lita-alertlogic 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 33f770a03b17649cee43382f7ebdc99703b21367
+  data.tar.gz: e7dd0d0a2336402d40a2f1fada7f3a7b71713e9b
+SHA512:
+  metadata.gz: 6cd08c2a809b420cef9307bf722eaedfb660b147f36f0bcba615ec45801cb0684e43ce5d711cb75f1edd8946f5a0a0050f56bddec609d883473880aa5cb03e97
+  data.tar.gz: 36d9a795bc4a8f2042111acc5bc8d7d1a1e9b8c242af9fc8201f3b7ca81abee833553a2735a94f816d2ad0fb84e741cda5a40aafa2503e3f1891465c83d4ff48

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+*.swp
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1 @@
+--color --profile 5

data/.rubocop.yml

@@ -0,0 +1,18 @@
+AllCops:
+  Excludes:
+    - lib/lita-alertlogic.rb
+
+LineLength:
+  Max: 130
+
+MethodLength:
+  Max: 25
+
+ModuleLength:
+  Max: 150
+
+ClassLength:
+  Max: 225
+
+Metrics/AbcSize:
+  Max: 25

data/.travis.yml

@@ -0,0 +1,8 @@
+language: ruby
+rvm:
+  - 2.1
+  - 2.2
+services:
+  - redis-server
+cache: bundler
+sudo: false

data/Gemfile

@@ -0,0 +1,6 @@
+source 'https://rubygems.org'
+
+gemspec
+
+gem 'pretty_table'
+gem 'uuid'

data/LICENSE

@@ -0,0 +1,19 @@
+Copyright (c) 2016 Alert Logic Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,100 @@
+# lita-alertlogic
+
+[![Build Status](https://api.travis-ci.org/alertlogic/lita-alertlogic.svg?branch=master)](https://travis-ci.org/alertlogic/lita-alertlogic)
+
+**lita-alertlogic** is a handler for [Lita](https://github.com/jimmycuadra/lita). It can be used to pull various data points about Alert Logic customers directly from Hipchat.
+
+## Installation
+
+Add lita-alertlogic to your Lita instance's Gemfile:
+
+``` ruby
+gem 'lita-alertlogic'
+```
+
+## Usage
+
+Run 'lita help alertlogic' to get detailed usage:
+
+```
+ [You] lita help alertlogic
+[Lita Bot] 
+Lita: alertlogic customerinfo <customer_id or customer_name> - Displays customer and child list.
+Lita: alertlogic appliance agent counts <customer_id> - Displays count of agents assigned to each appliance
+Lita: alertlogic policies agent counts <customer_id> - Displays count of agents assigned to each policy
+Lita: alertlogic agent ip counts <customer_id> - Display count of IP's assigned to agents
+Lita: alertlogic lm appliances <customer_id> - Displays customer LM appliance list.
+Lita: alertlogic lm applianceinfo <customer_id> <applaince_uuid> - Displays LM appliance details.
+Lita: alertlogic lm policies <customer_id> - Displays customer log assignment policies.
+Lita: alertlogic lm sources <customer_id> - Displays customer log sources.
+Lita: alertlogic lm hosts <customer_id> - Displays customer log hosts.
+Lita: alertlogic tm appliances <customer_id> - Displays customer TM appliance list.
+Lita: alertlogic tm applianceinfo <customer_id> <applaince_uuid> - Displays TM appliance details.
+Lita: alertlogic tm policies <customer_id> - Displays customer threat assignment policies.
+Lita: alertlogic tm hosts <customer_id> - Displays customer threat hosts hosts.
+Lita: alertlogic protectedhosts status <customer_id> - Displays protected hosts summary.
+Lita: alertlogic protectedhosts list <customer_id> - Displays complete protected hosts lists.
+Lita: alertlogic protectedhosts search <customer_id> <protected host name or uuid>- Search protected hosts by name or uuid.
+```
+
+Example:
+
+```
+ [You] lita alertlogic customerinfo Alert
+[Lita Bot]
+Information for parent customer: Alert Logic Inc.
+Customer ID |  Customer Name 
+------------+----------------
+XXXXX       | Alert Logic 
+```
+
+## Config
+
+```
+Lita.configure do |config|
+  # Alert Logic API Settings
+  config.handlers.alertlogic.customer_id = 'your-alertlogic-customer-id'
+  config.handlers.alertlogic.api_auth = 'your-api-key-obtained-from-alert-logic:'
+  config.handlers.alertlogic.lm_api_url = 'https://publicapi.alertlogic.net/api/lm/v1'
+  config.handlers.alertlogic.tm_api_url = 'https://publicapi.alertlogic.net/api/tm/v1'
+  config.handlers.alertlogic.customer_api_url = 'https://api.alertlogic.net/api/customer/v1'
+  config.handlers.alertlogic.monitoring_api_url = 'https://api.alertlogic.net/api/monitoring/v1'
+end
+```
+
+## Sample config with Hipchat plugin
+
+```
+Lita.configure do |config|
+  # Logging level
+  config.robot.log_level = :info
+  
+  # Hipchat adapter
+  config.robot.adapter = :hipchat
+  
+  # Bot name
+  config.robot.name = "Lita Bot"
+
+  # Bot admins Type: String or Array of Jabber ID(s)
+  config.robot.admins = ['some_jabber_id@chat.hipchat.com']
+  config.adapters.hipchat.jid = 'bots-hipchat-jabber-id@chat.hipchat.com'
+  config.adapters.hipchat.password = 'bots-password'
+
+  # Hipchat room(s) Type: String or Array
+  config.adapters.hipchat.rooms = :all
+  
+  # Debugging mode
+  #config.adapters.hipchat.debug = false
+
+  # Alert Logic Settings
+  config.handlers.alertlogic.customer_id = 'your-alertlogic-customer-id'
+  config.handlers.alertlogic.api_auth = 'your-api-key-obtained-from-alert-logic:'
+  config.handlers.alertlogic.lm_api_url = 'https://publicapi.alertlogic.net/api/lm/v1'
+  config.handlers.alertlogic.tm_api_url = 'https://publicapi.alertlogic.net/api/tm/v1'
+  config.handlers.alertlogic.customer_api_url = 'https://api.alertlogic.net/api/customer/v1'
+end
+```
+
+## License
+
+[MIT](http://opensource.org/licenses/MIT)

