knightjoel / zpark Goto Github PK
View Code? Open in Web Editor NEWZpark: A Bot for Cisco Spark and Zabbix
Home Page: https://knightjoel.github.io/zpark/
License: MIT License
Zpark: A Bot for Cisco Spark and Zabbix
Home Page: https://knightjoel.github.io/zpark/
License: MIT License
The primary use case is so that "*@domain.com" can be specified which would make it convenient to trust all users in an org or belonging to a specific domain. Intention is to allow any manner of regex to be specified, however.
Should provide:
urllib: CVE-2018-20060 affecting < v1.23
flask: CVE-2018-1000656 affecting < v0.12.3
Zpark unconditionally shows issues that have not been acknowledged (withLastEventUnacknowledged=1
in the trigger filter). That's fine, but has some drawbacks.
Want to enhance Zpark to account for ack'd issues in these ways (and more?)
Need to account for:
Use case is in a group room, being able to type something like @bot, show issues
. Right now, the syntax is very strict and must be @bot show issues
.
Maybe it's just me, but my muscle memory is to type a comma after the @name of someone (thanks, IRC).
The pyzabbix
module uses the requests
module to contact the Zabbix API. The requests
module by default, has SSL certificate verification enabled. In the case where the Zabbix server has HTTPS enabled and has been issued with a self-signed or private CA issued certificate, the requests
module will throw an exception because it won't be able to verify such a certificate.
This exception will be thrown during startup of the Celery worker processes resulting in the workers failing to start.
Thanks to @egnirra for bringing this to my attention.
When first getting Zpark up and running, it would be very useful if Zpark would log a message when it drops a command from an untrusted user (ie, a user that isn't part of the SPARK_TRUSTED_USERS list) to aid in troubleshooting and just getting the bot up and running the first time.
Once troubleshooting is complete, want a way to ensure logs are not spammed by random users issuing commands to the bot.
Thanks to @egnirra for the suggestion!
Thanks to @egnirra for pointing this out.
"Number of items" and "Number of triggers" counts are off.
Tracking issue for anything that crops up related to the rebranding of Cisco Spark to Webex Teams
https://nvd.nist.gov/vuln/detail/CVE-2018-18074
Vulnerable versions: <= 2.19.1
Patched version: 2.20.0
The Requests package through 2.19.1 before 2018-09-14 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.