def virus_Operat(self):
dict_host = {}
dict_U = {}
dict_virus = {}
dict_operat = {}
ws_virus_source = self.wb_virus_source.get_sheet_by_name("Sheet")
ws_virus_daily = DO().get_Sheet(wb=self.wb_virus,
sheet_name=u"日志",
title=[
u"结构", u"IP地址", u"主机类型", u"MAC地址",
u"计算机名", u"病毒名称", u"病毒类型",
u"受感染文件", u"感染路径", u"攻击类型",
u"处理措施", u"感染类型", u"时间", u"扫描类型",
u"组件版本", u"操作系统"
])
ws_virus_host = DO().get_Sheet(wb=self.wb_virus,
sheet_name=u"主机类型",
title=[u"主机类型", u"受攻击次数", u"所占比例"])
ws_virus_virus = DO().get_Sheet(wb=self.wb_virus,
sheet_name=u"病毒类型",
title=[u"病毒类型", u"所占次数", u"所占比例"])
ws_virus_U = DO().get_Sheet(wb=self.wb_virus,
sheet_name=u"攻击类型",
title=[u"攻击类型", u"所占次数", u"所占比例"])
ws_virus_operat = DO().get_Sheet(wb=self.wb_virus,
sheet_name=u"感染类型",
title=[u"感染类型", u"所占次数", u"所占比例"])
for source in list(ws_virus_source.rows):
if u"IP地址" == source[1].value:
continue
data = DO().get_Data(source)
host = DO().system_Belong(ip=source[1].value,
asset=self.asset_branch,
defaulthost=u"未知设备")
data.insert(2, host)
dict_host = DO().dict_Count(dict=dict_host, key=host)
virus = DO().virus_Belong(virus=source[4].value,
asset=self.asset_virus,
defaultvirus=u"未知病毒")
data.insert(6, virus)
dict_virus = DO().dict_Count(dict=dict_virus, key=virus)
U = DO().U_Belong(U=source[6].value)
data.insert(9, U)
dict_U = DO().dict_Count(dict=dict_U, key=U)
operat = DO().operat_Belong(operat=source[7].value)
data.insert(11, operat)
dict_operat = DO().dict_Count(dict=dict_operat, key=operat)
ws_virus_daily.append(data)
print u"======日志统计完毕======"
ws_virus_host = DO().dict_Getdata(ws=ws_virus_host, dict=dict_host)
print u"======主机统计完毕======"
ws_virus_virus = DO().dict_Getdata(ws=ws_virus_virus, dict=dict_virus)
print u"======病毒统计完毕======"
ws_virus_U = DO().dict_Getdata(ws=ws_virus_U, dict=dict_U)
print u"======攻击统计完毕======"
ws_virus_operat = DO().dict_Getdata(ws=ws_virus_operat,
dict=dict_operat)
print u"======感染统计完毕======"
self.wb_virus.save("outputFile/" + self.time + ".xlsx")
def internet_Event(self):
self.__init__()
filename = "Internet_Event"
self.regular_type_1.append(re.compile(r'http.status_code=4(.*?);'))
self.regular_type_0.append(re.compile(r'http.status_code=(.*?);'))
self.regular_type_0.append(re.compile(r'http.url=/(.*?);'))
self.regular_type_0.append(re.compile(r'http.url=(.*?);'))
try:
_xlxs_csv.Csv2Xlxs(self.time, filename)
except:
pass
wb_source = openpyxl.load_workbook("inputFile/" + self.time + "/" +
filename + ".xlsx")
ws_source = wb_source.get_sheet_by_name("Sheet")
ws_filter_urlall = DO().get_Sheet(self.wb_filter, u"URL(分)",
self.title)
ws_filter_url_f = DO().get_Sheet(self.wb_filter, u"URL(分)筛",
self.title_f)
ws_chart_urlsys = DO().get_Sheet(self.wb_chart, u"URL(分)系统",
[u"系统", u"次数"])
ws_chart_url = DO().get_Sheet(self.wb_chart, u"URL(分)筛URL",
[u"URL", u"次数"])
ws_top_url = DO().get_Sheet(self.wb_top, u"URL(分)",
[u"URL", u"应用系统", u"源IP", u"告警名称", u"频率"])
for rows_source in list(ws_source.rows):
rows_source = list(rows_source)
sys_other = DO().system_Belong(rows_source[4].value,
self.assetother)
if sys_other != None:
data = DO().get_Data(rows_source)
data.append(sys_other)
ws_filter_urlall.append(data)
self.charts = DO().count_Dict(self.charts, data[-1])
if rows_source[7].value != None:
if "http.host" in rows_source[7].value:
if DO().data_Regular(rows_source[7].value,
self.regular_type_1, 1):
if DO().data_Regular(rows_source[7].value,
self.regular_type_0, 0):
host, url, user_agent, status_code = DO(
).http_Split(data[7])
for x in status_code, user_agent, url, host:
data.insert(7, x)
ws_filter_url_f.append(data)
if host != 'NULL':
self.chartall = DO().count_Dict(
self.chartall, host + data[8])
self.topall = DO().count_Dict(
self.topall, host + data[8],
[data[-1], data[2], data[1]])
else:
self.chartall = DO().count_Dict(
self.chartall, data[4] + data[8])
self.topall = DO().count_Dict(
self.topall, data[4] + data[8],
[data[-1], data[2], data[1]])
ws_chart_url = DO().get_Dict_data(ws=ws_chart_url,
dict=self.chartall,
des=1)
ws_chart_urlsys = DO().get_Dict_data(ws=ws_chart_urlsys,
dict=self.charts,
des=1)
ws_top_url = DO().get_Dict_data(ws=ws_top_url,
dict=self.topall,
des=1,
delet=1)
self.wb_filter.save("outputFile/" + self.time + "/" + u"数据筛选" +
".xlsx")
self.wb_chart.save("outputFile/" + self.time + "/" + u"图表" + ".xlsx")
self.wb_top.save("outputFile/" + self.time + "/" + u"Top" + ".xlsx")
wb_source.close()
print u"======分行筛选完成======"