def setup_custom_logger(name):
formatter = logging.Formatter(
fmt='%(asctime)s %(levelname)-8s %(message)s',
datefmt='%Y-%m-%d %H:%M:%S')
logger = logging.getLogger(name)
logger.setLevel(logging.DEBUG)
return logger
import os
import glob
import math
import yara
from config import INTEL_DIR, CUSTOM_RULES_DIR, MAL_DIR
from logger import logging, LOG_FILE, FORMATTER, TIMESTAMP, LOG_LEVEL
logger = logging.getLogger(__name__)
logger.setLevel(LOG_LEVEL)
formatter = logging.Formatter(FORMATTER, TIMESTAMP)
file_handler = logging.FileHandler(LOG_FILE)
file_handler.setFormatter(formatter)
logger.addHandler(file_handler)
class YaraCreate:
"""Yara_create
There are 3 defined functions to craft a Yara Rule
- new_rule(rule_name)
- add_meata(value, key)
- add_strings(strings, identifier, condition=None)
E.g Yara Rule
rule with_attachment {
meta:
author = "Antonio Sanchez <*****@*****.**>"
reference = "http://laboratorio.blogs.hispasec.com/"
import requests
import pprint
from os import environ
from os import system
import json
import time
import sys
from logger import logging
formatter = logging.Formatter(fmt='%(asctime)s %(levelname)-8s %(message)s',
datefmt='%Y-%m-%d %H:%M:%S')
logger = logging.getLogger('zookeeper-launch')
logger.setLevel(logging.DEBUG)
pp = pprint.PrettyPrinter(indent=4)
discovery_ep = environ.get('DISCOVERY_EP') + '/subscriptions/' + environ.get(
'TENANT_ID')
logger.info("Discovery endpoint %s", discovery_ep)
headers = json.loads('{"Content-type": "application/json"}')
getUrl = discovery_ep + '/getpods'
response = requests.get(getUrl, headers=headers)
response.raise_for_status()
#pp.pprint(response.json())
role_name = environ.get('ROLE_NAME')
logger.info("Role %s", role_name)
lExpectedHosts = {}
for pod in response.json():
if pod["DesiredStatus"] != 1:
df.write.format("mongo").mode(write_mode).option(
"database", database).option("collection", collection).save()
logging.info('Write to MongoDB completed successfully')
except Exception as e:
logging.error('Error in write_to_mongo() function: {0}'.format(e))
raise e
if __name__ == "__main__":
try:
#Initializes logger
logger = logging.getLogger()
fhandler = logging.FileHandler(filename='user_count_by_day.log',
mode='w')
formatter = logging.Formatter(
'%(asctime)s - %(name)s - %(levelname)s - %(message)s')
fhandler.setFormatter(formatter)
logger.addHandler(fhandler)
logger.setLevel(logging.INFO)
#Parses the arugment provided from the command line.
parser = argparse.ArgumentParser()
parser.add_argument("--cass_keyspace", help="keyspace")
parser.add_argument("--cass_table", help="table")
parser.add_argument("--mongo_db", help="Mongo db")
parser.add_argument("--mongo_collection", help="Mongo collection")
parser.add_argument("--incremental_run",
help="Full table load or incremental run")
args = parser.parse_args()
if not (args.cass_keyspace and args.cass_table and args.mongo_db
