Skip to content
Snippets Groups Projects
Commit 206f1027 authored by Cernivec, Ales's avatar Cernivec, Ales
Browse files

Added y3 contributions

parent 943009c3
No related branches found
No related tags found
No related merge requests found
Feature: PIACERE Runtime environment
Scenario: Inspect PIACERE Security Monitoring - basic metrics
Given An initiated IaC deployment
When The user navigates to the IaC deployment record in the IDE
And The user requests see Security Monitoring Dashboard
Then The user's browser is launched with the Security Monitoring Dashboard shown (Kibana Dashboard)
Scenario: Inspect PIACERE Security Monitoring - Self-learning
Given An initiated IaC deployment
When The user navigates to the IaC deployment record in the IDE
And The user requests see Security Monitoring Self-learning Dashboard
Then The user's browser is launched with the Security Monitoring Dashboard shown (dedicated Grafana Dashboard)
\ No newline at end of file
......@@ -6,16 +6,22 @@ SQLALCHEMY_TRACK_MODIFICATIONS = False
[sm]
# Security Monitoring section
SM_KIBANA_ENDPOINT = https://0.0.0.0:443/kibana
SM_ELASTICSEARCH_USERNAME = elasticsearch
SM_ELASTICSEARCH_PASSWORD = espassword
SM_ELASTICSEARCH_USERNAME = admin
SM_ELASTICSEARCH_PASSWORD = p14c3r3P14c3r3
SM_ELASTICSEARCH_ENDPOINT = 0.0.0.0:9200
SM_ELASTICSEARCH_SCHEMA = https
SM_DEFAULT_DEPLOYMENT_NAME = PIACERE Deployment
SM_ADMIN_USERNAME = smadmin
SM_ADMIN_PASSWORD = smadminpassword
SM_ADMIN_USERNAME = admin
SM_ADMIN_PASSWORD = test
SM_POLL_WEBHOOK_URL = https://sh.ci.piacere.digital.tecnalia.dev/api/self-healing/notify
SM_POLL_WEBHOOK_USERNAME = admin
SM_POLL_WEBHOOK_PASSWORD = password
SM_POLL_TIMEOUT = 10
SM_POLL_THRESHOLD = 9
[smsl]
# Security Monitoring Self Learning section
SMSL_ENDPOINT =
SMSL_API_ENDPOINT =
SMSL_GRAFANA_ENDPOINT =
SMSL_ENDPOINT = https://piacere-security-monitoring.xlab.si
SMSL_API_ENDPOINT = https://piacere-security-monitoring.xlab.si/api
SMSL_GRAFANA_ENDPOINT = https://piacere-security-monitoring.xlab.si/grafana
......@@ -5,17 +5,21 @@ SQLALCHEMY_TRACK_MODIFICATIONS = False
[sm]
# Security Monitoring section
SM_KIBANA_ENDPOINT =
SM_ELASTICSEARCH_USERNAME = elasticsearch
SM_ELASTICSEARCH_PASSWORD = espassword
SM_ELASTICSEARCH_ENDPOINT =
SM_KIBANA_ENDPOINT = https://sm.ci.piacere.digital.tecnalia.dev/security-monitoring/kibana
SM_ELASTICSEARCH_USERNAME = admin
SM_ELASTICSEARCH_PASSWORD = admin
SM_ELASTICSEARCH_ENDPOINT = sm.ci.piacere.digital.tecnalia.dev/security-monitoring/elasticsearch:9200
SM_ELASTICSEARCH_SCHEMA = https
SM_DEFAULT_DEPLOYMENT_NAME = PIACERE Deployment
SM_ADMIN_USERNAME = smadmin
SM_ADMIN_PASSWORD = smadminpassword
SM_ADMIN_USERNAME = admin
SM_ADMIN_PASSWORD = test
SM_POLL_WEBHOOK_URL = http://0.0.0.0:9090/reports
SM_POLL_TIMEOUT = 60
SM_POLL_THRESHOLD = 7
[smsl]
# Security Monitoring Self Learning section
SMSL_ENDPOINT =
SMSL_API_ENDPOINT =
SMSL_GRAFANA_ENDPOINT =
SMSL_ENDPOINT = https://piacere-security-monitoring.xlab.si
SMSL_API_ENDPOINT = https://piacere-security-monitoring.xlab.si/api
SMSL_GRAFANA_ENDPOINT = https://piacere-security-monitoring.xlab.si/grafana
......@@ -117,7 +117,7 @@ def deployments_delete(deployment_id):
deployment = Deployments.query.filter(Deployments.id == deployment_id).first()
if not deployment:
return "Deyploment with this ID not found", 404
return "Deployment with this ID not found", 404
db.session.delete(deployment)
db.session.commit()
......
import swagger_server.helpers.event_reports_helper
event_reports_helper.start_thread()
from swagger_server.helpers import config_helper
import requests
import _thread
import json
import time
def threadEventReports():
timeout = int(config_helper.sm_config.config_parser["sm"]["SM_POLL_TIMEOUT"])
timestamp = "now-" + str(timeout) + "s"
# Setup variables for request
url = config_helper.sm_config.config_parser["sm"]["SM_ELASTICSEARCH_SCHEMA"] + "://" + config_helper.sm_config.config_parser["sm"]["SM_ELASTICSEARCH_ENDPOINT"] + "/wazuh-alerts*/_search"
headers = {
"Content-Type": "application/json",
}
data = {
"query": {
"bool": {
"must": [
{
"range": {
"rule.level": {
"gte": int(config_helper.sm_config.config_parser["sm"]["SM_POLL_THRESHOLD"])
}
}
},
{
"range": {
"timestamp": {
"gte": timestamp
}
}
}
]
}
}
}
elastic_auth = (config_helper.sm_config.config_parser["sm"]["SM_ELASTICSEARCH_USERNAME"],
config_helper.sm_config.config_parser["sm"]["SM_ELASTICSEARCH_PASSWORD"])
webhook_auth = (config_helper.sm_config.config_parser["sm"]["SM_POLL_WEBHOOK_USERNAME"],
config_helper.sm_config.config_parser["sm"]["SM_POLL_WEBHOOK_PASSWORD"])
time.sleep(timeout)
while True:
elapsed_time = 0
try:
elastic_response = requests.get(url, data=json.dumps(data), headers=headers, auth=elastic_auth, verify=False)
elapsed_time = elastic_response.elapsed.total_seconds()
except Exception as get_err:
print("Error occured (GET request): ", get_err)
else:
if json.loads(elastic_response.text)["hits"]["total"]["value"] > 0:
try:
print("sending data to webhook")
webhook_response = requests.post(
config_helper.sm_config.config_parser["sm"]["SM_POLL_WEBHOOK_URL"],
auth=webhook_auth,
json=elastic_response.json(),
timeout=timeout
)
elapsed_time = elapsed_time + webhook_response.elapsed.total_seconds()
except requests.exceptions.ReadTimeout:
elapsed_time = timeout
# pass when no response from webhook
pass
except Exception as post_err:
print("Possibly no webhook, exiting events reporter thread")
print("Error: ", post_err)
break
time.sleep(timeout - elapsed_time)
# Start new thread
def start_thread():
try:
_thread.start_new_thread(threadEventReports, ())
except Exception as err:
print("Unable to start thread for reporting events")
print("Error: ", err)
......@@ -4,4 +4,4 @@ nose>=1.3.7
pluggy>=0.3.1
py>=1.4.31
randomize>=0.13
tox==3.20.1
tox==3.27.1
[tox]
envlist = py38
envlist = py310
[testenv]
deps=-r{toxinidir}/requirements.txt
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment