PyPI - django-restit - Versions diffs - 4.2.79__py3-none-any.whl → 4.2.81__py3-none-any.whl - Mend

django-restit 4.2.79py3-none-any.whl → 4.2.81py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

auditlog/migrations/0002_alter_persistentlog_session.py ADDED Viewed

@@ -0,0 +1,20 @@
+# Generated by Django 4.2.11 on 2024-05-13 02:34
+from django.db import migrations, models
+import django.db.models.deletion
+class Migration(migrations.Migration):
+    dependencies = [
+        ('sessionlog', '0001_initial'),
+        ('auditlog', '0001_initial'),
+    ]
+    operations = [
+        migrations.AlterField(
+            model_name='persistentlog',
+            name='session',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='sessionlog.sessionlog'),
+        ),
+    ]

{django_restit-4.2.79.dist-info → django_restit-4.2.81.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: django-restit
-Version: 4.2.79
+Version: 4.2.81
 Summary: A Rest Framework for DJANGO
 License: MIT
 Author: Ian Starnes

{django_restit-4.2.79.dist-info → django_restit-4.2.81.dist-info}/RECORD RENAMED Viewed

@@ -65,6 +65,7 @@ auditlog/cloudwatch.py,sha256=R-B_ByVM3We26YnDoFYIQeWV31CUyS63QTojRAkfWa8,2805
 auditlog/decorators.py,sha256=ZoIv0fhZjxtMEV15NcKijW4xPF5UEScPna60zB3TxZo,6553
 auditlog/middleware.py,sha256=Q4bXg8rnm8y2fMnAsN6ha3Fz6TW8jIzLnvpu4H9SpWE,1537
 auditlog/migrations/0001_initial.py,sha256=X171gKQZIaTO9FGNG1yKTjGSZS0ZjZj5gvimF9-_kks,3309
+auditlog/migrations/0002_alter_persistentlog_session.py,sha256=DkkcIobbHdbniKg5bOlRmiF-Nc4hX55Y6KuQySrCcJ8,541
 auditlog/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 auditlog/models.py,sha256=skDAiuzR4chC-WNIaH2nm_VVcbnDD6ZtUxBwhk7UY8U,16517
 auditlog/periodic.py,sha256=AUhDeVsZtC47BJ-lklvYEegHoxAzj1RpIvRFSsM7g5E,363
@@ -79,6 +80,7 @@ inbox/migrations/0001_initial.py,sha256=P1OmbSHZGhj3wVBdFKWEzNrPdbyKzR9fFBXP8rhX
 inbox/migrations/0002_alter_message_cc.py,sha256=dsnDHCs1-dFZfSEWJmufBOs5gvNbI7u99kru6fVas0Y,380
 inbox/migrations/0003_attachment_content_type.py,sha256=dh_km90V6R3O0-N2oNTWhWLZZ96MylRgDY7Poua9CZ8,416
 inbox/migrations/0004_mailtemplate.py,sha256=yV51UdsRWmKC5Dy34-h2bXBeYeFtjoWQ7kOw7cuYCQo,1140
+inbox/migrations/0005_alter_mailbox_state.py,sha256=trr-CCLupHQ7e-tjJK08LACdxhCApGMNBTOeWFcyXnI,393
 inbox/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 inbox/models/__init__.py,sha256=yARvP31nhJGLjqP-U_ONi2OLjiTUFspdH0AlKynt4Y8,174
 inbox/models/bounce.py,sha256=3b_pCKH3gwb3NE8I1XlVI6JeoVmobZyKidsILH-jIRg,2881
@@ -106,18 +108,18 @@ incident/migrations/0011_ticket.py,sha256=Ml5E_Qi4Z0MD89fetoOFOL3rPlVQdjaaDCcFBf
 incident/migrations/0012_rule_match_by.py,sha256=PGclGnnc_8JEsJZ8znoXm-iAC6Y0i2WM6C2cmFgdKlA,372
 incident/migrations/0013_rulecheck_is_required.py,sha256=cL7tOj5XGPpKd2f5BojIKfNJeDB1IL-jGRU6-g-Co5o,387
 incident/migrations/0014_event_group_alter_rulecheck_index.py,sha256=v3gm5k0LVoas27qUDOt7el7YtK4yjFVLeEpuFUCoXaQ,724
+incident/migrations/0015_rule_title_template_alter_incident_state.py,sha256=FPUDhFwqBC39EjeknRT7BPddEf6ExCjsXVb9LMqIn3U,687
 incident/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 incident/models/__init__.py,sha256=NMphuhb0RTMf7Ov4QkNv7iv6_I8Wtr3xQ54yjX_a31M,209
-incident/models/event.py,sha256=i02lRMdBcjIty5w_wdZnYnW-RNXDANNfnsFouwlDYO8,7414
+incident/models/event.py,sha256=Dw6fUi2tbLeA_ZRDcvGQNFkCkMGMBdtNeaLikXdAyE8,7769
