def dotransform(request, response, config):
msg = 'Enter Search Criteria'
title = 'Kippo search for sessions by IP'
fieldNames = ["IP"]
fieldValues = []
fieldValues = multenterbox(msg, title, fieldNames)
if fieldValues[0] != '':
s_ip = fieldValues[0]
else:
return response + UIMessage('You need to type an IP address!!')
host = request.value
x = db_connect(host)
try:
cursor = x.cursor()
query = ("select * from sessions where ip like %s")
cursor.execute(query, (s_ip, ))
for (id, starttime, endtime, sensor, ip, termsize, client) in cursor:
e = KippoSession('%s' % (id))
e.starttime = ('%s' % (starttime))
e.endtime = ('%s' % (endtime))
e.sensor = ('%s' % (sensor))
e.ipaddr = ('%s' % (ip))
e.termsize = ('%s' % (termsize))
e.client = ('%s' % (client))
e += Field('kippoip', host, displayname='Kippo IP')
response += e
return response
except:
return response + UIMessage(x)
def dotransform(request, response):
msg = 'Enter Start & End Date'
title = 'Kippo search for sessions by date range'
fieldNames = ["Start Date", "End Date"]
fieldValues = []
fieldValues = multenterbox(msg, title, fieldNames)
if fieldValues[0] or fieldValues[1] != '':
s_date = datetime.strptime(fieldValues[0], '%Y-%m-%d')
e_date = datetime.strptime(fieldValues[1], '%Y-%m-%d')
else:
return response + UIMessage('Specify a start & end date')
host = request.fields['kippodatabase']
x = db_connect(host)
try:
cursor = x.cursor()
query = "select * from sessions where starttime between %s and %s"
cursor.execute(query, (s_date,e_date))
for (id, starttime, endtime, sensor, ip, termsize, client) in cursor:
e = KippoSession('%s' %(id))
e.starttime = ('%s' %(starttime))
e.endtime = ('%s' %(endtime))
e.sensor = ('%s' %(sensor))
e.ipaddr = ('%s' %(ip))
e.termsize = ('%s' %(termsize))
e.client = ('%s' %(client))
e += Field('kippodatabase', host, displayname='Kippo Databse')
response += e
return response
except Exception as e:
return response + UIMessage(str(e))
def dotransform(request, response, config):
host = request.fields['kippoip']
ip = request.value
x = db_connect(host)
try:
cursor = x.cursor()
query = ("select * from sessions where ip like %s")
cursor.execute(query, (ip, ))
for (id, starttime, endtime, sensor, ip, termsize, client) in cursor:
e = KippoSession('%s' % (id))
e.starttime = ('%s' % (starttime))
e.endtime = ('%s' % (endtime))
e.sensor = ('%s' % (sensor))
e.ipaddr = ('%s' % (ip))
e.termsize = ('%s' % (termsize))
e.client = ('%s' % (client))
e += Field('kippoip', host, displayname='Kippo IP')
response += e
return response
except:
return response + UIMessage(x)
