r
|
||||
self.il.debug(f"Connected.")
|
||||
cursor = connection.cursor()
|
||||
|
||||
return cursor
|
||||
|
||||
def databaseQuery(self, cursor, query, args=()):
|
||||
if self.useLog:
|
||||
self.il.debug(f"Query:")
|
||||
self.il.debug(query)
|
||||
self.il.info(f"Sending query:{query[0:20]}...")
|
||||
|
||||
try:
|
||||
cur = cursor.execute(query, args)
|
||||
except cur.Error as ex:
|
||||
sqlstate = ex.args[1]
|
||||
if self.useLog:
|
||||
self.il.error(sqlstate)
|
||||
|
||||
if self.useLog:
|
||||
self.il.debug(f"Processing database response...")
|
||||
r = [dict((cur.description[i][0], value) \
|
||||
for i, value in enumerate(row)) for row in cur.fetchall()]
|
||||
|
||||
cur.connection.close()
|
||||
if self.useLog:
|
||||
self.il.debug(f"Database connection closed")
|
||||
return r
|
||||
|
||||
class fortraEFC:
|
||||
def getToken(self):
|
||||
|
||||
149
inexDataModel.py
149
inexDataModel.py
@ -1,48 +1,129 @@
|
||||
def dataTemplate(**kwargs):
|
||||
"""Expects the following keyword arguments:
|
||||
status,status_detail,status_code,file_size,file_path,file_virtual_path,file_name,
|
||||
guid,ref_id,prd_instance_id,product_guid,product_name,product_version,node_name,
|
||||
src_endpoint_port,src_endpoint_ip,dst_endpoint_port,dst_endpoint_ip,dst_endpoint_type,
|
||||
session_uid,bytes_out,transfer_time,time,user_type,user_domain,user_name and utype.
|
||||
"""
|
||||
template ={
|
||||
"status": kwargs.get('status'),
|
||||
"status_detail": kwargs.get('status_detail'),
|
||||
"status_code": kwargs.get('status_code'),
|
||||
"file": {
|
||||
"size": kwargs.get('file_size'),
|
||||
"path": kwargs.get('file_path'),
|
||||
"virtual_path": kwargs.get('file_virtual_path'),
|
||||
"name": kwargs.get('file_name')
|
||||
},
|
||||
"guid": kwargs.get('guid'),
|
||||
"ref_id": kwargs.get('ref_id'),
|
||||
"prd_instance_id": kwargs.get('prd_instance_id'),
|
||||
"product_guid": kwargs.get('product_guid'),
|
||||
"product_name": kwargs.get('product_name'),
|
||||
"product_version": kwargs.get('product_version'),
|
||||
"node_name":kwargs.get('node_name'),
|
||||
"src_endpoint": {
|
||||
"port": kwargs.get('src_endpoint_port'),
|
||||
"ip": kwargs.get('src_endpoint_ip')
|
||||
},
|
||||
"dst_endpoint": {
|
||||
def dataTemplate(transactionType,**kwargs):
|
||||
uploadDownload = {
|
||||
"bytes" : kwargs.get('bytes_out'),
|
||||
"dst_endpoint": {
|
||||
"port": kwargs.get('dst_endpoint_port'),
|
||||
"ip": kwargs.get('dst_endpoint_ip'),
|
||||
"type": kwargs.get('dst_endpoint_type')
|
||||
},
|
||||
"duration": kwargs.get('duration'),
|
||||
"file": {
|
||||
"created_time": kwargs.get('time'),
|
||||
"size": kwargs.get('file_size'),
|
||||
"name": kwargs.get('file_name'),
|
||||
"path": kwargs.get('file_path')
|
||||
},
|
||||
"guid": kwargs.get('guid'),
|
||||
"node_name": kwargs.get('node_name'),
|
||||
"prd_ext_tenant_id": kwargs.get('tenant'),
|
||||
"product_name": "GlobalScape EFT",
|
||||
"prd_ext_tenant_name": "GlobalScape EFT",
|
||||
"classifications": [{
|
||||
"ref_id": f"globalscape:{kwargs.get('guid')}",
|
||||
"time": kwargs.get('time'),
|
||||
}],
|
||||
"session": {
|
||||
"created_time": kwargs.get('time'),
|
||||
"uid": kwargs.get('session_uid')
|
||||
},
|
||||
"src_endpoint": {
|
||||
"port": kwargs.get('src_endpoint_port'),
|
||||
"ip": kwargs.get('src_endpoint_ip'),
