Class: DeepSecurity::Manager

Inherits:
SavonHelper::CachingObject show all
Defined in:
lib/deepsecurity/manager.rb,
lib/deepsecurity/screenscraping.rb,
lib/deepsecurity/transport_objects/host.rb,
lib/deepsecurity/transport_objects/dpi_rule.rb,
lib/deepsecurity/transport_objects/host_group.rb,
lib/deepsecurity/transport_objects/host_detail.rb,
lib/deepsecurity/transport_objects/system_event.rb,
lib/deepsecurity/transport_objects/application_type.rb,
lib/deepsecurity/transport_objects/security_profile.rb,
lib/deepsecurity/transport_objects/anti_malware_event.rb,
lib/deepsecurity/transport_objects/private/vulnerability.rb

Overview

This class represents the DeepSecurity Manager. It's the entry point for all further actions

Constant Summary

Constants inherited from SavonHelper::MappingObject

SavonHelper::MappingObject::BLACK_LIST

Instance Attribute Summary

Attributes included from SavonHelper::DSL

#alias_accessor

High-Level SOAP Wrapper collapse

Low-Level Screenscraping Wrapper collapse

Instance Method Summary collapse

Methods inherited from SavonHelper::CachingObject

all_cache_aspects, #cachable?, #cache, cache_aspects, cache_by_aspect, cache_key, #cache_key, from_savon, #store_in_cache

Methods inherited from SavonHelper::MappingObject

all_type_mappings, defined_attributes, from_savon, has_attribute_chain, #to_json, #to_s, #to_savon, type_mappings

Methods included from SavonHelper::DSL

#array_boolean_accessor, #array_datetime_accessor, #array_double_accessor, #array_enum_accessor, #array_float__accessor, #array_integer_accessor, #array_ip_address_accessor, #array_object_accessor, #array_string_accessor, #attr_boolean_accessor, #attr_datetime_accessor, #attr_double_accessor, #attr_enum_accessor, #attr_float_accessor, #attr_integer_accessor, #attr_ip_address_accessor, #attr_object_accessor, #attr_string_accessor, #hint_object_accessor

Constructor Details

#initialize(interface) ⇒ Manager

Returns a new instance of Manager.

Parameters:



20
21
22
23
 
# File 'lib/deepsecurity/manager.rb', line 20

def initialize(interface)
  @interface = interface
  @interface.manager = self
end

Class Method Details

.server(hostname, port = 4119, log_level = nil, logger = Logger.new(STDERR)) ⇒ Object

Set connection parameters

Parameters:

  • hostname (String)

    host to connect to

  • port (Integer) (defaults to: 4119)

    port to connect to

  • log_level (LOG_MAPPING) (defaults to: nil)

    Log Level



14
15
16
17
 
# File 'lib/deepsecurity/manager.rb', line 14

def self.server(hostname, port=4119, log_level=nil, logger = Logger.new(STDERR))
  logger.level = LOG_MAPPING[log_level] || Logger::INFO
  self.new(DeepSecurity::SOAPInterface.new(hostname, port, logger, log_level))
end

Instance Method Details

#anti_malware_events_by_time_host_event(time_filter, host_filter, event_id_filter) ⇒ Array<AntiMalwareEvent>

Return all AntiMalware events matching the filter

Parameters:

Returns:



77
78
79
 
# File 'lib/deepsecurity/transport_objects/anti_malware_event.rb', line 77

def anti_malware_events_by_time_host_event(time_filter, host_filter, event_id_filter)
  interface.antiMalwareEventRetrieve(time_filter, host_filter, event_id_filter)
end

#api_versionInteger

Retrieves the Manager Web Service API version. Not the same as the Manager version.

Returns:

  • (Integer)

    The Web Service API version.



50
51
52
 
# File 'lib/deepsecurity/manager.rb', line 50

def api_version
  interface.getApiVersion().to_i
end

#application_type(id) ⇒ Object 



44
45
46
47
48
 
# File 'lib/deepsecurity/transport_objects/application_type.rb', line 44

def application_type(id)
  cache.fetch(ApplicationType.cache_key(:id, id)) do
    request_object("application_type_retrieve", ApplicationType, {:id => id})
  end
end

#application_type_by_name(name) ⇒ Object 



50
51
52
53
54
 
# File 'lib/deepsecurity/transport_objects/application_type.rb', line 50

def application_type_by_name(name)
  cache.fetch(ApplicationType.cache_key(:name, name)) do
    request_object("application_type_retrieve_by_name", ApplicationType, {:name => name})
  end
end

#application_typesObject 



38
39
40
41
42
 
# File 'lib/deepsecurity/transport_objects/application_type.rb', line 38

def application_types
  cache.fetch(ApplicationType.cache_key(:all, :all)) do
    request_array("application_type_retrieve_all", ApplicationType)
  end
end

#authenticated?Boolean

Check if the session has been authenticated.

Returns:

  • (Boolean) 


63
64
65
 
# File 'lib/deepsecurity/manager.rb', line 63

def authenticated?
  !@sID.nil?
end

#connect(tenant, username, password) ⇒ Manager

Authenticates a user within the given tenant, and returns a session ID for use when calling other methods of Manager. When no longer required, the session should be terminated by calling disconnect.

Parameters:

Returns:

  • (Manager)

    The current manager



32
33
34
35
36
37
38
39
40
 
# File 'lib/deepsecurity/manager.rb', line 32

def connect(tenant, username, password)
  @sID = (tenant.blank? ? interface.authenticate(username, password) : interface.authenticateTenant(tenant, username, password)).to_s
  self
rescue Savon::SOAPFault => error
  fault = error.to_hash[:fault]
  message = fault[:faultstring].to_s
  message = fault[:detail][:exception_name].to_s if message.blank?
  raise AuthenticationFailedException.new("(#{message})")
end

#disconnectvoid

This method returns an undefined value.

Ends an authenticated user session. The Web Service client should end the authentication session in all exit cases.



44
45
46
 
# File 'lib/deepsecurity/manager.rb', line 44

def disconnect
  interface.endSession() if authenticated?
end

#dpi_rule(id) ⇒ Object 



99
100
101
102
103
 
# File 'lib/deepsecurity/transport_objects/dpi_rule.rb', line 99

def dpi_rule(id)
  cache.fetch(DPIRule.cache_key(:id, id)) do
    request_object("dpi_rule_retrieve", DPIRule, {:id => id})
  end
end

#dpi_rule_by_name(name) ⇒ Object 



105
106
107
108
109
 
# File 'lib/deepsecurity/transport_objects/dpi_rule.rb', line 105

def dpi_rule_by_name(name)
  cache.fetch(DPIRule.cache_key(:name, name)) do
    request_object("dpi_rule_retrieve_by_name", DPIRule, {:name => name})
  end
end

#dpi_rule_identifiers_for_host(id, argument) ⇒ Object 



127
128
129
130
 
# File 'lib/deepsecurity/transport_objects/host.rb', line 127

def dpi_rule_identifiers_for_host(id, argument)
  payload_filters2_show_rules(id, argument)
  payload_filters2(:hostID => id, :arguments => argument).map { |hash| hash[:name].split(' ').first }
end

#dpi_rulesObject 



93
94
95
96
97
 
# File 'lib/deepsecurity/transport_objects/dpi_rule.rb', line 93

def dpi_rules
  cache.fetch(DPIRule.cache_key(:all, :all)) do
    request_array("dpi_rule_retrieve_all", DPIRule)
  end
end

#host(id) ⇒ Host

Retrieves a Host by ID.

Parameters:

  • id (Integer)

    Host ID

Returns:



104
105
106
107
108
 
# File 'lib/deepsecurity/transport_objects/host.rb', line 104

def host(id)
  cache.fetch(Host.cache_key(:id, id)) do
    interface.hostRetrieve(id)
  end
end

#host_by_name(hostname) ⇒ Host

Retrieves a Host by name.

Parameters:

  • hostname (String)

    hostname

Returns:



113
114
115
116
117
 
# File 'lib/deepsecurity/transport_objects/host.rb', line 113

def host_by_name(hostname)
  cache.fetch(Host.cache_key(:name, hostname)) do
    interface.hostRetrieveByName(hostname)
  end
end

#host_details(host_filter, detail_level) ⇒ Array<HostDetail>

Return all HostDetails matching the hosts filter with the given detail level

Parameters:

Returns:



112
113
114
115
116
 
# File 'lib/deepsecurity/transport_objects/host_detail.rb', line 112

def host_details(host_filter, detail_level)
  cache.fetch(HostDetail.cache_key(:all, :all)) do
    interface.hostDetailRetrieve(host_filter, detail_level)
  end
end

#host_group(id) ⇒ HostGroup

Retrieves a HostGroup by ID.

Parameters:

  • id (Integer)

    HostGroup ID

Returns:



50
51
52
53
54
55
 
# File 'lib/deepsecurity/transport_objects/host_group.rb', line 50

def host_group(id)
  return nil if id.nil?
  cache.fetch(HostGroup.cache_key(:id, id)) do
    interface.hostGroupRetrieve(id)
  end
end

#host_group_by_name(hostname) ⇒ HostGroup

Retrieves a HostGroup by name.

Parameters:

  • hostname (String)

    hostname

Returns:



60
61
62
63
64
65
 
# File 'lib/deepsecurity/transport_objects/host_group.rb', line 60

def host_group_by_name(hostname)
  return nil if hostname.blank?
  cache.fetch(HostGroup.cache_key(:name, name)) do
    interface.hostGroupRetrieveByName(hostname)
  end
end

#host_groupsArray<HostGroup>

Retrieves HostGroups.

Returns:



41
42
43
44
45
 
# File 'lib/deepsecurity/transport_objects/host_group.rb', line 41

def host_groups()
  cache.fetch(HostGroup.cache_key(:all, :all)) do
    interface.hostGroupRetrieveAll()
  end
end

#hostsArray<Host>

Retrieves Hosts.

Returns:



95
96
97
98
99
 
# File 'lib/deepsecurity/transport_objects/host.rb', line 95

def hosts()
  cache.fetch(Host.cache_key(:all, :all)) do
    interface.hostRetrieveAll()
  end
end

#interfaceObject 



72
73
74
 
# File 'lib/deepsecurity/manager.rb', line 72

def interface
  @interface
end

#manager_timeTime

Retrieve the Manager Web Service API version. Not the same as the Manager version.

Returns:

  • (Time)

    Manager time as a language localized object.



56
57
58
 
# File 'lib/deepsecurity/manager.rb', line 56

def manager_time
  Time.parse(interface.getManagerTime())
end

#security_profile(id) ⇒ Object 



123
124
125
 
# File 'lib/deepsecurity/transport_objects/host.rb', line 123

def security_profile
  Manager.current.security_progile(@security_profile_id)
end

#security_profile_by_name(name) ⇒ Object 



82
83
84
85
86
 
# File 'lib/deepsecurity/transport_objects/security_profile.rb', line 82

def security_profile_by_name(name)
  cache.fetch(SecurityProfile.cache_key(:name, name)) do
    request_object("security_profile_retrieve_by_name", SecurityProfile, {:name => name})
  end
end

#security_profilesObject 



70
71
72
73
74
 
# File 'lib/deepsecurity/transport_objects/security_profile.rb', line 70

def security_profiles
  cache.fetch(SecurityProfile.cache_key(:all, :all)) do
    request_array("security_profile_retrieve_all", SecurityProfile)
  end
end

#sIDObject

Raises:



67
68
69
70
 
# File 'lib/deepsecurity/manager.rb', line 67

def sID
  raise DeepSecurity::AuthenticationRequiredException unless authenticated?
  @sID
end

#system_events(timeFilter, hostFilter, eventIdFilter, includeNonHostEvents) ⇒ Object

Retrieves the system events specified by the time, host and event ID filters. System events that do not pertain to hosts can be included or excluded.



31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/deepsecurity/transport_objects/system_event.rb', line 31

def system_events(timeFilter, hostFilter, eventIdFilter, includeNonHostEvents)
  events = send_authenticated_soap("system_event_retrieve", {
      :timeFilter => timeFilter.to_savon_data,
      :hostFilter => hostFilter.to_savon_data,
      :eventIdFilter => eventIdFilter.to_savon_data,
      :includeNonHostEvents => includeNonHostEvents ? "true" : "false"})[:system_events]
  return [] if events.nil?
  events[:item].map do |each|
    SystemEvent.convert_from_savon(each)
  end
end

#vulnerabilitiesObject 



38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/deepsecurity/transport_objects/private/vulnerability.rb', line 38

def vulnerabilities
  payload_filters2_enable_vulnerability_columns()
  payload_filters2().map do |hash|
    vulnerability = Vulnerability.new
    vulnerability.dpi_rule_identifier = hash[:name].split(' ').first
    vulnerability.cve_identifiers_string = hash[:cve]
    vulnerability.secunia_identifiers_string = hash[:secunia]
    vulnerability.bugtraq_identifiers_string = hash[:bugtraq]
    vulnerability.microsoft_identifiers_string = hash[:microsoft]
    vulnerability
  end
end