lita-alertlogic 0.0.1

data/lib/lita/handlers/alertlogic_log_manager.rb

@@ -0,0 +1,197 @@
+require 'lita'
+# Lita Module
+module Lita
+  # Plugin type Handler
+  module Handlers
+    # Alert Logic Log Manager Routes
+    class AlertlogicLogManager < Handler
+      config :api_auth
+      config :lm_api_url
+      config :tm_api_url
+      config :customer_api_url
+      config :incident_api_url
+      config :customer_id
+      config :http_options, required: false, type: Hash, default: {}
+
+      namespace 'Alertlogic'
+
+      include ::AlertlogicHelper::Api
+      include ::AlertlogicHelper::Common
+      include ::AlertlogicHelper::Customer
+      include ::AlertlogicHelper::Appliances
+      include ::AlertlogicHelper::LogManager
+
+      # LM appliance routes
+      route(
+        /a(?:lertlogic)? lm appliances( (.+))?/i,
+        :lm_appliance_list,
+        help: {
+          t('help.lm.appliances.syntax') => t('help.lm.appliances.desc')
+        }
+      )
+      route(
+        /a(?:lertlogic)? lm applianceinfo? (.+)? (.+)?/i,
+        :lm_appliance_info,
+        help: {
+          t('help.lm.applianceinfo.syntax') => t('help.lm.applianceinfo.desc')
+        }
+      )
+
+      # Log Policies route
+      route(
+        /a(?:lertlogic)? lm policies? (.+)?/i,
+        :lm_policies_list,
+        help: {
+          t('help.lm.policies.syntax') => t('help.lm.policies.desc')
+        }
+      )
+
+      # Log Sources route
+      route(
+        /a(?:lertlogic)? lm sources? (.+)?/i,
+        :lm_sources_list,
+        help: {
+          t('help.lm.sources.syntax') => t('help.lm.sources.desc')
+        }
+      )
+
+      # Log Hosts route
+      route(
+        /a(?:lertlogic)? lm hosts? (.+)?/i,
+        :lm_hosts_list,
+        help: {
+          t('help.lm.hosts.syntax') => t('help.lm.hosts.desc')
+        }
+      )
+
+      # LM Data Definitions
+      def lm_appliance_list(response)
+        customer_id   = valid_cid(response.match_data[1])
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        appliance_list = []
+        customers      = get_customer_ids(customer_id)
+        return response.reply(customers) unless customers.is_a? Array
+        response.reply(t('warn.standby'))
+
+        customers.each do |cid|
+          params = {
+            customer_id: cid,
+            type:        'lm',
+            source:      'appliances'
+          }
+          resp = api_call(params)
+          appliance_list << process_appliances(resp, cid)
+        end
+
+        reply_text = appliance_list
+        response.reply(reply_text)
+      end
+
+      def lm_appliance_info(response)
+        customer_id = valid_cid(response.match_data[1])
+        uuid        = response.match_data[2]
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        return response.reply(t('validation.uuid')) if uuid.nil?
