Exemplos de ValueToAgent em Golang

Linguagem de programação: Golang

Espaço para nome / nome do pacote: mig/ninja/mig/client

Método / Função: ValueToAgent

Exemplos em hotexamples.com: 2

ValueToAgent em Golang - 2 exemplos encontrados. Esses são os exemplos do mundo real mais bem avaliados de mig/ninja/mig/client.ValueToAgent em Golang extraídos de projetos de código aberto. Você pode avaliar os exemplos para nos ajudar a melhorar a qualidade deles.

Relacionados

UnmarshalText

NewF5Plugin

NewProduct

ResponseOption

MakeFromLiteral

NewPrinter

GetMap

PrintServerUsage

jv_invalid_with_msg

Parse

Related in langs

User_notification (PHP)

TaskStates (PHP)

Microsoft.DirectX.GraphicsStream (C#)

GetCommentRespond (C#)

geo (C++)

get (C++)

Button (Java)

SymbolGenerator (Java)

tag_ (Python)

retrieve_objectlist (Python)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: search.go Projeto: sneha29shukla/mig

// search runs a search for actions, commands or agents func search(input string, cli client.Client) (err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("search() -> %v", e) } }() orders := strings.Split(input, " ") if len(orders) < 2 { orders = append(orders, "help") } sType := "" switch orders[1] { case "action", "agent", "command", "investigator": sType = orders[1] case "", "help": fmt.Printf(`usage: search <action|agent|command|investigator> where <key>=<value> [and <key>=<value>...] Example: mig> search command where agentname=%%khazad%% and investigatorname=%%vehent%% and actionname=%%memory%% and after=2015-09-09T17:00:00Z ---- ID ---- + ---- Name ---- + --- Last Updated --- 4886304327951 memory -c /home/ulfr/.migrc... 2015-09-09T13:01:03-04:00 The following search parameters are available, per search type: * action: - name=<str> search actions by name <str> - before=<rfc3339> search actions that expired before <rfc3339 date> - after=<rfc3339> search actions were valid after <rfc3339 date> - commandid=<id> search action that spawned a given command - agentid=<id> search actions that ran on a given agent - agentname=<str> search actions that ran on an agent named <str> - investigatorid=<id> search actions signed by a given investigator - investigatorname=<str>search actions signed by investigator named <str> - status=<str> search actions with a given status amongst: pending, scheduled, preparing, invalid, inflight, completed * command: - name=<str> search commands by action name <str> - before=<rfc3339> search commands that started before <rfc3339 date> - after=<rfc3339> search commands that started after <rfc3339 date> - actionid=<id> search commands spawned action <id> - actionname=<str> search commands spawned by an action named <str> - agentname=<str> search commands that ran on an agent named <str> - agentid=<id> search commands that ran on a given agent - investigatorid=<id> search commands signed by investigator <id> - investigatorname=<str>search commands signed by investigator named <str> - status=<str> search commands with a given status amongst: prepared, sent, success, timeout, cancelled, expired, failed * agent: - name=<str> search agents by hostname - before=<rfc3339> search agents that have sent a heartbeat before <rfc3339 date> - after=<rfc3339> search agents that have sent a heartbeat after <rfc3339 date> - actionid=<id> search agents that ran action <id> - actionname=<str> search agents that ran action named <str> - commandid=<id> search agents that ran command <id> - investigatorid=<id> search agents that ran an action signed by investigator <id> - investigatorname=<str>search agents that ran an action signed by investigator named <str> - version=<str> search agents by version <str> - status=<str> search agents with a given status amongst: online, upgraded, destroyed, offline, idle * investigator: - name=<str> search investigators by name - before=<rfc3339> search investigators created or modified before <rfc3339 date> - after=<rfc3339> search investigators created or modified after <rfc3339 date> - actionid=<id> search investigators that signed action <id> - actionname=<str> search investigators that signed action named <str> - commandid=<id> search investigators that ran command <id> - agentid=<id> search investigators that ran a command on a given agent - agentname=<str> search investigators that ran actions on an agent named <str>, - status=<str> search investigators by status amongst: active, disabled All searches accept the 'limit=<num>' parameter to limits the number of results returned by a search, defaults to 100 Parameters that accept a <str> can use wildcards * and % (ex: name=jul%veh% ). No spaces are permitted within parameters. Spaces are used to separate search parameters. `) return nil default: return fmt.Errorf("Invalid search '%s'. Try `search help`.\n", input) } p, err := parseSearchQuery(orders) if err != nil { panic(err) } fmt.Printf("Searching %s after %s and before %s, limited to %.0f results\n", p.Type, p.After.Format(time.RFC3339), p.Before.Format(time.RFC3339), p.Limit) resources, err := cli.GetAPIResource("search?" + p.String()) if err != nil { if strings.Contains(fmt.Sprintf("%v", err), "HTTP 404") { panic("No results found for search query: " + p.String()) } panic(err) } switch sType { case "agent": fmt.Println("--- ID ---- + ---- Name ---- + -- Status -- + -- Last Heartbeat --") case "action": fmt.Println("----- ID ----- + -------- Action Name ------- + ----------- Target ---------- + ---- Investigators ---- + - Sent - + - Status - + --- Last Updated --- ") case "command": fmt.Println("---- ID ---- + ---- Name ---- + --- Last Updated ---") case "investigator": fmt.Println("- ID - + ---- Name ---- + --- Status ---") } for _, item := range resources.Collection.Items { for _, data := range item.Data { if data.Name != sType { continue } switch data.Name { case "action": idstr, name, target, datestr, invs, status, sent, err := actionPrintShort(data.Value) if err != nil { panic(err) } fmt.Printf("%s %s %s %s %8d %s %s\n", idstr, name, target, invs, sent, status, datestr) case "command": cmd, err := client.ValueToCommand(data.Value) if err != nil { panic(err) } name := cmd.Action.Name if len(name) < 30 { for i := len(name); i < 30; i++ { name += " " } } if len(name) > 30 { name = name[0:27] + "..." } fmt.Printf("%14.0f %s %s\n", cmd.ID, name, cmd.FinishTime.UTC().Format(time.RFC3339)) case "agent": agt, err := client.ValueToAgent(data.Value) if err != nil { panic(err) } name := agt.Name if len(name) < 30 { for i := len(name); i < 30; i++ { name += " " } } if len(name) > 30 { name = name[0:27] + "..." } status := agt.Status if len(status) < 12 { for i := len(status); i < 12; i++ { status += " " } } if len(status) > 12 { status = status[0:12] } fmt.Printf("%20.0f %s %s %s\n", agt.ID, name, status, agt.HeartBeatTS.UTC().Format(time.RFC3339)) case "investigator": inv, err := client.ValueToInvestigator(data.Value) if err != nil { panic(err) } name := inv.Name if len(name) < 30 { for i := len(name); i < 30; i++ { name += " " } } if len(name) > 30 { name = name[0:27] + "..." } fmt.Printf("%6.0f %s %s\n", inv.ID, name, inv.Status) } } } return }

Exemplo n.º 2

0

Exibir arquivo

Arquivo: main.go Projeto: ZhuHangpeng/mig

func main() { defer func() { if e := recover(); e != nil { fmt.Fprintf(os.Stderr, "error: %v\n", e) os.Exit(1) } }() flag.Usage = func() { fmt.Fprintf(os.Stderr, `%s <query> - Search for MIG Agents Usage: %s -p "console style query" | -t "target style query" The -p or -t flag must be specified. CONSOLE MODE QUERY ------------------ The console mode query allows specific of a query string as would be passed in mig-console using "search agent". It returns all matching agents. EXAMPLE CONSOLE MODE QUERIES ---------------------------- All online agents: $ mig-agent-search -p "status=online" All agents regardless of status: $ mig-agent-search -p "status=%%" See the output of "search help" in mig-console for additional information on how to format these queries. TARGET MODE QUERY ----------------- The target mode query allows specification of an agent targeting string as would be passed to the -t flag using MIG command line. This evaluates agents using the targeting string as the command line would, returning matching agents. A search query is a SQL WHERE condition. It can filter on any field present in the MIG Agents table. Column | Type -----------------+------------------------- id | numeric name | character varying(2048) queueloc | character varying(2048) mode | character varying(2048) version | character varying(2048) pid | integer starttime | timestamp with time zone destructiontime | timestamp with time zone heartbeattime | timestamp with time zone status | character varying(255) environment | json tags | json The "environment" and "tags" fields are free JSON fields and can be queried using Postgresql's JSON querying syntax. Below is an example of environment document: { "addresses": [ "172.21.0.3/20", "fe80::3602:86ff:fe2b:6fdd/64" ], "arch": "amd64", "ident": "Debian testing-updates sid", "init": "upstart", "isproxied": false, "os": "linux", "publicip": "172.21.0.3" } Below is an example of tags document: {"operator":"linuxwall"} EXAMPLE TARGET MODE QUERIES --------------------------- Agent name "myserver.example.net" $ mig-agent-search -t "name='myserver.example.net'" All Linux agents: $ mig-agent-search -t "environment->>'os'='linux'" Ubuntu agents running 32 bits $ mig-agent-search -t "environment->>'ident' LIKE 'Ubuntu%%' AND environment->>'arch'='386'" MacOS agents in datacenter SCL3 $ mig-agent-search -t "environment->>'os'='darwin' AND name LIKE '%%\.scl3\.%%'" Agents with uptime greater than 30 days $ mig-agent-search -t "starttime < NOW() - INTERVAL '30 days'" Linux agents in checkin mode that are currently idle but woke up in the last hour $ mig-agent-search -t "mode='checkin' AND environment->>'os'='linux' AND status='idle' AND starttime > NOW() - INTERVAL '1 hour'" Agents operated by team "opsec" $ mig-agent-search -t "tags->>'operator'='opsec'" Command line flags: `, os.Args[0], os.Args[0]) flag.PrintDefaults() } var err error homedir := client.FindHomedir() var config = flag.String("c", homedir+"/.migrc", "Load configuration from file") var showversion = flag.Bool("V", false, "Show build version and exit") var paramSearch = flag.String("p", "", "Search using mig-console search style query") var targetSearch = flag.String("t", "", "Search using agent targeting string") flag.Parse() if *showversion { fmt.Println(mig.Version) os.Exit(0) } // Instantiate an API client conf, err := client.ReadConfiguration(*config) if err != nil { panic(err) } cli, err := client.NewClient(conf, "agent-search-"+mig.Version) if err != nil { panic(err) } if *paramSearch != "" { // Search using mig-console style keywords p, err := parseSearchQuery(*paramSearch) if err != nil { panic(err) } resources, err := cli.GetAPIResource("search?" + p.String()) if err != nil { panic(err) } fmt.Println("name; id; status; version; mode; os; arch; pid; starttime; heartbeattime; tags; environment") for _, item := range resources.Collection.Items { for _, data := range item.Data { if data.Name != "agent" { continue } agt, err := client.ValueToAgent(data.Value) if err != nil { panic(err) } err = printAgent(agt) if err != nil { panic(err) } } } } else if *targetSearch != "" { // Search using an agent targeting string agents, err := cli.EvaluateAgentTarget(*targetSearch) if err != nil { panic(err) } fmt.Println("name; id; status; version; mode; os; arch; pid; starttime; heartbeattime; tags; environment") for _, agt := range agents { err = printAgent(agt) if err != nil { panic(err) } } } else { panic("must specify -p or -t, see help") } os.Exit(0) }