nuclei/v2/pkg/reporting/exporters/es/elasticsearch.go

package es

import (
	"bytes"
	"crypto/tls"
	"fmt"
	"io/ioutil"
	"net/http"
	"time"

	"encoding/base64"
	"encoding/json"

	"github.com/pkg/errors"
	"github.com/projectdiscovery/nuclei/v2/pkg/output"
	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolstate"
)

// Options contains necessary options required for elasticsearch communicaiton
type Options struct {
	// IP for elasticsearch instance
	IP string `yaml:"ip"`
	// Port is the port of elasticsearch instance
	Port int `yaml:"port"`
	// SSL enables ssl for elasticsearch connection
	SSL bool `yaml:"ssl"`
	// SSLVerification disables SSL verification for elasticsearch
	SSLVerification bool `yaml:"ssl-verification"`
	// Username for the elasticsearch instance
	Username string `yaml:"username"`
	// Password is the password for elasticsearch instance
	Password string `yaml:"password"`
	// IndexName is the name of the elasticsearch index
	IndexName string `yaml:"index-name"`
}

type data struct {
	Event     *output.ResultEvent `json:"event"`
	Timestamp string              `json:"@timestamp"`
}

// Exporter type for elasticsearch
type Exporter struct {
	url            string
	authentication string
	elasticsearch  *http.Client
}

// New creates and returns a new exporter for elasticsearch
func New(option *Options) (*Exporter, error) {
	var ei *Exporter

	client := &http.Client{
		Timeout: 5 * time.Second,
		Transport: &http.Transport{
			MaxIdleConns:        10,
			MaxIdleConnsPerHost: 10,
			DialContext:         protocolstate.Dialer.Dial,
			TLSClientConfig:     &tls.Config{InsecureSkipVerify: option.SSLVerification},
		},
	}
	// preparing url for elasticsearch
	scheme := "http://"
	if option.SSL {
		scheme = "https://"
	}
	// if authentication is required
	var authentication string
	if len(option.Username) > 0 && len(option.Password) > 0 {
		auth := base64.StdEncoding.EncodeToString([]byte(option.Username + ":" + option.Password))
		auth = "Basic " + auth
		authentication = auth
	}
	url := fmt.Sprintf("%s%s:%d/%s/_doc", scheme, option.IP, option.Port, option.IndexName)

	ei = &Exporter{
		url:            url,
		authentication: authentication,
		elasticsearch:  client,
	}
	return ei, nil
}

// Export exports a passed result event to elasticsearch
func (i *Exporter) Export(event *output.ResultEvent) error {
	// creating a request
	req, err := http.NewRequest(http.MethodPost, i.url, nil)
	if err != nil {
		return errors.Wrap(err, "could not make request")
	}
	if len(i.authentication) > 0 {
		req.Header.Add("Authorization", i.authentication)
	}
	req.Header.Add("Content-Type", "application/json")

	d := data{
		Event:     event,
		Timestamp: time.Now().Format(time.RFC3339),
	}
	b, err := json.Marshal(&d)
	if err != nil {
		return err
	}
	req.Body = ioutil.NopCloser(bytes.NewReader(b))

	res, err := i.elasticsearch.Do(req)
	if err != nil {
		return err	
	}
	
	b, err = ioutil.ReadAll(res.Body)
	if err != nil {
		return errors.New(err.Error() + "error thrown by elasticsearch " + string(b))
	}

	if res.StatusCode >= 300 {
		return errors.New("elasticsearch responded with an error: " + string(b))
	}
	return nil
}

// Close closes the exporter after operation
func (i *Exporter) Close() error {
	return nil
}
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`package es`

			`import (`
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`"bytes"`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`"crypto/tls"`
			`"fmt"`
Use older ioutil package for compatibility 2021-08-25 14:19:46 +05:30			`"io/ioutil"`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`"net/http"`
			`"time"`

Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`"encoding/base64"`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`"encoding/json"`

Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`"github.com/pkg/errors"`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`"github.com/projectdiscovery/nuclei/v2/pkg/output"`
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolstate"`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`)`

