Renamed constants

.github/actions/services/action.yml

@@ -105,7 +105,7 @@ runs:
             echo "      ES_JAVA_OPTS: -Xms1g -Xmx1g" >> elastic_search.yml
             echo "      discovery.type: single-node" >> elastic_search.yml
             echo "    ports:" >> elastic_search.yml
-            echo "      - 59200:9200" >> elastic_search.yml
+            echo "      - 9200:9200" >> elastic_search.yml
             echo "    healthcheck:" >> elastic_search.yml
             echo "      test: curl -X GET 'localhost:9200/_cluster/health?wait_for_status=yellow&timeout=180s&pretty'" >> elastic_search.yml
             echo "      interval: 10s" >> elastic_search.yml

CHANGELOG.md

@@ -1,7 +1,10 @@
 ## 1.2.x
 ### 1.2.0
 #### Features
-* Implemented Certego shared CI 1.3.5 
+* Implemented Certego shared CI 1.3.5
+#### Changes
+* Renamed the Django settings constants and the environment variables
+* Set manually the Elasticsearch port in the CI changing from 59200 to 9200
 
 ## 1.1.x
 ### 1.1.1

README.md

@@ -75,7 +75,7 @@ Or download the application directly from the [Docker Hub](https://hub.docker.co
 
 After that, there are two ways of running BuffaLogs, depending on your system configurations:
 * if you already have an elastic cluster:
-    *  set the address of the host into the `CERTEGO_ELASTICSEARCH` variable in the `buffalogs.env` file
+    *  set the address of the host into the `CERTEGO_BUFFALOGS_ELASTICSEARCH` variable in the `buffalogs.env` file
     *  launch ` docker-compose up -d` to run the containers
 * if you have no hosts with Elasticsearch installed on it, you can run it directly with Buffalogs:
     * run `docker-compose -f docker-compose.yaml -f docker-compose.elastic.yaml up -d` in order to execute all the containers, included Elasticsearch and Kibana

buffalogs/buffalogs/settings/certego.py

@@ -8,32 +8,32 @@
 CERTEGO_DJANGO_PROJ_BASE_DIR = Path(__file__).resolve().parent.parent.parent
 
 # If NS_ENV not set, it will be set to debug
-CERTEGO_ENVIRONMENT = os.environ.get("BUFFALOGS_ENV", "debug")
-CERTEGO_POSTGRES_DB = os.environ.get("POSTGRES_DB", "buffalogs")
-CERTEGO_POSTGRES_USER = os.environ.get("POSTGRES_USER", "default_user")
-CERTEGO_POSTGRES_PASSWORD = os.environ.get("POSTGRES_PASSWORD", "password")
-CERTEGO_POSTGRES_PORT = os.environ.get("POSTGRES_PORT", "5432")
-CERTEGO_ELASTIC_INDEX = os.environ.get("ELASTIC_INDEX", "weblog-*,cloud-*,filebeat-*")
-CERTEGO_SECRET_KEY = os.environ.get("SECRET_KEY", "django-insecure-am9z-fi-x*aqxlb-@abkhb@pu!0da%0a77h%-8d(dwzrrktwhu")
+CERTEGO_BUFFALOGS_ENVIRONMENT = os.environ.get("BUFFALOGS_ENV", "debug")
+CERTEGO_BUFFALOGS_POSTGRES_DB = os.environ.get("BUFFALOGS_POSTGRES_DB", "buffalogs")
+CERTEGO_BUFFALOGS_POSTGRES_USER = os.environ.get("BUFFALOGS_POSTGRES_USER", "default_user")
+CERTEGO_BUFFALOGS_POSTGRES_PASSWORD = os.environ.get("BUFFALOGS_POSTGRES_PASSWORD", "password")
+CERTEGO_BUFFALOGS_POSTGRES_PORT = os.environ.get("BUFFALOGS_POSTGRES_PORT", "5432")
+CERTEGO_BUFFALOGS_ELASTIC_INDEX = os.environ.get("BUFFALOGS_ELASTIC_INDEX", "weblog-*,cloud-*,filebeat-*")
+CERTEGO_BUFFALOGS_SECRET_KEY = os.environ.get("BUFFALOGS_SECRET_KEY", "django-insecure-am9z-fi-x*aqxlb-@abkhb@pu!0da%0a77h%-8d(dwzrrktwhu")
 
-if CERTEGO_ENVIRONMENT == ENVIRONMENT_DOCKER:
+if CERTEGO_BUFFALOGS_ENVIRONMENT == ENVIRONMENT_DOCKER:
 
