lita-alertlogic 0.0.1

data/lib/alertlogic_helper/incidents.rb

@@ -0,0 +1,29 @@
+require 'json'
+
+# Alertlogic Helper
+module AlertlogicHelper
+  # Incidents Helper
+  module Incidents
+    # rubocop:disable LineLength
+    def get_incidents(customer_id)
+      incidents_url = "#{config.incident_api_url}/v3/incidents?customer_id=#{customer_id}&create_date=>#{(Time.now - (24 * 60 * 60)).to_i}"
+      params = {
+        customer_id: customer_id,
+        url: "\"#{incidents_url}\""
+      }
+      resp = api_call(params)
+      parse_json(resp)
+    end
+    # rubocop:enable MethodLength
+
+    def get_incident_notes(customer_id, incident_id)
+      incidents_url = "#{config.incident_api_url}/v2/notes?customer_id=#{customer_id}&incident_id=>#{incident_id}"
+      params = {
+        customer_id: config.customer_id,
+        url: incidents_url
+      }
+      resp = api_call(params)
+      parse_json(resp)
+    end
+  end
+end

data/lib/alertlogic_helper/log_manager.rb

@@ -0,0 +1,121 @@
+# Alertlogic Helper
+module AlertlogicHelper
+  # Log Manager Helper
+  module LogManager
+    # rubocop:disable MethodLength
+    # rubocop:disable Metrics/AbcSize
+    def process_lm_hosts(customer_id, hosts)
+      headers    = [
+        'Host Name',
+        'Host Type',
+        'Host ID',
+        'IP Address',
+        'Host Status'
+      ]
+      data       = []
+      tables     = []
+      hosts_list = hosts['hosts']
+      reply_head = "/code Log Hosts for customer: #{customer_id} \n"
+
+      hosts_list.each do |host|
+        if !host['host']['metadata'].nil?
+          ipv4 = host['host']['metadata']['local_ipv4']
+        else
+          ipv4 = ''
+        end
+        data << [
+          host['host']['name'],
+          host['host']['type'],
+          host['host']['id'],
+          ipv4,
+          host['host']['status']['status']
+        ]
+        if check_msg_size?(build_table(data, headers))
+          tables << [data, headers]
+          data = []
+        end
+      end
+
+      summary = "\nTotal Sources: #{hosts['total_count']}"
+      if tables.length > 0
+        reply = [reply_head, tables, summary]
+        return reply
+      else
+        reply = reply_head
+        reply << build_table(data, headers)
+        reply << summary
+        return reply
+      end
+    end
+    # rubocop:enable MethodLength
+    # rubocop:enable Metrics/AbcSize
+
+    # rubocop:disable MethodLength
+    def process_lm_sources(customer_id, sources)
+      headers      = [
+        'Source Name',
+        'Source Type',
+        'IP Address',
+        'Source ID',
+        'Source Status'
+      ]
+      data         = []
+      tables       = []
+      sources_list = sources['sources']
+      reply_head   = "/code Log Sources for customer: #{customer_id} \n"
+
+      sources_list.each do |source|
+        source.each do |type, info|
+          data << [
+            info['name'],
+            type,
+            info['metadata']['local_ipv4'],
+            info['id'],
+            info['status']['status']
+          ]
+          if check_msg_size?(build_table(data, headers))
+            tables << [data, headers]
+            data = []
+          end
+        end
+      end
+
+      summary = "\nTotal Sources: #{sources['total_count']}"
+      if tables.length > 0
+        reply = [reply_head, tables, summary]
+        return reply
+      else
+        reply = reply_head
+        reply << build_table(data, headers)
+        reply << summary
+        return reply
+      end
+    end
+    # rubocop:enable MethodLength
+
+    def process_lm_policies(customer_id, policies)
+      headers     = [
+        'Policy Type',
+        'Policy Name',
+        'Policy ID'
+      ]
+      data        = []
+      policy_list = policies['policies']
+      reply       = "/code Log Policies for customer: #{customer_id} \n"
+
+      policy_list.each do |policy|
+        policy.each do |type, info|
+          data << [
+            type,
+            info['id'],
+            info['name']
+          ]
+        end
+      end
+
+      reply << build_table(data, headers)
+      reply << "\nTotal Policies: #{policies['total_count']}"
+      reply
+    end
+  end
+end

