honeycomb.servicemanager package

Submodules

honeycomb.servicemanager.base_service module

Custom Service implementation from MazeRunner.

class honeycomb.servicemanager.base_service.DockerService(*args, **kwargs)[source]

Bases: honeycomb.servicemanager.base_service.ServerCustomService

Provides an ability to run a Docker container that will be monitored for events.

docker_image_name

Return docker image name.

docker_params

Return a dictionary of docker run parameters.

Returns:Dictionary, e.g., dict(ports={80: 80})
get_lines()[source]

Fetch log lines from the docker service.

Returns:A blocking logs generator
on_server_shutdown()[source]

Stop the container before shutting down.

on_server_start()[source]

Service run loop function.

Run the desired docker container with parameters and start parsing the monitored file for alerts.

parse_line(line)[source]

Parse line and return dictionary if its an alert, else None / {}.

read_lines(file_path, empty_lines=False, signal_ready=True)[source]

Fetch lines from file.

In case the file handler changes (logrotate), reopen the file.

Parameters:
  • file_path – Path to file
  • empty_lines – Return empty lines
  • signal_ready – Report signal ready on start
class honeycomb.servicemanager.base_service.ServerCustomService(alert_types: list, service_args: dict = {})[source]

Bases: multiprocessing.context.Process

Custom Service Class.

This class provides a basic wrapper for honeycomb (and mazerunner) services.

add_alert_to_queue(alert_dict)[source]

Log alert and send to integrations.

alert_types = None

List of alert types, parsed from config.json

alerts_queue = None
emit(**kwargs)[source]

Send alerts to logfile.

Parameters:kwargs – Fields to pass to honeycomb.decoymanager.models.Alert
logger = <Logger honeycomb.servicemanager.base_service (DEBUG)>

Logger to be used by plugins and collected by main logger.

on_server_shutdown()[source]

Shutdown function of the server.

Override this and take care to gracefully shut down your service (e.g., close files)

on_server_start()[source]

Service run loop function.

The service manager will call this function in a new thread.

Note

Must call signal_ready() after finishing configuration

run()[source]

Daemon entry point.

run_service()[source]

Run the service and start an alert processing queue.

See also

Use on_server_start() and on_server_shutdown() for starting and shutting down your service

service_args = None

Validated dictionary of service arguments (see: honeycomb.utils.plugin_utils.parse_plugin_args())

signal_ready()[source]

Signal the service manager this service is ready for incoming connections.

thread_server = None

honeycomb.servicemanager.defs module

Honeycomb services definitions and constants.

honeycomb.servicemanager.defs.ALLOWED_PROTOCOLS = ['TCP', 'UDP']

Parameters.

honeycomb.servicemanager.defs.STDERRLOG = 'stderr.log'

Service section.

honeycomb.servicemanager.error_messages module

Honeycomb services error messages.

honeycomb.servicemanager.exceptions module

Honeycomb Service Manager Exceptions.

exception honeycomb.servicemanager.exceptions.ServiceManagerException(*args, **kwargs)[source]

Bases: honeycomb.exceptions.PluginError

Generic Service Manager Exception.

Raise ClickException and log msg with relevant debugging info from the frame that raised the exception.

exception honeycomb.servicemanager.exceptions.ServiceNotFound(*args, **kwargs)[source]

Bases: honeycomb.servicemanager.exceptions.ServiceManagerException

Specified service does not exist.

Raise ClickException and log msg with relevant debugging info from the frame that raised the exception.

msg_format = 'Cannot find service named {}, try installing it?'
exception honeycomb.servicemanager.exceptions.UnsupportedOS(*args, **kwargs)[source]

Bases: honeycomb.servicemanager.exceptions.ServiceManagerException

Specified service does not exist.

Raise ClickException and log msg with relevant debugging info from the frame that raised the exception.

msg_format = 'Service requires running on {} and you are using {}'

honeycomb.servicemanager.models module

Honeycomb service models.

class honeycomb.servicemanager.models.OSFamilies[source]

Bases: honeycomb.defs.IBaseType

Defines supported platforms for services.

ALL = BaseNameLabel(name='All', label='All')
LINUX = BaseNameLabel(name='Linux', label='Linux')
MACOS = BaseNameLabel(name='Darwin', label='Darwin')
WINDOWS = BaseNameLabel(name='Windows', label='Windows')
class honeycomb.servicemanager.models.ServiceType(name: str, ports: list, label: str, allow_many: bool, supported_os_families: list, alert_types: list = [])[source]

Bases: object

Holds loaded service metadata.

honeycomb.servicemanager.registration module

Honeycomb service manager.

honeycomb.servicemanager.registration.get_service_module(service_path)[source]

Add custom paths to sys and import service module.

Parameters:service_path – Path to service folder
honeycomb.servicemanager.registration.register_service(package_folder)[source]

Register a honeycomb service.

Parameters:package_folder – Path to folder with service to load
Returns:Validated service object
Return type:honeycomb.utils.defs.ServiceType()

Module contents

Honeycomb Service Manager.