-    CERTEGO_ELASTICSEARCH = os.environ.get("CERTEGO_ELASTICSEARCH", "http://elasticsearch:59200/")
-    CERTEGO_DB_HOSTNAME = "postgres"
+    CERTEGO_BUFFALOGS_ELASTICSEARCH = os.environ.get("CERTEGO_BUFFALOGS_ELASTICSEARCH", "http://elasticsearch:9200/")
+    CERTEGO_BUFFALOGS_DB_HOSTNAME = "postgres"
     CERTEGO_DEBUG = False
-    CERTEGO_STATIC_ROOT = "/var/www/static/"
-    CERTEGO_LOG_PATH = "/var/log"
-    CERTEGO_RABBITMQ_HOST = "rabbitmq"
-    CERTEGO_RABBITMQ_URI = f"amqp://guest:guest@{CERTEGO_RABBITMQ_HOST}/"
+    CERTEGO_BUFFALOGS_STATIC_ROOT = "/var/www/static/"
+    CERTEGO_BUFFALOGS_LOG_PATH = "/var/log"
+    CERTEGO_BUFFALOGS_RABBITMQ_HOST = "rabbitmq"
+    CERTEGO_BUFFALOGS_RABBITMQ_URI = f"amqp://guest:guest@{CERTEGO_BUFFALOGS_RABBITMQ_HOST}/"
 
-elif CERTEGO_ENVIRONMENT == ENVIRONMENT_DEBUG:
-    CERTEGO_ELASTICSEARCH = os.environ.get("CERTEGO_ELASTICSEARCH", "http://localhost:59200/")
-    CERTEGO_DB_HOSTNAME = "localhost"
+elif CERTEGO_BUFFALOGS_ENVIRONMENT == ENVIRONMENT_DEBUG:
+    CERTEGO_BUFFALOGS_ELASTICSEARCH = os.environ.get("CERTEGO_BUFFALOGS_ELASTICSEARCH", "http://localhost:9200/")
+    CERTEGO_BUFFALOGS_DB_HOSTNAME = "localhost"
     CERTEGO_DEBUG = True
-    CERTEGO_STATIC_ROOT = "impossible_travel/static/"
-    CERTEGO_LOG_PATH = "../logs"
-    CERTEGO_RABBITMQ_HOST = "localhost"
-    CERTEGO_RABBITMQ_URI = f"amqp://guest:guest@{CERTEGO_RABBITMQ_HOST}//"
+    CERTEGO_BUFFALOGS_STATIC_ROOT = "impossible_travel/static/"
+    CERTEGO_BUFFALOGS_LOG_PATH = "../logs"
+    CERTEGO_BUFFALOGS_RABBITMQ_HOST = "localhost"
+    CERTEGO_BUFFALOGS_RABBITMQ_URI = f"amqp://guest:guest@{CERTEGO_BUFFALOGS_RABBITMQ_HOST}//"
 
 else:
-    raise ValueError(f"Environment not supported: {CERTEGO_ENVIRONMENT}")
+    raise ValueError(f"Environment not supported: {CERTEGO_BUFFALOGS_ENVIRONMENT}")

buffalogs/buffalogs/settings/settings.py

@@ -22,7 +22,7 @@
 
 # SECURITY WARNING: keep the secret key used in production secret!
 
-SECRET_KEY = CERTEGO_SECRET_KEY
+SECRET_KEY = CERTEGO_BUFFALOGS_SECRET_KEY
 DEBUG = CERTEGO_DEBUG
 
 
@@ -88,7 +88,7 @@
             "class": "logging.handlers.RotatingFileHandler",
             "level": "DEBUG",
             "formatter": "simple",
-            "filename": os.path.join(CERTEGO_LOG_PATH, "debug.log"),
+            "filename": os.path.join(CERTEGO_BUFFALOGS_LOG_PATH, "debug.log"),
             "encoding": "utf8",
             "maxBytes": 10485760,
             "backupCount": 4,
@@ -132,11 +132,11 @@
 DATABASES = {
     "default": {
         "ENGINE": "django.db.backends.postgresql",
-        "NAME": CERTEGO_POSTGRES_DB,
-        "USER": CERTEGO_POSTGRES_USER,
-        "PASSWORD": CERTEGO_POSTGRES_PASSWORD,
-        "HOST": CERTEGO_DB_HOSTNAME,
-        "PORT": CERTEGO_POSTGRES_PORT,
+        "NAME": CERTEGO_BUFFALOGS_POSTGRES_DB,
+        "USER": CERTEGO_BUFFALOGS_POSTGRES_USER,
+        "PASSWORD": CERTEGO_BUFFALOGS_POSTGRES_PASSWORD,
+        "HOST": CERTEGO_BUFFALOGS_DB_HOSTNAME,
+        "PORT": CERTEGO_BUFFALOGS_POSTGRES_PORT,
     }
 }
 
