{ "info": { "author": "Cloudmarker Authors and Contributors", "author_email": "", "bugtrack_url": null, "classifiers": [ "Development Status :: 2 - Pre-Alpha", "Intended Audience :: Developers", "Intended Audience :: End Users/Desktop", "Intended Audience :: Information Technology", "Intended Audience :: System Administrators", "License :: OSI Approved :: MIT License", "Operating System :: OS Independent", "Programming Language :: Python :: 3", "Topic :: System :: Monitoring" ], "description": "Cloudmarker\n===========\n\nCloudmarker is a cloud monitoring tool and framework.\n\n.. image:: https://travis-ci.com/cloudmarker/cloudmarker.svg?branch=master\n :target: https://travis-ci.com/cloudmarker/cloudmarker\n\n.. image:: https://coveralls.io/repos/github/cloudmarker/cloudmarker/badge.svg?branch=master\n :target: https://coveralls.io/github/cloudmarker/cloudmarker?branch=master\n\n.. image:: https://img.shields.io/badge/license-MIT-blue.svg\n :target: https://github.com/cloudmarker/cloudmarker/blob/master/LICENSE.rst\n\n\nContents\n--------\n\n.. contents:: Table of Contents:\n :backlinks: none\n\n\nWhat is Cloudmarker?\n--------------------\n\nCloudmarker is a cloud monitoring tool and framework. It can be used as\na ready-made tool that audits your Azure or GCP cloud environments as\nwell as a framework that allows you to develop your own cloud monitoring\nsoftware to audit your clouds.\n\nAs a monitoring tool, it performs the following actions:\n\n- Retrieves data about each configured cloud using the cloud APIs.\n- Saves or indexes the retrieved data into each configured storage\n system or indexing engine.\n- Analyzes the data for potential issues and generates events that\n represent the detected issues.\n- Saves the events to configured storage or indexing engines as well as\n sends the events as alerts to alerting destinations.\n\nEach of the above four aspects of the tool can be configured via a\nconfiguration file.\n\nFor example, the tool can be configured to pull data from Azure and\nindex its data in Elasticsearch while it also pulls data from GCP and\nindexes the GCP data in MongoDB. Similarly, it is possible to configure\nthe tool to check for unencrypted disks in Azure, generate events for\nit, and send them as alerts by email while it checks for insecure\nfirewall rules in both Azure and GCP, generate events for them, and save\nthose events in MongoDB.\n\nThis degree of flexibility to configure audits for different clouds in\ndifferent ways comes from the fact that Cloudmarker is designed as a\ncombination of lightweight framework and a bunch of plugins that do the\nheavylifting for retrieving cloud data, storing the data, analyzing\nthe data, generating events, and sending alerts. These four types of\nplugins are formally known as cloud plugins, store plugins, event\nplugins, and alert plugins, respectively.\n\nAs a result of this plugin-based architecture, Cloudmarker can also be\nused as a framework to develop your own plugins that extend its\ncapabilities by adding support for new types of clouds or data sources,\nstorage or indexing engines, event generation, and alerting\ndestinations.\n\n\nWhy Cloudmarker?\n----------------\n\nOne might wonder why we need a new project like this when similar\nprojects exist. When we began working on this project in 2017, we were\naware of similar tools that supported AWS and GCP but none that\nsupported Azure at that time. As a result, we wrote our own tool to\nsupport Azure. We later added support for GCP as well. What began as a\ntiny proof of concept gradually turned into a fair amount of code, so we\nthought, we might as well share this project online, so that others\ncould use it and see if they find value in it.\n\nSo far, some of the highlights of this project are:\n\n- It is simple. It is easy to understand how to use the four types of\n plugins (clouds, stores, events, and alerts) to perform an audit.\n- It is excellent at creating an inventory of the cloud environment.\n- The data inventory it creates is easy to query.\n- It is good at detecting insecure firewall rules and unencrypted disks.\n New detection mechanisms are coming up.