Source Code for Module ioids.eventtrigger

  1  """ 
  2  Check for new events in the database. 
  3   
  4  Inter-Organisational Intrusion Detection System (IOIDS) 
  5   
  6  This module is supposed to emulate trigger functionality of the database. Somehow, IOIDS must be 
  7  able to know about new events, reaching the central database (from other sub-systems). Since it 
  8  is quite complicated, to trigger from the database a function within this system, the following workaround 
  9  has been put in place: 
 10   
 11  This module runs a background thread, which in certain frequencies checks the event database for new 
 12  events. (configurable via main configuration file for IOIDS). New events are reported to the data engine, 
 13  which will then take further action. 
 14   
 15  @author: Michael Pilgermann 
 16  @contact: mailto:mpilgerm@glam.ac.uk 
 17  @license: GPL (General Public License) 
 18  """ 
 19   
 20 -class EventTrigger: 
 21      """ 
 22      Connect against the database frequently in order to receive latest events. 
 23      """ 
 24   
 25 -    def __init__(self): 
 26          """ 
 27          Yet empty constructor. 
 28          """ 
 29          self._running = 0 
 30           
 31 -    def startup(self): 
 32          """ 
 33          Puts the trigger in the background thread and makes it waiting until it's shutdown. 
 34          """ 
 35          from config import DB_POLL_INTERVAL 
 36          self._interval = DB_POLL_INTERVAL 
 37          self._running = 1 
 38          import thread 
 39          thread.start_new_thread(self.runUntilShutdown, ()) 
 40           
 41          from ioidslogging import EVENTTRIGGER_STATUS, getDefaultLogger 
 42          getDefaultLogger().newMessage(EVENTTRIGGER_STATUS, 'Event Trigger process started') 
 43           
 44 -    def runUntilShutdown(self): 
 45          """ 
 46          This is the function, running in the thread, which will initiate the event download frequently. 
 47          """ 
 48          from ioidslogging import EVENTTRIGGER_UPDATE, getDefaultLogger 
 49           
 50          import time 
 51          time.sleep(self._interval) 
 52          while self._running: 
 53              getDefaultLogger().newMessage(EVENTTRIGGER_UPDATE, 'Event Trigger: Synchronise with event database.') 
 54              self._triggerEventsNow() 
 55              time.sleep(self._interval) 
 56           
 57 -    def _triggerEventsNow(self): 
 58          """ 
 59          Performs the actual event triggering. 
 60          """ 
 61          from config import LOCATION_EVENT_ID_STATUS_FILE 
 62          from errorhandling import IoidsFormatException 
 63          from ioidslogging import getDefaultLogger, EVENTTRIGGER_UPDATE_DETAILS 
 64           
 65          # in case, we cannot get any information from the status file - we will simply use 0 here  
 66          # (event ids are serials - can't be less than 0) 
 67          line1 = '-1' 
 68          line2 = '-1' 
 69          try: 
 70              file = open(LOCATION_EVENT_ID_STATUS_FILE, 'r') 
 71              line1 = file.readline() 
 72              line2 = file.readline() 
 73              file.close() 
 74          except Exception, msg: 
 75              pass 
 76   
 77          event_id = int(line1) 
 78          ioids_event_id = int(line2) 
 79           
 80          # get the events first 
 81          from dbconnector import getDBConnector 
 82          from dataengine import getDataEngine 
 83          from dataengine_tools import getPreXMLDictCreator 
 84          creator = getPreXMLDictCreator() 
 85           
 86          events = getDBConnector().getEventsFromEventID(event_id + 1) 
 87          counter = 0 
 88          latestEventID = str(event_id) 
 89          for result in events: 
 90              for relation in result['relations']: 
 91                  if relation['name'] != 'event': 
 92                      # here is something wrong 
 93                      raise IoidsFormatException('Wrong relation name in result set.') 
 94                  dict = relation['attributes'] 
 95                   
 96                  restructured = creator.restructureEventEntry(dict) 
 97                  getDataEngine().newEventFromLocal(restructured) 
 98                  counter += 1 
 99                  latestEventID = dict['event_id'] 
100          getDefaultLogger().newMessage(EVENTTRIGGER_UPDATE_DETAILS, '-- Event Trigger Details: %d events received.' %(counter)) 
101   
102           
103          # and now the ioids events 
104          events = getDBConnector().getIoidsEventsFromEventID(ioids_event_id + 1) 
105          counter = 0 
106          latestIoidsEventID = str(ioids_event_id) 
107          for result in events: 
108              for relation in result['relations']: 
109                  if relation['name'] != 'ioids_event': 
110                      # here is something wrong 
111                      raise IoidsFormatException('Wrong relation name in result set.') 
112                  dict = relation['attributes'] 
113   
114                  restructured = creator.restructureEventEntry(dict) 
115                  getDataEngine().newIoidsEventFromLocal(restructured) 
116                  counter += 1 
117                  latestIoidsEventID = dict['ioids_event_id'] 
118          getDefaultLogger().newMessage(EVENTTRIGGER_UPDATE_DETAILS, '-- Event Trigger Details: %d ioids events received.' %(counter)) 
119           
120          # ok, finally, let's put the new values for latest event ids into the file 
121          file = open(LOCATION_EVENT_ID_STATUS_FILE, 'w') 
122          file.write('%s\n' %(latestEventID)) 
123          file.write('%s\n' %(latestIoidsEventID)) 
124           
125 -    def shutdown(self): 
126          """ 
127          Shutdown the thread. 
128          """ 
129          self._running = 0 
130          from ioidslogging import EVENTTRIGGER_STATUS, getDefaultLogger 
131          getDefaultLogger().newMessage(EVENTTRIGGER_STATUS, 'Event Trigger process stopped') 
132