from settings import WATCHED_SOURCES from parsers import default PARSERS = {} for source, parsers in WATCHED_SOURCES.items(): parsers = [parsers] if type(parsers) == str else parsers parser_modules = [] for module_name in parsers: if module_name: try: exec('from parsers import %s' % module_name) parser_modules.append(eval('%s' % module_name)) except ImportError: print('[X] Parser module not found! %s' % module_name) else: parser_modules.append(default) PARSERS[source] = tuple(parser_modules) def get_sources_info(): """/var/log/system.log : for sudo,auth events port 5900 : for vnc events port 22 : for ssh events """ return '\n'.join('{0}: {1}'.format( ('port %s' % source if type(source) == int else source).ljust(25), 'for %s events' % ','.join( f.__name__.split('.', 1)[-1] # parsers.ssh -> ssh for f in parsers)) for source, parsers in PARSERS.items())
from settings import WATCHED_SOURCES from parsers import default PARSERS = {} for source, parsers in WATCHED_SOURCES.items(): parsers = [parsers] if type(parsers) == str else parsers parser_modules = [] for module_name in parsers: if module_name: try: exec("from parsers import %s" % module_name) parser_modules.append(eval("%s" % module_name)) except ImportError: print("[X] Parser module not found! %s" % module_name) else: parser_modules.append(default) PARSERS[source] = tuple(parser_modules) def get_sources_info(): """/var/log/system.log : for sudo,auth events port 5900 : for vnc events port 22 : for ssh events """ return "\n".join( "{0}: {1}".format( ("port %s" % source if type(source) == int else source).ljust(25), "for %s events" % ",".join(f.__name__.split(".", 1)[-1] for f in parsers), # parsers.ssh -> ssh )
from time import sleep from settings import WATCHED_SOURCES, POLLING_SPEED from sources.logfile import gen_lines from sources.sockets import gen_conns all_source_generators = { # generator depends on whether source is a port number or file path source: gen_conns(source) if type(source) == int else gen_lines(source) for source in WATCHED_SOURCES.keys() } def get_new_lines(source_generators=all_source_generators, delay=POLLING_SPEED): """infinite runloop which reads lines out of their source generators""" while True: for source, generator in source_generators.iteritems(): next_line = next(generator) while next_line: yield (source, next_line) next_line = next(generator) sleep(delay)