Merge pull request #1506 from mozilla/improve_geopoint_plugin

Only set geopoint check if lat and long are good
This commit is contained in:
Brandon Myers 2019-10-25 16:38:14 -05:00 коммит произвёл GitHub
Родитель 510c736f75 e82f9c5c12
Коммит 8bde0111db
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
1 изменённых файлов: 24 добавлений и 37 удалений

Просмотреть файл

@ -43,42 +43,29 @@ class message(object):
def onMessage(self, message, metadata):
if 'details' in message:
if 'sourceipaddress' in message['details']:
ipText = message['details']['sourceipaddress']
keys = ['source', 'destination']
for key in keys:
ip_key = '{0}ipaddress'.format(key)
if ip_key in message['details']:
ipText = message['details'][ip_key]
if isIP(ipText):
ip = netaddr.IPNetwork(ipText)[0]
if (not ip.is_loopback() and not ip.is_private() and not ip.is_reserved()):
'''lookup geoip info'''
message['details']['sourceipgeolocation'] = self.ipLocation(ipText)
geo_key = '{0}ipgeolocation'.format(key)
message['details'][geo_key] = self.ipLocation(ipText)
# Add a geo_point coordinates if latitude and longitude exist
if 'latitude' in message['details']['sourceipgeolocation'] and 'longitude' in message['details']['sourceipgeolocation']:
message['details']['sourceipgeopoint'] = '{0},{1}'.format(
message['details']['sourceipgeolocation']['latitude'],
message['details']['sourceipgeolocation']['longitude']
if 'latitude' in message['details'][geo_key] and 'longitude' in message['details'][geo_key]:
if message['details'][geo_key]['latitude'] != '' and message['details'][geo_key]['longitude'] != '':
geopoint_key = '{0}ipgeopoint'.format(key)
message['details'][geopoint_key] = '{0},{1}'.format(
message['details'][geo_key]['latitude'],
message['details'][geo_key]['longitude']
)
else:
# invalid ip sent in the field
# if we send on, elastic search will error, so set it
# to a valid, yet meaningless value
message['details']['sourceipaddress'] = '0.0.0.0'
if 'destinationipaddress' in message['details']:
ipText = message['details']['destinationipaddress']
if isIP(ipText):
ip = netaddr.IPNetwork(ipText)[0]
if (not ip.is_loopback() and not ip.is_private() and not ip.is_reserved()):
'''lookup geoip info'''
message['details']['destinationipgeolocation'] = self.ipLocation(ipText)
# Add a geo_point coordinates if latitude and longitude exist
if 'latitude' in message['details']['destinationipgeolocation'] and 'longitude' in message['details']['destinationipgeolocation']:
message['details']['destinationipgeopoint'] = '{0},{1}'.format(
message['details']['destinationipgeolocation']['latitude'],
message['details']['destinationipgeolocation']['longitude']
)
else:
# invalid ip sent in the field
# if we send on, elastic search will error, so set it
# to a valid, yet meaningless value
message['details']['destinationipaddress'] = '0.0.0.0'
message['details'][ip_key] = '0.0.0.0'
return (message, metadata)