def parse_packet(self): '''This function will parse the needed data from the packet XML definition and send the data to the API. ''' packet = soup(self.packet) # The BeautifulSoup parser object of the XML proto = packet.findAll('section')[-2].text if proto not in self.protos: self.protos[proto] = 0 self.protos[proto] += 1 if (int(time.time()) - self.wait_timer) >= self.interval: for proto in self.protos: log.debug('%s Stats: %s: %s' % (self.stanza, proto, self.protos[proto])) dofler.api.stat(proto, self.protos[proto]) self.wait_timer = int(time.time()) self.protos = {}
def parse_packet(self): '''This function will parse the needed data from the packet XML definition and send the data to the API. ''' packet = soup(self.packet) # The BeautifulSoup parser object of the XML username = None # Preload of username password = None # Preload of password host = None # Preload of host # Here we are attempting to parse out the data from the packet XML # definition. If we run into any problems, then just return an empty # data tuple so that the rest of the code runs through properly and # ignores the data. try: host = packet.find('field', attrs={'name': 'http.host'}).get('show') post = packet.find('proto', attrs={'name': 'data-text-lines'})\ .findNext('field').get('show') data = cgi.parse_qsl(post) except: data = () # Here is where we will start trying to parse out the username and # password if we see them. We will be using some simple "if x in y" # logic to allow us to check for subsets of data. for item in data: if len(item) == 2: opt, val = item # This is the username definitions. As app developers use a # lot of different notations for a username, we have to check # for several of them. for sel in ['log', 'mail', 'usuario', 'nick' ,'user', 'username', 'uid', 'email']: if sel in opt.lower() and username == None: username = val # And the password definitions. As you can see, this is a lot # easier to parse ;) for sel in ['pass', 'pw', 'word', 'contrasena', 'clave']: if sel in opt.lower() and password == None: password = val # If we have all the data, then lets send it on to the API. if username is not None and password is not None and host is not None: log.debug('%s is sending Account <%s>' % (self.stanza, username)) dofler.api.account(username, password, host, 'HTTP', 'tshark-http')
def parse(self, line): filename = line.strip('\r\n') log.debug('%s sending image: %s' % (self.stanza, filename)) dofler.api.image(filename) os.remove(filename)