data/Rakefile

@@ -0,0 +1,6 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/lib/alertlogic_helper/agents.rb

@@ -0,0 +1,107 @@
+# Alertlogic Helper
+module AlertlogicHelper
+  # Agents Helper
+  module Agents
+    # rubocop:disable MethodLength
+    def agent_appliance_summary(customer_id)
+      data    = []
+      reply   = "/code Appliance/Agents counts for customer: #{customer_id} \n"
+      headers = [
+        'Appliance Name',
+        'Appliance IP',
+        'Agents Count',
+        'Overall Collection Status'
+      ]
+
+      params = {
+        customer_id: customer_id,
+        type:    'monitoring',
+        source: 'tmc-appliances'
+      }
+      assignment_info = parse_json(
+        api_call(params)
+      )
+      assignment_info['sources'].each do |source|
+        data << [
+          source['source']['name'],
+          source['source']['metadata']['local_ipv4'],
+          source['source']['agents_count'],
+          source['source']['status']['status']
+        ]
+      end
+      reply << build_table(data, headers)
+      reply
+    end
+    # rubocop:enable MethodLength
+
+    # rubocop:disable MethodLength
+    def agent_policy_summary(customer_id)
+      data    = []
+      reply   = "/code Policy/Agents counts for customer: #{customer_id} \n"
+      headers = [
+        'Policy Name',
+        'Policy ID',
+        'Agents Count'
+      ]
+
+      params = {
+        customer_id: customer_id,
+        type:    'tm',
+        source: 'policies'
+      }
+      policies = parse_json(api_call(params))['policies']
+      policies.each do |policy|
+        policy_id   = policy['policy']['id']
+        policy_name = policy['policy']['name']
+        params = {
+          customer_id: customer_id,
+          api_type:    'tm',
+          source_type: 'protectedhosts'
+        }
+        base_url = construct_api_url(params)
+        url = "#{base_url}?appliance.policy.id=#{policy_id}"
+        params = {
+          customer_id: customer_id,
+          url:         url
+        }
+        agents_count = parse_json(api_call(params))['total_count']
+        data << [
+          policy_name,
+          policy_id,
+          agents_count
+        ]
+      end
+      reply << build_table(data, headers)
+      reply
+    end
+    # rubocop:enable MethodLength
+
+    def agent_ip_summary(customer_id)
+      data     = []
+      headers  = [
+        'IP Count/Agent',
+        'Agents Count'
+      ]
+      reply    = "/code Agents/IP summary for customer: #{customer_id} \n"
+      ip_count = []
+      summary  = Hash.new 0
+      params     = {
+        customer_id: customer_id,
+        type:    'tm',
+        source: 'protectedhosts'
+      }
+      agents = parse_json(api_call(params))['protectedhosts']
+      agents.each do |agent|
+        ip_count << agent['protectedhost']['metadata']['local_ipv4'].length unless !agent['protectedhost']['metadata']
+      end
+      ip_count.each do |count|
+        summary[count] += 1
+      end
+      summary.each do |agents_list, count|
+        data << [agents_list, count]
+      end
+      reply << build_table(data, headers)
+      reply
+    end
+  end
+end

