RAPEX Searcher API
This API has been created to be able to verify the different positive alerts. Once the visual part is accessed, it allows to categorize the alert between false positives or not. In case the alert is a false positive, it can be classified between 5 different types of known false positives and a sixth one, called "others", that also allows to write a comment indicating why that alert is considered a false positive.
Getting Started
The following instructions will allow you to get a completely functional RAPEX Searcher environment. This is just a guideline about how to install and deploy the solution. Adapt it to your needs.
Prerequisites
RAPEX Searcher has some requirements that should be accomplished before starting deploying it.
- Ubuntu 18.04.1 LTS 64-bit or later
- Python 3.6 or later
- pip3 9.0.1 or later
Update packages list in case you didn't do before (recommended):
sudo apt update
Python 3.7 installation
Python 3 is already installed in Ubuntu 18 distributions. However, in case you want to use Python 3.7, follow the next steps to install it.
First update packages list and install the prerequisites:
sudo apt install software-properties-common
Then add the deadsnakes PPA to your sources list:
sudo add-apt-repository ppa:deadsnakes/ppa
Last, install Python 3.7 with:
sudo apt install python3.7
You can verify if everything is alright just typing (it should print Python version number):
$ python3.7 --version Python 3.7.3
pip3 installation
pip3 will be used as the package manager for Python in RAPEX Searcher core installation, so must be installed before starting the deployment.
After packages list update, install pip for Python 3:
sudo apt install python3-pip
You can verify the installation typing:
$ pip3 --version pip 9.0.1 from /usr/lib/python3/dist-packages (python 3.7)
PostgreSQL client
To be able to execute queries to the DB it is necessary to install the postgresql client on the machine. To do this, the libpq-dev library must be installed:
sudo apt-get install libpq-dev
Installing and deploying
Installing Python virtual environment
RAPEX Searcher API component must be deployed inside a virtual environment, therefore it is necessary to install a virtual environment utility using “pip”.
Use the following command to install virtual environment utility:
sudo pip install virtualenv
Create a new virtual environment for the application. Name it, for example, as rapex_venv
(note that will be necessary to replace <venv_location> for the path where you want to create the environment):
$ cd /<venv_location> $ virtualenv rapex_venv Using base prefix '/usr' New python executable in <venv_location>/rapex_venv/bin/python3 Also creating executable in <venv_location>/rapex_venv/bin/python Installing setuptools, pip, wheel... done.
Test it executing the following command. The prompt should change to the same as the virtual environment defined:
$ . rapex_venv/bin/activate (rapex_venv) ➜ rapex_venv (rapex_venv) deactivate
Installing RAPEX Searcher
Once the virtual environment created is tested, go to RAPEX Searcher GitHub repository and download the code or clone it. From the files obtained, go to application directory:
cd /path/to/downloaded/repo/rapex-searcher-api
Copy searcher
directory to the location desired for installing Python application:
cp rapex-searcher-api /path/to/desired/location
Enter in the virtual environment and install the RAPEX Searcher API from the directory as follows:
$ . /<venv_location>/rapex_venv/bin/activate (rapex_venv) $ pip install /path/to/rapex-searcher-api
The installation ends when the message Successfully installed
is printed in the terminal and pip returns control to the user. In this moment, the application is ready to use
Finally, check the location of the solution running the show command for pip:
(rapex_venv) $ pip3 show rapex-searcher-api
Configuration Nginx
It’s necessary to configure Nginx to know where the static folder is located. To do this, the Nginx file must be modified. To open the file, run the following command
sudo nano /etc/nginx/sites-available/default
Finally, the file must be modified with the following information:
root /var/www/html;
location /rapex-searcher {
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass $scheme://127.0.0.1:5000;
}
location /static {
root /home/ubuntu/rapex-searcher-api/src/rapex_searcher_api/api/;
}}
Finally, it would have to restart the service to make the changes in the configuration file:
$ sudo systemctl restart nginx
Creating RAPEX API service
This software is designed to work as a service. To do so, create a new .service file using nano
or any other text editor of your preference:
sudo nano /etc/systemd/system/Gunicorn-Rapex-Verify.service
Copy and paste the following block in the terminal and save it. Remember to replace <venv_location> and <rapex_location> for the values used previously in this readme.
[Unit]
Description=Instancia para crear Gunicorn_Rapex-Verify
After=network.target
[Service]
WorkingDirectory=/home/ubuntu/rapex-searcher-api/src/rapex_searcher_api/
ExecStart=/home/ubuntu/venv/bin/gunicorn --config /home/ubuntu/rapex-searcher-api/src/rapex_searcher_api/gunicorn-config.py wsgi:app
[Install]
WantedBy=multi-user.target
The “WorkingDirectory” points to the installation path of the rapex-searcher-api package. “ExexStar” should be ponting to gunicorn’s bin and “–config” points to gunicorn-config.py inside
rapex-searcher-api
Reload systemd to make the daemon aware of the new configured service.
sudo systemctl --system daemon-reload
To run RAPEX automatically at boot (as it should in a production environment), you need to enable the service:
sudo systemctl enable Gunicorn-Rapex-Verify.service
You can start the service (start
), stop it (stop
), restart it (restart
) and remove it from startup (disable
). Check systemctl manual to know more about these and other useful commands:
man systemctl
Built With
License
This project is licensed under the European Union Public License 1.2 -see the LICENSE file for details.