+
+        url_params  = {
+          customer_id: customer_id,
+          api_type:    'lm',
+          source_type: 'appliances'
+        }
+
+        url    = construct_api_url(url_params)
+        url    = "#{url}/#{uuid}"
+        params = {
+          customer_id: customer_id,
+          url:         url
+        }
+
+        appliance_info = pretty_json(
+          parse_json(
+            api_call(params)
+          )
+        )
+
+        reply_text = "/code #{appliance_info}"
+        response.reply(reply_text)
+      end
+
+      def lm_hosts_list(response)
+        customer_id = valid_cid(response.match_data[1])
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        response.reply(t('warn.standby'))
+
+        params = {
+          customer_id: customer_id,
+          type:        'lm',
+          source:      'hosts'
+        }
+        resp = parse_json(
+          api_call(params)
+        )
+
+        reply_text = process_lm_hosts(customer_id, resp)
+        if reply_text.length == 3
+          head = reply_text[0]
+          tables = reply_text[1]
+          summary = reply_text[2]
+          response.reply(head)
+          tables.each do |data, headers|
+            response.reply("/code #{build_table(data, headers)}")
+          end
+          response.reply(summary)
+        else
+          response.reply(reply_text)
+        end
+      end
+
+      def lm_policies_list(response)
+        customer_id = valid_cid(response.match_data[1])
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        response.reply(t('warn.standby'))
+
+        params = {
+          customer_id: customer_id,
+          type:        'lm',
+          source:      'policies'
+        }
+        resp = parse_json(
+          api_call(params)
+        )
+
+        reply_text = process_lm_policies(customer_id, resp)
+        response.reply(reply_text)
+      end
+
+      def lm_sources_list(response)
+        customer_id = valid_cid(response.match_data[1])
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        response.reply(t('warn.standby'))
+
+        params = {
+          customer_id: customer_id,
+          type:        'lm',
+          source:      'sources'
+        }
+        resp = parse_json(
+          api_call(params)
+        )
+
+        reply_text = process_lm_sources(customer_id, resp)
+        if reply_text.length == 3
+          head = reply_text[0]
+          tables = reply_text[1]
+          summary = reply_text[2]
+          response.reply(head)
+          tables.each do |data, headers|
+            response.reply("/code #{build_table(data, headers)}")
+          end
+          response.reply(summary)
+        else
+          response.reply(reply_text)
+        end
+      end
+    end
+    Lita.register_handler(AlertlogicLogManager)
+  end
+end

data/lib/lita/handlers/alertlogic_monitoring.rb

@@ -0,0 +1,79 @@
+require 'lita'
+# Lita Module
+module Lita
+  # Plugin type Handler
+  module Handlers
+    # Alert Logic Monitoring routes
+    class AlertlogicMonitoring < Handler
+      config :api_auth
+      config :tm_api_url
+      config :monitoring_api_url
+      config :customer_id
+      config :http_options, required: false, type: Hash, default: {}
+
+      namespace 'Alertlogic'
+
+      include ::AlertlogicHelper::Api
+      include ::AlertlogicHelper::Common
+      include ::AlertlogicHelper::Customer
+      include ::AlertlogicHelper::Agents
+
+      # Monitoring routes
+      route(
+        /a(?:lertlogic)? appliance agent counts( (.+))?/i,
+        :agent_counts_by_appliance,
+        help: {
+          t('help.monitoring.appliance_agent_counts.syntax') => t('help.monitoring.appliance_agent_counts.desc')
+        }
+      )
+      route(
+        /a(?:lertlogic)? policies agent counts( (.+))?/i,
+        :agent_counts_by_policy,
+        help: {
+          t('help.monitoring.policy_agent_counts.syntax') => t('help.monitoring.policy_agent_counts.desc')
+        }
+      )
+      route(
