jblu/Inex
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases 8 Wiki Activity

Compare commits

base: jblu:6f6e38fe13a15cab4183d2a05b6ebd353773cfac
Branches Tags
jblu:main jblu:middleofrebase
jblu:v.1.1.4 jblu:v.1.1.3 jblu:v.1.1.0 jblu:v.1.0.0 jblu:v.0.0.4 jblu:v.0.0.3 jblu:v.0.0.2 jblu:Basic
..
compare: jblu:v.1.0.0
Branches Tags
jblu:main jblu:middleofrebase
jblu:v.1.1.4 jblu:v.1.1.3 jblu:v.1.1.0 jblu:v.1.0.0 jblu:v.0.0.4 jblu:v.0.0.3 jblu:v.0.0.2 jblu:Basic

28 Commits
6f6e38fe13 ... v.1.0.0

Author SHA1 Message Date
jblu
5d6427698d Merge pull request 'dev-make-query-performant' (#16) from dev-make-query-performant into main
All checks were successful
Build / build-windows-binary (push) Successful in 34s
Details
Build / build-linux-binary (push) Successful in 1m13s
Details 
Reviewed-on: #16
 2024-08-10 02:22:13 -05:00
jblu
8384d714f9 fix: #14 now correctly handles 'other' transactions 2024-08-10 02:20:26 -05:00
jblu
42880bb334 made query more performance and allowed embedded override 2024-08-10 00:49:53 -05:00
jblu
494edd98ee Merge pull request 'dev-update-data-model' (#13) from dev-update-data-model into main 
Reviewed-on: #13
 2024-08-10 00:03:54 -05:00
jblu
ebe10f80ba Updated data models for download/upload, delete and login 2024-08-10 00:01:58 -05:00
Jonathan Branan
7e5a8a2603 Updated data model 2024-08-06 18:29:55 -05:00
Jonathan Branan
5c37b2fca2 Updated build.yaml
All checks were successful
Build / build-windows-binary (push) Successful in 30s
Details
Build / build-linux-binary (push) Successful in 40s
Details
2024-08-05 11:30:43 -05:00
jblu
cd9c6d535e Merge pull request 'dev-generalize-db-queries' (#11) from dev-generalize-db-queries into main
All checks were successful
Build / build-windows-binary (push) Successful in 33s
Details
Build / build-linux-binary (push) Successful in 1m9s
Details 
Reviewed-on: #11
 2024-08-05 11:27:02 -05:00
Jonathan Branan
643aaa946e generalized db query and embedded it.
All checks were successful
Build / build-windows-binary (push) Successful in 33s
Details
Build / build-linux-binary (push) Successful in 1m13s
Details
2024-08-02 20:57:20 -05:00
jblu
cc8adbebad embedded queries
All checks were successful
Build / build-windows-binary (push) Successful in 29s
Details
Build / build-linux-binary (push) Successful in 1m10s
Details
2024-08-01 11:02:37 -05:00
jblu
c7b4e8ef85 Merge branch 'main' of https://git.jonb.io/jblu/Inex
All checks were successful
Build / build-windows-binary (push) Successful in 29s
Details
Build / build-linux-binary (push) Successful in 37s
Details
2024-07-31 20:58:32 -05:00
jblu
09d9b78e15 changed license 2024-07-31 20:55:49 -05:00
Jonathan Branan
de17d1d45b removing executable from code path and moving it to releases. Search basic
All checks were successful
Build / build-windows-binary (push) Successful in 29s
Details
Build / build-linux-binary (push) Successful in 1m11s
Details
2024-07-31 12:45:02 -05:00
Jonathan Branan
f99801fa2b #v.0.0.3 test
All checks were successful
Build / build-windows-binary (push) Successful in 34s
Details
Build / build-linux-binary (push) Successful in 42s
Details
2024-07-30 19:47:41 -05:00
Jonathan Branan
b076be8333 test tag
All checks were successful
Build / build-windows-binary (push) Successful in 34s
Details
2024-07-30 19:40:12 -05:00
Jonathan Branan
5cae8105d0 find the directory
All checks were successful
Build / build-windows-binary (push) Successful in 32s
Details
2024-07-30 18:04:02 -05:00
Jonathan Branan
17155120ab updated pyinstaller
All checks were successful
Build / build-windows-binary (push) Successful in 32s
Details
2024-07-30 17:54:39 -05:00
Jonathan Branan
7c65c0e357 changed pyinstaller to not be a module
Some checks failed
Build / build-windows-binary (push) Failing after 15s
Details
2024-07-30 17:53:32 -05:00
Jonathan Branan
8fbd10d9df updated
Some checks failed
Build / build-windows-binary (push) Failing after 51s
Details
2024-07-30 17:51:21 -05:00
Jonathan Branan
cfa23470a8 changed actions/setup-python to v4
Some checks failed
Build / build-windows-binary (push) Failing after 1m22s
Details
2024-07-30 17:45:33 -05:00
Jonathan Branan
73acbb6646 fixed syntax
Some checks failed
Build / build-windows-binary (push) Failing after 15s
Details
2024-07-30 17:41:07 -05:00
Jonathan Branan
82ad280aa8 updated python version 2024-07-30 17:39:12 -05:00
Jonathan Branan
0174336f39 added python to build
Some checks failed
Build / build-windows-binary (push) Failing after 41s
Details
2024-07-30 17:36:38 -05:00
Jonathan Branan
165ba4533c updated job
Some checks failed
Build / build-windows-binary (push) Failing after 12s
Details
2024-07-30 17:33:21 -05:00
Jonathan Branan
822fb79fd4 test
Some checks failed
Build / build-windows-binary (push) Failing after 12s
Details
2024-07-30 15:56:49 -05:00
Jonathan Branan
9ca8631abb test
Some checks failed
Build / build-windows-binary (push) Failing after 2s
Details
2024-07-30 14:16:33 -05:00
jblu
6615637d07 test
Some checks failed
Build / build-windows-binary (push) Has been cancelled
Details
2024-07-30 13:51:01 -05:00
jblu
c4bd226b7e test
Some checks failed
Build / build-windows-binary (push) Failing after 11s
Details
2024-07-30 13:31:27 -05:00
11 changed files with 322 additions and 223 deletions
Expand all files Collapse all files

