Python tool for automating the daily inventory of assets registered in a specific index pattern.
Its main objective is to extract, validate and report changes in the infrastructure (registrations, cancellations and current status) through a previously configured Telegram channel.
Application that obtains the daily inventory of a certain index hosted in ElasticSearch.
Characteristics:
- Connection with ElasticSearch emulating HTTP or HTTPS. Allows you to validate or not the SSL certificate used.
- Use of HTTP authentication to connect to ElasticSearch (this feature must be enabled in the ElasticSearch cluster).
- It has been tested to work with the indices generated by Auditbeat and Winlogbeat.
- The inventory is obtained daily, at a specific configurable time.
- The inventory obtained is sent to a Telegram channel. In the sent message it shows the total of hosts added and removed compared to the inventory of the previous day.
- In the Telegram message, a txt file is attached with the list of hosts.
Application that allows the configuration of Inv-Alert, as well as the management of inventories through a graphical interface.
Characteristics:
- Allows you to create and modify the Inv-Alert connection settings.
- Allows you to create, modify and delete inventories.
- Encrypts sensitive data such as passwords so that they are not stored in plain text.
- Allows you to start, restart, stop and get the status of the Inv-Alert service.
- CentOS 8, RedHat 8 or Rocky Linux 8 (So far it has only been tested in this version)
- ElasticSearch 7.x
- Python 3.6
- Python Libraries
- libPyDialog (https://github.com/erickrr-bd/libPyDialog)
- libPyElk (https://github.com/erickrr-bd/libPyElk)
- libPyTelegram (https://github.com/erickrr-bd/libPyTelegram)
- libPyLog (https://github.com/erickrr-bd/libPyLog)
- libPyUtils (https://github.com/erickrr-bd/libPyUtils)
To install or update Inv-Alert, you must run the installer_inv_alert.sh executable with administrator rights. The installer will perform the following actions:
- Copy and creation of directories and files necessary for the operation of Inv-Alert.
- Creation of user and specific group for the operation of Inv-Alert.
- It changes the owner of the files and directories necessary for the operation of Inv-Alert, assigning them to the user created for this purpose.
- Creation of passphrase for the encryption and decryption of sensitive information, which is generated randomly, so it is unique for each Inv-Alert installation.
- Creation of Inv-Alert service.