@@ -176,7 +176,7 @@
 # https://docs.djangoproject.com/en/4.1/howto/static-files/
 
 STATIC_URL = "/static/"
-STATIC_ROOT = CERTEGO_STATIC_ROOT
+STATIC_ROOT = CERTEGO_BUFFALOGS_STATIC_ROOT
 
 SIMPLE_JWT = {
     "ROTATE_REFRESH_TOKENS": False,
@@ -216,15 +216,15 @@
 DATA_UPLOAD_MAX_NUMBER_FIELDS = None
 
 # Certego settings
-CERTEGO_DISTANCE_KM_ACCEPTED = 100
-CERTEGO_VEL_TRAVEL_ACCEPTED = 300
-CERTEGO_USER_MAX_DAYS = 20
-CERTEGO_LOGIN_MAX_DAYS = 10
-CERTEGO_ALERT_MAX_DAYS = 10
-CERTEGO_IP_MAX_DAYS = 7
+CERTEGO_BUFFALOGS_DISTANCE_KM_ACCEPTED = 100
+CERTEGO_BUFFALOGS_VEL_TRAVEL_ACCEPTED = 300
+CERTEGO_BUFFALOGS_USER_MAX_DAYS = 20
+CERTEGO_BUFFALOGS_LOGIN_MAX_DAYS = 10
+CERTEGO_BUFFALOGS_ALERT_MAX_DAYS = 10
+CERTEGO_BUFFALOGS_IP_MAX_DAYS = 7
 
 # Celery config
-CELERY_BROKER_URL = CERTEGO_RABBITMQ_URI
+CELERY_BROKER_URL = CERTEGO_BUFFALOGS_RABBITMQ_URI
 CELERY_TIMEZONE = TIME_ZONE
 CELERY_BEAT_SCHEDULER = "celery.beat:PersistentScheduler"
 

buffalogs/impossible_travel/modules/impossible_travel.py

@@ -30,7 +30,7 @@ def calc_distance(self, db_user, prev_login, last_login_user_fields):
         vel = 0
         distance_km = geodesic((prev_login.latitude, prev_login.longitude), (last_login_user_fields["lat"], last_login_user_fields["lon"])).km
 
-        if distance_km > settings.CERTEGO_DISTANCE_KM_ACCEPTED:
+        if distance_km > settings.CERTEGO_BUFFALOGS_DISTANCE_KM_ACCEPTED:
             last_timestamp_datetimeObj = self.validate_timestamp(last_login_user_fields["timestamp"])
             prev_timestamp_datetimeObj = timezone.make_aware(prev_login.timestamp)
 
@@ -42,7 +42,7 @@ def calc_distance(self, db_user, prev_login, last_login_user_fields):
 
             vel = distance_km / diff_timestamp_hours
 
-            if vel > settings.CERTEGO_VEL_TRAVEL_ACCEPTED:
+            if vel > settings.CERTEGO_BUFFALOGS_VEL_TRAVEL_ACCEPTED:
                 # timestamp_validated = self.validate_timestamp(last_login_user_fields["timestamp"])
                 alert_info["alert_name"] = Alert.ruleNameEnum.IMP_TRAVEL
                 alert_info[

buffalogs/impossible_travel/tasks.py

@@ -16,16 +16,16 @@
 def clear_models_periodically():
     """Delete old data in the models"""
     now = timezone.now()
-    delete_user_time = now - timedelta(days=settings.CERTEGO_USER_MAX_DAYS)
+    delete_user_time = now - timedelta(days=settings.CERTEGO_BUFFALOGS_USER_MAX_DAYS)
     User.objects.filter(updated__lte=delete_user_time).delete()
 
-    delete_login_time = now - timedelta(days=settings.CERTEGO_LOGIN_MAX_DAYS)
+    delete_login_time = now - timedelta(days=settings.CERTEGO_BUFFALOGS_ALERT_MAX_DAYS)
     Login.objects.filter(updated__lte=delete_login_time).delete()
 
-    delete_alert_time = now - timedelta(days=settings.CERTEGO_ALERT_MAX_DAYS)
+    delete_alert_time = now - timedelta(days=settings.CERTEGO_BUFFALOGS_ALERT_MAX_DAYS)
     Alert.objects.filter(updated__lte=delete_alert_time).delete()
 
-    delete_ip_time = now - timedelta(days=settings.CERTEGO_IP_MAX_DAYS)
+    delete_ip_time = now - timedelta(days=settings.CERTEGO_BUFFALOGS_IP_MAX_DAYS)
     UsersIP.objects.filter(updated__lte=delete_ip_time).delete()
 
