assemblyline-core 4.4.0.41__tar.gz → 4.4.0.43__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of assemblyline-core might be problematic. Click here for more details.

Files changed (83) hide show
  1. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/PKG-INFO +1 -1
  2. assemblyline-core-4.4.0.43/assemblyline_core/VERSION +1 -0
  3. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/alerter/processing.py +10 -10
  4. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/alerter/run_alerter.py +32 -3
  5. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core.egg-info/PKG-INFO +1 -1
  6. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_alerter.py +15 -11
  7. assemblyline-core-4.4.0.41/assemblyline_core/VERSION +0 -1
  8. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/LICENCE.md +0 -0
  9. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/README.md +0 -0
  10. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/__init__.py +0 -0
  11. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/alerter/__init__.py +0 -0
  12. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/archiver/__init__.py +0 -0
  13. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/archiver/run_archiver.py +0 -0
  14. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/dispatching/__init__.py +0 -0
  15. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/dispatching/__main__.py +0 -0
  16. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/dispatching/client.py +0 -0
  17. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/dispatching/dispatcher.py +0 -0
  18. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/dispatching/schedules.py +0 -0
  19. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/dispatching/timeout.py +0 -0
  20. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/expiry/__init__.py +0 -0
  21. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/expiry/run_expiry.py +0 -0
  22. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/ingester/__init__.py +0 -0
  23. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/ingester/__main__.py +0 -0
  24. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/ingester/constants.py +0 -0
  25. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/ingester/ingester.py +0 -0
  26. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/metrics/__init__.py +0 -0
  27. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/metrics/es_metrics.py +0 -0
  28. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/metrics/heartbeat_formatter.py +0 -0
  29. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/metrics/helper.py +0 -0
  30. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/metrics/metrics_server.py +0 -0
  31. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/metrics/run_heartbeat_manager.py +0 -0
  32. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/metrics/run_metrics_aggregator.py +0 -0
  33. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/metrics/run_statistics_aggregator.py +0 -0
  34. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/plumber/__init__.py +0 -0
  35. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/plumber/run_plumber.py +0 -0
  36. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/replay/__init__.py +0 -0
  37. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/replay/client.py +0 -0
  38. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/replay/creator/__init__.py +0 -0
  39. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/replay/creator/run.py +0 -0
  40. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/replay/creator/run_worker.py +0 -0
  41. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/replay/loader/__init__.py +0 -0
  42. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/replay/loader/run.py +0 -0
  43. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/replay/loader/run_worker.py +0 -0
  44. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/replay/replay.py +0 -0
  45. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/safelist_client.py +0 -0
  46. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/scaler/__init__.py +0 -0
  47. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/scaler/collection.py +0 -0
  48. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/scaler/controllers/__init__.py +0 -0
  49. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/scaler/controllers/docker_ctl.py +0 -0
  50. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/scaler/controllers/interface.py +0 -0
  51. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/scaler/controllers/kubernetes_ctl.py +0 -0
  52. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/scaler/run_scaler.py +0 -0
  53. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/scaler/scaler_server.py +0 -0
  54. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/server_base.py +0 -0
  55. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/submission_client.py +0 -0
  56. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/tasking_client.py +0 -0
  57. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/updater/__init__.py +0 -0
  58. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/updater/helper.py +0 -0
  59. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/updater/run_updater.py +0 -0
  60. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/vacuum/__init__.py +0 -0
  61. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/vacuum/crawler.py +0 -0
  62. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/vacuum/department_map.py +0 -0
  63. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/vacuum/safelist.py +0 -0
  64. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/vacuum/stream_map.py +0 -0
  65. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/vacuum/worker.py +0 -0
  66. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/workflow/__init__.py +0 -0
  67. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/workflow/run_workflow.py +0 -0
  68. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core.egg-info/SOURCES.txt +0 -0
  69. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core.egg-info/dependency_links.txt +0 -0
  70. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core.egg-info/requires.txt +0 -0
  71. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core.egg-info/top_level.txt +0 -0
  72. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/setup.cfg +0 -0
  73. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/setup.py +0 -0
  74. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_dispatcher.py +0 -0
  75. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_expiry.py +0 -0
  76. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_plumber.py +0 -0
  77. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_replay.py +0 -0
  78. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_scaler.py +0 -0
  79. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_scheduler.py +0 -0
  80. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_simulation.py +0 -0
  81. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_vacuum.py +0 -0
  82. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_worker_ingest.py +0 -0
  83. {assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_worker_submit.py +0 -0
{assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: assemblyline-core
3
- Version: 4.4.0.41
3
+ Version: 4.4.0.43
4
4
  Summary: Assemblyline 4 - Core components
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-core/
6
6
  Author: CCCS Assemblyline development team
assemblyline-core-4.4.0.43/assemblyline_core/VERSION ADDED
@@ -0,0 +1 @@
1
+ 4.4.0.43
{assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/alerter/processing.py RENAMED
@@ -107,7 +107,7 @@ def get_submission_record(counter, datastore, sid):
107
107
 
