Pushover handler #265
Replies: 15 comments 1 reply
-
I don't have a pushover account so it's a little hard to test it, but from a quick glance the code seems ok. Are you getting any specific error messages? Also make sure you remember to enable the logger in your settings by default only the console and file handlers are enabled. |
Beta Was this translation helpful? Give feedback.
-
Added the Pushover code to logger.py, fixed some python3 issues; Opencanary starts. Then, to enable Pushover, I added this to opencanary.conf:
Now, Opencanary does not start:
|
Beta Was this translation helpful? Give feedback.
-
Try removing the "pushover": {
"class": "opencanary.logger.PushoverHandler",
} |
Beta Was this translation helpful? Give feedback.
-
Also you might find that you need to change and if you wanted to be more consistent with where settings live you could do import logging
import http.client
import urllib
# ...
class PushoverHandler(logging.Handler):
"""A logging handler which pushes notifications
to site admins via Pushover.net"""
def __init__(self, application_token, user_tokens):
logging.Handler.__init__(self)
self.application_token = application_token
self.user_tokens = user_tokens
def emit(self, record):
for user_token in self.user_tokens:
conn = http.client.HTTPSConnection("api.pushover.net:443")
conn.request("POST", "/1/messages",
urllib.parse.urlencode({
"token": self.application_token,
"user": user_token,
"message": record.getMessage(),
}),
{"Content-type": "application/x-www-form-urlencoded"}) and then in your settings "pushover": {
"class": "opencanary.logger.PushoverHandler",
"application_token": "YOUR_TOKEN_HERE",
"user_tokens": ["YOUR", "TOKENS", "HERE"]
} |
Beta Was this translation helpful? Give feedback.
-
Getting there... |
Beta Was this translation helpful? Give feedback.
-
I'm not sure, I tested it on my computer and I can see it tries to send a message to pushover for things like telnet and http (without the 'message' line in my settings.) When you connect to telnet do you go as far as entering credentials? for me OpenCanary doesn't log just connecting and disconnecting. Could you try running |
Beta Was this translation helpful? Give feedback.
-
Strange, seems to work now. Probably a glitch with Pushover. |
Beta Was this translation helpful? Give feedback.
-
@Knuppel1983 thanks for giving Opencanary a shot. I hope it works out for you. If you think Pushover would be something other folks would enjoy adding to their OpenCanary setup; we would love a PR. |
Beta Was this translation helpful? Give feedback.
-
I was able to verify this works on a test server with my Pushover account. This would be a nice addition to the base project. |
Beta Was this translation helpful? Give feedback.
-
I have worked with Linux a decent amout, but I am not a python or coder guy. I am obviously not understanding where all these code snippit go... I try and add the "pushover:" under handlers in the opencanary.conf and it fails. I guess I am not not sure where the actual code logic just above the handler goes to be properly called. Any help for an ignorant person like me? |
Beta Was this translation helpful? Give feedback.
-
The file I edited was; ~/env/lib/python3.8/site-packages/opencanary/logger.py. The imports additions are at the very top and I just added the new class at the very bottom. If I was smarter at git I'd do a pull request. |
Beta Was this translation helpful? Give feedback.
-
Sorry for taking so long to follow up, even after you were so good at getting back to me. Either way, I do not see the file path the same as you listed. I do see another in the opencanary/root folder. /home/usr/opencanary/opencanary/logger.py |
Beta Was this translation helpful? Give feedback.
-
I continued to see an erros about not seeing the Class, so I did a find and saw one other logger.py file: /home/user/opencanary/build/lib/opencanary/logger.py. However, I was still getting an error: So I just used the Webhook handler that is built-in. I am not amazing at this, but I did get a push notification.
|
Beta Was this translation helpful? Give feedback.
-
That is what I was originally looking for when I stumbled on this issue solution. I want to give that a try and see what the output looks like, I feel like the info I get from the pushover alert contains a lot of extra things and formatting that's a little hard to follow. There's probably a better way to pair down the sent info, I haven't researched it yet. Regarding the pathing, did you set up the virtual environment the project docs mention? |
Beta Was this translation helpful? Give feedback.
-
Yeah, I think either way the logs out of the box are going to have all that data because I have the same in the Webhook push, as well as the syslog I am sending over to SecurityOnion. I did not follow the OpenCanary guide I actually followed another and looked back at what Opencanary had from time to time. It was a bit sparse for me (Guide: https://simpaul.com/open-canary-on-a-pi/). I was initially looking to see if it would work on just a 1GB of RAM and something barebones like a Pi. Currently a VM, but next deployment is on a Pi. He also does some log formatting, but being I am not sending an email I will have to see if I can use it. Oh, last note: I did create a new virtual environment like he explains in his guide. Example: Another link with a cleaner webhook config: https://jasonmurray.org/posts/2022/install-tcanary-ubuntu/ |
Beta Was this translation helpful? Give feedback.
-
Hi Guys,
I'm not really into Linux / Python, but i've managed to get Opencanary working on Python 3.
Can someone show me how to add a Pushover handler?
I've added this to logger.py, but cannot get it to work.
Beta Was this translation helpful? Give feedback.
All reactions