58
.gitea/workflows/build.yaml
View File

@ -1,35 +1,41 @@
name: Build name: Build
on: push on:
push:
tags:
- '*'
jobs: jobs:
# build-linux-binary: build-linux-binary:
# runs-on: ubuntu-latest runs-on: ubuntu-latest
# steps: permissions:
# - uses: actions/checkout@v4 contents: write # release changes require contents write
# - uses: actions/setup-python@v5 steps:
# with: - uses: actions/checkout@v4
# python-version: '3.12.4' - uses: actions/setup-python@v5
# cache: 'pip' # caching pip dependencies with:
# - run: apt-get update python-version: '3.12.4'
# - run: apt-get install unixodbc -y cache: 'pip' # caching pip dependencies
# - run: pip install -r requirements.txt - run: lsb_release -a
# - run: pyinstaller --noconfirm --onefile --console ${{ gitea.workspace }}/inex.py - run: apt-get update
# - uses: softprops/action-gh-release@v2 - run: apt-get install unixodbc -y
# - name: Release - run: pip install -r requirements.txt
# uses: softprops/action-gh-release@v2 - run: pyinstaller --noconfirm --onefile --console ${{ gitea.workspace }}/inex.py
# if: startsWith(gitea.ref, 'refs/tags/') - uses: softprops/action-gh-release@v2
# with: with:
# files: ${{ gitea.workspace }}/dist/inex files: ${{ gitea.workspace }}/dist/inex
build-windows-binary: build-windows-binary:
runs-on: windows runs-on: windows
permissions: permissions:
contents: write # release changes require contents write contents: write # release changes require contents write
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Upload Release Asset - uses: actions/setup-python@v4
env: with:
GITHUB_TOKEN: ${{ secrets.GITEA_TOKEN }} python-version: '3.12.4'
run: pip install -r requirements.txt cache: 'pip' # caching pip dependencies
run: pyinstaller --noconfirm --onefile --console ${{ gitea.workspace }}/inex.py - run: python -m pip install -r requirements.txt
# run: gh release upload <release_tag> <a_file> - run: pyinstaller --noconfirm --onefile --console ${{ gitea.workspace }}/inex.py
- uses: softprops/action-gh-release@v2
with:
files: ${{ gitea.workspace }}/dist/inex.exe

4
LICENSE
View File

@ -209,7 +209,7 @@ If you develop a new program, and you want it to be of the greatest possible use
To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
Inex Inex
Copyright (C) 2024 jblu Copyright (C) 2024 Jonathan Branan
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
@ -221,7 +221,7 @@ Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
Inex Copyright (C) 2024 jblu Inex Copyright (C) 2024 Jonathan Branan
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details.