\n\nWe also realize that we can add a lot more functionality to this project\nto make it more powerful too. See the `Wishlist`_ section below to see\nnew features we would like to see in this project. Our project is hosted\non GitHub at https://github.com/cloudmarker/cloudmarker. Contributions\nand pull requests are welcome.\n\nWe hope that you would give this project a shot, see if it addresses\nyour needs, and provide us some feedback by posting a comment in our\n`feedback thread `_\nor by creating a\n`new issue `_.\n\n\nFeatures\n--------\n\nSince Cloudmarker is not just a tool but also a framework, a lot of its\nfunctionality can be extended by writing plugins. However, Cloudmarker\nalso comes bundled with a default set of plugins that can be used as is\nwithout writing a single line of code. Here is a brief overview of the\nfeatures that come bundled with Cloudmarker:\n\n- Perform scheduled or ad hoc audits of cloud environment.\n- Retrieve data from Azure and GCP.\n- Store or index retrieved data in Elasticsearch, MongoDB, Splunk, and\n the file system.\n- Look for insecure firewall rules and generate firewall rule events.\n- Look for unencrypted disks (Azure only) and generate events.\n- Send alerts for events via email and Slack as well as save alerts in\n one of the supported storage or indexing engines (see the third point\n above).\n- Normalize firewall rules from Azure and GCP which are in different\n formats to a common object model (``\"com\"``) so that a single query or\n event rule can search for or detect issues in firewall rules from both\n clouds.\n\n\nWishlist\n--------\n\n- Add more event plugins to detect different types of insecure\n configuration.\n- Normalize other types of data into a common object model (``\"com\"``)\n just like we do right now for firewall rules.\n\n\nInstall\n-------\n\nPerform the following steps to set up Cloudmarker.\n\n1. Create a virtual Python environment and install Cloudmarker in it:\n\n .. code-block:: sh\n\n python3 -m venv venv\n . venv/bin/activate\n pip3 install cloudmarker\n\n2. Run sanity test:\n\n .. code-block:: sh\n\n cloudmarker -n\n\n The above command runs a mock audit with mock plugins that generate\n some mock data. The mock data generated can be found at\n ``/tmp/cloudmarker/``. Logs from the tool are written to the standard\n output as well as to ``/tmp/cloudmarker.log``.\n\n The ``-n`` or ``--now`` option tells Cloudmarker to run right now\n instead of waiting for a scheduled run.\n\nTo learn how to configure and use Cloudmarker with Azure or GCP clouds,\nsee `Cloudmarker Tutorial`_.\n\n\nDevelop\n-------\n\nThis section describes how to set up a development environment for\nCloudmarker. This section is useful for those who would like to\ncontribute to Cloudmarker or run Cloudmarker directly from its source.\n\n1. We use primarily three tools to perform development on this project:\n Python 3, Git, and Make. Your system may already have these tools.\n But if not, here are some brief instructions on how they can be\n installed.\n\n On macOS, if you have `Homebrew `_ installed, then\n these tools can be be installed easily with the following command:\n\n .. code-block:: sh\n\n brew install python git\n\n On a Debian GNU/Linux system or in another Debian-based Linux\n distribution, they can be installed with the following commands:\n\n .. code-block:: sh\n\n apt-get update\n apt-get install python3 python3-venv git make\n\n On a CentOS Linux distribution, they can be installed with these\n commands:\n\n .. code-block:: sh\n\n yum install centos-release-scl\n yum install git make rh-python36\n scl enable rh-python36 bash\n\n Note: The ``scl enable`` command starts a new shell for you to use\n Python 3.\n\n On any other system, we hope you can figure out how to install these\n tools yourself.\n\n2. Clone the project repository and enter its top-level directory:\n\n .. code-block:: sh\n\n git clone https://github.com/cloudmarker/cloudmarker.git\n cd cloudmarker\n\n3. Create a virtual Python environment for development purpose:\n\n .. code-block:: sh\n\n make venv deps\n\n This creates a virtual Python environment at ``~/.venv/cloudmarker``.\n Additionally, it also creates a convenience script named ``venv`` in\n the current directory to easily activate the virtual Python\n environment which we will soon see in the next point.\n\n To undo this step at anytime in future, i.e., delete the virtual\n Python environment directory, either enter\n ``rm -rf venv ~/.venv/cloudmarker`` or enter ``make rmvenv``.