|
||||
"type": kwargs.get('src_endpoint_type')
|
||||
},
|
||||
"tenant": kwargs.get('tenant'),
|
||||
"tenant_name":"GlobalScape",
|
||||
"time": kwargs.get('time'),
|
||||
"status_code": kwargs.get('status_code'),
|
||||
"status_detail": kwargs.get('description'),
|
||||
"user": {
|
||||
"home_directory": kwargs.get('user_home_directory'),
|
||||
"uuid": kwargs.get('guid'),
|
||||
"uid": kwargs.get('uid'),
|
||||
"type": kwargs.get('user_type'),
|
||||
"name": kwargs.get('user_name')
|
||||
},
|
||||
"utype": kwargs.get('utype')
|
||||
}
|
||||
|
||||
fileDeleted = {
|
||||
"file": {
|
||||
"size": kwargs.get('file_size'),
|
||||
"name": kwargs.get('file_name'),
|
||||
"path": kwargs.get('file_path')
|
||||
},
|
||||
"guid": kwargs.get('guid'),
|
||||
"classifications": [{
|
||||
"ref_id": f"globalscape:{kwargs.get('guid')}",
|
||||
"time": kwargs.get('time'),
|
||||
}],
|
||||
"prd_ext_tenant_name": "Globalscape EFT",
|
||||
"prd_ext_tenant_id": kwargs.get('tenant'),
|
||||
"product_name": "Globalscape EFT",
|
||||
"session": {
|
||||
"created_time": kwargs.get('time'),
|
||||
"uid": kwargs.get('session_uid')
|
||||
},
|
||||
"src_endpoint": {
|
||||
"port": kwargs.get('src_endpoint_port'),
|
||||
"ip": kwargs.get('src_endpoint_ip'),
|
||||
"type": kwargs.get('src_endpoint_type')
|
||||
},
|
||||
"dst_endpoint": {
|
||||
"port": kwargs.get('dst_endpoint_port'),
|
||||
"ip": kwargs.get('dst_endpoint_ip'),
|
||||
"type": kwargs.get('dst_endpoint_type')
|
||||
},
|
||||
"time": kwargs.get('time'),
|
||||
"user": {
|
||||
"home_directory": kwargs.get('user_home_directory'),
|
||||
"uuid": kwargs.get('guid'),
|
||||
"uid": kwargs.get('uid'),
|
||||
"type": kwargs.get('user_type'),
|
||||
"name": kwargs.get('user_name')
|
||||
},
|
||||
"utype": kwargs.get('utype')
|
||||
}
|
||||
|
||||
logon ={
|
||||
"classifications": [{
|
||||
"ref_id": f"globalscape:{kwargs.get('guid')}",
|
||||
"time": kwargs.get('time'),
|
||||
}],
|
||||
"dst_endpoint": {
|
||||
"port": kwargs.get('dst_endpoint_port'),
|
||||
"ip": kwargs.get('dst_endpoint_ip'),
|
||||
"type": kwargs.get('dst_endpoint_type')
|
||||
},
|
||||
"session": {
|
||||
"uid": kwargs.get('session_uid')
|
||||
"guid": kwargs.get('guid'),
|
||||
"prd_ext_tenant_id": kwargs.get('tenant'),
|
||||
"product_name": "GlobalScape EFT",
|
||||
"prd_ext_tenant_name": "GlobalScape EFT",
|
||||
"src_endpoint": {
|
||||
"port": kwargs.get('src_endpoint_port'),
|
||||
"ip": kwargs.get('src_endpoint_ip'),
|
||||
"type": kwargs.get('src_endpoint_type')
|
||||
},
|
||||
"bytes_out" : kwargs.get('bytes_out'),
|
||||
"transfer_time" : kwargs.get('transfer_time'),
|
||||
"time": kwargs.get('time'),
|
||||
"user": {
|
||||
"home_directory": kwargs.get('user_home_directory'),
|
||||
"uuid": kwargs.get('guid'),
|
||||
"uid": kwargs.get('uid'),
|
||||
"type": kwargs.get('user_type'),
|
||||
"domain": kwargs.get('user_domain'),
|
||||
"name": kwargs.get('user_name')
|
||||
},
|
||||
"utype": kwargs.get('utype')
|
||||
}
|
||||
|
||||
if transactionType == "file_uploaded":
|
||||
template = uploadDownload
|
||||
if transactionType == "file_downloaded":
|
||||
template = uploadDownload
|
||||
if transactionType == "file_deleted":
|
||||
template = fileDeleted
|
||||
if transactionType == "user_logged_on":
|
||||
template = logon
|
||||
if transactionType == "other":
|
||||