 incident/models/incident.py,sha256=HPbi6J9qm7_-FMjnDUPV9NcbmP_60WU-IO9HJSpoLTY,19360
 incident/models/ossec.py,sha256=eUDRGawzuLWobKEVGKfdZisDnyjS_Hlxi0T_GCSLCCI,2252
-incident/models/rules.py,sha256=SMlDRw_r3fGv-vmRojRLmsklqRRxDcjrSLVBIz-gadA,6884
+incident/models/rules.py,sha256=tiPx2ytyRwPbRmbt3aYKTK-I-4osWTu55QINaA96t5g,6963
 incident/models/ticket.py,sha256=S3kqGQpYLE6Y4M9IKu_60sgW-f592xNr8uufqHnvDoU,2302
 incident/parsers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-incident/parsers/ossec.py,sha256=8SUma8wb2KmrcgACc6jESD_gXklCsMnKVyY7GrXYrtY,10812
+incident/parsers/ossec.py,sha256=ZUGycC6jn07ltQR6_wjr80BeVa2m12rpfTUgGktNsww,11093
 incident/periodic.py,sha256=eX1rQK6v65A9ugofTvJPSmAWei6C-3EYgzCMuGZ03jM,381
 incident/rpc.py,sha256=viJt873b8T8SiAq10EM57lF8g7ghyj3ymdkaXzh2Ass,8181
-incident/server.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 incident/templates/email/incident_change.html,sha256=tQYphypwLukkVdwH0TB2Szz2VEJ7GnsfRS3_ZJ-MYeE,13895
 incident/templates/email/incident_msg.html,sha256=MZdKhTddUF2MpiH8Z3RTQEmW_ko1n3ajeZ11KLtiLlU,13780
 incident/templates/email/incident_new.html,sha256=W6nwFQROnyDfMlXub8s02ws4hGnJp16pfgp9xTm_aEc,15185
@@ -473,6 +475,7 @@ telephony/phone_util.py,sha256=5NwSBnwBEC3EaeSeN42ggBiAQ00Ujvr6CepDjXLsCyw,5067
 telephony/rpc.py,sha256=PXPDFvgoXkCKlfMzIbt6lYZPay3fcveNj2X4Pjby7p4,3473
 wiki/__init__.py,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
 wiki/migrations/0001_initial.py,sha256=9jvUyjrbJrbDilRnwzQUPhPV8Xi_olEPBk_N0nycvM0,3606
+wiki/migrations/0002_alter_pagemedia_entry.py,sha256=9CUnfvBmj0D4akCkux7HFuXgw9B9avE8V-iMCm5cjds,485
 wiki/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 wiki/models/__init__.py,sha256=jE-9r_Hqpyo7ysKu9BschXOn5Zg34wUt894GwJpxA28,132
 wiki/models/faq.py,sha256=nvcEFerllQKT61kIYlasvZzRKwpXyfmQpiqkpHP1V1o,1745
@@ -503,7 +506,7 @@ ws4redis/servers/uwsgi.py,sha256=VyhoCI1DnVFqBiJYHoxqn5Idlf6uJPHvfBKgkjs34mo,172
 ws4redis/settings.py,sha256=K0yBiLUuY81iDM4Yr-k8hbvjn5VVHu5zQhmMK8Dtz0s,1536
 ws4redis/utf8validator.py,sha256=S0OlfjeGRP75aO6CzZsF4oTjRQAgR17OWE9rgZdMBZA,5122
 ws4redis/websocket.py,sha256=R0TUyPsoVRD7Y_oU7w2I6NL4fPwiz5Vl94-fUkZgLHA,14848
-django_restit-4.2.79.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
-django_restit-4.2.79.dist-info/METADATA,sha256=7Hya_J4qnHewCMwlz5m2Y2JLnN2b4TpVX2pVekbpjCw,7645
-django_restit-4.2.79.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-django_restit-4.2.79.dist-info/RECORD,,
+django_restit-4.2.81.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
+django_restit-4.2.81.dist-info/METADATA,sha256=woePfZaxmJu12i3nYR9Lk_dsQFASwS7iF_ytN_tuhKk,7645
+django_restit-4.2.81.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+django_restit-4.2.81.dist-info/RECORD,,

inbox/migrations/0005_alter_mailbox_state.py ADDED Viewed

@@ -0,0 +1,18 @@
+# Generated by Django 4.2.11 on 2024-05-13 02:34
+from django.db import migrations, models
+class Migration(migrations.Migration):
+    dependencies = [
+        ('inbox', '0004_mailtemplate'),
+    ]
+    operations = [
+        migrations.AlterField(
+            model_name='mailbox',
+            name='state',
+            field=models.IntegerField(db_index=True, default=1),
+        ),
+    ]

incident/migrations/0015_rule_title_template_alter_incident_state.py ADDED Viewed

@@ -0,0 +1,23 @@
+# Generated by Django 4.2.11 on 2024-05-13 02:34
+from django.db import migrations, models
+class Migration(migrations.Migration):
+    dependencies = [
+        ('incident', '0014_event_group_alter_rulecheck_index'),
+    ]
+    operations = [
+        migrations.AddField(
+            model_name='rule',
+            name='title_template',
+            field=models.CharField(default=None, max_length=200, null=True),
+        ),
+        migrations.AlterField(
+            model_name='incident',
+            name='state',
+            field=models.IntegerField(choices=[(0, 'new'), (1, 'opened'), (2, 'paused'), (3, 'ignored'), (4, 'resolved'), (5, 'pending')], default=0),
+        ),
+    ]

incident/models/event.py CHANGED Viewed

@@ -155,7 +155,7 @@ class Event(JSONMetaData, rm.RestModel):
         incident = None
         action_count = 0
         if hit_rule is not None:
-            logger.error(f"RULE HIT: {hit_rule.name}")
+            # logger.error(f"RULE HIT: {hit_rule.name}")
             priority = hit_rule.priority
             if hit_rule.action == "ignore":
                 self.save()
@@ -184,7 +184,13 @@ class Event(JSONMetaData, rm.RestModel):
             if hit_rule is not None and hit_rule.action_after != 0:
                 incident.state = INCIDENT_STATE_PENDING
             # TODO possibly make this smarter?
-            if self.category == "ossec":
+            if hit_rule and hit_rule.title_template and "{" in hit_rule.title_template:
+                try:
+                    incident.description = hit_rule.title_template.format(event=self)
+                except Exception:
+                    logger.exception(hit_rule.title_template)
+                    incident.description = self.description
+            elif self.category == "ossec":
                 incident.description = f"{self.hostname}: {self.description}"
             else:
                 incident.description = self.description

incident/models/rules.py CHANGED Viewed

@@ -63,6 +63,7 @@ class Rule(models.Model, rm.RestModel):
     modified = models.DateTimeField(auto_now=True)
     name = models.CharField(max_length=200)
+    title_template = models.CharField(max_length=200, default=None, null=True)
     # the group the rule gets assigned to when triggered
     group = models.ForeignKey("account.Group", on_delete=models.CASCADE, null=True, default=None)
     # category allows us to limit running rules to only those with a category

incident/parsers/ossec.py CHANGED Viewed

@@ -131,8 +131,12 @@ def parse_alert_metadata(alert):
         if match:
             return dict(filename=match.group(1), action="added")
     elif alert.rule_id == "5402":
-        match = re.search(r'(?P<username>\w+) : PWD=(?P<pwd>\S+) ; USER=(?P<user>\w+) ; COMMAND=(?P<command>.+)', alert.text)
-        return match.groupdict()
+        match = re.search(r'(?P<username>[\w-]+) : PWD=(?P<pwd>\S+) ; USER=(?P<user>\w+) ; COMMAND=(?P<command>.+)', alert.text)
+        if match:
+            return match.groupdict()
+        match = re.search(r'(?P<username>[\w-]+) : TTY=(?P<tty>\S+) ; PWD=(?P<pwd>\S+) ; USER=(?P<user>\w+) ; COMMAND=(?P<command>.+)', alert.text)
+        if match:
+            return match.groupdict()
     elif alert.rule_id in ["5501", "5502"]:
         match = re.search(r"session (?P<action>\S+) for user (?P<username>\S+)*", alert.text)
         if match:
@@ -239,7 +243,8 @@ def update_by_rule(data, geoip=None):
     elif data.rule_id == "533":
         data.title = f"Network Open Port Change Detected on {data.hostname}"
     elif data.rule_id == "5402":
-        data.title = f"Sudo(user: {data.user}) executed on {data.hostname}"
+        cmd = truncate_str(data.command, 50)
+        data.title = f"Sudo(user: {data.user}) executed '{cmd}' on {data.hostname}"
     elif data.rule_id in ["551", "554"] and data.filename:
         name = truncate_str(data.filename, 50)
         data.title = f"File {data.action.capitalize()} on {data.hostname}: {name}"

wiki/migrations/0002_alter_pagemedia_entry.py ADDED Viewed

@@ -0,0 +1,19 @@
+# Generated by Django 4.2.11 on 2024-05-13 02:34
+from django.db import migrations, models
+import django.db.models.deletion
+class Migration(migrations.Migration):
+    dependencies = [
+        ('wiki', '0001_initial'),
+    ]
+    operations = [
+        migrations.AlterField(
+            model_name='pagemedia',
+            name='entry',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='media_library', to='wiki.page'),
+        ),
+    ]

incident/server.py DELETED Viewed

File without changes

{django_restit-4.2.79.dist-info → django_restit-4.2.81.dist-info}/LICENSE.md RENAMED Viewed

File without changes

{django_restit-4.2.79.dist-info → django_restit-4.2.81.dist-info}/WHEEL RENAMED Viewed

File without changes

django-restit 4.2.79__py3-none-any.whl → 4.2.81__py3-none-any.whl

django-restit 4.2.79py3-none-any.whl → 4.2.81py3-none-any.whl