sensu-plugins-tripwire 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 4aafd7549cc2ebf329e2d7a5573b0b0286da4c1f
+  data.tar.gz: 5dbc17f62d556f04afc822bc4abc4d525a24870e
+SHA512:
+  metadata.gz: 7a8679bb217b168707b91394f9ef7b2fa10ff166023a5bf77cfad1e4b428381bda7e11e1efee08f91375594d6043df0559da2f5d2349f68e5156961bbae03abe
+  data.tar.gz: 214d05d70e5018d923dd0aa1013c2db206f3a0b2f6a1d9e7ebb6464bf0f78f490e87ddfd723224b4eb424b027d6eb4ad7e882d143458d3967904c7c9fb5e8959

data/CHANGELOG.md

@@ -0,0 +1,11 @@
+#Change Log
+This project adheres to [Semantic Versioning](http://semver.org/).
+
+This CHANGELOG follows the format listed at [Keep A Changelog](http://keepachangelog.com/)
+
+## Unreleased][unreleased]
+
+## 0.0.1 - 2015-05-20
+
+### Added
+- initial release

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2015 Sensu-Plugins
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,22 @@
+## Sensu-Plugins-tripwire
+
+[![Build Status](https://travis-ci.org/sensu-plugins/sensu-plugins-tripwire.svg?branch=master)](https://travis-ci.org/sensu-plugins/sensu-plugins-tripwire)
+[![Gem Version](https://badge.fury.io/rb/sensu-plugins-tripwire.svg)](http://badge.fury.io/rb/sensu-plugins-tripwire)
+[![Code Climate](https://codeclimate.com/github/sensu-plugins/sensu-plugins-tripwire/badges/gpa.svg)](https://codeclimate.com/github/sensu-plugins/sensu-plugins-tripwire)
+[![Test Coverage](https://codeclimate.com/github/sensu-plugins/sensu-plugins-tripwire/badges/coverage.svg)](https://codeclimate.com/github/sensu-plugins/sensu-plugins-tripwire)
+[![Dependency Status](https://gemnasium.com/sensu-plugins/sensu-plugins-tripwire.svg)](https://gemnasium.com/sensu-plugins/sensu-plugins-tripwire)
+[ ![Codeship Status for sensu-plugins/sensu-plugins-tripwire](https://codeship.com/projects/9cd33ec0-dc04-0132-3508-1e3fe125131b/status?branch=master)](https://codeship.com/projects/79859)
+
+## Functionality
+
+## Files
+ * bin/check-tripwire.rb
+
+## Usage
+
+## Installation
+
+[Installation and Setup](https://github.com/sensu-plugins/documentation/blob/master/user_docs/installation_instructions.md)
+
+
+## Notes

