def finder(conditions): DBMS.connect(Configuration.db_path) log_type = Configuration.doc['input'][conditions['logType']] if 'related' in log_type: pass types = DBMS.getTable(conditions['logType']) for i in range(0, len(types)): types[i] = types[i][1] # 构造的命令由两部分组成: # 1.有占位符的sql查询语句 # 2.括号内占位符所代表的变量名 command = 'SELECT * FROM ' + conditions['logType'] keys = list(conditions) data = list(conditions.values()) # 构造查询语句 # 判断是否为第一个 first = True for i in range(0, len(keys)): # 如果当前key上的value为None,跳过 if data[i] is None or data[i] == "": continue # 跳过名字 if not i: continue # 第一个出现的特殊条件用where作为前缀 if i != 0 and first is True: command += ' WHERE ' + keys[i] + " = '" + data[i] + "'" first = False continue # 其他所有出现的特殊条件都用and作为前缀 command += ' AND ' + keys[i] + " = '" + data[i] + "'" write_msg(command) lists = DBMS.search(command) result = [] for item in lists: # 字典key和value匹配 pack = dict(zip(types, item)) result.append(pack) bbb = DBMS.search_mis_clt(pack["pid"], pack.get("SendToHost","")) if bbb: result.append(dict(zip(types, bbb))) write_msg("NOTICE: Search complete, " + str(len(result)) + " eligible items") DBMS.disconnect() return result
def spider(file_date=None, log_type=Configuration.logType): ''' TODO: 用Configuration.logType 作参数不合适 ''' if not DBMS.connect(Configuration.db_path): return False # 将文件名拆成名字和后缀 file_list = [] if isinstance(log_type, str): print(log_type, Configuration.logType) if log_type not in Configuration.logType: return False log_type = [log_type] for t in log_type: if file_date: if os.path.isfile(Configuration.log_path + t + '/' + t + '.' + file_date): Dealer.classification(Configuration.log_path + t + '/' + t + '.' + file_date) file_list.append((t, '.' + file_date)) else: print "ERROR: file " + Configuration.log_path + t + '/' + t + '.' + file_date + " don't exist." # 关键字提取 result = None for name in file_list: if name[0] in Configuration.doc[ 'input'] and 'type' in Configuration.doc['input'][name[0]]: if name[0] == 'mis_clt': result = unpacking_general.classifying_mis("".join( tuple(name))) else: result = unpacking_general.classifying("".join(tuple(name))) # 可以返回json或则入库 DBMS.delete_table(name[0]) DBMS.insert_dict_into_sql(name[0], result) DBMS.disconnect() return True
def sensor(file_date=None): """ 根据fileDate 检测系统中指定配置目录下的日志文件 如fileDate 为None,则检测所有文件 """ if not DBMS.connect(Configuration.db_path): return False for item in file_names(Configuration.log_path): portion = os.path.splitext(item) # 检测到配置目录下指定日期的文件 if file_date: if portion[1] == '.' + file_date: if DBMS.skip(portion[0], portion[1].replace('.', "")): continue DBMS.insert_dict_into_sql('sign', [{'logType': portion[0], 'FileDate': portion[1].replace('.', ""), 'Status': False}]) # 日期为缺省默认处理所有文件 else: if DBMS.skip(portion[0], portion[1].replace('.', "")): continue DBMS.insert_dict_into_sql('sign', [{'logType': portion[0], 'FileDate': portion[1].replace('.', ""), 'Status': False}]) DBMS.disconnect() return True