intelmq.bin package¶
Submodules¶
intelmq.bin.intelmq_generate_misp_objects_templates module¶
Generates a MISP object template see https://github.com/MISP/misp-objects/
intelmq.bin.intelmq_psql_initdb module¶
Generates a SQL command file with commands to create the events table.
Reads the harmonization configuration and generates an SQL command from it. The SQL file is saved in /tmp/initdb.sql or a temporary name if the other one exists.
- intelmq.bin.intelmq_psql_initdb.generate(harmonization_file='/opt/intelmq/etc/harmonization.conf', skip_events=False, separate_raws=False, partition_key=None, skip_or_replace=False)¶
- intelmq.bin.intelmq_psql_initdb.main()¶
intelmq.bin.intelmqctl module¶
- class intelmq.bin.intelmqctl.IntelMQController(interactive: bool = False, returntype: ReturnType = ReturnType.PYTHON, quiet: bool = False, no_file_logging: bool = False, drop_privileges: bool = True)¶
Bases:
object
- __init__(interactive: bool = False, returntype: ReturnType = ReturnType.PYTHON, quiet: bool = False, no_file_logging: bool = False, drop_privileges: bool = True) None ¶
Initializes intelmqctl.
- Parameters:
interactive – for cli-interface true, functions can exits, parameters are used
return_type –
ReturnType.PYTHON (*) – no special treatment, can be used for use by other python code
ReturnType.TEXT (*) – user-friendly output for cli, default for interactive use
ReturnType.JSON (*) – machine-readable output for managers
quiet – False by default, can be activated for cron jobs etc.
no_file_logging – do not log to the log file
drop_privileges – Drop privileges and fail if it did not work.
- abort(message)¶
- bot_disable(bot_id)¶
If Bot is already disabled, the “Bot … is disabled” message is printed by the wrapping function already.
- bot_enable(bot_id)¶
- bot_reload(bot_id, getstatus=True, group=None)¶
- bot_restart(bot_id, group=None)¶
- bot_run(**kwargs)¶
- bot_start(bot_id, getstatus=True, group=None)¶
- bot_status(bot_id, group=None)¶
- bot_stop(bot_id, getstatus=True, group=None)¶
- botnet_reload(group=None)¶
- botnet_restart(group=None)¶
- botnet_start(group=None)¶
- botnet_status(group=None)¶
- botnet_stop(group=None)¶
- check(no_connections=False, check_executables=True)¶
- clear_queue(queue)¶
Clears an exiting queue.
First checks if the queue does exist in the pipeline configuration.
- debug(sections=None)¶
Give debugging output
- get_queues(with_internal_queues=False)¶
- Returns:
4-tuple of source, destination, internal queues, and all queues combined.
The returned values are only queue names, not their paths. I.E. if there is a bot with destination queues = {“_default”: “one”, “other”: [“two”, “three”]}, only set of {“one”, “two”, “three”} gets returned. (Note that the “_default” path has single string and the “other” path has a list that gets flattened.)
- list(kind=None, non_zero=False, count=False, configured=False)¶
- list_bots(non_zero=False, configured=False)¶
Lists all (configured) bots from runtime configuration or generated on demand with bot id/module and description and parameters.
If description is not set, None is used instead.
- list_queues(non_zero=False, count=False)¶
- load_defaults_configuration(silent=False)¶
- log_bot_message(status, *args)¶
- log_botnet_message(status, group=None)¶
- log_log_messages(messages)¶
- read_bot_log(bot_id, log_level, number_of_lines)¶
- run()¶
- upgrade_conf(previous=None, dry_run=None, function=None, force=None, state_file: str = '/opt/intelmq/var/lib/state.json', no_backup=False)¶
Upgrade the IntelMQ configuration after a version upgrade.
- Parameters:
previous – Assume the given version as the previous version
function – Only execute this upgrade function
force – Also upgrade if not necessary
state_file – location of the state file
no_backup – Do not create backups of state and configuration files
state_file:
version_history = [..., [2, 0, 0], [2, 0, 1]] upgrades = { "v112_feodo_tracker_domains": true, "v112_feodo_tracker_ips": false, "v200beta1_ripe_expert": false } results = [ {"function": "v112_feodo_tracker_domains", "success": true, "retval": null, "time": "..."}, {"function": "v112_feodo_tracker_domains", "success": false, "retval": "fix it manually", "message": "fix it manually", "time": "..."}, {"function": "v200beta1_ripe_expert", "success": false, "traceback": "...", "time": "..."} ]
- write_updated_runtime_config(filename='/opt/intelmq/etc/runtime.yaml')¶
- class intelmq.bin.intelmqctl.Parameters¶
Bases:
object
- intelmq.bin.intelmqctl.main()¶
intelmq.bin.intelmqdump module¶
- class intelmq.bin.intelmqdump.Completer(possible_values, queues=False)¶
Bases:
object
- complete(text, state)¶
- queues = None¶
- state = None¶
- intelmq.bin.intelmqdump.dump_info(fname, file_descriptor=None)¶
- intelmq.bin.intelmqdump.load_meta(dump)¶
- intelmq.bin.intelmqdump.main(argv=None)¶
- intelmq.bin.intelmqdump.save_file(handle, content)¶
intelmq.bin.intelmqsetup module¶
© 2019-2021 nic.at GmbH <intelmq-team@cert.at>
SPDX-License-Identifier: AGPL-3.0-or-later
- Sets up an intelmq environment after installation or upgrade by
creating needed directories
set intelmq as owner for those
providing example configuration files if not already existing
- If intelmq-api is installed, the similar steps are performed:
creates needed directories
sets the webserver as group for them
sets group write permissions
Reasoning: Pip does not (and cannot) create /opt/intelmq/user-given ROOT_DIR, as described in https://github.com/certtools/intelmq/issues/819
- intelmq.bin.intelmqsetup.basic_checks(skip_ownership)¶
- intelmq.bin.intelmqsetup.change_owner(file: str, owner: str | None = None, group: str | None = None, log: bool = True)¶
- intelmq.bin.intelmqsetup.create_directory(directory: str, octal_mode: int)¶
- intelmq.bin.intelmqsetup.debian_activate_apache_config(config_name: str)¶
- intelmq.bin.intelmqsetup.find_webserver_configuration_directory()¶
- intelmq.bin.intelmqsetup.find_webserver_user()¶
- intelmq.bin.intelmqsetup.intelmqsetup_api(ownership: bool = True, webserver_user: str | None = None)¶
- intelmq.bin.intelmqsetup.intelmqsetup_api_webserver_configuration(webserver_configuration_directory: str | None = None)¶
- intelmq.bin.intelmqsetup.intelmqsetup_core(ownership=True, state_file='/opt/intelmq/var/lib/state.json')¶
- intelmq.bin.intelmqsetup.intelmqsetup_manager_generate()¶
- intelmq.bin.intelmqsetup.intelmqsetup_manager_webserver_configuration(webserver_configuration_directory: str | None = None)¶
- intelmq.bin.intelmqsetup.main()¶
intelmq.bin.rewrite_config_files module¶
- intelmq.bin.rewrite_config_files.rewrite(fobj)¶