From de53476ecf3adc9501d6f777242a37834304454f Mon Sep 17 00:00:00 2001 From: Koen Van Impe Date: Fri, 21 Aug 2020 18:22:30 +0200 Subject: [PATCH] MISP-SNMP Monitor script Script to return statistics which can be picked up via SNMP. Post for monitoring with Cacti (inspired by OpenNSM) will follow shortly. --- tools/misp-snmp/misp-snmp-monitor.py | 110 +++++++++++++++++++++++++++ 1 file changed, 110 insertions(+) create mode 100755 tools/misp-snmp/misp-snmp-monitor.py diff --git a/tools/misp-snmp/misp-snmp-monitor.py b/tools/misp-snmp/misp-snmp-monitor.py new file mode 100755 index 000000000..69054d60f --- /dev/null +++ b/tools/misp-snmp/misp-snmp-monitor.py @@ -0,0 +1,110 @@ +#!/usr/bin/python3 +import requests +import json +import sys + +misp_key = "" # MISP API key +misp_url = "" # MISP URL +misp_cachefile = "/home/misp/misp-snmp/misp-snmp.cache" # Cache file to store statistics data +# Cache file needs to be writable by the user of your SNMP daemon user +# Add a crontab to update the cache with +# */30 * * * * misp /home/misp/misp-snmp/misp-monitor.py update + +misp_fail_data = -1 +misp_verifycert = False +misp_useragent = "MISP SNMP" + +if not misp_verifycert: + import urllib3 + urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) + +headers = {'Authorization': '{misp_key}'.format(misp_key=misp_key), 'Accept': 'application/json', 'content-type': 'application/json', 'User-Agent': '{misp_useragent}'.format(misp_useragent=misp_useragent)} + + +def get_worker_status(): + workers_ok = 0 + workers_dead = 0 + try: + res = requests.get("{misp_url}/servers/getWorkers".format(misp_url=misp_url), headers=headers, verify=misp_verifycert).json() + for el in res: + worker = res.get(el) + if type(worker) is dict: + if 'ok' in worker: + if worker.get('ok') is True: + workers_ok += len(worker.get('workers')) + else: + workers_dead += 1 + except AttributeError: + workers_ok = misp_fail_data + workers_dead = misp_fail_data + + print("{}\n{}".format(workers_ok, workers_dead)) + + +def get_job_count(): + res = requests.get("{misp_url}/servers/getWorkers".format(misp_url=misp_url), headers=headers, verify=misp_verifycert).json() + jobs = 0 + try: + for el in res: + worker = res.get(el) + if type(worker) is dict: + if 'jobCount' in worker: + jobs = int(worker.get('jobCount')) + except AttributeError: + jobs = misp_fail_data + + print("{}".format(jobs)) + + +def update_cache(): + res = requests.get("{misp_url}/users/statistics.json".format(misp_url=misp_url), headers=headers, verify=misp_verifycert).json() + events = 0 + attributes = 0 + users = 0 + orgs = 0 + try: + stats = res.get('stats') + events = stats.get('event_count_month') + attributes = stats.get('attribute_count_month') + users = stats.get('user_count') + orgs = stats.get('org_count') + except AttributeError: + events = misp_fail_data + attributes = misp_fail_data + users = misp_fail_data + orgs = misp_fail_data + + cache = {} + cache['events'] = events + cache['attributes'] = attributes + cache['users'] = users + cache['orgs'] = orgs + + with open(misp_cachefile, 'w') as outfile: + json.dump(cache, outfile) + + +def get_data_stats_cached(): + with open(misp_cachefile) as json_file: + cache = json.load(json_file) + + print("{}\n{}".format(cache['events'], cache['attributes'])) + + +def get_data_users_cached(): + with open(misp_cachefile) as json_file: + cache = json.load(json_file) + + print("{}\n{}".format(cache['users'], cache['orgs'])) + + +if sys.argv[1] == "jobs": + get_job_count() +elif sys.argv[1] == "workers": + get_worker_status() +elif sys.argv[1] == "stats": + get_data_stats_cached() +elif sys.argv[1] == "users": + get_data_users_cached() +elif sys.argv[1] == "update": + update_cache()