38
config.toml.example
View File

@ -23,41 +23,19 @@ client_id = "eft-event-generator-confidential"
secret = "" secret = ""
[database] [database]
overrideEmbeddedquery = false
driver = "ODBC Driver 18 for SQL Server" driver = "ODBC Driver 18 for SQL Server"
server = "192.168.x.x" server = "192.168.x.x"
database = "EFTDB" database = "EFTDB"
user = "a" user = "a"
password = "a" password = "a"
query = """DECLARE @stopTime DATETIME2 query = """DECLARE @stopTime DATETIME2
SET @stopTime = DATEADD(DAY, -30, GETDATE()) SET @stopTime=DATEADD(DAY, -30, GETDATE())
SELECT p.[ProtocolCommandID] SELECT p.ProtocolCommandID, t.Time_stamp, p.RemoteIP, p.RemotePort, p.LocalIP, p.LocalPort, p.Protocol, p.SiteName, p.Command, p.FileName, p.VirtualFolderName, p.FileSize, p.TransferTime, p.BytesTransferred, p.Description, p.ResultID, t.TransactionID, p.Actor, t.TransactionObject, t.NodeName, t.TransactionGUID, a.Protocol user_type
,t.[Time_stamp] FROM tbl_Transactions t
,p.[RemoteIP] Full JOIN tbl_ProtocolCommands p ON(t.TransactionID=p.TransactionID)
,p.[RemotePort] Full JOIN tbl_Authentications a ON(t.TransactionID=a.TransactionID)
,p.[LocalIP] WHERE p.Time_stamp>@stopTime AND p.Command IS NOT NULL"""
,p.[LocalPort]
,p.[Protocol]
,p.[SiteName]
,p.[Command]
,p.[CommandParameters]
,p.[FileName]
,p.[VirtualFolderName]
,p.[PhysicalFolderName]
,p.[IsInternal]
,p.[FileSize]
,p.[TransferTime]
,p.[BytesTransferred]
,p.[ResultID]
,t.[TransactionID]
,p.[Description]
,p.[Actor]
,t.ParentTransactionID
,t.TransactionObject
,t.NodeName
,t.TransactionGUID
,a.Protocol user_type
FROM [EFTDB].[dbo].[tbl_Transactions] t Full JOIN tbl_ProtocolCommands p ON (t.TransactionID = p.TransactionID) Full join tbl_Authentications a ON (t.TransactionID = a.TransactionID)
WHERE p.Time_stamp > @stopTime"""
[immutables] [immutables]
prd_instance_id = 1 prd_instance_id = 1

35
executable/config.toml.example
View File

@ -1,35 +0,0 @@
[database]
driver = "ODBC Driver 18 for SQL Server"
server = "192.168.x.x"
database = "EFTDB"
user = "a"
password = "a"
query = """SELECT TOP (1) [ProtocolCommandID]
,[Time_stamp]
,[RemoteIP]
,[RemotePort]
,[LocalIP]
,[LocalPort]
,[Protocol]
,[SiteName]
,[Command]
,[CommandParameters]
,[FileName]
,[VirtualFolderName]
,[PhysicalFolderName]
,[IsInternal]
,[FileSize]
,[TransferTime]
,[BytesTransferred]
,[ResultID]
,[TransactionID]
,[Description]
,[Actor]
FROM [EFTDB].[dbo].[tbl_ProtocolCommands]"""
[output]
filename ="./data.json"
[logging]
use_log = true
logLevel = "debug"
logPath = "./inex.log"

BIN
executable/inex.exe
View File

Binary file not shown.

