Aruba now searches rougue basestations as well
This commit is contained in:
parent
fb77c03ed7
commit
146daef0df
@ -10,9 +10,11 @@ class ServiceDelegate(ServiceBase) :
|
||||
api_session = requests.session()
|
||||
session_key = None
|
||||
query_page_size = 200
|
||||
bigdata_fields = ['sta_mac_address', 'client_ht_phy_type', 'openflow_state', 'client_ip_address', 'client_user_name', 'client_dev_type', 'client_ap_location', 'client_conn_port', 'client_conn_type', 'client_timestamp', 'client_role_name', 'client_active_uac', 'client_standby_uac', 'ap_cluster_name', 'client_health', 'total_moves', 'successful_moves', 'steer_capability', 'ssid', 'ap_name', 'channel', 'channel_str', 'channel_busy', 'tx_time', 'rx_time', 'channel_free', 'channel_interference', 'current_channel_utilization', 'radio_band', 'bssid', 'speed', 'max_negotiated_rate', 'noise_floor', 'radio_ht_phy_type', 'snr', 'total_data_frames', 'total_data_bytes', 'avg_data_rate', 'tx_avg_data_rate', 'rx_avg_data_rate', 'tx_frames_transmitted', 'tx_frames_dropped', 'tx_bytes_transmitted', 'tx_bytes_dropped', 'tx_time_transmitted', 'tx_time_dropped', 'tx_data_transmitted', 'tx_data_dropped', 'tx_data_retried', 'tx_data_transmitted_retried', 'tx_data_bytes_transmitted', 'tx_abs_data_bytes', 'tx_data_bytes_dropped', 'tx_time_data_transmitted', 'tx_time_data_dropped', 'tx_mgmt', 'rx_frames', 'rx_bytes', 'rx_data', 'rx_data_bytes', 'rx_abs_data_bytes', 'rx_data_retried', 'tx_data_frame_rate_dist', 'rx_data_frame_rate_dist', 'tx_data_bytes_rate_dist', 'rx_data_bytes_rate_dist', 'connection_type_classification', 'total_data_throughput', 'tx_data_throughput', 'rx_data_throughput', 'client_auth_type', 'client_auth_subtype', 'client_encrypt_type', 'client_fwd_mode']
|
||||
clients_fields = ['sta_mac_address', 'client_ht_phy_type', 'openflow_state', 'client_ip_address', 'client_user_name', 'client_dev_type', 'client_ap_location', 'client_conn_port', 'client_conn_type', 'client_timestamp', 'client_role_name', 'client_active_uac', 'client_standby_uac', 'ap_cluster_name', 'client_health', 'total_moves', 'successful_moves', 'steer_capability', 'ssid', 'ap_name', 'channel', 'channel_str', 'channel_busy', 'tx_time', 'rx_time', 'channel_free', 'channel_interference', 'current_channel_utilization', 'radio_band', 'bssid', 'speed', 'max_negotiated_rate', 'noise_floor', 'radio_ht_phy_type', 'snr', 'total_data_frames', 'total_data_bytes', 'avg_data_rate', 'tx_avg_data_rate', 'rx_avg_data_rate', 'tx_frames_transmitted', 'tx_frames_dropped', 'tx_bytes_transmitted', 'tx_bytes_dropped', 'tx_time_transmitted', 'tx_time_dropped', 