From e416d8d18b8c0bdefcd7797cc7058891bc9703b7 Mon Sep 17 00:00:00 2001 From: frank Date: Mon, 11 Sep 2023 17:12:10 +0200 Subject: [PATCH] Maintain db functions for remediation collections --- www/reportReader/busReader.js | 17 +++++++------ www/reportReader/maintainDB.js | 42 ++++++++++++++++++++++++++++++-- www/routes/sancus/remediation.js | 4 ++- www/test/test_remediation.js | 15 ++++++++++++ 4 files changed, 68 insertions(+), 10 deletions(-) create mode 100644 www/test/test_remediation.js diff --git a/www/reportReader/busReader.js b/www/reportReader/busReader.js index 380b26381..c65155b60 100644 --- a/www/reportReader/busReader.js +++ b/www/reportReader/busReader.js @@ -63,7 +63,6 @@ async function queryIpMongo( attackId ) { } finally { // Close the MongoDB connection client.close(); - console.log("Query ip mongo" + ipAttacker) return ipAttacker; } } @@ -71,7 +70,7 @@ async function queryIpMongo( attackId ) { // Initialize an empty array to store the output JSON objects const outputJson = {}; var ipAttacker = "10.2.2.3" ; - + try{ if( typeof json1[0] === 'string'){ ipAttacker = await queryIpMongo( json1[0] ); const currentTimestampInSeconds = Math.floor(new Date().getTime() / 1000); @@ -84,11 +83,17 @@ async function queryIpMongo( attackId ) { outputJson.timestamp = currentTimestampInSeconds ; } + } catch( err ){ + console.error('Error:', err); + + } + finally{ return outputJson; + } } function receiveMessage (channel, message) { - console.log( "[" + channel + "] " + message ); + //console.log( "[" + channel + "] " + message ); try{ processMessage.process( message ); }catch( err ){ @@ -122,17 +127,15 @@ report_client_miugio.on('message', async function ( channel,message) { //json.description = 'ciao'; // Print the JSON objects - console.log(jsonAttacks) - console.log(jsonRemediation) - //process message: insert into "sancus_report" collection if( JSON.stringify(jsonAttacks) != '{}') sancus_db.add("remediationAttack",[jsonAttacks]); - if( JSON.stringify(jsonRemediation) != '{}') + if( JSON.stringify(jsonRemediation) != '{}') sancus_db.add("remediationVuln", [ jsonRemediation]); + } catch (error) { diff --git a/www/reportReader/maintainDB.js b/www/reportReader/maintainDB.js index 353faa45e..e2aaad141 100644 --- a/www/reportReader/maintainDB.js +++ b/www/reportReader/maintainDB.js @@ -83,6 +83,9 @@ var additionalTime = 0; * @param collectionPrefix * @param timestamp: the timestamp of the last report of a probe having the given probeID * @param probeID + * @returnsctionPrefix + * @param timestamp: the timestamp of the last report of a probe having the given probeID + * @param probeID * @returns */ function _maintainCollection( db, collectionPrefix, timestamp, probeID ){ @@ -148,7 +151,23 @@ function _maintainDatabaseSize( database ){ setTimeout( _maintainDatabase, 1000, database ); }); } +function _maintainRemediationCollection ( database, collectionName, cb ) { + if( additionalTime === 0 ) + return cb(); + try{ + console.log("_maintainRemediationCollection") + database.collection(collectionName).deleteMany({ + timestamp: { + $lt: Math.floor(Date.now() / 1000) - (5 * 60) // 5 minutes in seconds + } + }); + + cb(); + } catch( e ){ + console.error( e ); + } + } function _maintainSecurityCollection( database, cb ){ //collection security is cutoff only if Database size >= the limit if( additionalTime === 0 ) @@ -231,11 +250,31 @@ function _maintainDatabase( database ){ _maintainCollection( database, "data_sctp_" , timestamp ); _maintainCollection( database, "data_ndn_" , timestamp ); _maintainCollection( database, "availability_" , timestamp ); - //collection security is cutoff only if Database size >= the limit _maintainSecurityCollection( database, function(){ + //this avoids delete DB so frequently + //it helps when trying delete documents from DB but the storage size does not reduce to DB_LIMIT_SIZE + // (as DB_LIMIT_SIZE is too small) + //maintain by db size + setTimeout( _maintainDatabaseSize, 10000, database ); + }); + //collection security is cutoff only if Database size >= the limit + console.log("Execute Db function for Remediation" ); + _maintainRemediationCollection(database, "remediationAttack", function(){ + console.log("DB remove remediationAttack"); + //this avoids delete DB so frequently + //it helps when trying delete documents from DB but the storage size does not reduce to DB_LIMIT_SIZE + // (as DB_LIMIT_SIZE is too small) + //maintain by db size + setTimeout( _maintainDatabaseSize, 10000, database ); + }); + console.log("Execute Db function for Remediation"); + + _maintainRemediationCollection(database, "remediationVuln", function(){ + console.log("DB remove remediationVuln"); + //this avoids delete DB so frequently //it helps when trying delete documents from DB but the storage size does not reduce to DB_LIMIT_SIZE // (as DB_LIMIT_SIZE is too small) @@ -273,4 +312,3 @@ process.on('SIGINT',function(){ console.log("Exit maintainer " + process.pid); process.exit(); }); - diff --git a/www/routes/sancus/remediation.js b/www/routes/sancus/remediation.js index 47f220434..3ef219fde 100644 --- a/www/routes/sancus/remediation.js +++ b/www/routes/sancus/remediation.js @@ -9,7 +9,9 @@ pub_sub = require("../../libs/kafka"); //Pass the message through the route const { Kafka } = require('kafkajs'); const scriptCode = ` - print("Remediation")// Your script code here +kubectl exec -it amf-45-ipds-0 -n ath-cmm-45 nft insert rule ip filter INPUT ip daddr 3.201.40.3 drop + +// Your script code here `; async function produceMessage(msg) { // Create a new Kafka instance diff --git a/www/test/test_remediation.js b/www/test/test_remediation.js new file mode 100644 index 000000000..ca9d8cd9b --- /dev/null +++ b/www/test/test_remediation.js @@ -0,0 +1,15 @@ +const{ myRemediation, mySize} = require("../reportReader/maintainDB"); +const { MongoClient } = require('mongodb'); + + + + const client = new MongoClient("mongodb://localhost:27017" ,{ useNewUrlParser: true, useUnifiedTopology: true }); + + + // Connect to MongoDB + await client.connect(); +const db = client.db("mmt-data"); + + + +