+        /a(?:lertlogic)? agent ip counts( (.+))?/i,
+        :agent_ip_counts,
+        help: {
+          t('help.monitoring.agent_ip_counts.syntax') => t('help.monitoring.agent_ip_counts.desc')
+        }
+      )
+
+      def agent_counts_by_appliance(response)
+        customer_id = valid_cid(response.match_data[1])
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        response.reply(t('warn.standby'))
+
+        agent_info = agent_appliance_summary(customer_id)
+
+        reply_text = agent_info
+        response.reply(reply_text)
+      end
+
+      def agent_counts_by_policy(response)
+        customer_id = valid_cid(response.match_data[1])
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        response.reply(t('warn.standby'))
+
+        agent_info = agent_policy_summary(customer_id)
+
+        reply_text = agent_info
+        response.reply(reply_text)
+      end
+
+      def agent_ip_counts(response)
+        customer_id = valid_cid(response.match_data[1])
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        response.reply(t('warn.standby'))
+
+        agent_info = agent_ip_summary(customer_id)
+
+        reply_text = agent_info
+        response.reply(reply_text)
+      end
+    end
+    Lita.register_handler(AlertlogicMonitoring)
+  end
+end

data/lib/lita/handlers/alertlogic_threat_manager.rb

@@ -0,0 +1,264 @@
+require 'lita'
+# Lita Module
+module Lita
+  # Plugin type Handler
+  module Handlers
+    # Alert Logic Threat Manager Routes
+    class AlertlogicThreatManager < Handler
+      config :api_auth
+      config :lm_api_url
+      config :tm_api_url
+      config :customer_api_url
+      config :incident_api_url
+      config :monitoring_api_url
+      config :customer_id
+      config :http_options, required: false, type: Hash, default: {}
+
+      namespace 'Alertlogic'
+
+      include ::AlertlogicHelper::Api
+      include ::AlertlogicHelper::Common
+      include ::AlertlogicHelper::Customer
+      include ::AlertlogicHelper::Appliances
+      include ::AlertlogicHelper::ThreatManager
+
+      # TM appliance routes
+      route(
+        /a(?:lertlogic)? tm appliances( (.+))?/i,
+        :tm_appliance_list,
+        help: {
+          t('help.tm.appliances.syntax') => t('help.tm.appliances.desc')
+        }
+      )
+      route(
+        /a(?:lertlogic)? tm applianceinfo? (.+)? (.+)?/i,
+        :tm_appliance_info,
+        help: {
+          t('help.tm.applianceinfo.syntax') => t('help.tm.applianceinfo.desc')
+        }
+      )
+
+      # Threat Policies route
+      route(
+        /a(?:lertlogic)? tm policies? (.+)?/i,
+        :tm_policies_list,
+        help: {
+          t('help.tm.policies.syntax') => t('help.tm.policies.desc')
+        }
+      )
+
+      # Threat hosts route
+      route(
+        /a(?:lertlogic)? tm hosts? (.+)?/i,
+        :tm_hosts_list,
+        help: {
+          t('help.tm.hosts.syntax') => t('help.tm.hosts.desc')
+        }
+      )
+
+      # Threat Protected hosts route
+      route(
+        /a(?:lertlogic)? protectedhosts status( (.+))?/i,
+        :protectedhosts_status,
+        help: {
+          t('help.tm.protectedhosts.status.syntax') => t('help.tm.protectedhosts.status.desc')
+        }
+      )
+
+      route(
+        /a(?:lertlogic)? protectedhosts list( (.+))?/i,
+        :protectedhosts_list,
+        help: {
+          t('help.tm.protectedhosts.list.syntax') => t('help.tm.protectedhosts.list.desc')
+        }
+      )
+
+      route(
+        /a(?:lertlogic)? protectedhosts search? (.+)? (.+)?/i,
+        :protectedhosts_search,
+        help: {
+          t('help.tm.protectedhosts.search.syntax') => t('help.tm.protectedhosts.search.desc')
+        }
+      )
+
+      # TM Data Definitions
+      def tm_appliance_info(response)
+        customer_id = valid_cid(response.match_data[1])
+        uuid = response.match_data[2]
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        return response.reply(t('validation.uuid')) if uuid.nil?
