Improve webhook test
This commit is contained in:
43
installer.sh
43
installer.sh
@ -861,6 +861,44 @@ import time
|
|||||||
from urllib import request, error
|
from urllib import request, error
|
||||||
|
|
||||||
DB = '/opt/baldcanary/db/baldcanary.sqlite'
|
DB = '/opt/baldcanary/db/baldcanary.sqlite'
|
||||||
|
LABEL_MAP = '/opt/baldcanary/config/opencanary_event_labels.json'
|
||||||
|
|
||||||
|
CUSTOM_LABELS = {
|
||||||
|
'page_view': 'Page View',
|
||||||
|
'form_submit': 'Form Submission',
|
||||||
|
'xss_probe': 'XSS Probe',
|
||||||
|
'sql_injection_probe': 'SQL Injection Probe',
|
||||||
|
'command_injection_probe': 'Command Injection Probe',
|
||||||
|
'path_traversal_probe': 'Path Traversal Probe',
|
||||||
|
'sensitive_file_probe': 'Sensitive File Probe',
|
||||||
|
'session_file_probe': 'Session File Probe',
|
||||||
|
'exposed_session_directory': 'Exposed Session Directory',
|
||||||
|
'php_session_file': 'PHP Session File Access',
|
||||||
|
'backup_directory': 'Backup Directory Access',
|
||||||
|
'mysql_backup_directory': 'MySQL Backup Directory Access',
|
||||||
|
'api_docs': 'API Documentation Access',
|
||||||
|
'swagger_docs': 'Swagger Documentation Access',
|
||||||
|
'phpinfo_probe': 'PHP Info Probe',
|
||||||
|
'env_file_probe': 'Environment File Probe',
|
||||||
|
'config_file_probe': 'Config File Probe',
|
||||||
|
'test_alert': 'Test Alert',
|
||||||
|
}
|
||||||
|
|
||||||
|
def event_label(event_type):
|
||||||
|
event_type = str(event_type or '').strip()
|
||||||
|
|
||||||
|
labels = dict(CUSTOM_LABELS)
|
||||||
|
|
||||||
|
try:
|
||||||
|
with open(LABEL_MAP, 'r') as f:
|
||||||
|
labels = json.load(f) | labels
|
||||||
|
except Exception:
|
||||||
|
pass
|
||||||
|
|
||||||
|
if event_type in labels:
|
||||||
|
return labels[event_type]
|
||||||
|
|
||||||
|
return event_type.replace('_', ' ').replace('-', ' ').replace('.', ' ').title() or 'Unknown Event'
|
||||||
|
|
||||||
|
|
||||||
def post_json(url, payload):
|
def post_json(url, payload):
|
||||||
@ -873,7 +911,7 @@ def post_json(url, payload):
|
|||||||
def teams_payload(event):
|
def teams_payload(event):
|
||||||
title = "Alert"
|
title = "Alert"
|
||||||
severity = event.get('severity') or ''
|
severity = event.get('severity') or ''
|
||||||
event_type = event.get('event_type') or ''
|
event_type = event_label(event.get('event_type'))
|
||||||
src_ip = event.get('src_ip') or ''
|
src_ip = event.get('src_ip') or ''
|
||||||
path = event.get('path') or ''
|
path = event.get('path') or ''
|
||||||
event_time = event.get('event_time') or ''
|
event_time = event.get('event_time') or ''
|
||||||
@ -890,9 +928,10 @@ def teams_payload(event):
|
|||||||
return {"text": text}
|
return {"text": text}
|
||||||
|
|
||||||
def generic_payload(event):
|
def generic_payload(event):
|
||||||
|
event = dict(event)
|
||||||
|
event['event_type_label'] = event_label(event.get('event_type'))
|
||||||
return {'source': 'BaldCanary', 'event': event}
|
return {'source': 'BaldCanary', 'event': event}
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
con = sqlite3.connect(DB)
|
con = sqlite3.connect(DB)
|
||||||
con.row_factory = sqlite3.Row
|
con.row_factory = sqlite3.Row
|
||||||
|
|||||||
Reference in New Issue
Block a user