data/lib/alertlogic_helper/threat_manager.rb

@@ -0,0 +1,173 @@
+# Alertlogic Helper
+module AlertlogicHelper
+  # Threat Manager Helper
+  module ThreatManager
+    # rubocop:disable MethodLength
+    # rubocop:disable Metrics/AbcSize
+    def process_tm_policies(customer_id, policies)
+      headers = [
+        'Policy ID',
+        'Name',
+        'Appliance Assignment',
+        'Type'
+      ]
+      data    = []
+      tables  = []
+      reply_head   = "/code Threat Policies for customer: #{customer_id} \n"
+
+      policies['policies'].each do |policy|
+        data << [
+          policy['policy']['id'],
+          policy['policy']['name'],
+          !policy['policy']['appliance_assignment'].nil? ? policy['policy']['appliance_assignment']['appliances'].join(',') : nil,
+          policy['policy']['type']
+        ]
+        if check_msg_size?(build_table(data, headers))
+          tables << [data, headers]
+          data = []
+        end
+      end
+
+      summary =  "\nTotal Policies: #{policies['total_count']}"
+      if tables.length > 0
+        reply = [reply_head, tables, summary]
+        return reply
+      else
+        reply = reply_head
+        reply << build_table(data, headers)
+        reply << summary
+      end
+    end
+    # rubocop:enable MethodLength
+    # rubocop:enable Metrics/AbcSize
+
+    # rubocop:disable MethodLength
+    # rubocop:disable Metrics/AbcSize
+    def process_tm_hosts(customer_id, hosts)
+      headers = [
+        'Host Name',
+        'Host ID',
+        'Type',
+        'IP Address',
+        'Status'
+      ]
+      data    = []
+      tables  = []
+      reply_head   = "/code Threat Hosts for customer: #{customer_id} \n"
+
+      hosts['hosts'].each do |host|
+        if !host['host']['metadata'].nil?
+          ipv4 = host['host']['metadata']['local_ipv4']
+        else
+          ipv4 = ''
+        end
+        data << [
+          host['host']['name'],
+          host['host']['id'],
+          host['host']['type'],
+          ipv4,
+          host['host']['status']['status']
+        ]
+        if check_msg_size?(build_table(data, headers))
+          tables << [data, headers]
+          data = []
+        end
+      end
+
+      summary = "\nTotal Hosts: #{hosts['total_count']}"
+      if tables.length > 0
+        reply = [reply_head, tables, summary]
+        return reply
+      else
+        reply = reply_head
+        reply << build_table(data, headers)
+        reply << summary
+      end
+    end
+    # rubocop:enable Metrics/AbcSize
+    # rubocop:enable MethodLength
+
+    # rubocop:disable Metrics/AbcSize
+    def process_protectedhosts(customer_id, phosts)
+      phost_list = phosts['protectedhosts']
+      reply      = "/code Protectedhosts Status for customer: #{customer_id} \n"
+      ok         = 0
+      error      = 0
+      new        = 0
+      offline    = 0
+      total      = 0
+      other      = 0
+      headers    = %w(OK Error New Offline Unknown)
+      data       = []
+
+      phost_list.each do |phost|
+        status = phost['protectedhost']['status']['status'].strip
+        ok += 1 if status == 'ok'
+        error += 1 if status == 'error'
+        new += 1 if status == 'new'
+        offline += 1 if status == 'offline'
+        other += 1 unless %w(ok error new offline).include? status
+        total += 1
+      end
+
+      data << [ok, error, new, offline, other]
+      reply << build_table(data, headers)
+      reply << "\nTotal Protected Hosts: #{total}"
+    end
+    # rubocop:enable Metrics/AbcSize
+
+    def search_phost_by_name(key, search_term, phosts)
+      phosts['protectedhosts'].each do |phost|
+        if search?(key, search_term, phost['protectedhost'])
+          return JSON.pretty_generate(phost['protectedhost'])
+        end
+      end
+    end
+
+    # rubocop:disable MethodLength
+    # rubocop:disable Metrics/AbcSize
+    # rubocop:disable Metrics/PerceivedComplexity
+    def process_protectedhosts_list(customer_id, phosts)
+      phost_list = phosts['protectedhosts']
+      reply_head = "/code Protectedhosts Status for customer: #{customer_id} \n"
+      headers    = %w(Name VPC Status)
+      data   = []
+      tables = []
+      total  = 0
+      phost_list.each do |phost|
+        total += 1
+        if phost['protectedhost'].key?('metadata')
+          if phost['protectedhost']['metadata'].key?('ec2_vpc')
+            vpc = phost['protectedhost']['metadata']['ec2_vpc'].join(',')
+          else
+            vpc = 'No VPC found'
+          end
+        else
+          vpc = 'No metadata was found'
+        end
+        data << [
+          phost['protectedhost']['name'].strip,
+          vpc,
+          phost['protectedhost']['status']['status'].strip
+        ]
+        if check_msg_size?(build_table(data, headers))
+          tables << [data, headers]
+          data = []
+        end
+      end
+
+      summary = "/code Total Protected Hosts: #{total}"
+      if tables.length > 0
+        reply = [reply_head, tables, summary]
+        reply
+      else
+        reply = reply_head
+        reply << build_table(data, headers)
+        reply << summary
+      end
+    end
+    # rubocop:enable MethodLength
+    # rubocop:enable Metrics/AbcSize
+    # rubocop:enable Metrics/PerceivedComplexity
+  end
+end