108
108
  if not srecord:
109
109
  counter.increment('error')
110
- raise SubmissionNotFound("Couldn't find submission: %s" % sid)
110
+ raise SubmissionNotFound(f"Couldn't find submission: {sid}")
111
111
 
112
112
  submission_state = srecord.get('state', 'unknown')
113
113
  if submission_state != 'completed':
@@ -285,7 +285,8 @@ def perform_alert_update(datastore, logger, alert):
285
285
  while True:
286
286
  old_alert, version = datastore.alert.get_if_exists(alert_id, as_obj=False, version=True)
287
287
  if old_alert is None:
288
- raise AlertMissingError(f"{alert_id} is missing from the alert collection.")
288
+ raise AlertMissingError(
289
+ f"Alert {alert_id} cannot be updated because it does not exist.")
289
290
 
290
291
  # Ensure alert keeps original timestamp
291
292
  alert['ts'] = old_alert['ts']
@@ -321,14 +322,10 @@ def save_alert(datastore, counter, logger, alert, psid):
321
322
  return msg_type, ret_val
322
323
 
323
324
  if psid:
324
- try:
325
- msg_type = "AlertUpdated"
326
- perform_alert_update(datastore, logger, alert)
327
- counter.increment('updated')
328
- ret_val = 'update'
329
- except AlertMissingError as e:
330
- logger.info(f"{str(e)}. Creating a new alert [{alert['alert_id']}]...")
331
- msg_type, ret_val = create_alert()
325
+ msg_type = "AlertUpdated"
326
+ perform_alert_update(datastore, logger, alert)
327
+ counter.increment('updated')
328
+ ret_val = 'update'
332
329
  else:
333
330
  msg_type, ret_val = create_alert()
334
331
 
@@ -381,6 +378,9 @@ def get_alert_update_parts(counter, datastore, alert_data, logger, user_classifi
381
378
  }
382
379
  }
383
380
  cache.add(alert_data['submission']['sid'], (alert_update_p1, alert_update_p2))
381
+ else:
382
+ if alert_data['extended_scan'] == 'skipped':
383
+ alert_update_p1['extended_scan'] = alert_data['extended_scan']
384
384
 
385
385
  alert_update_p1['reporting_ts'] = now_as_iso()
386
386
  alert_update_p1['file'] = {'name': alert_file['name']}
{assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core/alerter/run_alerter.py RENAMED
@@ -9,12 +9,14 @@ from assemblyline.remote.datatypes import get_client
9
9
  from assemblyline.remote.datatypes.queues.named import NamedQueue
10
10
  from assemblyline.odm.messages.alerter_heartbeat import Metrics
11
11
 
12
- from assemblyline_core.alerter.processing import SubmissionNotFinalized
12
+ from assemblyline_core.alerter.processing import AlertMissingError, SubmissionNotFinalized
13
13
  from assemblyline_core.server_base import ServerBase
14
14
 
15
15
  ALERT_QUEUE_NAME = 'm-alert'
16
16
  ALERT_RETRY_QUEUE_NAME = 'm-alert-retry'
17
17
  MAX_RETRIES = 10
18
+ UPDATE_RETRY_SEC = 5
19
+ SUBMISSION_RETRY_SEC = 15
18
20
 
19
21
 
20
22
  class Alerter(ServerBase):
@@ -89,17 +91,42 @@ class Alerter(ServerBase):
89
91
  self.apm_client.end_transaction(alert_type, 'success')
90
92
 
