def __init__(self, data_dir, config='glastopf.cfg'): BaseLogger.__init__(self, config) self.options = {'enabled': self.config.getboolean('taxii', 'enabled')} self.host = self.config.get('taxii', 'host') self.port = self.config.getint('taxii', 'port') self.inbox_path = self.config.get('taxii', 'inbox_path') self.use_https = self.config.getboolean('taxii', 'use_https') self.client = HttpClient() self.client.setProxy('noproxy') auth_credentials = {'username': self.config.get('taxii', 'auth_basic_username'), 'password': self.config.get('taxii', 'auth_basic_password'), 'key_file': self.config.get('taxii', 'auth_certificate_keyfile'), 'cert_file': self.config.get('taxii', 'auth_certificate_certfile')} self.client.setAuthCredentials(auth_credentials) if self.config.getboolean('taxii', 'use_auth_basic'): self.client.setAuthType(tc.HttpClient.AUTH_BASIC) elif self.config.getboolean('taxii', 'use_auth_certificate'): self.client.setAuthType(tc.HttpClient.AUTH_CERT) elif self.config.getboolean('taxii', 'use_auth_basic') and self.config.getboolean('taxii', 'use_auth_certificate'): self.client.setAuthType(tc.HttpClient.AUTH_CERT_BASIC) else: self.client.setAuthType(tc.HttpClient.AUTH_NONE) self.stix_transformer = StixTransformer(self.config, data_dir)
def __init__(self, data_dir, work_dir, config="glastopf.cfg"): config = os.path.join(work_dir, config) BaseLogger.__init__(self, config) self.options = { "enabled": self.config.getboolean("syslog", "enabled"), "socket": self.config.get("syslog", "socket"), } if self.options['enabled']: #Make sure we only have one logger try: LogSyslog.logger except AttributeError: LogSyslog.logger = logging.getLogger('glastopf_attack') LogSyslog.logger.propagate = False if ":" in self.options['socket']: host, port = self.options['socket'].split(":") address = (host, int(port)) else: address = (self.options['socket'], 514) logging.info( 'Using syslog logger on remote {0}.'.format(address)) LogSyslog.log_handler = logging.handlers.SysLogHandler( address=address) LogSyslog.logger.addHandler(self.log_handler) LogSyslog.logger.setLevel(logging.INFO)
def __init__(self, data_dir, config="glastopf.cfg"): BaseLogger.__init__(self, config) self.options = { "enabled": self.config.getboolean("surfcertids", "enabled"), "host": self.config.get("surfcertids", "host"), "port": self.config.getint("surfcertids", "port"), "user": self.config.get("surfcertids", "user"), "password": self.config.get("surfcertids", "password"), "database": self.config.get("surfcertids", "database"), "atype": 3, "ptype_request": 60, "ptype_referer": 61, "ptype_useragent": 62, "ptype_host": 63, "ptype_pattern": 64, } if self.options['enabled']: try: import psycopg2 self.connection = psycopg2.connect( "host=%s port=%s user=%s password=%s dbname=%s" % ( self.options['host'], self.options['port'], self.options['user'], self.options['password'], self.options['database'], )) logger.info("Connected to the SURFcert IDS logserver.") except Exception as e: logger.exception( "Unable to connect to the SURFcert IDS logserver: {0}". format(e)) self.options['enabled'] = False
def __init__(self, data_dir, work_dir, config="glastopf.cfg"): config = os.path.join(work_dir, config) BaseLogger.__init__(self, config) self.options = { "enabled": self.config.getboolean("surfcertids", "enabled"), "host": self.config.get("surfcertids", "host"), "port": self.config.getint("surfcertids", "port"), "user": self.config.get("surfcertids", "user"), "password": self.config.get("surfcertids", "password"), "database": self.config.get("surfcertids", "database"), "atype": 3, "ptype_request": 60, "ptype_referer": 61, "ptype_useragent": 62, "ptype_host": 63, "ptype_pattern": 64, } if self.options['enabled']: try: import psycopg2 self.connection = psycopg2.connect( "host=%s port=%s user=%s password=%s dbname=%s" % ( self.options['host'], self.options['port'], self.options['user'], self.options['password'], self.options['database'], ) ) logger.info("Connected to the SURFcert IDS logserver.") except Exception as e: logger.exception("Unable to connect to the SURFcert IDS logserver: {0}".format(e)) self.options['enabled'] = False