53
inex.py
View File

@ -1,23 +1,21 @@
import pyodbc import pyodbc
import os import os
import logging import logging
import datetime
import tomllib import tomllib
from inexLogging import inexLog from inexLogging import inexLog
import inexConnect import inexConnect
from inexDataModel import dataTemplate from inexDataModel import dataTemplate
from inexDataProcessing import processData from inexDataProcessing import processData
import json import json
import decimal
import requests import requests
import inexEncoder import inexEncoder
import inexSqlquery
class Inex: class Inex:
def __init__(self): def __init__(self):
"""Initilize config, calls functions from inex-connect.py and inex-logging.py""" """Initilize config, calls functions from inex-connect.py and inex-logging.py"""
# assign libraries # assign libraries
self.db = pyodbc self.db = pyodbc
self.tm = datetime
self.il = logging self.il = logging
self.ic = inexConnect self.ic = inexConnect
self.r = requests self.r = requests
@ -25,6 +23,7 @@ class Inex:
self.os = os self.os = os
self.j = json self.j = json
self.e = inexEncoder.Encoder self.e = inexEncoder.Encoder
self.sq = inexSqlquery
if self.os.path.exists('./config.toml'): if self.os.path.exists('./config.toml'):
config_file_path = './config.toml' config_file_path = './config.toml'
@ -32,24 +31,30 @@ class Inex:
self.config = self.tl.load(c) self.config = self.tl.load(c)
# set config # set config
self.dbDriver = self.config["database"]["driver"] try:
self.dbServer = self.config["database"]["server"] if self.config:
self.dbDatabase = self.config["database"]["database"] self.dbDriver = self.config["database"]["driver"]
self.dbUser = self.config["database"]["user"] self.dbServer = self.config["database"]["server"]
self.dbPassword = self.config["database"]["password"] self.dbDatabase = self.config["database"]["database"]
self.dbQuery = self.config["database"]["query"] self.dbUser = self.config["database"]["user"]
self.outputFile = self.config["output"]["filename"] self.dbPassword = self.config["database"]["password"]
self.useLog = self.config["logging"]["useLog"] self.dbQuery = self.config["database"]["query"]
self.logPath = self.config["logging"]["logPath"] self.outputFile = self.config["output"]["filename"]
self.logLevel = self.config["logging"]["logLevel"] self.useLog = self.config["logging"]["useLog"]
self.prdInstanceID = self.config["immutables"]["prd_instance_id"] self.logPath = self.config["logging"]["logPath"]
self.productGUID = self.config["immutables"]["product_guid"] self.logLevel = self.config["logging"]["logLevel"]
self.productName = self.config["immutables"]["product_name"] self.prdInstanceID = self.config["immutables"]["prd_instance_id"]
self.productVersion = self.config["immutables"]["product_version"] self.productGUID = self.config["immutables"]["product_guid"]
self.tokenFilepath = self.config["output"]["token"] self.productName = self.config["immutables"]["product_name"]
self.selectedPlatform = self.config["fortraPlatform"]["selectedPlatform"] self.productVersion = self.config["immutables"]["product_version"]
self.writeJsonfile = self.config["output"]["dumpTojson"] self.tokenFilepath = self.config["output"]["token"]
self.pushToplatform = self.config["output"]["pushToplatform"] self.selectedPlatform = self.config["fortraPlatform"]["selectedPlatform"]
self.writeJsonfile = self.config["output"]["dumpTojson"]
self.pushToplatform = self.config["output"]["pushToplatform"]
self.queryOverride = self.config["database"]["overrideEmbeddedquery"]
except:
print("No config.toml. Please use example file and configure appropriately")
exit(1)
if "dev" in self.selectedPlatform.lower(): if "dev" in self.selectedPlatform.lower():
self.platformConfig = self.config["fortraPlatform"]["dev"] self.platformConfig = self.config["fortraPlatform"]["dev"]
@ -57,15 +62,15 @@ class Inex:
self.platformConfig = self.config["fortraPlatform"]["stage"] self.platformConfig = self.config["fortraPlatform"]["stage"]
if "prod" in self.selectedPlatform.lower(): if "prod" in self.selectedPlatform.lower():
self.platformConfig = self.config["fortraPlatform"]["prod"] self.platformConfig = self.config["fortraPlatform"]["prod"]
# print(self.platformConfig)
#Setup logging #Setup logging
inexLog(self) inexLog(self)
# create the connection to the database # create the connection to the database
self.cursor = self.ic.connectDatabase(self, self.db, self.dbDriver, self.dbServer, self.dbDatabase, self.dbUser, self.dbPassword) self.cursor = self.ic.inexSql.connectDatabase(self, self.db, self.dbDriver, self.dbServer, self.dbDatabase, self.dbUser, self.dbPassword)
self.data = self.ic.databaseQuery(self, self.cursor, self.dbQuery)
self.data = self.ic.inexSql.databaseQuery(self, self.cursor, self.sq.sqlQuerymodel.queryData(self.queryOverride,self.dbQuery))
self.modifiedData = processData(self.data, dataTemplate, prd_instance_id=self.prdInstanceID,\ self.modifiedData = processData(self.data, dataTemplate, prd_instance_id=self.prdInstanceID,\
product_guid=self.productGUID,product_name=self.productName,product_version=self.productVersion) product_guid=self.productGUID,product_name=self.productName,product_version=self.productVersion)

