Skip to main content

Dev scripts and api endpoints

Api endpoint to re-create session​

In some error cases we might want to recreate the session. This process will take all events in the session and will create the audit. For that we have an api endpoint (one in each region) https://usw2.legionsecurity.ai/session/{session_id>/mgmt/recreateSession https://caw1.legionsecurity.ai/session/{session_id>/mgmt/recreateSession

in order for this api to work:

  1. go to mongo ui, connect to the right region, and in the audit collection find the session. query example: {session_id:"0e84d69001", customer_id:"org_pkQ9vW8muOqZSTc1"}
  2. change status to active
  3. change allow_recreate_session type to Boolean and then set value to true

Then you can use the api to recreate session. Excpect the statues to change immediately to 'processing' and allow_recreate_session back to false

scripts under dev_tools in backend project​

For Windows users - see instructions in the end

reprocess_events script​

In cases where events image failed to render, we can run this script to create the screenshots (from the dom snapshots) and describe the images.

Run cmd: poetry run python dev_tools/reprocess_events.py

redescribe_events script under​

In cases where events image failed to render, we can run this script to create the screenshots (from the dom snapshots) and describe the images.

Run cmd: poetry run python dev_tools/reprocess_events.py

Copy use cases in preparation for customers investigations​

  1. export_cloned_use_case.py will create a file with a copy of use case, graph, and custom skills if exist in the use case graph
  2. import_cloned_use_case.py the output of the script in #1 and inserts to db (make sure to adjust the .env file according to the instructions Here)
  3. print_use_case_skills.py is a util to print the details of the skills in the use case
  4. built_in_skill_to_mongo.py take a use case and a specific build_in skill in this use case, and creates a new custom skill for it and updates the graph accordingly

windows users instructions:​

Instructions for Windows guys for running the scripts

  1. build docker container (the one we already have) docker build -t backend .
  2. run the container with the wanted script as entry point docker run --rm -it -v <PATH_TO_BACKEND_CODE>:/usr/app -v <PATH_TO_AWS_PROFILE>/.aws:/root/.aws backend-dev bash -c "poetry install && poetry run python dev_tools/reprocess_events.py"

for example: docker run --rm -it -v /Users/moria/legion/backend:/usr/app -v /Users/moria/.aws:/root/.aws backend-dev2 bash -c "poetry install && poetry run python dev_tools/reprocess_events.py" notice that since the code is mapped as volume you only need to build the container once and from that point you can reuse it again and again even if you change the code/scripts