data/lib/lita-alertlogic.rb

@@ -0,0 +1,20 @@
+require 'lita'
+
+Lita.load_locales Dir[File.expand_path(
+  File.join('..', '..', 'locales', '*.yml'), __FILE__
+)]
+
+require 'alertlogic_helper/api'
+require 'alertlogic_helper/agents'
+require 'alertlogic_helper/common'
+require 'alertlogic_helper/customer'
+require 'alertlogic_helper/incidents'
+require 'alertlogic_helper/appliances'
+require 'alertlogic_helper/log_manager'
+require 'alertlogic_helper/threat_manager'
+
+require 'lita/handlers/alertlogic_customer'
+require 'lita/handlers/alertlogic_incidents'
+require 'lita/handlers/alertlogic_monitoring'
+require 'lita/handlers/alertlogic_log_manager'
+require 'lita/handlers/alertlogic_threat_manager'

data/lib/lita/handlers/alertlogic_customer.rb

@@ -0,0 +1,60 @@
+require 'lita'
+# Lita Module
+module Lita
+  # Plugin type Handler
+  module Handlers
+    # Alert Logic Customer Routes
+    class AlertlogicCustomer < Handler
+      config :api_auth
+      config :customer_api_url
+      config :customer_id
+      config :http_options, required: false, type: Hash, default: {}
+
+      namespace 'Alertlogic'
+
+      include ::AlertlogicHelper::Api
+      include ::AlertlogicHelper::Common
+      include ::AlertlogicHelper::Customer
+
+      # Route definitions
+      # Customer info route
+      route(
+        /a(?:lertlogic)? customerinfo( (.+))?/i,
+        :customer_info,
+        help: {
+          t('help.customerinfo.syntax') => t('help.customerinfo.desc')
+        }
+      )
+
+      # Customer Info Definition
+      def customer_info(response)
+        customer = response.match_data[1]
+        return response.reply(t('validation.customer_id')) if customer.nil?
+        response.reply(t('warn.standby'))
+
+        customers   = []
+        customer_id = process_customer_id(customer.strip)
+
+        if customer_id.is_a? Array
+          customer_id.each do |cid|
+            params = {
+              customer_id: cid,
+              type:        'customer'
+            }
+            customers << api_call(params)
+          end
+        else
+          params = {
+            customer_id: customer_id,
+            type:        'customer'
+          }
+          customers = api_call(params)
+        end
+
+        reply_text = process_customers(customers)
+        response.reply(reply_text.to_s)
+      end
+    end
+    Lita.register_handler(AlertlogicCustomer)
+  end
+end

data/lib/lita/handlers/alertlogic_incidents.rb

@@ -0,0 +1,43 @@
+require 'lita'
+# Lita Module
+module Lita
+  # Plugin type Handler
+  module Handlers
+    # Alert Logic Incident routes
+    class AlertlogicIncidents < Handler
+      config :api_auth
+      config :lm_api_url
+      config :tm_api_url
+      config :customer_api_url
+      config :incident_api_url
+      config :customer_id
+      config :http_options, required: false, type: Hash, default: {}
+
+      namespace 'Alertlogic'
+
+      include ::AlertlogicHelper::Api
+      include ::AlertlogicHelper::Common
+      include ::AlertlogicHelper::Customer
+      include ::AlertlogicHelper::Incidents
+
+      # Route definitions
+      # Incidents list route
+      route(
+        /a(?:lertlogic)? incidents( (.+))?/i,
+        :incidents_list,
+        help: {
+          t('help.incidents.syntax') => t('help.incidents.desc')
+        }
+      )
+
+      # Customer Info Definition
+      def incidents_list(response)
+        customer = response.match_data[1]
+        return response.reply(t('validation.customer_id')) if customer.nil?
+        customer_id = process_customer_id(customer.strip)
+        response.reply get_incidents(customer_id)
+      end
+    end
+    Lita.register_handler(AlertlogicIncidents)
+  end
+end