diff --git a/samples/automation_lambdas/ArtifactoryInstallerUpdate.py b/samples/automation_lambdas/ArtifactoryInstallerUpdate.py index 58dec2dba..15e8b25bc 100755 --- a/samples/automation_lambdas/ArtifactoryInstallerUpdate.py +++ b/samples/automation_lambdas/ArtifactoryInstallerUpdate.py @@ -28,6 +28,7 @@ import requests import json import boto3 +from botocore.exceptions import ClientError from multiprocessing import Process, Pipe ############################################# @@ -43,7 +44,8 @@ #Debian versions have to be uploaded in a weird way to support repos, please follow the existing format to add a new repo deb_ver = ["stretch","buster","bullseye","xenial","bionic","focal","jammy"] deb_arm_ver = ["bionic","focal","jammy"] - +#Temp folder location +temporary_folder = "/tmp/" # nosec # Function to grab secrets def get_secret(secid): @@ -65,7 +67,7 @@ def get_secret(secid): return sec1, sec2 def alert_slack(message): - requests.post(slackhook, headers = {"Content-Type": "application/json"}, json = {"text": message}) + requests.post(slackhook, headers = {"Content-Type": "application/json"}, json = {"text": message}, timeout=5) print("Slack Message Sent:",message) def do_the_needful(filters,uri,env): @@ -121,16 +123,16 @@ def do_the_needful(filters,uri,env): else: pass - path="/tmp/" + fname + path=f"{temporary_folder}{fname}" try: #Download the installer download_response = falcond.download_sensor_installer(id=sha, - download_path="/tmp/", file_name=fname) + download_path=temporary_folder, file_name=fname) except: print("Error Downloading\n",os,env,fname) try: #Upload to Artifactory - response1=requests.put(afurl,auth=(afusername, afkey), data=open(path,'rb').read(),verify=False) + response1=requests.put(afurl,auth=(afusername, afkey), data=open(path,'rb').read(), verify=False, timeout=5) except: print("Error Uploading ",os,env,fname) print("Installer Downloaded:\n",os,env,filters,"\n",name,download_response['body']) diff --git a/samples/automation_lambdas/FalconBot-EDR_End.py b/samples/automation_lambdas/FalconBot-EDR_End.py index 7225fddc2..2b738e01f 100755 --- a/samples/automation_lambdas/FalconBot-EDR_End.py +++ b/samples/automation_lambdas/FalconBot-EDR_End.py @@ -104,7 +104,7 @@ def slack_post(message): print(slack_data) final_response = requests.post( - url=response_url, data=slack_data, + url=response_url, data=slack_data, timeout=5, headers={'Content-Type': 'application/json'} ) print(final_response.text) diff --git a/samples/automation_lambdas/IntelDownloads.py b/samples/automation_lambdas/IntelDownloads.py index d72406df0..e51fed68f 100755 --- a/samples/automation_lambdas/IntelDownloads.py +++ b/samples/automation_lambdas/IntelDownloads.py @@ -8,6 +8,7 @@ import requests import boto3 import smtplib +from botocore.exceptions import ClientError from email.mime.application import MIMEApplication from email.mime.multipart import MIMEMultipart from email.mime.text import MIMEText @@ -17,7 +18,7 @@ port = 587 dest_em = "" slackhook = "https://hooks.slack.com/services/" -pdf_path = "/tmp/CS_Daily_Intel_Report.pdf" +pdf_path = "/tmp/CS_Daily_Intel_Report.pdf" # nosec em_message = "This is an automated email sent from an unmonitored inbox. \nFor issues with this automation, please reach out to the Operations Team" # Function to grab secrets @@ -49,11 +50,11 @@ def upload_to_slack(slack_token, subject): headers = {"authorization": f"Bearer {slack_token}",} with open(pdf_path, "rb") as f: files = {"file": f} - output = requests.post('https://slack.com/api/files.upload', data=payload, headers=headers, files=files) + output = requests.post('https://slack.com/api/files.upload', data=payload, headers=headers, files=files, timeout=5) print(output.text) def alert_don(message): - requests.post(slackhook, headers = {"Content-Type": "application/json"}, json = {"text": message}) + requests.post(slackhook, headers = {"Content-Type": "application/json"}, json = {"text": message}, timeout=5) print("Slack Message Sent:",message) def send_email_pdf(subject, dest_em, email_un, email_pw, desc): diff --git a/samples/automation_lambdas/PickNextSensorVersion.py b/samples/automation_lambdas/PickNextSensorVersion.py index 350833ed2..c84157318 100755 --- a/samples/automation_lambdas/PickNextSensorVersion.py +++ b/samples/automation_lambdas/PickNextSensorVersion.py @@ -26,11 +26,11 @@ def get_secret(secret): # Decrypts secret using the associated KMS key. secrets = json.loads(get_secret_value_response['SecretString']) - if secret == "CSKey": + if secret == "CSKey": # nosec clientid = secrets['clientid'] clientsec = secrets['clientsec'] return clientid, clientsec - elif secret == "APIKey": + elif secret == "APIKey": # nosec key = secrets['update_key'] return key else: @@ -39,22 +39,22 @@ def get_secret(secret): def alert_don(message): slack_data = json.dumps({'blocks': message}) - requests.post(url=slackhook, data=slack_data,headers={'Content-Type': 'application/json'}) + requests.post(url=slackhook, data=slack_data,headers={'Content-Type': 