+        response.reply(t('warn.standby'))
+
+        url_params = {
+          customer_id: customer_id,
+          api_type:    'tm',
+          source_type: 'appliances'
+        }
+        url = construct_api_url(url_params)
+        url = "#{url}/#{uuid}"
+
+        params = {
+          customer_id: customer_id,
+          url:         url
+        }
+        appliance_info = pretty_json(
+          parse_json(
+            api_call(params)
+          )
+        )
+
+        reply_text = "/code #{appliance_info}"
+        response.reply(reply_text)
+      end
+
+      def tm_appliance_list(response)
+        customer_id = valid_cid(response.match_data[1])
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        appliance_list = []
+        customers = get_customer_ids(customer_id)
+        return response.reply(customers) unless customers.is_a? Array
+        response.reply(t('warn.standby'))
+
+        customers.each do |cid|
+          params = {
+            customer_id: cid,
+            type:        'tm',
+            source:      'appliances'
+          }
+          resp = api_call(params)
+          appliance_list << process_appliances(resp, cid)
+        end
+
+        reply_text = appliance_list
+        response.reply(reply_text)
+      end
+
+      def tm_hosts_list(response)
+        customer_id = valid_cid(response.match_data[1])
+        response.reply(t('warn.standby'))
+
+        params = {
+          customer_id: customer_id,
+          type:        'tm',
+          source:      'hosts'
+        }
+        resp = parse_json(
+          api_call(params)
+        )
+
+        reply_text = process_tm_hosts(customer_id, resp)
+        if reply_text.length == 3
+          head = reply_text[0]
+          tables = reply_text[1]
+          summary = reply_text[2]
+          response.reply(head)
+          tables.each do |data, headers|
+            response.reply("/code #{build_table(data, headers)}")
+          end
+          response.reply(summary)
+        else
+          response.reply(reply_text)
+        end
+      end
+
+      def tm_policies_list(response)
+        customer_id = valid_cid(response.match_data[1])
+        response.reply(t('warn.standby'))
+
+        params = {
+          customer_id: customer_id,
+          type:        'tm',
+          source:      'policies'
+        }
+        resp = parse_json(
+          api_call(params)
+        )
+
+        reply_text = process_tm_policies(customer_id, resp)
+        if reply_text.length == 3
+          head = reply_text[0]
+          tables = reply_text[1]
+          summary = reply_text[2]
+          response.reply(head)
+          tables.each do |data, headers|
+            response.reply("/code #{build_table(data, headers)}")
+          end
+          response.reply(summary)
+        else
+          response.reply(reply_text)
+        end
+      end
+
+      def protectedhosts_list(response)
+        customer_id = valid_cid(response.match_data[1])
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        response.reply(t('warn.standby'))
+
+        params = {
+          customer_id: customer_id,
+          type: 'tm',
+          source: 'protectedhosts'
+        }
+        resp = parse_json(api_call(params))
+
+        reply_text = process_protectedhosts_list(customer_id, resp)
+        if reply_text.length == 3
+          head = reply_text[0]
+          tables = reply_text[1]
+          summary = reply_text[2]
+          response.reply(head)
+          tables.each do |data, headers|
+            response.reply("/code #{build_table(data, headers)}")
+          end
+          response.reply(summary)
+        else
+          response.reply(reply_text)
+        end
+      end
+
+      def protectedhosts_status(response)
+        customer_id = valid_cid(response.match_data[1])
+        response.reply(t('warn.standby'))
+
+        params = {
+          customer_id: customer_id,
+          type: 'tm',
+          source: 'protectedhosts'
+        }
+        resp = parse_json(api_call(params))
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+
+        if resp['total_count'] == 0
+          reply_text = pretty_json(resp)
+          response.reply("/code #{reply_text}")
+        else
+          reply_text = process_protectedhosts(customer_id, resp)
+          response.reply(reply_text)
+        end
+      end
+
+      def protectedhosts_search(response)
+        customer_id = valid_cid(response.match_data[1])
+        term = response.match_data[2]
+        return response.reply(t('validation.customer_id')) if customer_id.nil?
+        response.reply(t('warn.standby'))
+
+        if valid_uuid?(term)
+          key = 'id'
+        else
+          key = 'name'
+        end
+        params = {
+          customer_id: customer_id,
+          type: 'tm',
+          source: 'protectedhosts'
+        }
+        resp = parse_json(api_call(params))
+
+        reply_text = search_phost_by_name(key, term, resp)
+        response.reply("/code #{reply_text}")
+      end
+    end
+    Lita.register_handler(AlertlogicThreatManager)
+  end
+end