79
inexConnect.py
View File

@ -1,45 +1,46 @@
def connectDatabase(self, lib, driver, server, database, user, password): class inexSql:
"""Connects to the database. Requires a windows driver to do so. def connectDatabase(self, lib, driver, server, database, user, password):
Typically there is one installed by default""" """Connects to the database. Requires a windows driver to do so.
Typically there is one installed by default"""
connectionString = f'DRIVER={{{driver}}};SERVER={server};DATABASE={database};UID={user};PWD={password};TrustServerCertificate=yes' connectionString = f'DRIVER={{{driver}}};SERVER={server};DATABASE={database};UID={user};PWD={password};TrustServerCertificate=yes'
if self.useLog:
self.il.debug(f"Connection String: connectionString")
self.il.info(f"Connecting to {database}@{server} with driver[{driver}].")
try:
connection = lib.connect(connectionString)
except lib.Error as ex:
sqlstate = ex.args[1]
if self.useLog: if self.useLog:
self.il.error(sqlstate) self.il.debug(f"Connection String: connectionString")
if self.useLog: self.il.info(f"Connecting to {database}@{server} with driver[{driver}].")
self.il.debug(f"Connected.") try:
cursor = connection.cursor() connection = lib.connect(connectionString)
except lib.Error as ex:
return cursor sqlstate = ex.args[1]
if self.useLog:
def databaseQuery(self, cursor, query, args=()): self.il.error(sqlstate)
if self.useLog:
self.il.debug(f"Query:")
self.il.debug(query)
self.il.info(f"Sending query:{query[0:20]}...")
try:
cur = cursor.execute(query, args)
except cur.Error as ex:
sqlstate = ex.args[1]
if self.useLog: if self.useLog:
self.il.error(sqlstate) self.il.debug(f"Connected.")
cursor = connection.cursor()
if self.useLog:
self.il.debug(f"Processing database response...") return cursor
r = [dict((cur.description[i][0], value) \
for i, value in enumerate(row)) for row in cur.fetchall()] def databaseQuery(self, cursor, query, args=()):
if self.useLog:
cur.connection.close() self.il.debug(f"Query:")
if self.useLog: self.il.debug(query)
self.il.debug(f"Database connection closed") self.il.info(f"Sending query:{query[0:20]}...")
return r
try:
cur = cursor.execute(query, args)
except cur.Error as ex:
sqlstate = ex.args[1]
if self.useLog:
self.il.error(sqlstate)
if self.useLog:
self.il.debug(f"Processing database response...")
r = [dict((cur.description[i][0], value) \
for i, value in enumerate(row)) for row in cur.fetchall()]
cur.connection.close()
if self.useLog:
self.il.debug(f"Database connection closed")
return r
class fortraEFC: class fortraEFC:
def getToken(self): def getToken(self):