data/lib/alertlogic_helper/api.rb

@@ -0,0 +1,53 @@
+# Alertlogic Helper
+module AlertlogicHelper
+  # Api Helper
+  module Api
+    def api_call(options = {})
+      customer_id = options[:customer_id]
+      type        = options[:type] || nil
+      source      = options[:source] || nil
+      url         = options[:url] || nil
+
+      url_options = {
+        customer_id: customer_id,
+        api_type: type,
+        source_type: source
+      }
+
+      # Construct URL if url not provided
+      url = construct_api_url(url_options) if url.nil?
+      http_resp = http(config.http_options).get(url) do |req|
+        req.headers  = headers
+        req.options.timeout = 90
+      end
+      http_resp.body.to_s
+    end
+
+    def construct_api_url(options = {})
+      customer_id = options[:customer_id]
+      api_type = options[:api_type]
+      source_type = options[:source_type] || nil
+
+      case api_type
+      when 'customer'
+        return "#{config.customer_api_url}/#{customer_id}"
+      when 'monitoring'
+        return "#{config.monitoring_api_url}/#{source_type}/#{customer_id}"
+      when 'lm'
+        return "#{config.lm_api_url}/#{customer_id}/#{source_type}"
+      when 'tm'
+        return "#{config.tm_api_url}/#{customer_id}//#{source_type}"
+      else
+        return t('error.generic')
+      end
+    end
+
+    def headers
+      {}.tap do |headers|
+        headers['Authorization'] = "Basic #{Base64.encode64(config.api_auth).chomp.gsub(/\n/, '')}" if config.api_auth
+        headers['Content-Type']  = 'application/json'
+        headers['Accept']        = 'application/json'
+      end
+    end
+  end
+end

data/lib/alertlogic_helper/appliances.rb

@@ -0,0 +1,27 @@
+# Alertlogic Helper
+module AlertlogicHelper
+  # Appliances Helper
+  module Appliances
+    def process_appliances(appliance_list, customer_id)
+      data    = []
+      reply   = "/code Customer appliances for ID: #{customer_id} \n"
+      headers = ['Appliance Type', 'UUID', 'Name', 'Status']
+
+      parse_json(appliance_list)['appliances'].each do |appliance|
+        appliance.each do |type, details|
+          data << [
+            type,
+            details['id'],
+            details['name'],
+            details['status']['status']
+          ]
+        end
+      end
+
+      count = parse_json(appliance_list)['total_count']
+      reply << build_table(data, headers)
+      reply << "Total Appliances: #{count}\n"
+      reply
+    end
+  end
+end

data/lib/alertlogic_helper/common.rb

@@ -0,0 +1,33 @@
+require 'json'
+require 'pretty_table'
+# Alertlogic Helper
+module AlertlogicHelper
+  # Common Helper
+  module Common
+    def parse_json(json)
+      return JSON.parse(json)
+    rescue TypeError, JSON::ParserError
+      return t('error.json_parse')
+    end
+
+    def pretty_json(json)
+      JSON.pretty_generate(json)
+    end
+
+    def build_table(data, headers)
+      PrettyTable.new(data, headers).to_s
+    end
+
+    def check_msg_size?(string)
+      string.length >= 9_500 && string.length <= 10_000
+    end
+
+    def search?(key, name, hash)
+      hash[key].downcase.include? name.downcase
+    end
+
+    def valid_uuid?(string)
+      UUID.validate(string)
+    end
+  end
+end

data/lib/alertlogic_helper/customer.rb

@@ -0,0 +1,78 @@
+# Alertlogic Helper
+module AlertlogicHelper
+  # Customer Helper
+  module Customer
+    def find_cid_by_name(customer_name)
+      customer_ids = []
+      customer_list = all_customers
+      customer_list['child_chain'].each do |customer|
+        if customer['customer_name'].downcase.include? customer_name.downcase
+          customer_ids << customer['customer_id']
+        end
+      end
+      customer_ids
+    end
+
+    def get_customer_ids(parent)
+      params = {
+        customer_id: parent,
+        type: 'customer'
+      }
+      resp = api_call(params)
+      cids = []
+      return t('error.customer_not_found') if parse_json(resp)['error']
+      parse_json(resp)['child_chain'].each do |customer|
+        cids << customer['customer_id'].to_i
+      end
+      cids
+    end
+
+    def all_customers
+      params = {
+        customer_id: config.customer_id,
+        type: 'customer'
+      }
+      resp = api_call(params)
+      parse_json(resp)
+    end
+
+    def process_customer_id(customer)
+      if /\A[-+]?\d+\z/ === customer
+        return customer.to_i
+      else
+        return find_cid_by_name(customer)
+      end
+    end
+
+    def valid_cid(customer_id)
+      customer_id.to_i if /\A[-+]?\d+\z/ === customer_id.strip
+    end
+
+    def process_customers(customer_list)
+      reply_text = '/code '
+      headers = ['Customer ID', 'Customer Name']
+      data = []
+      if customer_list.is_a? Array
+        customer_list.each do |customer|
+          cust = parse_json(customer)
+          data << [
+            "#{cust['customer_id']}",
+            cust['customer_name'].strip
+          ]
+        end
+        reply_text << build_table(data, headers)
+      else
+        if parse_json(customer_list)['error']
+          return t('error.customer_not_found')
+        end
+        parse_json(customer_list)['child_chain'].each do |customer|
+          data << [
+            "#{customer['customer_id']}",
+            customer['customer_name'].strip
+          ]
+        end
+        reply_text << build_table(data, headers)
+      end
+    end
+  end
+end