mirror of
https://github.com/vxcontrol/soldr-modules.git
synced 2026-07-01 12:47:17 -04:00
style: changed liter issues and bringing to a single style of modules
This commit is contained in:
+6
-6
@@ -37,8 +37,8 @@
|
||||
"reason",
|
||||
"version"
|
||||
],
|
||||
"last_module_update": "2023-05-24 00:00:00",
|
||||
"last_update": "2023-05-24 00:00:00"
|
||||
"last_module_update": "2023-05-25 00:00:00",
|
||||
"last_update": "2023-05-25 00:00:00"
|
||||
},
|
||||
{
|
||||
"group_id": "",
|
||||
@@ -427,8 +427,8 @@
|
||||
"subject.process.parent.id",
|
||||
"subject.process.path"
|
||||
],
|
||||
"last_module_update": "2023-05-24 00:00:00",
|
||||
"last_update": "2023-05-24 00:00:00"
|
||||
"last_module_update": "2023-05-25 00:00:00",
|
||||
"last_update": "2023-05-25 00:00:00"
|
||||
},
|
||||
{
|
||||
"group_id": "",
|
||||
@@ -488,8 +488,8 @@
|
||||
"subject.process.name",
|
||||
"subject.process.path"
|
||||
],
|
||||
"last_module_update": "2023-05-24 00:00:00",
|
||||
"last_update": "2023-05-24 00:00:00"
|
||||
"last_module_update": "2023-05-25 00:00:00",
|
||||
"last_update": "2023-05-25 00:00:00"
|
||||
},
|
||||
{
|
||||
"group_id": "",
|
||||
|
||||
@@ -20,7 +20,7 @@ function CActsEngine:init(cfg)
|
||||
self.super:init(cfg)
|
||||
|
||||
self.correlator = CCorrEngine(
|
||||
function(event)
|
||||
function (event)
|
||||
self:push_result(event)
|
||||
end
|
||||
)
|
||||
@@ -28,7 +28,7 @@ function CActsEngine:init(cfg)
|
||||
if not self.correlator.valid then
|
||||
__log.info("try to restore correlator instance")
|
||||
self.correlator = CCorrEngine(
|
||||
function(event)
|
||||
function (event)
|
||||
self:push_result(event)
|
||||
end,
|
||||
true
|
||||
|
||||
@@ -156,7 +156,7 @@ function CBaseEngine:commit_success(src, action_name, action_data)
|
||||
|
||||
-- case to notify other side about action execution result
|
||||
if type(action_data.retaddr) == "string" and action_data.retaddr ~= "" then
|
||||
local data = cjson.encode(glue.merge({status = "success"}, action_data))
|
||||
local data = cjson.encode(glue.merge({ status = "success" }, action_data))
|
||||
__api.send_data_to(src, data)
|
||||
end
|
||||
end
|
||||
@@ -174,7 +174,7 @@ function CBaseEngine:commit_failed(src, action_name, action_data)
|
||||
|
||||
-- case to notify other side about action execution result
|
||||
if type(action_data.retaddr) == "string" and action_data.retaddr ~= "" then
|
||||
local data = cjson.encode(glue.merge({status = "error"}, action_data))
|
||||
local data = cjson.encode(glue.merge({ status = "error" }, action_data))
|
||||
__api.send_data_to(src, data)
|
||||
end
|
||||
end
|
||||
@@ -200,7 +200,7 @@ end
|
||||
-- out: string
|
||||
-- destination token (string) it'll be empty if agent disconnected
|
||||
function CBaseEngine:get_server_token()
|
||||
local tablelength = function(t)
|
||||
local tablelength = function (t)
|
||||
local count = 0
|
||||
for _ in pairs(t) do count = count + 1 end
|
||||
return count
|
||||
|
||||
@@ -85,7 +85,7 @@ end
|
||||
function CCorrEngine:init(receiveEvents, restore)
|
||||
zip.unzip(__tmpdir .. "\\data\\graphs.zip", "-d", __tmpdir .. "\\data\\")
|
||||
self.callbacks = {
|
||||
receive = function(type, data, size)
|
||||
receive = function (type, data, size)
|
||||
if type == 1 and receiveEvents then
|
||||
receiveEvents(ffi.string(data, size))
|
||||
elseif type == 2 then
|
||||
|
||||
@@ -2,7 +2,7 @@ require("engines.acts_engine")
|
||||
|
||||
-- base config to actions engine
|
||||
local cfg = {
|
||||
config = {}
|
||||
config = {},
|
||||
}
|
||||
|
||||
-- actions engine initialize
|
||||
@@ -12,24 +12,22 @@ local acts_engine = CActsEngine(cfg)
|
||||
__api.set_recv_timeout(5000) -- 5s
|
||||
|
||||
__api.add_cbs({
|
||||
data = function(src, data)
|
||||
data = function (src, data)
|
||||
__log.debugf("receive data from '%s' with data", src)
|
||||
assert(acts_engine ~= nil, "actions engine instance is not initialized")
|
||||
|
||||
return acts_engine:recv_data(src, data)
|
||||
end,
|
||||
|
||||
file = function(src, path, name)
|
||||
file = function (src, path, name)
|
||||
__log.infof("receive file from '%s' with name '%s' path '%s'", src, name, path)
|
||||
assert(acts_engine ~= nil, "actions engine instance is not initialized")
|
||||
|
||||
return acts_engine:recv_file(src, path, name)
|
||||
end,
|
||||
|
||||
-- text = function(src, text, name)
|
||||
-- msg = function(src, msg, mtype)
|
||||
|
||||
action = function(src, data, name)
|
||||
action = function (src, data, name)
|
||||
__log.infof("receive action '%s' from '%s' with data %s", name, src, data)
|
||||
assert(acts_engine ~= nil, "actions engine instance is not initialized")
|
||||
|
||||
@@ -37,8 +35,7 @@ __api.add_cbs({
|
||||
__log.infof("requested action '%s' was executed: %s", name, action_result)
|
||||
return action_result
|
||||
end,
|
||||
|
||||
control = function(cmtype, data)
|
||||
control = function (cmtype, data)
|
||||
__log.debugf("receive control msg '%s' with data %s", cmtype, data)
|
||||
assert(acts_engine ~= nil, "actions engine instance is not initialized")
|
||||
|
||||
|
||||
@@ -100,7 +100,7 @@ function CModule:register(profile, callbacks)
|
||||
|
||||
self.functions = {}
|
||||
|
||||
self.functions["receive"] = function(transport, type, data, size)
|
||||
self.functions["receive"] = function (transport, type, data, size)
|
||||
if callbacks and transport == self.transport and callbacks["receive"] then
|
||||
return callbacks["receive"](type, data, size)
|
||||
end
|
||||
|
||||
@@ -1,13 +1,11 @@
|
||||
|
||||
__api.add_cbs({
|
||||
|
||||
-- data = function(src, data)
|
||||
-- file = function(src, path, name)
|
||||
-- text = function(src, text, name)
|
||||
-- msg = function(src, msg, mtype)
|
||||
-- action = function(src, data, name)
|
||||
|
||||
control = function(cmtype, data)
|
||||
control = function (cmtype, data)
|
||||
__log.debugf("receive control msg '%s' with payload: %s", cmtype, data)
|
||||
|
||||
-- cmtype: "quit"
|
||||
|
||||
@@ -20,7 +20,7 @@ function CActsEngine:init(cfg)
|
||||
self.super:init(cfg)
|
||||
|
||||
self.correlator = CCorrEngine(
|
||||
function(event)
|
||||
function (event)
|
||||
self:push_result(event)
|
||||
end
|
||||
)
|
||||
@@ -28,7 +28,7 @@ function CActsEngine:init(cfg)
|
||||
if not self.correlator.valid then
|
||||
__log.info("try to restore correlator instance")
|
||||
self.correlator = CCorrEngine(
|
||||
function(event)
|
||||
function (event)
|
||||
self:push_result(event)
|
||||
end,
|
||||
true
|
||||
@@ -292,11 +292,11 @@ function CActsEngine:push_result(event)
|
||||
|
||||
if event_name == nil or event_name == "" then return end
|
||||
|
||||
local config_events = self.config["events"] or {events={}}
|
||||
local config_event = config_events[event_name] or {fields={}}
|
||||
local config_fields = self.config["fields"] or {properties={}}
|
||||
local config_events = self.config["events"] or { events = {} }
|
||||
local config_event = config_events[event_name] or { fields = {} }
|
||||
local config_fields = self.config["fields"] or { properties = {} }
|
||||
local _fields = config_event["fields"] or {}
|
||||
local defaults = {string = "", number = 0, integer = 0, object = {}, array = {}, boolean = false, null = nil}
|
||||
local defaults = { string = "", number = 0, integer = 0, object = {}, array = {}, boolean = false, null = nil }
|
||||
|
||||
for _, v in ipairs(self.proc_id_fields) do
|
||||
result[v] = tonumber(result[v])
|
||||
|
||||
@@ -156,7 +156,7 @@ function CBaseEngine:commit_success(src, action_name, action_data)
|
||||
|
||||
-- case to notify other side about action execution result
|
||||
if type(action_data.retaddr) == "string" and action_data.retaddr ~= "" then
|
||||
local data = cjson.encode(glue.merge({status = "success"}, action_data))
|
||||
local data = cjson.encode(glue.merge({ status = "success" }, action_data))
|
||||
__api.send_data_to(src, data)
|
||||
end
|
||||
end
|
||||
@@ -174,7 +174,7 @@ function CBaseEngine:commit_failed(src, action_name, action_data)
|
||||
|
||||
-- case to notify other side about action execution result
|
||||
if type(action_data.retaddr) == "string" and action_data.retaddr ~= "" then
|
||||
local data = cjson.encode(glue.merge({status = "error"}, action_data))
|
||||
local data = cjson.encode(glue.merge({ status = "error" }, action_data))
|
||||
__api.send_data_to(src, data)
|
||||
end
|
||||
end
|
||||
@@ -200,7 +200,7 @@ end
|
||||
-- out: string
|
||||
-- destination token (string) it'll be empty if agent disconnected
|
||||
function CBaseEngine:get_server_token()
|
||||
local tablelength = function(t)
|
||||
local tablelength = function (t)
|
||||
local count = 0
|
||||
for _ in pairs(t) do count = count + 1 end
|
||||
return count
|
||||
|
||||
@@ -87,7 +87,7 @@ function CCorrEngine:init(receiveEvents, restore)
|
||||
local tmpdir_data = luapath.combine(__tmpdir, "data")
|
||||
zip.unzip(luapath.combine(tmpdir_data, "graphs.zip"), "-d", tmpdir_data)
|
||||
self.callbacks = {
|
||||
receive = function(type, data, size)
|
||||
receive = function (type, data, size)
|
||||
if type == 1 and receiveEvents then
|
||||
receiveEvents(ffi.string(data, size))
|
||||
elseif type == 2 then
|
||||
|
||||
@@ -2,7 +2,7 @@ require("engines.acts_engine")
|
||||
|
||||
-- base config to actions engine
|
||||
local cfg = {
|
||||
config = {}
|
||||
config = {},
|
||||
}
|
||||
|
||||
-- actions engine initialize
|
||||
@@ -12,24 +12,22 @@ local acts_engine = CActsEngine(cfg)
|
||||
__api.set_recv_timeout(5000) -- 5s
|
||||
|
||||
__api.add_cbs({
|
||||
data = function(src, data)
|
||||
data = function (src, data)
|
||||
__log.debugf("receive data from '%s' with data", src)
|
||||
assert(acts_engine ~= nil, "actions engine instance is not initialized")
|
||||
|
||||
return acts_engine:recv_data(src, data)
|
||||
end,
|
||||
|
||||
file = function(src, path, name)
|
||||
file = function (src, path, name)
|
||||
__log.infof("receive file from '%s' with name '%s' path '%s'", src, name, path)
|
||||
assert(acts_engine ~= nil, "actions engine instance is not initialized")
|
||||
|
||||
return acts_engine:recv_file(src, path, name)
|
||||
end,
|
||||
|
||||
-- text = function(src, text, name)
|
||||
-- msg = function(src, msg, mtype)
|
||||
|
||||
action = function(src, data, name)
|
||||
action = function (src, data, name)
|
||||
__log.infof("receive action '%s' from '%s' with data %s", name, src, data)
|
||||
assert(acts_engine ~= nil, "actions engine instance is not initialized")
|
||||
|
||||
@@ -37,8 +35,7 @@ __api.add_cbs({
|
||||
__log.infof("requested action '%s' was executed: %s", name, action_result)
|
||||
return action_result
|
||||
end,
|
||||
|
||||
control = function(cmtype, data)
|
||||
control = function (cmtype, data)
|
||||
__log.debugf("receive control msg '%s' with data %s", cmtype, data)
|
||||
assert(acts_engine ~= nil, "actions engine instance is not initialized")
|
||||
|
||||
|
||||
@@ -52,7 +52,7 @@ function CModule:init(moduleName)
|
||||
end
|
||||
end
|
||||
|
||||
self.wrap_load(function()
|
||||
self.wrap_load(function ()
|
||||
self.module = ffi.load(moduleName)
|
||||
end)
|
||||
|
||||
@@ -111,7 +111,7 @@ function CModule:register(profile, callbacks)
|
||||
|
||||
self.functions = {}
|
||||
|
||||
self.functions["receive"] = function(transport, type, data, size)
|
||||
self.functions["receive"] = function (transport, type, data, size)
|
||||
if callbacks and transport == self.transport and callbacks["receive"] then
|
||||
return callbacks["receive"](type, data, size)
|
||||
end
|
||||
@@ -123,7 +123,7 @@ function CModule:register(profile, callbacks)
|
||||
self.module_i = self.api.create(self.transport, 0, nil)
|
||||
self.profile = ffi.new("const char[?]", #profile + 1, profile)
|
||||
|
||||
self.wrap_load(function()
|
||||
self.wrap_load(function ()
|
||||
self.api.is_inited = self.module_i.init(self.transport, self.profile, #profile)
|
||||
end)
|
||||
|
||||
|
||||
@@ -1,13 +1,11 @@
|
||||
|
||||
__api.add_cbs({
|
||||
|
||||
-- data = function(src, data)
|
||||
-- file = function(src, path, name)
|
||||
-- text = function(src, text, name)
|
||||
-- msg = function(src, msg, mtype)
|
||||
-- action = function(src, data, name)
|
||||
|
||||
control = function(cmtype, data)
|
||||
control = function (cmtype, data)
|
||||
__log.debugf("receive control msg '%s' with payload: %s", cmtype, data)
|
||||
|
||||
-- cmtype: "quit"
|
||||
|
||||
@@ -565,14 +565,13 @@ end
|
||||
__api.set_recv_timeout(5000) -- 5s
|
||||
|
||||
__api.add_cbs({
|
||||
|
||||
-- data = function(src, data)
|
||||
-- file = function(src, path, name)
|
||||
-- text = function(src, text, name)
|
||||
-- msg = function(src, msg, mtype)
|
||||
-- action = function(src, data, name)
|
||||
|
||||
control = function(cmtype, data)
|
||||
control = function (cmtype, data)
|
||||
__log.debugf("receive control msg '%s' with payload: %s", cmtype, data)
|
||||
if cmtype == "update_config" then
|
||||
-- update current action and event list from new config
|
||||
|
||||
@@ -1,13 +1,11 @@
|
||||
|
||||
__api.add_cbs({
|
||||
|
||||
-- data = function(src, data)
|
||||
-- file = function(src, path, name)
|
||||
-- text = function(src, text, name)
|
||||
-- msg = function(src, msg, mtype)
|
||||
-- action = function(src, data, name)
|
||||
|
||||
control = function(cmtype, data)
|
||||
control = function (cmtype, data)
|
||||
__log.debugf("receive control msg '%s' with payload: %s", cmtype, data)
|
||||
|
||||
-- cmtype: "quit"
|
||||
|
||||
@@ -45,12 +45,6 @@ def_actions = [
|
||||
"name": "log_to_db",
|
||||
"priority": 10
|
||||
},
|
||||
{
|
||||
"fields": [],
|
||||
"module_name": "pt_siem",
|
||||
"name": "send_to_siem",
|
||||
"priority": 10
|
||||
},
|
||||
{
|
||||
"fields": [],
|
||||
"module_name": "syslog",
|
||||
|
||||
Reference in New Issue
Block a user