149
inexDataModel.py
View File

@ -1,48 +1,129 @@
def dataTemplate(**kwargs): def dataTemplate(transactionType,**kwargs):
"""Expects the following keyword arguments: uploadDownload = {
status,status_detail,status_code,file_size,file_path,file_virtual_path,file_name, "bytes" : kwargs.get('bytes_out'),
guid,ref_id,prd_instance_id,product_guid,product_name,product_version,node_name, "dst_endpoint": {
src_endpoint_port,src_endpoint_ip,dst_endpoint_port,dst_endpoint_ip,dst_endpoint_type, "port": kwargs.get('dst_endpoint_port'),
session_uid,bytes_out,transfer_time,time,user_type,user_domain,user_name and utype. "ip": kwargs.get('dst_endpoint_ip'),
""" "type": kwargs.get('dst_endpoint_type')
template ={ },
"status": kwargs.get('status'), "duration": kwargs.get('duration'),
"status_detail": kwargs.get('status_detail'), "file": {
"status_code": kwargs.get('status_code'), "created_time": kwargs.get('time'),
"file": { "size": kwargs.get('file_size'),
"size": kwargs.get('file_size'), "name": kwargs.get('file_name'),
"path": kwargs.get('file_path'), "path": kwargs.get('file_path')
"virtual_path": kwargs.get('file_virtual_path'), },
"name": kwargs.get('file_name') "guid": kwargs.get('guid'),
}, "node_name": kwargs.get('node_name'),
"guid": kwargs.get('guid'), "prd_ext_tenant_id": kwargs.get('tenant'),
"ref_id": kwargs.get('ref_id'), "product_name": "GlobalScape EFT",
"prd_instance_id": kwargs.get('prd_instance_id'), "prd_ext_tenant_name": "GlobalScape EFT",
"product_guid": kwargs.get('product_guid'), "classifications": [{
"product_name": kwargs.get('product_name'), "ref_id": f"globalscape:{kwargs.get('guid')}",
"product_version": kwargs.get('product_version'), "time": kwargs.get('time'),
"node_name":kwargs.get('node_name'), }],
"src_endpoint": { "session": {
"port": kwargs.get('src_endpoint_port'), "created_time": kwargs.get('time'),
"ip": kwargs.get('src_endpoint_ip') "uid": kwargs.get('session_uid')
}, },
"dst_endpoint": { "src_endpoint": {
"port": kwargs.get('src_endpoint_port'),
"ip": kwargs.get('src_endpoint_ip'),
"type": kwargs.get('src_endpoint_type')
},
"tenant": kwargs.get('tenant'),
"tenant_name":"GlobalScape",
"time": kwargs.get('time'),
"status_code": kwargs.get('status_code'),
"status_detail": kwargs.get('description'),
"user": {
"home_directory": kwargs.get('user_home_directory'),
"uuid": kwargs.get('guid'),
"uid": kwargs.get('uid'),
"type": kwargs.get('user_type'),
"name": kwargs.get('user_name')
},
"utype": kwargs.get('utype')
}
fileDeleted = {
"file": {
"size": kwargs.get('file_size'),
"name": kwargs.get('file_name'),
"path": kwargs.get('file_path')
},
"guid": kwargs.get('guid'),
"classifications": [{
"ref_id": f"globalscape:{kwargs.get('guid')}",
"time": kwargs.get('time'),
}],
"prd_ext_tenant_name": "Globalscape EFT",
"prd_ext_tenant_id": kwargs.get('tenant'),
"product_name": "Globalscape EFT",
"session": {
"created_time": kwargs.get('time'),
"uid": kwargs.get('session_uid')
},
"src_endpoint": {
"port": kwargs.get('src_endpoint_port'),
"ip": kwargs.get('src_endpoint_ip'),
"type": kwargs.get('src_endpoint_type')
},
"dst_endpoint": {
"port": kwargs.get('dst_endpoint_port'),
"ip": kwargs.get('dst_endpoint_ip'),
"type": kwargs.get('dst_endpoint_type')
},
"time": kwargs.get('time'),
"user": {
"home_directory": kwargs.get('user_home_directory'),
"uuid": kwargs.get('guid'),
"uid": kwargs.get('uid'),
"type": kwargs.get('user_type'),
"name": kwargs.get('user_name')
},
"utype": kwargs.get('utype')
}
logon ={
"classifications": [{
"ref_id": f"globalscape:{kwargs.get('guid')}",
"time": kwargs.get('time'),
}],
"dst_endpoint": {
"port": kwargs.get('dst_endpoint_port'), "port": kwargs.get('dst_endpoint_port'),
"ip": kwargs.get('dst_endpoint_ip'), "ip": kwargs.get('dst_endpoint_ip'),
"type": kwargs.get('dst_endpoint_type') "type": kwargs.get('dst_endpoint_type')
}, },
"session": { "guid": kwargs.get('guid'),
"uid": kwargs.get('session_uid') "prd_ext_tenant_id": kwargs.get('tenant'),
"product_name": "GlobalScape EFT",
"prd_ext_tenant_name": "GlobalScape EFT",
"src_endpoint": {
"port": kwargs.get('src_endpoint_port'),
"ip": kwargs.get('src_endpoint_ip'),
"type": kwargs.get('src_endpoint_type')
}, },
"bytes_out" : kwargs.get('bytes_out'),
"transfer_time" : kwargs.get('transfer_time'),
"time": kwargs.get('time'), "time": kwargs.get('time'),
"user": { "user": {
"home_directory": kwargs.get('user_home_directory'),
"uuid": kwargs.get('guid'),
"uid": kwargs.get('uid'),
"type": kwargs.get('user_type'), "type": kwargs.get('user_type'),
"domain": kwargs.get('user_domain'),
"name": kwargs.get('user_name') "name": kwargs.get('user_name')
}, },
"utype": kwargs.get('utype') "utype": kwargs.get('utype')
} }
if transactionType == "file_uploaded":
template = uploadDownload
if transactionType == "file_downloaded":
template = uploadDownload
if transactionType == "file_deleted":
template = fileDeleted
if transactionType == "user_logged_on":
template = logon
if transactionType == "other":
template = {}
return template return template