'application/json'}, timeout=5) print("Slack Message Sent:",message) def grab_dates(): - dates = requests.get('https://.execute-api.us-east-1.amazonaws.com/default/API/sensor_dates_changes', headers = {'auth': 'YOUR_API_KEY'}).text + dates = requests.get('https://.execute-api.us-east-1.amazonaws.com/default/API/sensor_dates_changes', headers = {'auth': 'YOUR_API_KEY'}, timeout=5).text return dates def grab_versions(): - versions = requests.get('https://.execute-api.us-east-1.amazonaws.com/default/API/proposed_sensor_versions', headers = {'auth': 'YOUR_API_KEY'}).text.replace('[', '').replace(']', '') + versions = requests.get('https://.execute-api.us-east-1.amazonaws.com/default/API/proposed_sensor_versions', headers = {'auth': 'YOUR_API_KEY'}, timeout=5).text.replace('[', '').replace(']', '') return versions def set_new_versions(platform,version): url = 'https://.execute-api.us-east-1.amazonaws.com/default/API/proposed_sensor_versions/up' payload = "{\""+platform+"\": \""+version+"\"}" headers = {'auth': EDR_Update_Key,'Content-Type': 'text/plain'} - response = requests.patch(url, headers=headers, data=payload) + response = requests.patch(url, headers=headers, data=payload, timeout=5) print(response) def lambda_handler(event, context): diff --git a/samples/automation_lambdas/Sensor_version_change.py b/samples/automation_lambdas/Sensor_version_change.py index cf98f5753..fde4dc109 100755 --- a/samples/automation_lambdas/Sensor_version_change.py +++ b/samples/automation_lambdas/Sensor_version_change.py @@ -33,7 +33,7 @@ def get_secret(secret): # Decrypts secret using the associated KMS key. secrets = json.loads(get_secret_value_response['SecretString']) - if secret == "Falcon_Key": + if secret == "Falcon_Key": # nosec clientid = secrets['clientid'] clientsec = secrets['clientsec'] return clientid, clientsec @@ -43,16 +43,16 @@ def get_secret(secret): def slack_alert(message): slack_data = json.dumps({'blocks': message}) - response = requests.post(url=slackhook, data=slack_data,headers={'Content-Type': 'application/json'}) + response = requests.post(url=slackhook, data=slack_data,headers={'Content-Type': 'application/json'}, timeout=5) print("Slack Message Sent:",message) print(response) def grab_dates(): - dates = requests.get('https://.execute-api.us-east-1.amazonaws.com/default/API/sensor_date_changes', headers = {'auth': 'YOUR_API_KEY'}).text + dates = requests.get('https://.execute-api.us-east-1.amazonaws.com/default/API/sensor_date_changes', headers = {'auth': 'YOUR_API_KEY'}, timeout=5).text return dates def grab_versions(): - versions = requests.get('https://.execute-api.us-east-1.amazonaws.com/default/API/proposed_sensor_versions', headers = {'auth': 'YOUR_API_KEY'}).text.replace('[', '').replace(']', '') + versions = requests.get('https://.execute-api.us-east-1.amazonaws.com/default/API/proposed_sensor_versions', headers = {'auth': 'YOUR_API_KEY'}, timeout=5).text.replace('[', '').replace(']', '') return versions def set_new_versions(policy,version,platform): @@ -84,7 +84,7 @@ def set_new_versions(policy,version,platform): def patch_api(platform,version): payload = "{\""+platform+"\": \""+version+"\"}" print(payload) - response = requests.patch("https://.execute-api.us-east-1.amazonaws.com/default/API/sensor_versions/up", headers = {'auth': EDR_Update_Key,'Content-Type': 'text/plain'}, data=payload) + response = requests.patch("https://.execute-api.us-east-1.amazonaws.com/default/API/sensor_versions/up", headers = {'auth': EDR_Update_Key,'Content-Type': 'text/plain'}, data=payload, timeout=5) print("Update in EDR API: ",response) #####!!!!! Need to Send Slack Start alert @@ -95,7 +95,7 @@ def lambda_handler(event, context): print("Congrats! It's time to run this puppy and update the Sensor Versions!!!") # Send Slack Start alert body = "Hello Teams!\n This is a reminder that the scheduled change of the Standard Sensor Versions is about to occur in 5 minutes." - output = requests.post('https://hooks.slack.com/services/.execute-api.us-east-1.amazonaws.com/default/API/sensor_versions", headers=headersList) + response = requests.get("https://.execute-api.us-east-1.amazonaws.com/default/API/sensor_versions", headers=headersList, timeout=5) version = json.loads(response.text)[0][id] return version @@ -167,7 +167,7 @@ def lambda_handler(event, context): else: body = ":warning: Hey Team,\n there's a new distro you haven't accounted for yet\n"+d - output = requests.post(slackhook, headers = {"Content-Type": "application/json"}, json = {"text": body}) + output = requests.post(slackhook, headers = {"Content-Type": "application/json"}, json = {"text": body}, timeout=5) outdata +="" @@ -185,5 +185,6 @@ def lambda_handler(event, context): #Send completion Message to Slack output = requests.post(slackhook, headers = {"Content-Type": "application/json"}, - json = {"text": "The Linux Supported Kernels Page has been updated"}) + json = {"text": "The Linux Supported Kernels Page has been updated"}, + timeout=5) print("Slack post status: "+output.text)