import sys import os.path import re import sre_constants import shlex import ujson sys.path.insert(0, "/usr/local/opnsense/site-python") from log_helper import reverse_log_reader from params import update_params from lib import suricata_alert_log if __name__ == '__main__': # handle parameters parameters = {'limit': '0', 'offset': '0', 'filter': '', 'fileid': ''} update_params(parameters) # choose logfile by number if parameters['fileid'].isdigit(): suricata_log = '%s.%d' % (suricata_alert_log, int(parameters['fileid'])) else: suricata_log = suricata_alert_log if parameters['limit'].isdigit(): limit = int(parameters['limit']) else: limit = 0 if parameters['offset'].isdigit(): offset = int(parameters['offset']) else:
line.split(' label ')[-1:]).strip()[1:].split('"')[0] if rid in rule_map: line_id_map[line_id] = { 'rid': rid, 'label': rule_map[rid] } else: line_id_map[line_id] = {'rid': None, 'label': rid} return {'line_ids': line_id_map, 'rule_map': rule_map} if __name__ == '__main__': # read parameters parameters = {'limit': '0', 'digest': ''} update_params(parameters) parameters['limit'] = int(parameters['limit']) # parse current running config running_conf_descr = fetch_rule_details() result = list() filter_logs = [] if os.path.isdir('/var/log/filter'): filter_logs = list( sorted(glob.glob("/var/log/filter/filter_*.log"), reverse=True)) if os.path.isfile('/var/log/filter.log'): filter_logs.append('/var/log/filter.log') for filter_log in filter_logs: do_exit = False
result = list() with tempfile.NamedTemporaryFile() as output_stream: unbound_control(['list_local_data'], output_stream) for line in output_stream.read().split('\n'): parts = line.split() if len(parts) > 4 and parts[3] == 'A': result.append(parts[4]) return result # parse input params app_params = {'pid': '/var/run/unbound_dhcpd.pid', 'domain': 'local', 'target': '/var/unbound/dhcpleases.conf', 'background': '1'} params.update_params(app_params) def main(): # cleanup interval (seconds) cleanup_interval = 60 # initiate lease watcher and setup cache dhcpdleases = watchers.dhcpd.DHCPDLease() cached_leases = dict() known_addresses = unbound_known_addresses() # start watching dhcp leases last_cleanup = time.time() while True: dhcpd_changed = False
import random sys.path.insert(0, "/usr/local/opnsense/site-python") from lib.parse import parse_flow from lib.aggregate import BaseFlowAggregator import lib.aggregates import params # define app_params = {'resolution': '', 'start_time': '', 'end_time': '', 'key_fields': '', 'provider': '', 'sample': '' } params.update_params(app_params) # handle input parameters valid_params = False if app_params['start_time'].isdigit(): start_time = int(app_params['start_time']) if app_params['end_time'].isdigit(): end_time = int(app_params['end_time']) if app_params['resolution'].isdigit(): resolution = int(app_params['resolution']) if app_params['key_fields']: key_fields = app_params['key_fields'].split(',') valid_params = True timeseries=dict() if valid_params: