thinkst / opencanary-correlator Goto Github PK
View Code? Open in Web Editor NEWCentral correlator for opencanary instances
Home Page: http://opencanary.org
License: BSD 3-Clause "New" or "Revised" License
opencanary-correlator's People
Contributors
Stargazers
Watchers
Forkers
cgoss 4sp1r3 kontez n0x00 15124585561 brainrecursion adaisy319 wiregrasscoder sp0q1 rtm516 tubbz-alt paradoxicalsphere jvedman pavthedog middleoutsecurity dekoder grumbert probablecause jantonio1099opencanary-correlator's Issues
PyNaCl 0.3.0 - Ubuntu 24.04?
Dependency issue for PyNaCl on Ubuntu 24.04. Does anyone have any recommendations to get this working?
Would it be better to install on Ubuntu 20.04?
Is the Correlator dead?
Hi!
This project has not been touched in almost 4 Years and is still on Python 2.7.
Will there be any further development?
Thanks,
Marc
Fulgy diff for local mailserver..
Hi,
Dunno if this is of interest.
I am not a programmer, as you almost certainly see :)
But I made this to get the correlator to send mail with a "non-auth" mail-server like a local one..
diff --git a/opencanary_correlator/common/emailer.py b/opencanary_correlator/common/emailer.py
index 931ee93..c224a6e 100644
--- a/opencanary_correlator/common/emailer.py
+++ b/opencanary_correlator/common/emailer.py
@@ -4,7 +4,7 @@ import opencanary_correlator.common.config as c
from email.mime.text import MIMEText
from opencanary_correlator.common.logs import logger
-def send_email(from_='[email protected]', to='', subject='', message='', server=''):
+def send_email(from_='[email protected]', to='', subject='', message='', server='', port=''):
logger.debug('Emailing %s' % to)
if not server:
return
@@ -14,8 +14,7 @@ def send_email(from_='[email protected]', to='', subject='', message=
msg['Subject'] = subject
msg['From'] = from_
msg['To'] = to
-
- s = smtplib.SMTP(server)
+ s = smtplib.SMTP(server, port)
try:
s.sendmail(from_, [to], msg.as_string())
logger.info('Email sent to %s' % (to))
diff --git a/opencanary_correlator/common/notifications.py b/opencanary_correlator/common/notifications.py
index dc42578..e9dc7a1 100644
--- a/opencanary_correlator/common/notifications.py
+++ b/opencanary_correlator/common/notifications.py
@@ -1,6 +1,6 @@
from twilio.rest import TwilioRestClient
from opencanary_correlator.common.logs import logger
-from opencanary_correlator.common.emailer import mandrill_send
+from opencanary_correlator.common.emailer import mandrill_send, send_email
import opencanary_correlator.common.config as c
class SMS:
@@ -19,21 +19,24 @@ class SMS:
)
def notify(incident):
- if c.config.getVal('console.email_notification_enable', False):
+ if c.config.getVal('console.email_notification_enable', True):
logger.debug('Email notifications enabled')
addresses = c.config.getVal('console.email_notification_address', default=[])
for address in addresses:
logger.debug('Email sent to %s' % address)
- mandrill_send(to=address,
- subject=incident.format_title(),
- message=incident.format_report())
-# server = c.config.getVal('console.email_notification_server', default='')
-# if len(addresses) > 0 and server:
-# for address in addresses:
-# send_email(to=address,
-# subject=incident.format_title(),
-# message=incident.format_report(),
-# server=server)
+ if c.config.getVal('console.email.notification_mandrill', False):
+ mandrill_send(to=address,
+ subject=incident.format_title(),
+ message=incident.format_report())
+ if c.config.getVal('console.email.notification_localmailserver', True):
+ server = c.config.getVal('console.email_notification_server', default='')
+ port = c.config.getVal('console.email_notification_server_port', default='')
+ for address in addresses:
+ send_email(to=address,
+ subject=incident.format_title(),
+ message=incident.format_report(),
+ server=server,
+ port=port)
if c.config.getVal('console.sms_notification_enable', default=False):
diff --git a/opencanary_correlator/opencanary_correlator.conf b/opencanary_correlator/opencanary_correlator.conf
index 016c02f..6bc0dba 100644
--- a/opencanary_correlator/opencanary_correlator.conf
+++ b/opencanary_correlator/opencanary_correlator.conf
@@ -2,8 +2,12 @@
"twilio.auth_token": "",
"console.sms_notification_enable": true,
"console.sms_notification_numbers": [],
- "console.email_notification_enable": true,
- "console.email_notification_address": [],
+ "console.email.notification_mandrill" : false,
+ "console.email.notification_localmailserver" : true,
+ "console.email_notification_enable" : true,
+ "console.email_notification_address" : ["[email protected]"],
+ "console.email_notification_server" : "localhost",
+ "console.email_notification_server_port" : 25,
"twilio.from_number": "",
"console.mandrill_key": "",
"scans.network_portscan_horizon": 1000,
Regards Falk
Update instructions to reflect Python 2.7 as many distros default to Python 3.x
Please update installation instructions to explicitly use Python 2.7 or update the code as there are some issues with running it under Python 3. Many distros default to Python 3.x.
Specify Python 2.7 when building the virtualenv:
virtualenv -p /usr/bin/python2.7 <env_name>
Thanks!
Stuck on a logging issue in Python 3.85
Running on Ubuntu 20.0.4 LTS.
First, I know you all aren't working on pushing up to Python 3.x, but I am. I have installed the correlator with all package version maximums blanked (so running the latest versions of everything in the standard Ubuntu repository) and have the correlator starting (apparently) correctly, but after that any activity that should generate an alert gives me the following errors in /var/log/syslog:
`Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: Unhandled Error
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: Traceback (most recent call last):
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: File "/cor/lib/python3.8/site-packages/Twisted-21.2.0-py3.8.egg/twisted/python/log.py", line 101, in callWithLogger
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: return callWithContext({"system": lp}, func, *args, **kw)
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: File "/cor/lib/python3.8/site-packages/Twisted-21.2.0-py3.8.egg/twisted/python/log.py", line 85, in callWithContext
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: return context.call({ILogContext: newCtx}, func, *args, **kw)
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: File "/cor/lib/python3.8/site-packages/Twisted-21.2.0-py3.8.egg/twisted/python/context.py", line 118, in callWithContext
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: return self.currentContext().callWithContext(ctx, func, *args, **kw)
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: File "/cor/lib/python3.8/site-packages/Twisted-21.2.0-py3.8.egg/twisted/python/context.py", line 83, in callWithContext
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: return func(*args, **kw)
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: --- ---
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: File "/cor/lib/python3.8/site-packages/Twisted-21.2.0-py3.8.egg/twisted/internet/posixbase.py", line 687, in _doReadOrWrite
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: why = selectable.doRead()
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: File "/cor/lib/python3.8/site-packages/Twisted-21.2.0-py3.8.egg/twisted/internet/tcp.py", line 246, in doRead
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: return self._dataReceived(data)
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: File "/cor/lib/python3.8/site-packages/Twisted-21.2.0-py3.8.egg/twisted/internet/tcp.py", line 251, in _dataReceived
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: rval = self.protocol.dataReceived(data)
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: File "/cor/lib/python3.8/site-packages/Twisted-21.2.0-py3.8.egg/twisted/protocols/basic.py", line 536, in dataReceived
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: line, self._buffer = self._buffer.split(self.delimiter, 1)
Mar 10 14:29:57 python3-nas opencanary-correlator[31490]: builtins.TypeError: a bytes-like object is required, not 'str'`
I'm having trouble figuring out where the write (or maybe read?) is that is causing the problem. I've tried encoding everything place that I can find that looks like it is writing to a log. I was hoping that one of you who wrote the logging and incident pieces might have some insight to what I'm not seeing.
Oh, and I'm passing all of my code back along to you all. Once you accept my initial PR for syntax clean up I'll also share my SendGrid integration.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.