107
inexDataProcessing.py
View File

@ -1,34 +1,77 @@
def processData(data, template, **kwargs): def processData(data, template, **kwargs):
processedData = [] processedData = []
transactionLoginid = []
for row in data: for row in data:
# print(f'Row: {row}') # print(f'Row: {row}')
processedData.append(template(status=row.get(''),\ if row.get('Command') == None:
status_detail=row.get(''),\ continue
status_code=row.get('ResultID'),\ try:
file_size=row.get('FileSize'),\ processedData.append(template(identifyUtype(row.get('Command')),\
file_path=row.get('PhysicalFolderName'),\ prd_ext_tenant_id='',\
file_virtual_path=row.get('VirtualFolderName'),\ status_code=row.get('ResultID'),\
file_name=row.get('FileName'),\ file_size=row.get('FileSize'),\
guid=row.get('TransactionGUID'),\ file_path=row.get('PhysicalFolderName'),\
ref_id=row.get('ProtocolCommandID'),\ file_virtual_path=row.get('VirtualFolderName'),\
prd_instance_id=kwargs.get('prd_instance_id'),\ file_name=row.get('FileName'),\
product_guid=kwargs.get('product_guid'),\ guid=row.get('TransactionGUID'),\
product_name=kwargs.get('product_name'),\ ref_id=row.get('ProtocolCommandID'),\
product_version=kwargs.get('product_version'),\ prd_instance_id=kwargs.get('prd_instance_id'),\
node_name=row.get('NodeName'),\ product_guid=kwargs.get('product_guid'),\
src_endpoint_port=row.get('RemotePort'),\ product_name=kwargs.get('product_name'),\
src_endpoint_ip=row.get('RemoteIP'),\ product_version=kwargs.get('product_version'),\
dst_endpoint_port=row.get('LocalPort'),\ node_name=row.get('NodeName'),\
dst_endpoint_ip=row.get('LocalIP'),\ src_endpoint_type=row.get('Protocol'),\
dst_endpoint_type=row.get('Protocol'),\ src_endpoint_port=row.get('RemotePort'),\
session_uid=row.get('TransactionID'),\ src_endpoint_ip=row.get('RemoteIP'),\
bytes_out=row.get('BytesTransferred'),\ dst_endpoint_port=row.get('LocalPort'),\
transfer_time=row.get('TransferTime'),\ dst_endpoint_ip=row.get('LocalIP'),\
time=row.get('Time_stamp'),\ dst_endpoint_type=row.get('Protocol'),\
user_type=identifyUserType(row.get('user_type')),\ session_uid=row.get('TransactionID'),\
user_domain=row.get('SiteName'),\ bytes_out=row.get('BytesTransferred'),\
user_name=row.get('Actor'),\ duration=row.get('TransferTime'),\
utype=identifyUtype(row.get('TransactionObject')))) time=row.get('Time_stamp'),\
user_type=identifyUserType(row.get('user_type')),\
user_domain=row.get('SiteName'),\
user_name=row.get('Actor'),\
user_home_directory=row.get('VirtualFolderName'),\
description=row.get('Description'),\
utype=identifyUtype(row.get('Command'))))
except UnboundLocalError:
print(f'Problem row GUID:{row.get("TransactionGUID")} ::: TransactionObject:{row.get("TransactionObject")} Command: {row.get("Command")}')
continue
if row.get('TransactionGUID') not in transactionLoginid:
try:
processedData.append(template(identifyUtype(row.get('TransactionObject')),\
guid=row.get('TransactionGUID'),\
prd_instance_id=kwargs.get('prd_instance_id'),\
product_guid=kwargs.get('product_guid'),\
product_name=kwargs.get('product_name'),\
product_version=kwargs.get('product_version'),\
src_endpoint_type=row.get('Protocol'),\
src_endpoint_port=row.get('RemotePort'),\
src_endpoint_ip=row.get('RemoteIP'),\
dst_endpoint_port=row.get('LocalPort'),\
dst_endpoint_ip=row.get('LocalIP'),\
dst_endpoint_type=row.get('Protocol'),\
session_uid=row.get('TransactionID'),\
bytes_out=row.get('BytesTransferred'),\
transfer_time=row.get('TransferTime'),\
time=row.get('Time_stamp'),\
user_type=identifyUserType(row.get('user_type')),\
user_domain=row.get('SiteName'),\
user_name=row.get('Actor'),\
user_home_directory=row.get('VirtualFolderName'),\
utype=identifyUtype(row.get('TransactionObject'))\
))
transactionLoginid.append(row.get('TransactionGUID'))
except UnboundLocalError:
print(f'Problem row GUID:{row.get("TransactionGUID")} ::: TransactionObject:{row.get("TransactionObject")} Command: {row.get("Command")}')
continue
return processedData return processedData
def identifyUserType(obj): def identifyUserType(obj):
@ -40,10 +83,10 @@ def identifyUserType(obj):
else: else:
return None return None
def identifyUtype(obj): def identifyUtype(obj):
user_logged_on = [] user_logged_on = ['AUTH']
file_deleted = [] file_deleted = ["dele"]
file_uploaded = [] file_uploaded = ["created"]
file_downloaded = [] file_downloaded = ["sent"]
if obj in user_logged_on: if obj in user_logged_on:
return "user_logged_on" return "user_logged_on"
@ -54,4 +97,4 @@ def identifyUtype(obj):
if obj in file_downloaded: if obj in file_downloaded:
return "file_downloaded" return "file_downloaded"
else: else:
return None return "other"

