def __init__(self, proto='tcp', host='localhost', port=514, level=5, facility=8, log_instance=''):
self.proto = proto
self.host = host
self.port = int( port )
self.level = int( level )
self.facility = int( facility )
self.bytes_sent = 0
if not log_instance:
self.logging = logger.logger()
self.logger = self.logging.get_logger(self.__class__.__name__)
else:
self.logger = log_instance
if proto == 'tcp':
self.setup_tcp()
self.logger.info('message="opened TCP connection" destination_host="%s" destination_port="%s" proto="%s"' % ( self.host, self.port, proto ) )
elif proto == 'udp':
self.setup_udp()
self.logger.info('message="opened UDP connection" destination_host="%s" destination_port="%s proto="%s"' % ( self.host, self.port, proto ) )
else:
self.setup_udp()
self.logger.info('message="opened UDP connection" destination_host="%s" destination_port="%s proto="%s""' % ( self.host, self.port, 'udp' ) )
def __init__(self,
proto='tcp',
host='localhost',
port=514,
level=5,
facility=8,
log_instance=''):
self.proto = proto
self.host = host
self.port = int(port)
self.level = int(level)
self.facility = int(facility)
self.bytes_sent = 0
if not log_instance:
self.logging = logger.logger()
self.logger = self.logging.get_logger(self.__class__.__name__)
else:
self.logger = log_instance
if proto == 'tcp':
self.setup_tcp()
self.logger.info(
'message="opened TCP connection" destination_host="%s" destination_port="%s" proto="%s"'
% (self.host, self.port, proto))
elif proto == 'udp':
self.setup_udp()
self.logger.info(
'message="opened UDP connection" destination_host="%s" destination_port="%s proto="%s"'
% (self.host, self.port, proto))
else:
self.setup_udp()
self.logger.info(
'message="opened UDP connection" destination_host="%s" destination_port="%s proto="%s""'
% (self.host, self.port, 'udp'))
def escape_cef_chars(text):
'''
escapes those special chars we cannot have in CEF messages
'''
escape_these = '\=\n\r\\'
for char in escape_these:
text = text.replace( char, '\\' + char)
return text
## Lets get the party started!
if __name__ == "__main__":
logging = logger.logger()
logger = logging.get_logger('CEFly')
logger.info('message="CEFly initialized"')
try:
parser = optparse.OptionParser()
(OPTIONS, ARGS) = parser.parse_args()
search_name = ARGS[3]
search_results = ARGS[7]
except Exception, e:
logger.error('message"Unable to arguments for search_name and search result location: %s"' % (e) )
try:
conf = load_conf(search_name)
