Python stdWriteFlush Examples

Programming Language: Python

Namespace/Package Name: lib.util

Method/Function: stdWriteFlush

Examples at hotexamples.com: 3

Python stdWriteFlush - 3 examples found. These are the top rated real world Python examples of lib.util.stdWriteFlush extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: pcaps.py Project: chriswhitehat/cirta

def concatPCAPs(ssh, tmpPath, sensor, files):

    concPath = tmpPath + 'concatenated'

    stdWriteFlush("Concatenating PCAPs on %s...\n" % sensor)
    
    stdin, stdout, stderr = ssh.exec_command('find /tmp/ -name "%s*" | sort | xargs mergecap -a -w %s' % (os.path.basename(tmpPath), concPath))
    stdout.read()

Example #2

Show file

File: pcaps.py Project: chriswhitehat/cirta

def mergePCAPGroups(event):        
    for name, match in [x.strip().split(':') for x in confVars.mergeGroups.split(',')]:
        matched = [x for x in event.pcaps if match in x]
        if matched:
            stdWriteFlush('Merging %s sensor group...\n' % name)
            mergedPCAP = '%s.%s.pcap' % (event._baseFilePath, name)
            out = runBash('mergecap -w %s %s' % (mergedPCAP, ' '.join(matched)))
            for pcap in matched:
                event.pcaps.remove(pcap)
            event.pcaps.append(mergedPCAP)

Example #3

Show file

File: pcaps.py Project: chriswhitehat/cirta

def tcpdumpFiles(event, ssh, server, dailies):
    
    def pcapNotEmpty(ssh, pcapFile):
       
        stdin, stdout, stderr = ssh.exec_command('/usr/sbin/tcpdump -s 1515 -nn -c 1 -r %s' % (pcapFile))
        output = stdout.readlines()
        return len(output)
    
    #event.pcaps = []

    for sensor, logs in dailies.iteritems():
        tmpPath = '/tmp/%s_%s' % (os.path.basename(event._baseFilePath), sensor)
        
        i = 0
        count = 1
        total = len(logs)
        absTempPaths = []
        tempFiles = []
        #stdWriteFlush()
        for pcapFile in logs:
            stdWriteFlush(precentComplete('Processing PCAPs on %s: ' % sensor, count, total))
            count += 1
            #stdWriteFlush('.')
            absTempPath = "%s%06d" % (tmpPath, i)
            stdin, stdout, stderr = ssh.exec_command('/usr/sbin/tcpdump -s 1515 -nn -r %s -w %s %s' % (pcapFile, absTempPath, event._pcapBPF))
            error = stderr.read()
            stdout.read()
            
            if 'tcpdump: syntax error' in error:
                log.error("Error: Invalid BPF, '%s'" % event._pcapBPF)
                log.debug('msg="invalid bpf" bpf="%s"' % event._pcapBPF)
                raise error
           
            if pcapNotEmpty(ssh, absTempPath):
                i += 1
                absTempPaths.append(absTempPath)
                tempFiles.append(absTempPath.split('/')[-1])
           
        stdWriteFlush('\n')
        
        if absTempPaths:
            concatPCAPs(ssh, tmpPath, sensor, absTempPaths)
            #print('scp %s:%sconcatenated %s.%s.pcap' % (server, tmpPath, event._baseFilePath, sensor))
            print('Transferring PCAP from %s...\n' % sensor)
            dstPCAP = '%s.%s.pcap' % (event._baseFilePath, sensor)
            event.pcaps.append(dstPCAP)
            out = runBash('scp %s:%sconcatenated %s.%s.pcap' % (server, tmpPath, event._baseFilePath, sensor))
        
        ssh.exec_command('rm %s*' % tmpPath)