11
inexSqlquery.py Normal file
View File

@ -0,0 +1,11 @@
class sqlQuerymodel:
def queryData(overRideflag, configQuery):
"""Embedded query data"""
q ="""DECLARE @stopTime DATETIME2
SET @stopTime=DATEADD(DAY, -30, GETDATE())
SELECT p.ProtocolCommandID, t.Time_stamp, p.RemoteIP, p.RemotePort, p.LocalIP, p.LocalPort, p.Protocol, p.SiteName, p.Command, p.FileName, p.VirtualFolderName, p.FileSize, p.TransferTime, p.BytesTransferred, p.Description, p.ResultID, t.TransactionID, p.Actor, t.TransactionObject, t.NodeName, t.TransactionGUID, a.Protocol user_type
FROM tbl_Transactions t
Full JOIN tbl_ProtocolCommands p ON(t.TransactionID=p.TransactionID)
Full join tbl_Authentications a ON(t.TransactionID=a.TransactionID)
WHERE p.Time_stamp>@stopTime AND p.Command IS NOT NULL"""
return configQuery if overRideflag else q

11
test.py
View File

@ -9,4 +9,13 @@ def connectDatabase(driver, server, database, user, password):
def converttimestamp(t): def converttimestamp(t):
print(int(t.timestamp()* 1000)) print(int(t.timestamp()* 1000))
a = converttimestamp(datetime.datetime(2024, 7, 23, 14, 26, 38, 214000)) def builddict(keys,*args,**kwargs):
dict = {}
for key in keys:
dict[key] = kwargs.get(key)
print(dict)
testfolder = '/Usr/a/asdf/asf'
user = 'a'
print(testfolder.split(f"/{user}/"))