dropbox / securitybot Goto Github PK
View Code? Open in Web Editor NEWDistributed alerting for the masses!
License: Apache License 2.0
Distributed alerting for the masses!
License: Apache License 2.0
I've followed the setup instructions in a fresh virtualenv and tried to run main.py
It connects to the Slack API successfully, creates securitybot, loads configuration, and starts the RTM session.
Then it issues a couple hundred warnings "Recovering from lost MySQL connection" and crashes. Here is a truncated traceback:
Traceback (most recent call last):
File "main.py", line 45, in <module>
main()
File "main.py", line 41, in main
sb = SecurityBot(chat, tasker, duo_builder, REPORTING_CHANNEL, 'config/bot.yaml')
File "/securitybot/securitybot/bot.py", line 95, in __init__
self.blacklist = SQLBlacklist()
File "/securitybot/securitybot/blacklist/sql_blacklist.py", line 17, in __init__
names = SQLEngine.execute('SELECT * FROM blacklist')
File "/securitybot/securitybot/sql.py", line 79, in execute
return SQLEngine.execute(query, params)
Those last two lines repeat a couple hundred times and then
File "/securitybot/securitybot/sql.py", line 78, in execute
SQLEngine._db)
File "/securitybot/securitybot/sql.py", line 51, in _create_engine
db=db)
File "/usr/local/lib/python2.7/dist-packages/MySQLdb/__init__.py", line 81, in Connect
return Connection(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/MySQLdb/connections.py", line 193, in __init__
super(Connection, self).__init__(*args, **kwargs2)
_mysql_exceptions.OperationalError: (1040, 'Too many connections')
While the user defined on line 93 of sql.py (why is this setting buried?) has full rights to the database, no tables are created.
Just started using the tool as a POC but getting crashes of main.py due to no duo keys (do not have this service)
How and Can I turn off this component for now?
Hello,
Thanks for putting this project out there!
I came across this project from this tech blog: https://blogs.dropbox.com/tech/2017/02/meet-securitybot-open-sourcing-automated-security-at-scale/
It looks like this project hasn't had any activity in over a year. Just wanted to check if this is still actively being maintained, and if it's still known to work without glitches if installed today?
Thanks!
Dave
Super great project, thanks so much for releasing it open source. I was going to spin up one of my own but it's clear this project is WAY better than mine would have ever been. So related to that, I'm happy to give you the pypi 'securitybot' project (https://pypi.python.org/pypi/securitybot). Just email me at [email protected] and we'll setup the 'switch'. :)
I would like to get some assistance with a small issue I am facing (not strong in python). I have tried using pip install SQLEngine
and even went on to install SQLAlchemy
but I can't seem to go past this stage when I run python main.py
Can you please help
โ> python2.7 main.py Traceback (most recent call last): File "main.py", line 4, in <module> from securitybot.bot import SecurityBot File "/Users/pathXXXX/securitybot/securitybot/bot.py", line 9, in <module> from securitybot.user import User File "/Users/pathXXXX/securitybot/securitybot/user.py", line 11, in <module> import securitybot.ignored_alerts as ignored_alerts File "/Users/pathXXXX/securitybot/securitybot/ignored_alerts.py", line 6, in <module> from securitybot.sql import SQLEngine File "/Users/pathXXXX/securitybot/securitybot/sql.py", line 7, in <module> from typing import Any, Sequence ImportError: No module named typing
Thanks for open-sourcing this! It'd be nice if it was usable in Hipchat as well as Slack. :)
Hi, Have been able to crash the bot via "ignore last 1h1m" when no alert assigned for myself (user).
Traceback (most recent call last):
File "main.py", line 45, in <module>
main()
File "main.py", line 42, in main
sb.run()
File "/home/ec2-user/securitybot/securitybot/bot.py", line 180, in run
self.handle_messages()
File "/home/ec2-user/securitybot/securitybot/bot.py", line 199, in handle_messages
self.handle_command(user, text)
File "/home/ec2-user/securitybot/securitybot/bot.py", line 211, in handle_command
if cmd['fn'](self, user, args):
File "/home/ec2-user/securitybot/securitybot/commands.py", line 69, in ignore
if which == 'last' and user.old_tasks:
AttributeError: 'User' object has no attribute 'old_tasks'
Would be nice for those more Postgres-friendly shops (like where I work). Definitely a nice-to-have.
hello! i am a newbie. i was trying to implement security bot as my class assignment. I am getting the following error when i run main.py by following your guidelines
Traceback (most recent call last):
File "main.py", line 4, in
from securitybot.bot import SecurityBot
File "C:\securitybot-master\securitybot\bot.py", line 9, in
from securitybot.user import User
File "C:\securitybot-master\securitybot\user.py", line 9, in
import pytz
ModuleNotFoundError: No module named 'pytz'
can u please help me?
First of all thanks for publishing this, it looks useful and I'd like to give it a try soon.
Is there currently any way of external monitoring, e.g. using Prometheus? It'd be useful for making sure that securitybot runs fine from an ops perspective, but also potentially for further processing of alerts, and metrics derived from alerts.
Have alerts with actions assigned as email addresses currently, any way to do a lookup on the tool side to map email to slack users?
Could do a lookup in splunk but rather not have to maintain a CSV :)
Cheers,
AB
Hi,
I just noticed what appears to be a typo in the logging configuration.
https://github.com/dropbox/securitybot/blob/master/main.py#L24
I assume this is supposed to be urllib3
.
Thank you!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.