template = {}
|
||||
|
||||
return template
|
||||
@ -1,34 +1,77 @@
|
||||
def processData(data, template, **kwargs):
|
||||
|
||||
processedData = []
|
||||
transactionLoginid = []
|
||||
|
||||
for row in data:
|
||||
# print(f'Row: {row}')
|
||||
processedData.append(template(status=row.get(''),\
|
||||
status_detail=row.get(''),\
|
||||
status_code=row.get('ResultID'),\
|
||||
file_size=row.get('FileSize'),\
|
||||
file_path=row.get('PhysicalFolderName'),\
|
||||
file_virtual_path=row.get('VirtualFolderName'),\
|
||||
file_name=row.get('FileName'),\
|
||||
guid=row.get('TransactionGUID'),\
|
||||
ref_id=row.get('ProtocolCommandID'),\
|
||||
prd_instance_id=kwargs.get('prd_instance_id'),\
|
||||
product_guid=kwargs.get('product_guid'),\
|
||||
product_name=kwargs.get('product_name'),\
|
||||
product_version=kwargs.get('product_version'),\
|
||||
node_name=row.get('NodeName'),\
|
||||
src_endpoint_port=row.get('RemotePort'),\
|
||||
src_endpoint_ip=row.get('RemoteIP'),\
|
||||
dst_endpoint_port=row.get('LocalPort'),\
|
||||
dst_endpoint_ip=row.get('LocalIP'),\
|
||||
dst_endpoint_type=row.get('Protocol'),\
|
||||
session_uid=row.get('TransactionID'),\
|
||||
bytes_out=row.get('BytesTransferred'),\
|
||||
transfer_time=row.get('TransferTime'),\
|
||||
time=row.get('Time_stamp'),\
|
||||
user_type=identifyUserType(row.get('user_type')),\
|
||||
user_domain=row.get('SiteName'),\
|
||||
user_name=row.get('Actor'),\
|
||||
utype=identifyUtype(row.get('TransactionObject'))))
|
||||
if row.get('Command') == None:
|
||||
continue
|
||||
try:
|
||||
processedData.append(template(identifyUtype(row.get('Command')),\
|
||||
prd_ext_tenant_id='',\
|
||||
status_code=row.get('ResultID'),\
|
||||
file_size=row.get('FileSize'),\
|
||||
file_path=row.get('PhysicalFolderName'),\
|
||||
file_virtual_path=row.get('VirtualFolderName'),\
|
||||
file_name=row.get('FileName'),\
|
||||
guid=row.get('TransactionGUID'),\
|
||||
ref_id=row.get('ProtocolCommandID'),\
|
||||
prd_instance_id=kwargs.get('prd_instance_id'),\
|
||||
product_guid=kwargs.get('product_guid'),\
|
||||
product_name=kwargs.get('product_name'),\
|
||||
product_version=kwargs.get('product_version'),\
|
||||
node_name=row.get('NodeName'),\
|
||||
src_endpoint_type=row.get('Protocol'),\
|
||||
src_endpoint_port=row.get('RemotePort'),\
|
||||
src_endpoint_ip=row.get('RemoteIP'),\
|
||||
dst_endpoint_port=row.get('LocalPort'),\
|
||||
dst_endpoint_ip=row.get('LocalIP'),\
|
||||
dst_endpoint_type=row.get('Protocol'),\
|
||||
session_uid=row.get('TransactionID'),\
|
||||
bytes_out=row.get('BytesTransferred'),\
|
||||
duration=row.get('TransferTime'),\
|
||||
time=row.get('Time_stamp'),\
|
||||
user_type=identifyUserType(row.get('user_type')),\
|
||||
user_domain=row.get('SiteName'),\
|
||||
user_name=row.get('Actor'),\
|
||||
user_home_directory=row.get('VirtualFolderName'),\
|
||||
description=row.get('Description'),\
|
||||
utype=identifyUtype(row.get('Command'))))
|
||||
except UnboundLocalError:
|
||||
print(f'Problem row GUID:{row.get("TransactionGUID")} ::: TransactionObject:{row.get("TransactionObject")} Command: {row.get("Command")}')
|
||||
|
||||
continue
|
||||
|
||||
if row.get('TransactionGUID') not in transactionLoginid:
|
||||
try:
|
||||
processedData.append(template(identifyUtype(row.get('TransactionObject')),\
|
||||
guid=row.get('TransactionGUID'),\
|
||||
prd_instance_id=kwargs.get('prd_instance_id'),\
|
||||
product_guid=kwargs.get('product_guid'),\
|
||||
product_name=kwargs.get('product_name'),\
|
||||
product_version=kwargs.get('product_version'),\
|
||||
src_endpoint_type=row.get('Protocol'),\
|
||||
src_endpoint_port=row.get('RemotePort'),\
|
||||
src_endpoint_ip=row.get('RemoteIP'),\
|
||||
dst_endpoint_port=row.get('LocalPort'),\
|
||||
dst_endpoint_ip=row.get('LocalIP'),\
|
||||
dst_endpoint_type=row.get('Protocol'),\
|
||||
session_uid=row.get('TransactionID'),\
|
||||
bytes_out=row.get('BytesTransferred'),\
|
||||
transfer_time=row.get('TransferTime'),\
|
||||
time=row.get('Time_stamp'),\
|
||||
user_type=identifyUserType(row.get('user_type')),\
|
||||
user_domain=row.get('SiteName'),\
|
||||
user_name=row.get('Actor'),\
|
||||
user_home_directory=row.get('VirtualFolderName'),\
|
||||
utype=identifyUtype(row.get('TransactionObject'))\
|
||||
))
|
||||
transactionLoginid.append(row.get('TransactionGUID'))
|
||||
except UnboundLocalError:
|
||||
print(f'Problem row GUID:{row.get("TransactionGUID")} ::: TransactionObject:{row.get("TransactionObject")} Command: {row.get("Command")}')
|
||||
continue
|
||||
|
||||
return processedData
|
||||
|
||||
def identifyUserType(obj):
|
||||
@ -40,10 +83,10 @@ def identifyUserType(obj):
|
||||
else:
|
||||
return None
|
||||
def identifyUtype(obj):
|
||||
user_logged_on = []
|
||||
file_deleted = []
|
||||
file_uploaded = []
|
||||
file_downloaded = []
|
||||
user_logged_on = ['AUTH']
|
||||
file_deleted = ["dele"]
|
||||
file_uploaded = ["created"]
|
||||
file_downloaded = ["sent"]
|
||||
|
||||
if obj in user_logged_on:
|
||||
return "user_logged_on"
|
||||
@ -54,4 +97,4 @@ def identifyUtype(obj):
|
||||
if obj in file_downloaded:
|
||||
return "file_downloaded"
|
||||
else:
|
||||
return None
|
||||
return "other"
|
||||
11
inexSqlquery.py
Normal file
11
inexSqlquery.py
Normal file
@ -0,0 +1,11 @@
|
||||
class sqlQuerymodel:
|
||||
def queryData(overRideflag, configQuery):
|
||||
"""Embedded query data"""
|
||||
q ="""DECLARE @stopTime DATETIME2
|
||||
SET @stopTime=DATEADD(DAY, -30, GETDATE())
|
||||
SELECT p.ProtocolCommandID, t.Time_stamp, p.RemoteIP, p.RemotePort, p.LocalIP, p.LocalPort, p.Protocol, p.SiteName, p.Command, p.FileName, p.VirtualFolderName, p.FileSize, p.TransferTime, p.BytesTransferred, p.Description, p.ResultID, t.TransactionID, p.Actor, t.TransactionObject, t.NodeName, t.TransactionGUID, a.Protocol user_type
|
||||
FROM tbl_Transactions t
|
||||
Full JOIN tbl_ProtocolCommands p ON(t.TransactionID=p.TransactionID)
|
||||
Full join tbl_Authentications a ON(t.TransactionID=a.TransactionID)
|
||||
WHERE p.Time_stamp>@stopTime AND p.Command IS NOT NULL"""
|
||||
return configQuery if overRideflag else q
|
||||
11
test.py
11
test.py
@ -9,4 +9,13 @@ def connectDatabase(driver, server, database, user, password):
|
||||
def converttimestamp(t):
|
||||
print(int(t.timestamp()* 1000))
|
||||
|
||||
a = converttimestamp(datetime.datetime(2024, 7, 23, 14, 26, 38, 214000))
|
||||
def builddict(keys,*args,**kwargs):
|
||||
dict = {}
|
||||
for key in keys:
|
||||
dict[key] = kwargs.get(key)
|
||||
print(dict)
|
||||
|
||||
testfolder = '/Usr/a/asdf/asf'
|
||||
user = 'a'
|
||||
|
||||
print(testfolder.split(f"/{user}/"))
|
||||
Reference in New Issue
Block a user