Home       Trees       Indices       Help   
Inter-Organisational Intrusion Detection System
Package ioids :: Module ioids_extension
[hide private]
[frames] | no frames]

Source Code for Module ioids.ioids_extension

 1  """ 
 2  Provides functionality for accessing information from the SoapSy DB IOIDS extension. 
 3   
 4  Inter-Organisational Intrusion Detection System (IOIDS) 
 5   
 6  @author: Michael Pilgermann 
 7  @contact: mailto:mpilgerm@glam.ac.uk 
 8  @license: GPL (General Public License) 
 9  """ 
10   
11  import messagewrapper 
12  import dbconnector 
13  import dataengine_tools 
14   
15  _ioidsDBMessageWrapper = None 

16 -def getMessageWrapper(): 

17      """ 
18      Singleton implementation. 
19       
20      @return: The instance for the snort db message wrapper class 
21      @rtype: L{SnortDBMessageWrapper} 
22      """ 
23      global _ioidsDBMessageWrapper  
24      if not _ioidsDBMessageWrapper  : 
25          _ioidsDBMessageWrapper   = DBIOIDS_MessageWrapper() 
26      return _ioidsDBMessageWrapper   

27   
28      # "singleton" 
29  _dbConnector = None 

30 -def getDBConnector(): 

31      """ 
32      Singleton implementation. 
33      """ 
34      global _dbConnector 
35      if not _dbConnector: 
36          _dbConnector = IOIDS_DBConnector() 
37          _dbConnector.connect() 
38      return _dbConnector 

39   
40  # "singleton" 
41  _preXMLDictCreator = None 

42 -def getPreXMLDictCreator(): 

43      """ 
44      Singleton implementation. 
45       
46      @return: The instance for the data engine 
47      @rtype: L{DataEngine} 
48      """ 
49      from dataengine_tools import getPreXMLDictCreator 
50      return getPreXMLDictCreator() 

51   

52 -class DBIOIDS_MessageWrapper(messagewrapper.IoidsMessageWrapper): 

53   

54 -    def __init__(self): 

55          """ 
56          Yet empty constructor. 
57          """ 
58          pass 

59           

60 -    def getFullExtensionMessage(self, data, parentNode, doc): 

61          if data[0] != 'ioids_event': 
62              raise ValueError('This is not a ioids extension data set: %s.' %(data[0])) 
63          self._wrapAnyItemToDom(data, parentNode, doc) 

64           
65   

66 -class IOIDS_DBConnector(dbconnector.IoidsDBConnector): 

67      """ 
68      Standard DB connector - work on XML RPC database. 
69      """ 
70   

71 -    def __init__(self): 

72          """ 
73          Sets the parameters for the later db connections. 
74           
75          Most of the settings are taken from the global config file. 
76          """ 
77          dbconnector.IoidsDBConnector.__init__(self)         

78           

79 -    def getExtensionEvent(self, plainEventId):             

80          ioidsEventSlimDB = self.getIoidsEvents([['event_id', dbconnector.OPERATOR_EQUAL, plainEventId]]) 
81          ioidsEventSlim = getPreXMLDictCreator().restructureIoidsEventEntry(ioidsEventSlimDB[0]['relations'][0]['attributes'] ) 
82  ##        if not snortEvent: 
83  ##            return None 
84          ioidsEvent = self.getIoidsEvent(ioidsEventSlim[1]['ioids_event_id']) 
85          return ioidsEvent 

86   

87 -    def insertExtensionEvent(self, data): 

88          if data[0] != 'ioids_event': 
89              raise ValueError('This is not a valid extension message for the IOIDS extension.') 
90          from messagewrapper import getXMLDBWrapper 
91          xml = getXMLDBWrapper().wrapInsert(data[0], data[1], data[2]) 
92           
93          result = self._performRequest(xml) 
94          decode = getXMLDBWrapper().parseInsertReply(result) 
95  ##        print "Result - primary key: %s " %(decode[0][2]) 
96          return decode[0][2][1:len(decode[0][2])-1] 

97

   Home       Trees       Indices       Help   
Inter-Organisational Intrusion Detection System
Generated by Epydoc 3.0beta1 on Thu Feb 7 11:06:04 2008 http://epydoc.sourceforge.net