def __init__(self, data_dir, work_dir, config="glastopf.cfg", reconnect=True): config = os.path.join(work_dir, config) BaseLogger.__init__(self, config) self.files_dir = os.path.join(data_dir, 'files/') self.enabled = False self._initial_connection_happend = False #legacy self.options = {'enabled': self.enabled} if self.config.getboolean("hpfeed", "enabled"): host = self.config.get("hpfeed", "host") port = int(self.config.getint("hpfeed", "port")) ident = self.config.get("hpfeed", "ident") secret = self.config.get("hpfeed", "secret") self.enabled = True #legacy self.options = {'enabled': self.enabled} self.chan_files = self.config.get("hpfeed", "chan_files") self.chan_events = self.config.get("hpfeed", "chan_events") self.hpc = None gevent.spawn(self._start_connection, host, port, ident, secret, reconnect)
def __init__(self, data_dir, work_dir, config="glastopf.cfg"): config = os.path.join(work_dir, config) BaseLogger.__init__(self, config) if self.config.getboolean("logstash", "enabled"): self.host = self.config.get("logstash", "host") self.port = int(self.config.getint("logstash", "port")) self.options = { "enabled": self.config.getboolean("logstash", "enabled"), } self.handler = self.config.get("logstash", "handler") if self.handler == "AMQP": self.username = self.config.get("logstash", "username") self.password = self.config.get("logstash", "password") self.exchange = self.config.get("logstash", "exchange") self.durable = self.config.getboolean("logstash", "durable") elif self.handler != "TCP" and self.handler != "UDP": raise Exception( "Incorrect logstash handler defined, please use AMQP, UDP or TCP" ) self._setup_handler() else: self.options = {"enabled": False}
def __init__(self, data_dir, work_dir, config='glastopf.cfg'): config = os.path.join(work_dir, config) BaseLogger.__init__(self, config) self.options = {'enabled': self.config.getboolean('taxii', 'enabled')} self.host = self.config.get('taxii', 'host') self.port = self.config.getint('taxii', 'port') self.inbox_path = self.config.get('taxii', 'inbox_path') self.use_https = self.config.getboolean('taxii', 'use_https') self.client = HttpClient() self.client.setProxy('noproxy') auth_credentials = { 'username': self.config.get('taxii', 'auth_basic_username'), 'password': self.config.get('taxii', 'auth_basic_password'), 'key_file': self.config.get('taxii', 'auth_certificate_keyfile'), 'cert_file': self.config.get('taxii', 'auth_certificate_certfile') } self.client.setAuthCredentials(auth_credentials) if self.config.getboolean('taxii', 'use_auth_basic'): self.client.setAuthType(tc.HttpClient.AUTH_BASIC) elif self.config.getboolean('taxii', 'use_auth_certificate'): self.client.setAuthType(tc.HttpClient.AUTH_CERT) elif self.config.getboolean( 'taxii', 'use_auth_basic') and self.config.getboolean( 'taxii', 'use_auth_certificate'): self.client.setAuthType(tc.HttpClient.AUTH_CERT_BASIC) else: self.client.setAuthType(tc.HttpClient.AUTH_NONE) self.stix_transformer = StixTransformer(self.config, data_dir)
def __init__(self, data_dir, work_dir, config="glastopf.cfg", reconnect=True): config = os.path.join(work_dir, config) BaseLogger.__init__(self, config) self.files_dir = os.path.join(data_dir, 'files/') self.enabled = False self._initial_connection_happend = False self.options = {'enabled': self.enabled} if self.config.getboolean("s3storage", "enabled"): self.endpoint = self.config.get("s3storage", "endpoint") self.accesskey = self.config.get("s3storage", "aws_access_key_id") self.secretkey = self.config.get("s3storage", "aws_secret_access_key") self.version = self.config.get("s3storage", "signature_version") self.region = self.config.get("s3storage", "region") self.bucket = self.config.get("s3storage", "bucket") self.enabled = True self.options = {'enabled': self.enabled} self.s3client = None self.s3session = None gevent.spawn(self._start_connection, self.endpoint, self.accesskey, self.secretkey, self.version, self.region, self.bucket)
def __init__(self, data_dir, work_dir, config="glastopf.cfg"): config = os.path.join(work_dir, config) BaseLogger.__init__(self, config) self.options = { "enabled": self.config.getboolean("profiler", "enabled"), "database": self.config.get("main-database", "connection_string") } self.logger = logging.getLogger('glastopf.modules.reporting.auxiliary.log_profiler')
def __init__(self, data_dir, config="glastopf.cfg"): BaseLogger.__init__(self, config) self.options = { "enabled": self.config.getboolean("mail", "enabled"), "user": self.config.get("mail", "user"), "pwd": self.config.get("mail", "pwd"), "mail_from": self.config.get("mail", "mail_from"), "mail_to": self.config.get("mail", "mail_to"), "smtp_host": self.config.get("mail", "smtp_host"), "smtp_port": self.config.get("mail", "smtp_port"), "patterns": self.config.get("mail", "patterns"), }