'tx_data_transmitted', 'tx_data_dropped', 'tx_data_retried', 'tx_data_transmitted_retried', 'tx_data_bytes_transmitted', 'tx_abs_data_bytes', 'tx_data_bytes_dropped', 'tx_time_data_transmitted', 'tx_time_data_dropped', 'tx_mgmt', 'rx_frames', 'rx_bytes', 'rx_data', 'rx_data_bytes', 'rx_abs_data_bytes', 'rx_data_retried', 'tx_data_frame_rate_dist', 'rx_data_frame_rate_dist', 'tx_data_bytes_rate_dist', 'rx_data_bytes_rate_dist', 'connection_type_classification', 'total_data_throughput', 'tx_data_throughput', 'rx_data_throughput', 'client_auth_type', 'client_auth_subtype', 'client_encrypt_type', 'client_fwd_mode']
|
||||
aps_fields = ['mon_ap', 'mon_bssid', 'mon_radio_phy_type', 'mon_ssid', 'mon_radio_band', 'mon_ap_current_channel', 'mon_ht_sec_channel', 'mon_sta_count', 'mon_ap_classification', 'mon_ap_match_conf_level', 'mon_ap_encr', 'mon_ap_encr_auth', 'mon_ap_encr_cipher', 'mon_ap_is_dos', 'mon_ap_type', 'mon_ap_status', 'mon_is_ibss', 'mon_ap_create_time', 'mon_ap_match_type', 'mon_ap_match_method', 'mon_ap_match_name', 'mon_ap_match_time', 'wms_event_count']
|
||||
justip_fields = ['client_ip_address']
|
||||
aruba_hosts = []
|
||||
aruba_basestations = []
|
||||
|
||||
def get_arguments(cls) :
|
||||
"""Returns an array of information used to construct an argumentparser argument."""
|
||||
@ -25,24 +27,54 @@ class ServiceDelegate(ServiceBase) :
|
||||
return
|
||||
self.host = self.config['host']
|
||||
self.start_session(self.config['host'],self.config['username'],self.config['key'])
|
||||
listquery = 'backend-observer-sta-19'
|
||||
sortfield = 'client_user_name'
|
||||
self.debug("Retrieving list of Aruba hosts...",1)
|
||||
self.perform_list_query(listquery,self.bigdata_fields,sortfield)
|
||||
self.debug("Searching Aruba hosts...",1)
|
||||
clientsquery = 'backend-observer-sta-19'
|
||||
clientssortfield = 'client_user_name'
|
||||
clientsfilter = 'client_conn_type not_equals 0'
|
||||
clientsdevicetype = 'sta'
|
||||
apsquery = 'backend-observer-mon_bssid-67'
|
||||
apssortfield = 'mon_ssid'
|
||||
apsfilter = 'mon_ap_status equals 1'
|
||||
apsdevicetype = 'mon_bssid'
|
||||
self.debug("Retrieving list of Aruba's detected basestations...",1)
|
||||
self.aruba_basestations = self.perform_list_query(apsquery,self.aps_fields,apssortfield,apsfilter,apsdevicetype)
|
||||
self.debug("Retrieving list of Aruba connected clients...",1)
|
||||
self.aruba_hosts = self.perform_list_query(clientsquery,self.clients_fields,clientssortfield,clientsfilter,clientsdevicetype)
|
||||
self.debug("Searching Aruba information...",1)
|
||||
|
||||
def perform_lookup(self,subject) :
