def new_run(entertime,delta,serverNum,dport,indx='tcp-*',aggs_name='dip',):
# new running procedure
updatetime=datetime.datetime.now()
startTime = entertime
# beginTime = datetime.datetime.strptime(begin, '%Y-%m-%d %H:%M:%S')
# flgnum is the running times per day
flgnum=0
# get format: "yy-mm-dd"
tday=datetime.datetime.now().date()
# runtime=0 # elapsed time of whole process,included check and merge
mylog=blacklist_tools.getlog()
while True:
if(tday!=datetime.datetime.now().date()):
flgnum=0 # reset flgnum per day
tday=datetime.datetime.now().date()
dirpath = parser_config.get_store_path()[1] + str(tday) + os.path.sep
os.mkdir(dirpath)
while datetime.datetime.now() < startTime:
#print('time sleep...')
mylog.info("time sleep...")
time.sleep((startTime-datetime.datetime.now()).total_seconds())
try:
# st=time.clock()
#update source dataset
if(datetime.datetime.now()>updatetime):
update_blacklist.main(tday,flgnum)
updatetime=updatetime+delta
# check interval time is 5mins
checkES(startTime,indx,aggs_name,serverNum,dport,tday)
startTime = startTime + delta
flgnum+=1
# runtime=time.clock()-st# get the time of whole process
except Exception, e:
# print e
mylog.error(e)
def new_run(
entertime,
delta,
serverNum,
dport,
indx='tcp-*',
aggs_name='dip',
):
# new running procedure
startTime = entertime
# beginTime = datetime.datetime.strptime(begin, '%Y-%m-%d %H:%M:%S')
# flgnum is the running times per day
flgnum = 0
# get format: "yy-mm-dd"
tday = datetime.datetime.now().date()
runtime = 0 # elapsed time of whole process,included check and merge
while True:
if (tday != datetime.datetime.now().date()):
flgnum = 0 # reset flgnum per day
tday = datetime.datetime.now().date()
while datetime.datetime.now() < startTime:
print('time sleep...')
time.sleep(delta.seconds - runtime)
try:
st = time.clock()
#update source dataset
update_blacklist.main(tday, flgnum)
# check interval time is 15mins
checkES(startTime, indx, aggs_name, serverNum, dport, tday)
startTime = startTime + delta
flgnum += 1
runtime = time.clock() - st # get the time of whole process
except Exception, e:
print e
def new_run(entertime,
delta,
serverNum,
dport,
offset,
querys,
indx='tcp-*',
aggs_name='dip'):
# new running procedure
updatetime = datetime.datetime.now()
startTime = entertime
# beginTime = datetime.datetime.strptime(begin, '%Y-%m-%d %H:%M:%S')
# flgnum is the running times per day
flgnum = 0
# get format: "yy-mm-dd"
tday = datetime.datetime.now().date()
# runtime=0 # elapsed time of whole process,included check and merge
mylog = blacklist_tools.getlog()
updateFlg = parser_config.update_flg() #
while True:
if (tday != datetime.datetime.now().date()):
flgnum = 0 # reset flgnum per day
tday = datetime.datetime.now().date()
dirpath = parser_config.get_store_path()[1] + str(
tday) + os.path.sep
os.mkdir(dirpath)
while datetime.datetime.now() < startTime:
#print('time sleep...')
mylog.info("Time sleeping ...")
time.sleep((startTime - datetime.datetime.now()).total_seconds())
try:
# st=time.clock()
#update source dataset
if (updateFlg == 1):
if (datetime.datetime.now() > updatetime):
update_blacklist.main(tday, flgnum)
updatetime = updatetime + delta
# check interval time is 5mins
all_IP = checkES(startTime, indx, aggs_name, serverNum, dport,
tday, offset, querys)
#IP second check for C&C
flg_C2 = parser_config.get_ip_secondcheck()
if (flg_C2 == 1):
# 从info中IP检查,提升为warn
mylog.info('all_IP size:{}'.format(len(all_IP)))
ip_check_C2.main(startTime, all_IP, serverNum, dport, indx)
startTime = startTime + delta
flgnum += 1
# runtime=time.clock()-st# get the time of whole process
except Exception, e:
# print e
mylog.error(e)