data/bin/check-tripwire.rb

@@ -0,0 +1,168 @@
+#! /usr/bin/env ruby
+#
+#   check-tripwire
+#
+# DESCRIPTION:
+#   This plugin periodically runs a check of the tripwire intrusion detection tool and
+#   posts events for each violation found.
+#
+#   The plugin assumes that tripwire has been configured and that a tripwire database
+#   is available that contains the desired state of the system.
+#
+#   The plugin does note require that the database be on the target machine. If an http
+#   url is supplied via the -d option then the database will be retrieved via http before
+#   the check is run and deleted afterward.
+#
+# OUTPUT:
+#   plain text
+#
+# PLATFORMS:
+#   Linux
+#
+# DEPENDENCIES:
+#   gem: sensu-plugin
+#   tripwire
+#
+# USAGE:
+#   there are sensible defaults for each of the options so the check can reasonably
+#   be run with no options. It is configurably for most modes of use though and the
+#   option descriptions below are fairly self explanatory.
+#
+# NOTES:
+#
+# LICENSE:
+#   Copyright 2013 Steve Gargan
+#   Released under the same terms as Sensu (the MIT license); see LICENSE
+#   for details.
+#
+
+require 'sensu-plugin/check/cli'
+require 'json'
+require 'open-uri'
+require 'securerandom'
+
+class TripwireCheck < Sensu::Plugin::Check::CLI
+  option :binary,
+         short: '-b path/to/tripwire',
+         long: '--binary path/to/tripwire',
+         description: 'tripwire binary to use, in case you hide yours',
+         required: false,
+         default: 'tripwire'
+
+  option :sitekey,
+         short: '-s path/to/sitekey',
+         long: '--site-key path/to/sitekey',
+         description: 'Site key used to decrypt the database that will be used in the validation',
+         required: false
+
+  option :password,
+         short: '-P PASSWORD',
+         long: '--password PASSWORD',
+         description: 'Password to unlock the keyfile',
+         required: false
+
+  option :database,
+         short: '-d path_or_url_to_database',
+         long: '--database path_or_url_to_database. if an http url is supplied the database will be retrieved prior to the check',
+         description: 'Database to use for the check',
+         required: false
+
+  option :critical,
+         short: '-c critical severity',
+         long: '--critical critical severity',
+         description: 'Tripwire severity greater than this is a critical error',
+         required: false,
+         default: '100'
+
+  option :warn,
+         short: '-w warn severity',
+         long: '--warn warining severity',
+         description: 'Tripwire severity greater than this is warning',
+         required: false,
+         default: '66'
+
+  def run_tripwire
+    site_key = (config[:sitekey] && "-S #{config[:sitekey]}") || ''
+    database = retrieve_database
+    database = (database && "-d #{database}") || ''
+    `#{config[:binary]} --check #{site_key} #{database}`
+  end
+
+  def retrieve_database
+    database = config[:database]
+
+    if database && database.start_with?('http')
+      id = SecureRandom.uuid
+      tmp_db = "./twd-#{id}"
+      begin
+        open(tmp_db, 'wb') do |db|
+          db << open(database).read
+        end
+      rescue => e
+        critical "Error loading database from #{database}. Message #{e.message}"
+        exit 1
+      end
+      database = tmp_db
+    end
+    database
+  end
+
+  def cleanup
+    Dir.glob('./twd-*') do |db|
+      File.delete(db)
+    end
+  end
+
+  def parse_violations(report)
+    rule_match = 'Rule Name: (.*)'
+    severity_level = 'Severity Level: (\d*)'
+    violation_type = '(Added|Modified|Removed).*'
+    quoted = '"([^"]*)"'
+
+    violations = {}
+    current_violation = nil
+    current_list = nil
+    report.each do |line|
+      if m = line.match(rule_match) # rubocop:disable AssignmentInCondition
+        name = m[1]
+        current_violation = { name: name }
+        violations[:name] = current_violation
+      end
+
+      if (m = line.match(severity_level))
+        current_violation[:level] = m[1].to_i
+      end
+
+      if (m = line.match(violation_type)) && current_violation # rubocop:disable AssignmentInCondition
+        current_list = []
+        current_violation[m[1]] = current_list
+      end
+
+      if (m = line.match(quoted)) && current_list
+        current_list << m[1]
+      end
+    end
+    violations
+  end
+
+  def run
+    begin
+      report = run_tripwire.split("\n")
+      violations = parse_violations report
+      cleanup
+    rescue => e
+      cleanup
+      warning "Error running tripwire. #{e. message}"
+      exit 1
+    end
+
+    violations.each do |_name, violation|
+      if violation[:level] >= config[:critical].to_i
+        critical violation.to_json
+      elsif violation[:level] >= config[:warn].to_i
+        warning violation.to_json
+      end
+    end
+    ok 'no violations' if violations.size == 0
+  end
+end

data/lib/sensu-plugins-tripwire.rb

@@ -0,0 +1,15 @@
+
+require 'sensu-plugins-tripwire/version'
+
+# Load the defaults
+
+#
+# Default class
+#
+module SensuPluginsTripwire
+  class << self
+  end
+
+  class << self
+  end
+end

data/lib/sensu-plugins-tripwire/version.rb

@@ -0,0 +1,28 @@
+require 'json'
+
+# encoding: utf-8
+module SensuPluginsTripwire
+  # This defines the version of the gem
+  module Version
+    MAJOR = 0
+    MINOR = 0
+    PATCH = 1
+
+    VER_STRING = [MAJOR, MINOR, PATCH].compact.join('.')
+
+    NAME   = 'sensu-plugins-tripwire'
+    BANNER = "#{NAME} v%s"
+
+    module_function
+
+    def version
+      format(BANNER, VER_STRING)
+    end
+
+    def json_version
+      {
+        'version' => VER_STRING
+      }.to_json
+    end
+  end
+end

metadata

@@ -0,0 +1,231 @@
+--- !ruby/object:Gem::Specification
+name: sensu-plugins-tripwire
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Sensu-Plugins and contributors
+autorequire: 
+bindir: bin
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDgDCCAmigAwIBAgIBATANBgkqhkiG9w0BAQUFADBDMRIwEAYDVQQDDAltYXR0
+  am9uZXMxGDAWBgoJkiaJk/IsZAEZFgh5aWVsZGJvdDETMBEGCgmSJomT8ixkARkW
+  A2NvbTAeFw0xNTAxMjgyMTAyNTFaFw0xNjAxMjgyMTAyNTFaMEMxEjAQBgNVBAMM
+  CW1hdHRqb25lczEYMBYGCgmSJomT8ixkARkWCHlpZWxkYm90MRMwEQYKCZImiZPy
+  LGQBGRYDY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTSzVYnO
+  CLgyrIyT1mBQakArQyW8xhi6MlDqyzXHJGeERT790U6EgoBVeS4XoK0ptFZNR8Tf
+  zko0w+Nv47TarSCgkPOaxY+mxWnAVR10dOmfeLr7huiMyps+YD56/EF2FqQ3jf/+
+  qohENfKD91qy1ieEy+Fn7Pf74ltbNKUdkb9a9eFXQ0DQ4ip5vik7DzjQkUTj4lca
+  k6ArwnmHX4YDhZoYtrQJ8jVktN0/+NtA40M5qkCYHNe5tUW25b/tKVYuioxG6b2Z
+  oIzaZxRLxf6HVAWpCVRT/F5+/yjigkX4u++eYacfLGleXQzoK7BL65vHGMJygWEE
+  0TKGqFOrl/L0AQIDAQABo38wfTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNV
+  HQ4EFgQUEf6a8Td7MrSZc8ImbLFZAENPbz0wIQYDVR0RBBowGIEWbWF0dGpvbmVz
+  QHlpZWxkYm90LmNvbTAhBgNVHRIEGjAYgRZtYXR0am9uZXNAeWllbGRib3QuY29t
+  MA0GCSqGSIb3DQEBBQUAA4IBAQBbzXAYA3BVGw8DZ0YYoY1VHPNEcH5qPIApmHO8
+  rvSmuUT0yMEi7u00H/5uHRFf4LleGT/+sTdyXKsNPGT9kdRuQEgwi+vf7Zfvd8aX
+  UF/+4VkEYf/8rV8Ere6u2QaWPgApdMV6JjKr1fAwCTd8AuGXNaWItiPPMseSQzLJ
+  JKP4hVvbc1d+oS925B1lcBiqn2aYvElbyNAVmQPywNNqkWmvtlqj9ZVJfV5HQLdu
+  8sHuVruarogxxKPBzlL2is4EUb6oN/RdpGx2l4254+nyR+abg//Ed27Ym0PkB4lk
+  HP0m8WSjZmFr109pE/sVsM5jtOCvogyujQOjNVGN4gz1wwPr
+  -----END CERTIFICATE-----
+date: 2015-05-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: sensu-plugin
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.1.0
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.8.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.8.2
+- !ruby/object:Gem::Dependency
+  name: codeclimate-test-reporter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.4'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.30'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.30'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: github-markup
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: redcarpet
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.8'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
+description: Sensu plugins for working with tripwire
+email: "<sensu-users@googlegroups.com>"
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
+- LICENSE
+- README.md
+- bin/check-tripwire.rb
+- lib/sensu-plugins-tripwire.rb
+- lib/sensu-plugins-tripwire/version.rb
+homepage: https://github.com/sensu-plugins/sensu-plugins-tripwire
+licenses:
+- MIT
+metadata:
+  maintainer: ''
+  development_status: active
+  production_status: unstable - testing recommended
+  release_draft: 'false'
+  release_prerelease: 'false'
+post_install_message: You can use the embedded Ruby by setting EMBEDDED_RUBY=true
+  in /etc/default/sensu
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.9.3
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.6
+signing_key: 
+specification_version: 4
+summary: Sensu plugins for working with tripwire
+test_files: []