|
||||
# We return the first result that matches the subject out of our lists of Aruba information.
|
||||
# Because this isn't very effective we need to order our search by order of least-likely to
|
||||
# most-likely for the match.
|
||||
|
||||
# Lookup by IP
|
||||
# Search APs first, since they are less likely to match
|
||||
# By IP
|
||||
if 'dns' in self.data and subject in self.data['dns'] and self.data['dns'][subject]['addresses'] :
|
||||
for ip in self.data['dns'][subject]['addresses'] :
|
||||
for entry in self.aruba_basestations :
|
||||
if ip in entry.values() :
|
||||
return entry
|
||||
# By value
|
||||
for entry in self.aruba_basestations :
|
||||
lowercase_values = [x.lower() for x in entry.values() if type(x) is str]
|
||||
all_values = lowercase_values + [x for x in entry.values() if type(x) is not str]
|
||||
for value in all_values :
|
||||
if subject.lower() in str(value) :
|
||||
return entry
|
||||
# Search connected Aruba hosts
|
||||
# By IP
|
||||
if 'dns' in self.data and subject in self.data['dns'] and self.data['dns'][subject]['addresses'] :
|
||||
for ip in self.data['dns'][subject]['addresses'] :
|
||||
for entry in self.aruba_hosts :
|
||||
if ip in entry.values() :
|
||||
return entry
|
||||
# Lookup by hostname
|
||||
# By value
|
||||
for entry in self.aruba_hosts :
|
||||
if subject in entry.values() :
|
||||
return entry
|
||||
lowercase_values = [x.lower() for x in entry.values() if type(x) is str]
|
||||
all_values = lowercase_values + [x for x in entry.values() if type(x) is not str]
|
||||
for value in all_values :
|
||||
if subject.lower() in str(value) :
|
||||
return entry
|
||||
# Not found
|
||||
return {}
|
||||
|
||||
def start_session(self,host,username,key) :
|
||||
@ -52,10 +84,11 @@ class ServiceDelegate(ServiceBase) :
|
||||
if 'SESSION' in self.api_session.cookies.get_dict() :
|
||||
self.session_key = self.api_session.cookies.get_dict()['SESSION']
|
||||
|
||||
def perform_list_query(self,queryname,columnlist,sortfield) :
|
||||
def perform_list_query(self,queryname,columnlist,sortfield,queryfilter,devicetype) :
|
||||
"""Performs a list-type XML query against the Aruba UI API"""
|
||||
# So uncivilized.
|
||||
# Build the basic object for our list query
|
||||
# Build the basic object for our list query. Takes the parameters that the Aruba controller needs for it's
|
||||
# XML api, performs the query, and returns a list of results.
|
||||
sortdir = 'asc'
|
||||
aruba_queries = Element('aruba_queries')
|
||||
query = SubElement(aruba_queries,'query')
|
||||
@ -66,9 +99,9 @@ class ServiceDelegate(ServiceBase) :
|
||||
|
||||
list_query = SubElement(query,'list_query')
|
||||
device_type = SubElement(list_query,'device_type')
|
||||
device_type.text = 'sta'
|
||||
device_type.text = devicetype
|
||||
requested_columns = SubElement(list_query,'requested_columns')
|
||||
requested_columns.text = ' '.join(self.bigdata_fields)
|
||||
requested_columns.text = ' '.join(columnlist)
|
||||
sort_by_field = SubElement(list_query,'sort_by_field')
|
||||
sort_by_field.text = sortfield
|
||||
sort_order = SubElement(list_query,'sort_order')
|
||||
@ -83,11 +116,11 @@ class ServiceDelegate(ServiceBase) :
|
||||
filter_list = SubElement(filter,'filter_list')
|
||||
filter_item_entry = SubElement(filter_list,'filter_item_entry')
|
||||
field_name = SubElement(filter_item_entry,'field_name')
|
||||
field_name.text = 'client_conn_type'
|
||||
field_name.text = queryfilter.split(' ')[0]
|
||||
comp_operator = SubElement(filter_item_entry,'comp_operator')
|
||||
comp_operator.text = 'not_equals'
|
||||
comp_operator.text = queryfilter.split(' ')[1]
|
||||
value = SubElement(filter_item_entry,'value')
|
||||
value.text = '0'
|
||||
value.text = queryfilter.split(' ')[2]
|
||||
|
||||
# Repeat with page size on the query, aggregating results
|
||||
nextstart = 0
|
||||
@ -121,6 +154,6 @@ class ServiceDelegate(ServiceBase) :
|
||||
nextstart = nextstart + self.query_page_size
|
||||
else :
|
||||
finish = True
|
||||
self.aruba_hosts = allitems
|
||||
self.debug("Retrieved " + str((len(allitems))) + " hosts from Aruba host",2)
|
||||
self.debug("Retrieved " + str((len(allitems))) + " results from query",2)
|
||||
return allitems
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user