 
@@ -133,7 +133,7 @@ def process_user(db_user, start_date, end_date):
     """
     fields = []
     s = (
-        Search(index=settings.CERTEGO_ELASTIC_INDEX)
+        Search(index=settings.CERTEGO_BUFFALOGS_ELASTIC_INDEX)
         .filter("range", **{"@timestamp": {"gte": start_date, "lt": end_date}})
         .query("match", **{"user.name": db_user.username})
         .query("match", **{"event.outcome": "success"})
@@ -218,9 +218,9 @@ def exec_process_logs(start_date, end_date):
     """
     logger.info(f"Starting at:{start_date} Finishing at:{end_date}")
     config, op_result = Config.objects.get_or_create()
-    connections.create_connection(hosts=settings.CERTEGO_ELASTICSEARCH, timeout=90, verify_certs=False)
+    connections.create_connection(hosts=settings.CERTEGO_BUFFALOGS_ELASTICSEARCH, timeout=90, verify_certs=False)
     s = (
-        Search(index=settings.CERTEGO_ELASTIC_INDEX)
+        Search(index=settings.CERTEGO_BUFFALOGS_ELASTIC_INDEX)
         .filter("range", **{"@timestamp": {"gte": start_date, "lt": end_date}})
         .query("match", **{"event.category": "authentication"})
         .query("match", **{"event.outcome": "success"})

buffalogs/impossible_travel/tests/test_impossible_travel.py

@@ -26,7 +26,7 @@ def setUpTestData(self):
         )
 
     def test_calc_distance(self):
-        # if distance >  settings.CERTEGO_DISTANCE_KM_ACCEPTED --> FALSE
+        # if distance >  settings.CERTEGO_BUFFALOGS_DISTANCE_KM_ACCEPTED --> FALSE
         last_login_user_fields = {
             "timestamp": "2023-03-08T17:10:33.358Z",
             "lat": "40.364",

buffalogs/impossible_travel/views.py

@@ -131,13 +131,13 @@ def get_users(request):
 def get_all_logins(request, pk_user):
     context = []
     count = 0
-    connections.create_connection(hosts=[settings.CERTEGO_ELASTICSEARCH], timeout=90)
+    connections.create_connection(hosts=[settings.CERTEGO_BUFFALOGS_ELASTICSEARCH], timeout=90)
     end_date = timezone.now()
     start_date = end_date + timedelta(days=-365)
     user_obj = User.objects.filter(id=pk_user)
     username = user_obj[0].username
     s = (
-        Search(index=settings.CERTEGO_ELASTIC_INDEX)
+        Search(index=settings.CERTEGO_BUFFALOGS_ELASTIC_INDEX)
         .filter("range", **{"@timestamp": {"gte": start_date, "lt": end_date}})
         .query("match", **{"user.name": username})
         .exclude("match", **{"event.outcome": "failure"})

config/buffalogs/buffalogs.env

@@ -1,9 +1,9 @@
 BUFFALOGS_ENV=docker
-DATABASE_HOST=127.0.0.1
-POSTGRES_PORT=5432
-POSTGRES_DB=buffalogs
-POSTGRES_USER=default_user
-POSTGRES_PASSWORD=password
-ELASTIC_INDEX=weblog-*,cloud-*,fw-proxy-*
-SECRET_KEY=django-insecure-am9z-fi-x*aqxlb-@abkhb@pu!0da%0a77h%-8d(dwzrrktwhu
+BUFFALOGS_DATABASE_HOST=127.0.0.1
+BUFFALOGS_POSTGRES_PORT=5432
+BUFFALOGS_POSTGRES_DB=buffalogs
+BUFFALOGS_POSTGRES_USER=default_user
+BUFFALOGS_POSTGRES_PASSWORD=password
+BUFFALOGS_ELASTIC_INDEX=weblog-*,cloud-*,fw-proxy-*
+BUFFALOGS_SECRET_KEY=django-insecure-am9z-fi-x*aqxlb-@abkhb@pu!0da%0a77h%-8d(dwzrrktwhu
 

docker-compose.elastic.yaml

@@ -18,19 +18,19 @@ services:
                 soft: -1
                 hard: -1
         ports:
-            - "59200:59200"
+            - "9200:9200"
         volumes:
             - elasticsearch_data:/usr/share/elasticsearch/data
         healthcheck:
-            test: curl -XGET 'localhost:59200/_cluster/health?wait_for_status=yellow&timeout=180s&pretty'
+            test: curl -XGET 'localhost:9200/_cluster/health?wait_for_status=yellow&timeout=180s&pretty'
 
     kibana:
         container_name: buffalogs_kibana
         image: docker.elastic.co/kibana/kibana:7.17.7
         hostname: kibana
         environment:
-            ELASTICSEARCH_URL: http://elasticsearch:59200
-            ELASTICSEARCH_HOSTS: http://elasticsearch:59200
+            ELASTICSEARCH_URL: http://elasticsearch:9200
+            ELASTICSEARCH_HOSTS: http://elasticsearch:9200
         links:
             - elasticsearch
         depends_on: