def test_read_host_country():
    with OpenPostgreSQLsshTunnel(port=5436) as pport:
        engine = create_db_engine(port=pport)
        host_country = read_host_country(engine)

    assert len(host_country) >= 13754
    assert host_country['218.87.111.108'] == 'CN'
def test_read_host_country():
    with OpenPostgreSQLsshTunnel(port=5436) as pport:
        engine = create_db_engine(port=pport)
        host_country = read_host_country(engine)

    assert len(host_country) >= 13754
    assert host_country['218.87.111.108'] == 'CN'
def test_analyze_files():
    with OpenPostgreSQLsshTunnel(port=5437) as pport:
        engine = create_db_engine(port=pport, dbname='test_ssh_intrusion_logs')
        create_tables(engine)
        output = analyze_files(engine, test=True)
        print(output)
        assert output >= 0
        delete_tables(engine)
def test_read_country_code():
    with OpenPostgreSQLsshTunnel(port=5435) as pport:
        engine = create_db_engine(port=pport)
        country_code = read_country_code(engine)

    print(len(country_code))
    assert len(country_code) == 250
    assert country_code['IL'] == 'Israel'
def test_analyze_files():
    with OpenPostgreSQLsshTunnel(port=5437) as pport:
        engine = create_db_engine(port=pport, dbname='test_ssh_intrusion_logs')
        create_tables(engine)
        output = analyze_files(engine, test=True)
        print(output)
        assert output >= 0
        delete_tables(engine)
def test_read_country_code():
    with OpenPostgreSQLsshTunnel(port=5435) as pport:
        engine = create_db_engine(port=pport)
        country_code = read_country_code(engine)

    print(len(country_code))
    assert len(country_code) == 250
    assert country_code['IL'] == 'Israel'
def test_find_originating_country():
    with OpenPostgreSQLsshTunnel(port=5434) as pport:
        engine = create_db_engine(port=pport)
        country_list = read_country_code(engine)

    host = 'host-219-235-1-84.iphost.gotonets.com'
    country = find_originating_country(hostname=host,
                                       country_code_list=country_list)
    assert country == 'CN'
def run_parse():
    """
        Open connection with postgresql database
        create engine
        run analyze_files
    """
    with OpenPostgreSQLsshTunnel(port=5433) as pport:
        engine = create_db_engine(port=pport)
        print(analyze_files(engine))
Exemple #9
0
def run_parse():
    """
        Open connection with postgresql database
        create engine
        run analyze_files
    """
    with OpenPostgreSQLsshTunnel(port=5433) as pport:
        engine = create_db_engine(port=pport)
        print(analyze_files(engine))
def test_find_originating_country():
    with OpenPostgreSQLsshTunnel(port=5434) as pport:
        engine = create_db_engine(port=pport)
        country_list = read_country_code(engine)

    host = 'host-219-235-1-84.iphost.gotonets.com'
    country = find_originating_country(hostname=host,
                                       country_code_list=country_list)
    assert country == 'CN'
def run_analyze(data_path=security_log_analysis.__path__[0]):
    """
        Open connection with postgresql database
        create engine
        plot time domain frequencies
        print local / remote comparison
    """
    with OpenPostgreSQLsshTunnel(port=5433) as pport:
        engine = create_db_engine(port=pport)
        fill_country_plot(engine, data_path)
        for table in ('ssh_log', 'ssh_log_cloud', 'apache_log', 'apache_log_cloud'):
            plot_time_access(engine, table, table)
        print('\nssh local remote comparison')
        local_remote_comparison(engine)
        print('\napache local remote comparison')
        local_remote_comparison(engine, table='local_remote_compare_apache')
Exemple #12
0
def run_analyze(data_path=security_log_analysis.__path__[0]):
    """
        Open connection with postgresql database
        create engine
        plot time domain frequencies
        print local / remote comparison
    """
    with OpenPostgreSQLsshTunnel(port=5433) as pport:
        engine = create_db_engine(port=pport)
        fill_country_plot(engine, data_path)
        for table in ('ssh_log', 'ssh_log_cloud', 'apache_log',
                      'apache_log_cloud'):
            plot_time_access(engine, table, table)
        print('\nssh local remote comparison')
        local_remote_comparison(engine)
        print('\napache local remote comparison')
        local_remote_comparison(engine, table='local_remote_compare_apache')