91
93
  return alert_type
94
+ except AlertMissingError as e:
95
+ retries = alert['alert_retries'] = alert.get('alert_retries', 0) + 1
96
+ self.counter.increment('wait')
97
+ if retries > MAX_RETRIES:
98
+ self.log.error(f'{str(e)} [Max retries exceeded: {alert}]')
99
+
100
+ # End of process alert transaction (wait)
101
+ if self.apm_client:
102
+ self.apm_client.end_transaction('unknown', 'error')
103
+
104
+ return 'error'
105
+ else:
106
+ self.log.info(f'{str(e)} Waiting {UPDATE_RETRY_SEC}s before retrying...')
107
+
108
+ # Wait a bit for the offending alert to be created
109
+ alert['wait_until'] = now(UPDATE_RETRY_SEC)
110
+ self.alert_retry_queue.push(alert)
111
+
112
+ # End of process alert transaction (wait)
113
+ if self.apm_client:
114
+ self.apm_client.end_transaction('unknown', 'wait')
115
+
116
+ return 'wait'
92
117
  except SubmissionNotFinalized as error:
93
118
  self.counter.increment('wait')
94
119
  self.log.error(str(error))
95
120
 
96
- # Wait another 15 secs for the submission to complete
97
- alert['wait_until'] = now(15)
121
+ # Wait a bit for the submission to complete
122
+ alert['wait_until'] = now(SUBMISSION_RETRY_SEC)
98
123
  self.alert_retry_queue.push(alert)
99
124
 
100
125
  # End of process alert transaction (wait)
101
126
  if self.apm_client:
102
127
  self.apm_client.end_transaction('unknown', 'wait')
128
+
129
+ return 'wait'
103
130
  except Exception: # pylint: disable=W0703
104
131
  retries = alert['alert_retries'] = alert.get('alert_retries', 0) + 1
105
132
  self.counter.increment('error')
@@ -113,6 +140,8 @@ class Alerter(ServerBase):
113
140
  if self.apm_client:
114
141
  self.apm_client.end_transaction('unknown', 'exception')
115
142
 
143
+ return 'exception'
144
+
116
145
  def try_run(self):
117
146
  while self.running:
118
147
  self.heartbeat()
{assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/assemblyline_core.egg-info/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: assemblyline-core
3
- Version: 4.4.0.41
3
+ Version: 4.4.0.43
4
4
  Summary: Assemblyline 4 - Core components
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-core/
6
6
  Author: CCCS Assemblyline development team
{assemblyline-core-4.4.0.41 → assemblyline-core-4.4.0.43}/test/test_alerter.py RENAMED
@@ -139,23 +139,27 @@ def test_update_single_alert(config, datastore, delete_original=False):
139
139
  child_ingest_msg.submission.time = ingest_msg.submission.time
140
140
  child_ingest_msg.ingest_id = ingest_msg.ingest_id
141
141
 
142
- alert_type_assertion = 'update'
143
-
144
142
  if delete_original:
143
+ # Delete the original alert
145
144
  datastore.alert.delete(original_alert['alert_id'])
146
- alert_type_assertion = 'create'
147
145
 
148
- alert_queue.push(child_ingest_msg.as_primitives())
149
- alert_type = alerter.run_once()
150
- assert alert_type == alert_type_assertion
146
+ # If the original alert does not exist, we should wait for a retry
147
+ alert_queue.push(child_ingest_msg.as_primitives())
148
+ alert_type = alerter.run_once()
149
+ assert alert_type == 'wait'
150
+ else:
151
+ # If the original alert still exists if should be updated now
152
+ alert_queue.push(child_ingest_msg.as_primitives())
153
+ alert_type = alerter.run_once()
154
+ assert alert_type == 'update'
151
155
 
152
- datastore.alert.commit()
156
+ datastore.alert.commit()
153
157
 
154
- updated_alert = datastore.alert.get(datastore.alert.search(f"sid:{child_submission.sid}",
155
- fl="id", as_obj=False)['items'][0]['id'])
156
- assert updated_alert is not None
158
+ updated_alert = datastore.alert.get(datastore.alert.search(f"sid:{child_submission.sid}",
159
+ fl="id", as_obj=False)['items'][0]['id'])
160
+ assert updated_alert is not None
157
161
 
158
- assert updated_alert != original_alert
162
+ assert updated_alert != original_alert
159
163
 
160
164
 
161
165
  def test_update_expired_alert(config, datastore):
assemblyline-core-4.4.0.41/assemblyline_core/VERSION DELETED
@@ -1 +0,0 @@
1
- 4.4.0.41