Permalink
Browse files

Fixup inline comments

  • Loading branch information...
pwnbus committed Oct 5, 2018
1 parent ef49306 commit 5428a401104de4800170b72bba176712dde11da6
View
@@ -26,7 +26,6 @@ ignore =
E241 # multiple spaces after ','
E251 # unexpected spaces around keyword / parameter equals
E261 # at least two spaces before inline comment
E262 # inline comment should start with '# '
E265 # block comment should start with '# '
E266 # too many leading '#' for block comment
E271 # multiple spaces after keyword
@@ -24,7 +24,7 @@
import time
httpsession = FuturesSession(max_workers=5)
httpsession.trust_env=False #turns of needless .netrc check for creds
httpsession.trust_env=False # turns of needless .netrc check for creds
#a = requests.adapters.HTTPAdapter(max_retries=2)
#httpsession.mount('http://', a)
@@ -93,7 +93,7 @@ def postLogs(logcache):
postingProcess=Process(target=postLogs,args=(logcache,),name="json2MozdefStressTest")
postingProcess.start()
except OSError as e:
if e.errno==35: #resource temporarily unavailable.
if e.errno==35: # resource temporarily unavailable.
print(e)
pass
else:
@@ -104,7 +104,7 @@ def postLogs(logcache):
postingProcess=Process(target=postLogs,args=(logcache,),name="json2MozdefStressTest")
postingProcess.start()
except OSError as e:
if e.errno==35: #resource temporarily unavailable.
if e.errno==35: # resource temporarily unavailable.
print(e)
pass
else:
View
@@ -181,11 +181,11 @@ def debug(msg):
},
'sapi': {
"event": 'API Operation',
"level": 1 #Info
"level": 1 # Info
},
'fapi': {
"event": 'Failed API Operation',
"level": 3 #Error
"level": 3 # Error
},
'limit_wc': {
"event": 'Blocked Account',
@@ -197,7 +197,7 @@ def debug(msg):
},
'api_limit': {
"event": 'Rate Limit On API',
"level": 4 #Critical
"level": 4 # Critical
},
'sdu': {
"event": 'Successful User Deletion',
View
@@ -137,12 +137,12 @@ def searchMongoAlerts(mozdefdb):
# to find common attackers.
ipv4TopHits = alerts.aggregate([
{"$sort": {"utcepoch":-1}}, # reverse sort the current alerts
{"$limit": 100}, #most recent 100
{"$limit": 100}, # most recent 100
{"$match": {"events.documentsource.details.sourceipaddress":{"$exists": True}}}, # must have an ip address
{"$match": {"attackerid":{"$exists": False}}}, # must not be already related to an attacker
{"$unwind":"$events"}, #make each event into it's own doc
{"$unwind":"$events"}, # make each event into it's own doc
{"$project":{"_id":0,
"sourceip":"$events.documentsource.details.sourceipaddress"}}, #emit the source ip only
"sourceip":"$events.documentsource.details.sourceipaddress"}}, # emit the source ip only
{"$group": {"_id": "$sourceip", "hitcount": {"$sum": 1}}}, # count by ip
{"$match":{"hitcount":{"$gt":5}}}, # limit to those with X observances
{"$sort": SON([("hitcount", -1), ("_id", -1)])}, # sort
@@ -136,7 +136,7 @@ def initConfig():
options.fqdnlimit = getConfig('fqdnlimit', 1000, options.configfile)
# AWS creds
options.aws_access_key_id=getConfig('aws_access_key_id','',options.configfile) #aws credentials to use to connect to mozilla_infosec_blocklist
options.aws_access_key_id=getConfig('aws_access_key_id','',options.configfile) # aws credentials to use to connect to mozilla_infosec_blocklist
options.aws_secret_access_key=getConfig('aws_secret_access_key','',options.configfile)
options.aws_bucket_name=getConfig('aws_bucket_name','',options.configfile)
options.aws_document_key_name=getConfig('aws_document_key_name','',options.configfile)
@@ -206,7 +206,7 @@ def initConfig():
options.iplimit = getConfig('iplimit', 1000, options.configfile)
# AWS creds
options.aws_access_key_id=getConfig('aws_access_key_id','',options.configfile) #aws credentials to use to connect to mozilla_infosec_blocklist
options.aws_access_key_id=getConfig('aws_access_key_id','',options.configfile) # aws credentials to use to connect to mozilla_infosec_blocklist
options.aws_secret_access_key=getConfig('aws_secret_access_key','',options.configfile)
options.aws_bucket_name=getConfig('aws_bucket_name','',options.configfile)
options.aws_document_key_name=getConfig('aws_document_key_name','',options.configfile)
View
@@ -192,12 +192,12 @@ def main():
def initConfig():
options.output=getConfig('output','stdout',options.configfile) #output our log to stdout or syslog
options.sysloghostname=getConfig('sysloghostname','localhost',options.configfile) #syslog hostname
options.syslogport=getConfig('syslogport',514,options.configfile) #syslog port
options.url = getConfig('url', 'http://localhost:8080/events', options.configfile) #mozdef event input url to post to
options.output=getConfig('output','stdout',options.configfile) # output our log to stdout or syslog
options.sysloghostname=getConfig('sysloghostname','localhost',options.configfile) # syslog hostname
