{ "info": { "author": "David LePage", "author_email": "dwlepage70@gmail.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 5 - Production/Stable", "License :: OSI Approved :: Apache Software License", "Programming Language :: Python", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5" ], "description": "|Documentation Status| |PyPI version|\n\nMonitoring API for Stonesoft Security Management Center\n=======================================================\n\nsmc-python-monitoring is made of up two core capabilities:\n\n- Monitor, Query or view live events from the SMC\n- Pub/Sub (Subscribe) to SMC element events by supported API type\n\nThe smc-python-monitoring API makes it possible to obtain real time monitoring information from the SMC with respects to:\n\n* Logs\n* Connections\n* Blacklist\n* Routing\n* Users\n* SSL VPN Users\n* VPNs\n* Alerts\n\nThis correlates to the area of the SMC under \"Monitoring\".\n\nEvery query can be refined by using filters that allow a variety of boolean operations to control the results.\n\nThe smc-python-monitoring API also provides the ability to subscribe to element event changes in the SMC.\nAny element type that is exposed as an SMC API `entry point` can be used as a subscriber target. Event type\nexamples that would fire events would be created, updated, or deleted (for example - although not an exhaustive\nlist). \n\nCompatibility\n=============\n\nRequires Security Management Center version 6.2 or newer.\n\nThis package has been tested with Python 2.7, 3.4 and 3.5.\n\nRequirements\n============\n\nsmc-python >= v0.5.6\n\nwebsocket-client\n\nInstall\n=======\n\n``pip install smc-python-monitoring``\n\nUsage\n=====\n\nIn order to leverage monitoring or subscriber features, you must first obtain a valid smc session as \nnormal:\n\n.. code:: python\n\n\tfrom smc import session\n\tsession.login()\n\t...\n\nOnce a valid session is obtained, the session information is re-used for the web socket connection,\nincluding SSL related data such as validating SSL through the client side SSL certificate before\nestablishing the connection.\n\nMonitoring and Queries\n++++++++++++++++++++++\n\nMaking queries is uniform across all query types.\nThere are small exceptions to this rule with respects to LogQuery which provides more options on how to control\nthe batched query size, custom time ranges for the query, etc. See documentation on LogQuery for more details.\n\nA return data format for queries can be configured when calling fetch on the query. Results can be obtained\nin a variety of formatted outputs such as CSV, Table format or as a raw dict. You can also provide your own\nformatter to the query. See ``smc_monitoring.models.formatter`` for more info.\n\nBy default each query type has a pre-defined set of ``field_ids`` that define a basic set of fields for\nthe query type. This specifies which fields are returned in the query. You can customize these fields on the\nquery by using the ``query.format.field_names`` or ``query.format.field_ids`` methods. See the documentation for\nmore info.\n\nAll queries can be made as each 'batch' queries or 'live' style queries. The type used depends on the method\ncalled on the query instance. All queries done via smc-python-monitoring follow the same rules as implemented in\nthe SMC UI. \n\nFor example, 'Monitoring' queries (i.e. Connections, Blacklist, Users, etc) do not allow time/date\nranges on the query, however filtering by fields work. The same field filtering works in the same way with Log\nstyle queries.\n\nExample of making a basic log query in real time. Note the default return format is Table for a cleaner output,\nassuming this is being run from a command window:\n\n.. code:: python\n\n\tquery = LogQuery()\n\tfor log in query.fetch_live():\n\t print(log)\n\nMaking a simple LogQuery with a fetch size of 50 and returning in a raw dict format:\n\n.. code:: python\n\n\tquery = LogQuery(fetch_size=50)\n\tfor log in query.fetch_raw():\n \t print(log)\n\nMaking a more sophisticated query that uses a timezone, then adds an \"AND\" filter that\nwill match if the entry has an alert severity of \"HIGH\" and only if the ACTION and APPLICATION\nfields have values:\n\n.. code:: python\n\n\tquery = LogQuery(fetch_size=50)\n\tquery.format.timezone('CST')\n\n\tquery.add_and_filter(\n [InFilter(FieldValue(LogField.ALERTSEVERITY), [ConstantValue(Alerts.HIGH)]),\n DefinedFilter(FieldValue(LogField.ACTION)),\n\t DefinedFilter(FieldValue(LogField.IPSAPPID))])\n\n\tfor log in query.fetch_batch(TableFormat):\n\t print(log)\n\n\nQuery for the last 10 records if the source IP is 192.168.4.84 and return only fields\ntimestamp, source, destination and service:\n\n.. code:: python\n\n\tquery = LogQuery(fetch_size=10)\n\tquery.format.timezone('CST')\n\n\tquery.format.field_ids([LogField.TIMESTAMP, LogField.SRC, LogField.DST, LogField.IPSAPPID])\n\n\tquery.add_and_filter(\n\t [InFilter(FieldValue(LogField.SRC), [IPValue('192.168.4.84')]),\n\t DefinedFilter(FieldValue(LogField.IPSAPPID))])\n\n\tfor log in query.fetch_batch(TableFormat):\n\t ...\n\n\nExamples of other monitoring type queries:\n\nObtain all current connections on a given engine. Output in CSV:\n\n.. code:: python\n\n\tquery = ConnectionQuery('sg_vm')\n\tfor record in query.fetch_batch(CSVFormat):\n\t print(record)\n\nObtain all authenticated users on a given engine, output as 'User' object instances:\n\n.. code:: python\n\n\tquery = UserQuery('sg_vm')\n\tfor record in query.fetch_as_element():\n\t print(record)\n\nObtain all VPN SA's on given engine, output at 'VPNSecurityAssoc' object instances:\n\n.. code:: python\n\n\tquery = VPNSAQuery('sg_vm')\n\tfor record in query.fetch_as_element():\n\t print(record)\n\nObtain all current routes for a given engine, output as a list of raw dict items:\n\n.. code:: python\n\n\tquery = RoutingQuery('sg_vm')\n\tfor record in query.fetch_batch(RawDictFormat):\n\t print(record)\n\nObtain all SSL VPN connections for a given engine, output in table format:\n\n.. code:: python\n\n\tquery = SSLVPNQuery('sg_vm')\n\tfor record in query.fetch_batch(TableFormat):\n\t print(record)\n\nObtain all active alerts from the Shared Domain:\n\n.. code:: python\n\n\tquery = ActiveAlertQuery('Shared Domain', timezone='America/Chicago')\n\tfor record in query.fetch_batch():\n print(record)\n\n\nSubscribing to Events\n+++++++++++++++++++++\n\nUsing smc-python-monitoring you can also subscribe to events published by the SMC API\nwhen changes are made. As long as the entry point exists for the element type, you can\nset up a \"channel\" to receive real-time updates when the element type is modified.\n\nTo listen for events you must first obtain an SMC session as usual.\n\nThen obtain an instance of `Notification`, specifying the events of interest.\n\nSubscribe to a single element event (SMC api entry point):\n\n.. code:: python\n\n\tnotification = Notification('network')\n\nSubscribe to multiple element events on a single channel (subscription_id):\n\n.. code:: python\n\n\tnotification = Notification('network,host,iprange')\n\nSubscribe to multiple element events, each with it\u2019s own channel (subscription_id):\n\n.. code:: python\n\n\tnotification = Notification('network')\n\tnotification.subscribe('host')\n\tnotification.subscribe('layer2_policy')\n\nReturn the events as instance of \u201cEvent\u201d (optional). Otherwise raw json returned.\n\n.. code:: python\n\n\tfor event in notification.notify(as_type=Event):\n \t\tprint(event)\n\n\tEvent(subscription_id=151,action=delete,element=https://xxxx/elements/host/1087)\n\tEvent(subscription_id=152,action=delete,element=https://xxxx/elements/layer2_policy/27)\n\n.. |Documentation Status| image:: https://readthedocs.org/projects/smc-python/badge/?version=latest\n :target: http://smc-python.readthedocs.io/en/latest/?badge=latest\n.. |PyPI version| image:: https://badge.fury.io/py/smc-python-monitoring.svg\n :target: https://badge.fury.io/py/smc-python-monitoring\n\n\n.. :changelog:\n\nRelease History\n===============\n\n1.0.0 (2017-09-03)\n++++++++++++++++++\n\n- Initial release of SMC Monitoring package\n- Requires SMC 6.3.0, 6.3.1\n\n1.1.0 (2018-02-02)\n++++++++++++++++++\n\n- Requires SMC >= 6.3.2\n- ActiveAlertQuery implemented for interfacing with Alerts (requires SMC >= 6.3.3). Currently read-only\n- BlacklistQuery modified to use generic log fields for all queries except fetch_as_element\n\n1.2\n+++\n\n- VPN SA's can be deleted (requires SMC >= 6.4.2)\n- Updated requirement to websocket-client 0.48.0. Fixes issue with IndexError when Tomcat 8 does not include\n the Status-Message in the initial handshake: https://github.com/websocket-client/websocket-client/issues/406\n\n\n\n\n\n", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/gabstopper/smc-python", "keywords": "", "license": "Apache License", "maintainer": "", "maintainer_email": "", "name": "smc-python-monitoring", "package_url": "https://pypi.org/project/smc-python-monitoring/", "platform": "", "project_url": "https://pypi.org/project/smc-python-monitoring/", "project_urls": { "Homepage": "https://github.com/gabstopper/smc-python" }, "release_url": "https://pypi.org/project/smc-python-monitoring/1.2.0/", "requires_dist": [ "smc-python (>=0.6.0)", "websocket-client (>=0.48.0)" ], "requires_python": "", "summary": "Stonesoft Management Center Monitoring", "version": "1.2.0" }, "last_serial": 3966661, "releases": { "1.0.0": [ { "comment_text": "", "digests": { "md5": "457b00abc545a5d600b052a1c0bbbb6c", "sha256": "4f1737ae8de927fd6493b1bc7d2a186f5394e95a3a45f3cf7e14fe712603a8ae" }, "downloads": -1, "filename": "smc_python_monitoring-1.0.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "457b00abc545a5d600b052a1c0bbbb6c", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 65961, "upload_time": "2017-10-05T17:21:23", "url": "https://files.pythonhosted.org/packages/8c/80/a932e7b0fac375f9eee11e8c3f660720aec391506ccee933fd10542f4fe7/smc_python_monitoring-1.0.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "0394863d5d819b0439299f2d65fabec7", "sha256": "d5cedcb19238e9a7605fa382da84ac5c9a5df20b6c304cc1d0bd58711cbafd16" }, "downloads": -1, "filename": "smc-python-monitoring-1.0.0.tar.gz", "has_sig": false, "md5_digest": "0394863d5d819b0439299f2d65fabec7", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 50482, "upload_time": "2017-10-05T17:21:24", "url": "https://files.pythonhosted.org/packages/3f/79/8a617d10f3a3429c101a21375609a2cdf9004af8756ca41e6d33b9b700fb/smc-python-monitoring-1.0.0.tar.gz" } ], "1.1.0": [ { "comment_text": "", "digests": { "md5": "13476a4a7a580aa3f53764fd71a57878", "sha256": "bd3bfe55a8f26d538c890792cb6b4c7c83398b2298a23eb998d453a8c05b276e" }, "downloads": -1, "filename": "smc_python_monitoring-1.1.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "13476a4a7a580aa3f53764fd71a57878", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 69299, "upload_time": "2018-02-04T18:56:38", "url": "https://files.pythonhosted.org/packages/46/df/77caf6025694bddc0cf003fec781d76bcb533cd80e97f11d69c70ae52e2b/smc_python_monitoring-1.1.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "1b13ca05ac8648e5ec27dd40173e7add", "sha256": "0c13a0eb50e83c3f40210874932243f9fd7374c418ee0c39be7ef6ffcad77ba4" }, "downloads": -1, "filename": "smc-python-monitoring-1.1.0.tar.gz", "has_sig": false, "md5_digest": "1b13ca05ac8648e5ec27dd40173e7add", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 55518, "upload_time": "2018-02-04T18:56:42", "url": "https://files.pythonhosted.org/packages/8d/42/17bc8a49a669299e44359ec1c15e26bf2eebf01f119f21c35fbe714fe532/smc-python-monitoring-1.1.0.tar.gz" } ], "1.2.0": [ { "comment_text": "", "digests": { "md5": "112cc6efc503b9eeedd38200915ac818", "sha256": "3c1096b664b062a987874142fa728f21a66d922c3553fb55847a233232d39c37" }, "downloads": -1, "filename": "smc_python_monitoring-1.2.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "112cc6efc503b9eeedd38200915ac818", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 70491, "upload_time": "2018-06-16T02:21:45", "url": "https://files.pythonhosted.org/packages/0b/ae/98bac5a70fa89469c92b64cc085e5b80ad6149f963eb1498fcfcb064e962/smc_python_monitoring-1.2.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "e118f9427deccf9e38fbabd19552540a", "sha256": "3ba1d7293c3007f2681c0e216a4d75c4a64ee0e517f08182179a180144e86757" }, "downloads": -1, "filename": "smc-python-monitoring-1.2.0.tar.gz", "has_sig": false, "md5_digest": "e118f9427deccf9e38fbabd19552540a", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 56816, "upload_time": "2018-06-16T02:21:47", "url": "https://files.pythonhosted.org/packages/5b/95/bbae34201dc5b20744552fc60519f1a70f083f145713d4f4831a8d2fd10e/smc-python-monitoring-1.2.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "112cc6efc503b9eeedd38200915ac818", "sha256": "3c1096b664b062a987874142fa728f21a66d922c3553fb55847a233232d39c37" }, "downloads": -1, "filename": "smc_python_monitoring-1.2.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "112cc6efc503b9eeedd38200915ac818", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 70491, "upload_time": "2018-06-16T02:21:45", "url": "https://files.pythonhosted.org/packages/0b/ae/98bac5a70fa89469c92b64cc085e5b80ad6149f963eb1498fcfcb064e962/smc_python_monitoring-1.2.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "e118f9427deccf9e38fbabd19552540a", "sha256": "3ba1d7293c3007f2681c0e216a4d75c4a64ee0e517f08182179a180144e86757" }, "downloads": -1, "filename": "smc-python-monitoring-1.2.0.tar.gz", "has_sig": false, "md5_digest": "e118f9427deccf9e38fbabd19552540a", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 56816, "upload_time": "2018-06-16T02:21:47", "url": "https://files.pythonhosted.org/packages/5b/95/bbae34201dc5b20744552fc60519f1a70f083f145713d4f4831a8d2fd10e/smc-python-monitoring-1.2.0.tar.gz" } ] }