			`// Options contains necessary options required for elasticsearch communicaiton`
			`type Options struct {`
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`// IP for elasticsearch instance`
			IP string `yaml:"ip"`
			`// Port is the port of elasticsearch instance`
			Port int `yaml:"port"`
			`// SSL enables ssl for elasticsearch connection`
			SSL bool `yaml:"ssl"`
			`// SSLVerification disables SSL verification for elasticsearch`
			SSLVerification bool `yaml:"ssl-verification"`
			`// Username for the elasticsearch instance`
			Username string `yaml:"username"`
Update elasticsearch.go typo fix 2021-09-16 11:38:15 -05:00			`// Password is the password for elasticsearch instance`
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			Password string `yaml:"password"`
			`// IndexName is the name of the elasticsearch index`
			IndexName string `yaml:"index-name"`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`}`

			`type data struct {`
			Event *output.ResultEvent `json:"event"`
			Timestamp string `json:"@timestamp"`
			`}`

			`// Exporter type for elasticsearch`
			`type Exporter struct {`
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`url string`
			`authentication string`
			`elasticsearch *http.Client`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`}`

			`// New creates and returns a new exporter for elasticsearch`
			`func New(option Options) (Exporter, error) {`
			`var ei *Exporter`

Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`client := &http.Client{`
			`Timeout: 5 * time.Second,`
			`Transport: &http.Transport{`
			`MaxIdleConns: 10,`
			`MaxIdleConnsPerHost: 10,`
			`DialContext: protocolstate.Dialer.Dial,`
			`TLSClientConfig: &tls.Config{InsecureSkipVerify: option.SSLVerification},`
			`},`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`}`
			`// preparing url for elasticsearch`
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`scheme := "http://"`
			`if option.SSL {`
			`scheme = "https://"`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`}`
			`// if authentication is required`
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`var authentication string`
			`if len(option.Username) > 0 && len(option.Password) > 0 {`
			`auth := base64.StdEncoding.EncodeToString([]byte(option.Username + ":" + option.Password))`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`auth = "Basic " + auth`
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`authentication = auth`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`}`
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`url := fmt.Sprintf("%s%s:%d/%s/_doc", scheme, option.IP, option.Port, option.IndexName)`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00
			`ei = &Exporter{`
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`url: url,`
			`authentication: authentication,`
			`elasticsearch: client,`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`}`
			`return ei, nil`
			`}`

disk cleanups 2021-09-19 16:26:47 +05:30			`// Export exports a passed result event to elasticsearch`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`func (i Exporter) Export(event output.ResultEvent) error {`
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`// creating a request`
			`req, err := http.NewRequest(http.MethodPost, i.url, nil)`
			`if err != nil {`
			`return errors.Wrap(err, "could not make request")`
			`}`
			`if len(i.authentication) > 0 {`
			`req.Header.Add("Authorization", i.authentication)`
			`}`
			`req.Header.Add("Content-Type", "application/json")`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00
			`d := data{`
			`Event: event,`
testing done and also checked 2021-08-21 08:33:27 +05:45			`Timestamp: time.Now().Format(time.RFC3339),`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`}`
			`b, err := json.Marshal(&d)`
			`if err != nil {`
			`return err`
			`}`
Use older ioutil package for compatibility 2021-08-25 14:19:46 +05:30			`req.Body = ioutil.NopCloser(bytes.NewReader(b))`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00
Removed es exporter cli args + misc changes 2021-08-25 13:53:44 +05:30			`res, err := i.elasticsearch.Do(req)`
Update elasticsearch.go 2021-09-18 15:59:01 +05:30			`if err != nil {`
			`return err`
			`}`

			`b, err = ioutil.ReadAll(res.Body)`
elasticsearch package added, other changes needs to be shifted 2021-08-20 06:58:58 -05:00			`if err != nil {`
			`return errors.New(err.Error() + "error thrown by elasticsearch " + string(b))`
			`}`

			`if res.StatusCode >= 300 {`
			`return errors.New("elasticsearch responded with an error: " + string(b))`
			`}`
			`return nil`
			`}`

			`// Close closes the exporter after operation`
			`func (i *Exporter) Close() error {`
			`return nil`
			`}`