\n\n4. Activate the virtual Python environment:\n\n .. code-block:: sh\n\n . ./venv\n\n5. In the top-level directory of the project, enter this command:\n\n .. code-block:: sh\n\n python3 -m cloudmarker -n\n\n This generates mock data at ``/tmp/cloudmarker``. This step serves as\n a sanity check that ensures that the development environment is\n correctly set up and that the Cloudmarker audit framework is running\n properly.\n\n6. Now that the project is set up correctly, you can create a\n ``cloudmarker.yaml`` to configure Cloudmarker to scan/audit your\n cloud or you can perform more development on the Cloudmarker source\n code. See `Cloudmarker Tutorial`_ for more details.\n\n7. If you have set up a development environment to perform more\n development on Cloudmarker, please consider sending a pull request to\n us if you think your development work would be useful to the\n community.\n\n8. Before sending a pull request, please run the unit tests, code\n coverage, linters, and document generator to ensure that no existing\n test has been broken and the pull request adheres to our coding\n conventions:\n\n .. code-block:: sh\n\n make test\n make coverage\n make lint\n make docs\n\n To run these four targets in one shot, enter this \"shortcut\" target:\n\n .. code-block:: sh\n\n make checks\n\n Open ``htmlcov/index.html`` with a web browser to view the code\n coverage report.\n\n Open ``docs/_build/html/index.html`` with a web browser to view the\n generated documentation.\n\n\nResources\n---------\n\nHere is a list of useful links about this project:\n\n- `Documentation on Read The Docs `_\n- `Latest release on PyPI `_\n- `Source code on GitHub `_\n- `Issue tracker on GitHub `_\n- `Changelog on GitHub `_\n- `Cloudmarker channel on Slack `_\n- `Invitation to Cloudmarker channel on Slack `_\n\n\nSupport\n-------\n\nTo report bugs, suggest improvements, or ask questions, please create a\nnew issue at http://github.com/cloudmarker/cloudmarker/issues.\n\n\nLicense\n-------\n\nThis is free software. You are permitted to use, copy, modify, merge,\npublish, distribute, sublicense, and/or sell copies of it, under the\nterms of the MIT License. See `LICENSE.rst`_ for the complete license.\n\nThis software is provided WITHOUT ANY WARRANTY; without even the implied\nwarranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See\n`LICENSE.rst`_ for the complete disclaimer.\n\n.. _LICENSE.rst: https://github.com/cloudmarker/cloudmarker/blob/master/LICENSE.rst\n.. _Cloudmarker Tutorial: https://cloudmarker.readthedocs.io/en/latest/tutorial.html\n.. _Cloudmarker API: https://cloudmarker.readthedocs.io/en/latest/api/modules.html\n\n\n\n", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/cloudmarker/cloudmarker", "keywords": "cloud security monitoring framework", "license": "", "maintainer": "", "maintainer_email": "", "name": "cloudmarker", "package_url": "https://pypi.org/project/cloudmarker/", "platform": "", "project_url": "https://pypi.org/project/cloudmarker/", "project_urls": { "Homepage": "https://github.com/cloudmarker/cloudmarker" }, "release_url": "https://pypi.org/project/cloudmarker/0.1.0/", "requires_dist": [ "adal (==1.2.1)", "asn1crypto (==0.24.0)", "azure-common (==1.1.20)", "azure-mgmt-compute (==5.0.0)", "azure-mgmt-network (==2.7.0)", "azure-mgmt-resource (==2.1.0)", "azure-mgmt-storage (==3.3.0)", "cachetools (==3.1.0)", "certifi (==2019.3.9)", "cffi (==1.12.3)", "chardet (==3.0.4)", "cryptography (==2.6.1)", "elasticsearch (==7.0.1)", "google-api-python-client (==1.7.8)", "google-auth (==1.6.3)", "google-auth-httplib2 (==0.0.3)", "httplib2 (==0.12.3)", "idna (==2.8)", "isodate (==0.6.0)", "msrest (==0.6.6)", "msrestazure (==0.6.0)", "oauthlib (==3.0.1)", "pyasn1 (==0.4.5)", "pyasn1-modules (==0.2.5)", "pycparser (==2.19)", "PyJWT (==1.7.1)", "pymongo (==3.8.0)", "python-dateutil (==2.8.0)", "PyYAML (==5.1)", "requests (==2.21.0)", "requests-oauthlib (==1.2.0)", "rsa (==4.0)", "schedule (==0.6.0)", "six (==1.12.0)", "slackclient (==1.3.1)", "uritemplate (==3.0.0)", "urllib3 (==1.24.3)", "websocket-client (==0.54.0)" ], "requires_python": "", "summary": "Cloudmarker - Cloud security monitoring framework.", "version": "0.1.0" }, "last_serial": 5261923, "releases": { "0.1.0": [ { "comment_text": "", "digests": { "md5": "41dd0ab17ff4938756d0d4a14f4191b7", "sha256": "275f67d3fb576c137a861d390e0137431797c97a3084b2e5e8096117be18ce98" }, "downloads": -1, "filename": "cloudmarker-0.1.0-py3-none-any.whl", "has_sig": false, "md5_digest": "41dd0ab17ff4938756d0d4a14f4191b7", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 44869, "upload_time": "2019-05-13T12:04:19", "url": "https://files.pythonhosted.org/packages/a3/f6/4d425883683137fc45b93d065d600076fc0457f1f03b2a047bb322750168/cloudmarker-0.1.