Beispiel #1
0
// Start the tcp server and register all handlers.
func (server *Server) Run(webPort int) error {
	Log.Infof("Starting Server on port %d.", server.Port)

	server.Nodes = make(map[*gotalk.Sock]*NodeData)

	handlers := gotalk.NewHandlers()

	handlers.Handle("pong", func(in interface{}) (interface{}, error) {
		return in, nil
	})

	handlers.HandleBufferNotification("result", func(s *gotalk.Sock, name string, b []byte) {
		Log.Infof("Output %s: %s", name, string(b))
	})

	s, err := gotalk.Listen("tcp", fmt.Sprintf(":%d", server.Port), &tls.Config{
		Certificates: []tls.Certificate{server.Config.Cert},
		ClientAuth:   tls.NoClientCert,
	})

	if err != nil {
		return err
	}

	server.Socket = s
	server.Socket.HeartbeatInterval = 20 * time.Second

	server.Socket.OnHeartbeat = func(load int, t time.Time) {
		// Log.Debugf("Got heartbeat: Load (%d), Time: (%s)", load, t.Format(TimeFormat))
	}

	server.Socket.AcceptHandler = server.onAccept
	server.Socket.Handlers = handlers

	go NewWebServer(webPort, server)

	server.Socket.Accept()

	return nil
}
Beispiel #2
0
// Handlers will register all node hnadlers.
func (node *Node) Handlers() {
	handlers := gotalk.NewHandlers()

	handlers.HandleBufferNotification("die", func(s *gotalk.Sock, name string, b []byte) {
		KillClient = true
		node.Socket.Close()
		Log.Warn(string(b))
		Connection <- true
	})

	handlers.Handle("ping", func(_ bool) ([]byte, error) {
		return []byte("pong"), nil
	})

	handlers.Handle("system-information", func() (map[string]interface{}, error) {
		return SystemInformation()
	})

	handlers.Handle("query", func(query Query) ([]byte, error) {
		return query.Run()
	})

	handlers.Handle("tables", func(query Query) ([]byte, error) {
		return query.Run()
	})

	handlers.Handle("checkin", func() (Message, error) {
		var err error

		if node.Config.HasCache {
			Log.Debugf("Node has cache file. Using cached id %s", node.Config.Cache.Id)

			Log.Infof("Connection successful. Id: %s", node.Config.Cache.Id)
			node.Id = node.Config.Cache.Id
		} else {

			id, uuerr := uuid.NewV4()
			err = uuerr

			if err != nil {
				Log.Fatalf("Error creating id: %s", err)
			}

			Log.Debugf("No cache file found. Creating cache file and new id %s", id)

			Log.Infof("Connection successful. Id: %s", id.String())
			node.Config.Cache.Id = id.String()
			node.Id = node.Config.Cache.Id

			node.Config.WriteCache()
		}

		info := OsQueryInfo()

		Log.Infof("osquery enabled: %t", info.Enabled)

		if info.Enabled {
			Log.Infof("osquery version: %s", info.Version)
		}

		if !VersionCheck(MinOsQueryVersion, info.Version) {
			Log.Errorf("%s requires osqueryi version %s or later.", Name, MinOsQueryVersion)
			info.Enabled = false
		}

		var hostname = "n/a"
		var ip = node.Socket.Addr()

		if os, err := os.Hostname(); err == nil {
			hostname = os
		}

		addrs, _ := net.LookupIP(hostname)

		for _, addr := range addrs {
			if ipv4 := addr.To4(); ipv4 != nil {
				ip = ipv4.String()
			}
		}

		os := runtime.GOOS

		rmsg := Message{
			Error: err,
			Data: map[string]interface{}{
				"envdb-version":       Version,
				"name":                node.Name,
				"id":                  node.Id,
				"osquery":             info.Enabled,
				"osquery-version":     info.Version,
				"osquery-config-path": info.ConfigPath,
				"ip":       ip,
				"hostname": hostname,
				"os":       os,
			},
		}

		return rmsg, nil
	})

	node.Socket.Handlers = handlers
}