options.syslogport=getConfig('syslogport',514,options.configfile) # syslog port
options.url = getConfig('url', 'http://localhost:8080/events', options.configfile) # mozdef event input url to post to
options.state_file_name = getConfig('state_file_name','{0}.state'.format(sys.argv[0]),options.configfile)
options.recordlimit = getConfig('recordlimit', 1000, options.configfile) #max number of records to request
options.recordlimit = getConfig('recordlimit', 1000, options.configfile) # max number of records to request
#
# See
# https://developers.google.com/admin-sdk/reports/v1/guides/delegation
View
@@ -143,14 +143,14 @@ def main():
def initConfig():
options.output=getConfig('output','stdout',options.configfile) #output our log to stdout or syslog
options.sysloghostname=getConfig('sysloghostname','localhost',options.configfile) #syslog hostname
options.syslogport=getConfig('syslogport',514,options.configfile) #syslog port
options.apikey=getConfig('apikey','',options.configfile) #okta api key to use
options.oktadomain = getConfig('oktadomain', 'yourdomain.okta.com', options.configfile) #okta domain: something.okta.com
options.output=getConfig('output','stdout',options.configfile) # output our log to stdout or syslog
options.sysloghostname=getConfig('sysloghostname','localhost',options.configfile) # syslog hostname
options.syslogport=getConfig('syslogport',514,options.configfile) # syslog port
options.apikey=getConfig('apikey','',options.configfile) # okta api key to use
options.oktadomain = getConfig('oktadomain', 'yourdomain.okta.com', options.configfile) # okta domain: something.okta.com
options.esservers=list(getConfig('esservers','http://localhost:9200',options.configfile).split(','))
options.state_file=getConfig('state_file','{0}.json'.format(sys.argv[0]),options.configfile)
options.recordlimit = getConfig('recordlimit', 10000, options.configfile) #max number of records to request
options.recordlimit = getConfig('recordlimit', 10000, options.configfile) # max number of records to request
if __name__ == '__main__':
@@ -37,7 +37,7 @@
#use futures to run in the background
#httpsession = FuturesSession(max_workers=5)
httpsession = requests.session()
httpsession.trust_env=False #turns of needless .netrc check for creds
httpsession.trust_env=False # turns of needless .netrc check for creds
#a = requests.adapters.HTTPAdapter(max_retries=2)
#httpsession.mount('http://', a)
@@ -142,7 +142,7 @@ def makeEvents():
postingProcess=Process(target=postLogs,args=(logcache,),name="json2MozdefDemoData")
postingProcess.start()
except OSError as e:
if e.errno==35: #resource temporarily unavailable.
if e.errno==35: # resource temporarily unavailable.
print(e)
pass
else:
@@ -211,7 +211,7 @@ def makeAlerts():
postingProcess=Process(target=postLogs,args=(logcache,),name="json2MozdefDemoData")
postingProcess.start()
except OSError as e:
if e.errno==35: #resource temporarily unavailable.
if e.errno==35: # resource temporarily unavailable.
print(e)
pass
else:
@@ -280,7 +280,7 @@ def makeAttackers():
postingProcess=Process(target=postLogs,args=(logcache,),name="json2MozdefDemoData")
postingProcess.start()
except OSError as e:
if e.errno==35: #resource temporarily unavailable.
if e.errno==35: # resource temporarily unavailable.
print(e)
pass
else:
@@ -330,7 +330,7 @@ def initConfig():
postingProcess=Process(target=postLogs,args=(logcache,),name="json2MozdefDemoData")
postingProcess.start()
except OSError as e:
if e.errno==35: #resource temporarily unavailable.
if e.errno==35: # resource temporarily unavailable.
print(e)
pass
else:
View
@@ -41,7 +41,7 @@ def bulkindex():
bulkpost=request.body.read()
#bottlelog('request:{0}\n'.format(bulkpost))
request.body.close()
if len(bulkpost)>10: #TODO Check for bulk format.
if len(bulkpost)>10: # TODO Check for bulk format.
#iterate on messages and post to event message queue
eventlist=[]
@@ -56,7 +56,7 @@ def bulkindex():
except ValueError as e:
response.status=500
return
if not 'index' in json.loads(i).keys(): #don't post the items telling us where to post things..
if not 'index' in json.loads(i).keys(): # don't post the items telling us where to post things..
ensurePublish=mqConn.ensure(mqproducer,mqproducer.publish,max_retries=10)
ensurePublish(eventDict,exchange=eventTaskExchange,routing_key=options.taskexchange)
except ValueError:
View
@@ -592,7 +592,7 @@ def verisSummary(verisRegex=None):
{"$match":{"tags":{"$exists":True}}},
{"$unwind": "$tags"},
{"$match":{"tags":{"$regex":''}}}, #regex for tag querying
{"$match":{"tags":{"$regex":''}}}, # regex for tag querying
{"$project": {"dateOpened": 1,
"tags": 1,
"phase": 1,

0 comments on commit 5428a40

Please sign in to comment.