def __init__(self, data_dir, work_dir, config="glastopf.cfg"): config = os.path.join(work_dir, config) BaseLogger.__init__(self, config) self.options = {'enabled': False} try: self.options = { "enabled": self.config.getboolean("profiler", "enabled"), "database": self.config.get("main-database", "connection_string") } except (NoSectionError, NoOptionError): return self.logger = logging.getLogger(__name__)
def __init__(self, data_dir, config="glastopf.cfg", reconnect=True): BaseLogger.__init__(self, config) self.files_dir = os.path.join(data_dir, 'files/') self.enabled = False #legacy self.options = {'enabled': self.enabled} if self.config.getboolean("hpfeed", "enabled"): host = self.config.get("hpfeed", "host") port = int(self.config.getint("hpfeed", "port")) ident = self.config.get("hpfeed", "ident") secret = self.config.get("hpfeed", "secret") self.enabled = True #legacy self.options = {'enabled': self.enabled} self.chan_files = self.config.get("hpfeed", "chan_files") self.chan_events = self.config.get("hpfeed", "chan_events") self.hpc = hpfeeds.new(host, port, ident, secret, reconnect=reconnect)
def __init__(self, data_dir, work_dir, config="glastopf.cfg", reconnect=True): config = os.path.join(work_dir, config) BaseLogger.__init__(self, config) self.files_dir = os.path.join(data_dir, 'files/') self.enabled = self.config.getboolean("s3storage", "enabled") self._initial_connection_happend = False self.options = {'enabled': self.enabled} if self.enabled: self.endpoint = self.config.get("s3storage", "endpoint") self.accesskey = self.config.get("s3storage", "aws_access_key_id") self.secretkey = self.config.get("s3storage", "aws_secret_access_key") self.version = self.config.get("s3storage", "signature_version") self.region = self.config.get("s3storage", "region") self.bucket = self.config.get("s3storage", "bucket") self.enabled = True self.s3client = None self.s3session = None gevent.spawn(self._start_connection)
def __init__(self, data_dir, config="glastopf.cfg"): BaseLogger.__init__(self, config) self.options = { "enabled": self.config.getboolean("syslog", "enabled"), "socket": self.config.get("syslog", "socket"), } if self.options['enabled']: #Make sure we only have one logger try: LogSyslog.logger except AttributeError: LogSyslog.logger = logging.getLogger('glaspot_attack') LogSyslog.logger.propagate = False if ":" in self.options['socket']: address = self.options['socket'].split(":") else: address = self.options['socket'] LogSyslog.log_handler = logging.handlers.SysLogHandler(address=address) LogSyslog.logger.addHandler(self.log_handler) LogSyslog.logger.setLevel(logging.INFO)
def __init__(self, data_dir, work_dir, config="glastopf.cfg"): config = os.path.join(work_dir, config) BaseLogger.__init__(self, config) if self.config.getboolean("logstash", "enabled"): self.host = self.config.get("logstash", "host") self.port = int(self.config.getint("logstash", "port")) self.options = { "enabled": self.config.getboolean("logstash", "enabled"), } self.handler = self.config.get("logstash", "handler") if self.handler == "AMQP": self.username = self.config.get("logstash", "username") self.password = self.config.get("logstash", "password") self.exchange = self.config.get("logstash", "exchange") self.durable = self.config.getboolean("logstash", "durable") elif self.handler != "TCP" and self.handler != "UDP": raise Exception("Incorrect logstash handler defined, please use AMQP, UDP or TCP") self._setup_handler() else: self.options = {"enabled": False}
def __init__(self, data_dir, work_dir, config="glastopf.cfg"): config = os.path.join(work_dir, config) BaseLogger.__init__(self, config) self.options = { "enabled": self.config.getboolean("syslog", "enabled"), "socket": self.config.get("syslog", "socket"), } if self.options['enabled']: #Make sure we only have one logger try: LogSyslog.logger except AttributeError: LogSyslog.logger = logging.getLogger('glaspot_attack') LogSyslog.logger.propagate = False if ":" in self.options['socket']: host, port = self.options['socket'].split(":") address = (host, int(port)) else: address = (self.options['socket'], 514) logging.info('Using syslog logger on remote {0}.'.format(address)) LogSyslog.log_handler = logging.handlers.SysLogHandler(address=address) LogSyslog.logger.addHandler(self.log_handler) LogSyslog.logger.setLevel(logging.INFO)