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "678c8ac3a0b2417ca8e7e3c8edbcc91c", "sha256": "b786d898c8a998a2332ef3dffaaf940d6811106c7a0fe54deacedd36f32605c2" }, "downloads": -1, "filename": "cloudmarker-0.1.0.tar.gz", "has_sig": false, "md5_digest": "678c8ac3a0b2417ca8e7e3c8edbcc91c", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 37004, "upload_time": "2019-05-13T12:04:21", "url": "https://files.pythonhosted.org/packages/24/9e/ae9960db7a8191be12d81932b7d5748ec665e318cb361777e68524381289/cloudmarker-0.1.0.tar.gz" } ], "0.1.0.dev1": [ { "comment_text": "", "digests": { "md5": "2c80f45d4d4d99de4649a419124f8910", "sha256": "98b79de124636c379a8002657bba0d7c6804c5381db5be6d6561abba16555c7b" }, "downloads": -1, "filename": "cloudmarker-0.1.0.dev1-py3-none-any.whl", "has_sig": false, "md5_digest": "2c80f45d4d4d99de4649a419124f8910", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 12424, "upload_time": "2018-12-30T11:07:25", "url": "https://files.pythonhosted.org/packages/f3/03/d47e43fc9e952ee0b2361824c080c168bcea9bfaca3746de93ccbc73d526/cloudmarker-0.1.0.dev1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "4b15349b811143fbed728357155dbe9f", "sha256": "92e6d7949764dcdbb0bacbfa301c90de4b91bc38bea8e7d9589ffc9ed683ad53" }, "downloads": -1, "filename": "cloudmarker-0.1.0.dev1.tar.gz", "has_sig": false, "md5_digest": "4b15349b811143fbed728357155dbe9f", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 9202, "upload_time": "2018-12-30T11:07:27", "url": "https://files.pythonhosted.org/packages/3b/25/9f85397c90582cd24abdd8dd381419de09fc1f9aee56e88a78f215e24736/cloudmarker-0.1.0.dev1.tar.gz" } ], "0.1.0.dev2": [ { "comment_text": "", "digests": { "md5": "52e533ccf12137604553438ca2653deb", "sha256": "41b3c4f7b0400ea258b31b41c73128ca2b59c2a9c6456f4748c032684484b7e9" }, "downloads": -1, "filename": "cloudmarker-0.1.0.dev2-py3-none-any.whl", "has_sig": false, "md5_digest": "52e533ccf12137604553438ca2653deb", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 44714, "upload_time": "2019-05-11T09:06:21", "url": "https://files.pythonhosted.org/packages/7d/c2/ecabf52ecf8d2ddb0e4cb88b0cc82bcf1071689470820d6bafc4703972c6/cloudmarker-0.1.0.dev2-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "f81058cab9fab43e5192c4d503f47720", "sha256": "eeb00a3e05d33d37a2790ae1b2ae9408365c8800c9c186bfeb83f2551dd06dca" }, "downloads": -1, "filename": "cloudmarker-0.1.0.dev2.tar.gz", "has_sig": false, "md5_digest": "f81058cab9fab43e5192c4d503f47720", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 36627, "upload_time": "2019-05-11T09:06:24", "url": "https://files.pythonhosted.org/packages/89/9e/b2833d1aa58e7800d57593bc5a303b9b47797feddaa747d244ce537f267f/cloudmarker-0.1.0.dev2.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "41dd0ab17ff4938756d0d4a14f4191b7", "sha256": "275f67d3fb576c137a861d390e0137431797c97a3084b2e5e8096117be18ce98" }, "downloads": -1, "filename": "cloudmarker-0.1.0-py3-none-any.whl", "has_sig": false, "md5_digest": "41dd0ab17ff4938756d0d4a14f4191b7", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 44869, "upload_time": "2019-05-13T12:04:19", "url": "https://files.pythonhosted.org/packages/a3/f6/4d425883683137fc45b93d065d600076fc0457f1f03b2a047bb322750168/cloudmarker-0.1.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "678c8ac3a0b2417ca8e7e3c8edbcc91c", "sha256": "b786d898c8a998a2332ef3dffaaf940d6811106c7a0fe54deacedd36f32605c2" }, "downloads": -1, "filename": "cloudmarker-0.1.0.tar.gz", "has_sig": false, "md5_digest": "678c8ac3a0b2417ca8e7e3c8edbcc91c", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 37004, "upload_time": "2019-05-13T12:04:21", "url": "https://files.pythonhosted.org/packages/24/9e/ae9960db7a8191be12d81932b7d5748ec665e318cb361777e68524381289/cloudmarker-0.1.0.tar.gz" } ] }