dead

File manager - Edit - /opt/imunify360/venv/lib/python3.11/site-packages/defence360agent/wordpress/__pycache__/incident_sender.cpython-311.pyc

Back
� ��tsid��d�Z�ddlZddlZddlmZ�ddlmZ�ddlmZ�ddlm Z ��ej ��e��Z�G�d��d��Z dS�) z3Send WordPress incidents to the correlation server.��N)�datetime)�Any)�SensorWordpressIncidentList)�MessageSinkc��e�Zd�ZdZdedeeef��fd�Zdedee��fd�Z de dz��d ee��defd �Zde dee��fd�Z dS�) �IncidentSendera�� Send WordPress incidents to the correlation server. WordPress incidents are already in the Incident table (visible to UI). This class sends them to correlation via Reportable messages, which are automatically handled by SendToServer/SendToServerFGW plugins. �incident�returnc��t��d\|��\|��d��pi�}t��\|��d��pd��}t ��\|��}\|r't��j��\|��d��nd}i�d\|�d\|�d\|��d ��d \|��d ��pd�d\|��d��d \|��d��d\|��d��d\|��d��pd�d\|��d��pd�d\|��d��pd�d\|��d��pd�d\|��d��pd�d\|��d��pd�d\|��d��r\|��d��dk��nd�d\|��d��pd�d \|��d!��pd�d"\|��\|��\|��d#��pd\|��d$��pd\|��d%��pd\|��d&��pd\|d'��S�)(aJ�� Prepare an incident for sending to the correlation server. WordPress incidents use extra_info JSON field to store plugin-specific data. Args: incident: WordpressIncident dictionary (with extra_info populated) Returns: Dictionary formatted for correlation server z&Preparing incident for correlation: %s� extra_info� timestampr��z%Y-%m-%d��dt� plugin_id�plugin�rule�unknown�name�message�description�severity�attackers_ip�abuser�domain�retries��uri�request_uri� user_agent�http_user_agent�http_method�request_method�user_logged_in�trueN� file_path� site_path�user�username�tag�target�slug�version�mode)r��r+��r,��r-��details) �logger�info�get�float�intr�� fromtimestamp�strftime�_build_tags)�selfr ��extra�timestamp_valuer ��r��s�� ^/opt/imunify360/venv/lib/python3.11/site-packages/defence360agent/wordpress/incident_sender.py�!_prepare_incident_for_correlationz0IncidentSender._prepare_incident_for_correlation��s�� <�h�G�G�G��l�l�<�0�0�6�B��"'�x�\|�\|�K�'@�'@�'E�A�!F�!F��(�(� �� H�"�?�3�3�<�<�Z�H�H�H�� "� �� h�/�/� �� H�L�L��(�(�5�I� � � �H�L�L��(�(� �� x�\|�\|�M�2�2� �� Z�0�0� �� H�L�L��2�2�8�b� �� h�l�l�8�,�,�2�� x�\|�\|�I�.�.�3�!� �� 5�9�9�]�+�+�1�r� �� %�)�)�$5�6�6�<�"� �� 5�9�9�%5�6�6�<�"� �� y�y�)����e�i�i�(8�9�9�V�C�C��! �"� ��;�/�/�5�2�# �$� �E�I�I�j�)�)�/�R�% �&� �4�#�#�E���' ���i�i��)�)�/�R��I�I�f�%�%�+��y�y��+�+�1�r��I�I�f�%�%�+��3 �� r8��c��:��ddg}\|��d��r\|��\|d��\|��d��r\|��d\|d��\|��d��r\|��d\|d��\|S�)N� wordpress�cver��target_r-��mode_)r1��append)r7��r8��tagss�� r:��r6��zIncidentSender._build_tagsN��s��U�#��9�9�U�� &��K�K��e��%�%�%��9�9�X�� 5��K�K�3�%��/�3�3�4�4�4��9�9�V�� 1��K�K�/��f� �/�/�0�0�0��r<��sinkN� incidentsc��d��K��\|�t��d��dS�t��\|��dk��rt��d��dS�t��dt��\|��fd�\|D��}��\|\|��d{V��t��\|��S�)aC�� Send WordPress incidents to the correlation server. Since incidents are already in the WordpressIncident table (visible to UI), we just need to send them to correlation. Args: incidents: List of incidents to send Returns: Number of incidents sent Nz+No sink provided, skipping incident sendingr��zNo incidents to send, skippingzSending %d incidents to correlation serverc��:��g�\|�]}��\|��S��)r;��)�.0r ��r7��s�� r:�� <listcomp>z1IncidentSender.send_incidents.<locals>.<listcomp>u��s7�� 2�2�8�<�<� �� r<��)r/��warning�len�debugr0��_send_batch)r7��rD��rE��correlation_batchs��` r:��send_incidentszIncidentSender.send_incidentsZ��s��<��N�N�H�I�I�I��1��y�>�>�Q��L�L�9�:�:�:��1��8�#�i�.�.� �� %� �� t�%6�7�7�7�7�7�7�7�7�7��$�%�%�%r<��rO��c��K��t��dt��\|��t��dt��j��\|d�� \|��t ��\|��d{V��t��dt��\|��dS�#�t��$�r!}t��d\|��d}~ww�xY�w)a_�� Send a batch of incidents to correlation server. Uses SensorIncidentList Reportable message which is automatically sent to correlation via SendToServer/SendToServerFGW plugins. Args: sink: MessageSink to send the batch to correlation_batch: Incidents formatted for correlation server z3Sending batch of %d incidents to correlation serverzCorrelation batch json: %s��)�indentNz6Queued %d wordpress incident(s) for correlation serverz"Failed to queue incident batch: %s) r/��r0��rL��json�dumps�process_messager�� Exception�error)r7��rD��rO��es�� r:��rN��zIncidentSender._send_batch~��s�� A��!�"�"� �� (��J�(��3�3�3� �� &�&�+�,=�>�>�� K�K�H��%�&�&� �� L�L�4�� s��AB-��- C�7C�C)�__name__� __module__�__qualname__�__doc__�dict�strr��r;��listr6��r��r3��rP��rN��rH��r<��r:��r��r��s��5 ��5 � �c�3�h��5 ��5 ��5 ��5 �n �� $�s�)�� "&��$�&�"&�37��:�"&� �"&��"&��"&��"&�H&��&�48��J�&��&��&��&��&��&r<��r��)r]��rT��loggingr��typingr��"defence360agent.contracts.messagesr��!defence360agent.contracts.pluginsr�� getLoggerrZ��r/��r��rH��r<��r:��<module>rf��s��9��9��J��J��J��J��J��J��9��9��9��9��9��9� �� 8� $� $��V��V��V��V��V��V��V��V��V��Vr<��

| ver. 1.4 | Github | . | PHP 8.2.30 | Generation time: 0 | proxy | phpinfo | Settings