Пример #1
0
def sendsyslog(teks):
    SERVER = "34.101.221.107"
    PORT = 21212
    print("Sending to SYSLOG " + SERVER + ":" + str(PORT) + "....")
    client = pysyslogclient.SyslogClientRFC5424(SERVER, PORT, proto="TCP")
    client.maxMessageLength = 6000
    # need to add error handling here - can not find a way how to error handling this module :(
    client.log(teks,
               facility=pysyslogclient.FAC_SYSTEM,
               severity=pysyslogclient.SEV_EMERGENCY,
               program="Logger",
               pid=1)
    client.close()
Пример #2
0
    def __init__(self, AnalyseBaseObj):
        super().__init__(AnalyseBaseObj)
        self.PluginInit()

        try:
            TargetUrl = urllib.parse.urlparse(self._SettingItems.get('DefaultSyslogServerUrl', ""))
            TargetProtocol = TargetUrl.scheme
            TargetHost, TargetPort = urllib.parse.splitnport(TargetUrl.netloc, 0)
            TargetProtocol = 'udp' if TargetProtocol not in {'tcp', 'udp'} else TargetProtocol
            self.__SyslogClient = pysyslogclient.SyslogClientRFC5424(TargetHost, TargetPort, proto=TargetProtocol)
            if self._SettingItems.get('LocalLog', False):
                self._PluginLogger.info("Syslog sender started.")
        except Exception as e:
            raise e
Пример #3
0
    sentdata['msisdn'] = str(msisdn)
    try:
        logging.info("POST : "+str(sentdata))
        response = client.post(targetserver,json=sentdata)
        print(response.text)
        logging.info("SERVER: "+response.http_version+" "+str(response.status_code)+" - "+response.text)
    except:
        print("Can not reach "+targetserver)
        logging.info("SERVER ERROR - Can not reach/post server !")
        exit()

logging.info('Client2Nef App ended')
exit()


# no need syslog for this test

print("Sending to SYSLOG "+SERVER+":"+str(PORT)+"....")
client = pysyslogclient.SyslogClientRFC5424(SERVER, PORT, proto="TCP")
client.maxMessageLength = 6000

# need to add error handling here - can not find a way how to error handling this module :(

client.log(response.text,
	facility=pysyslogclient.FAC_SYSTEM,
	severity=pysyslogclient.SEV_EMERGENCY,
	program="Logger",
	pid=1)

client.close()
parser.add_argument('--host', type=str, help='destination host address')
parser.add_argument('--port', type=int, help='destination port')
parser.add_argument('--proto', type=str, help='Syslog protocol; UDP or TCP')
parser.add_argument('--number',
                    type=int,
                    help='Number of Syslog messages to be send')
args = parser.parse_args()


def get_mock_message(index):
    c = CEFEvent()
    c.set_field('name', 'Mock Event Name')
    c.set_field('deviceVendor', 'MCPforLife')
    c.set_field('deviceProduct', 'cefevent')
    c.set_field('dvchost', 'www.mcpforlife.com')
    message = "This is a test event (Answer=" + str(index) + ")"
    c.set_field('message', message)
    c.set_field('sourceAddress', '192.168.67.1')
    c.set_field('sourcePort', 12345)
    return c.build_cef()


client = pysyslogclient.SyslogClientRFC5424(args.host,
                                            args.port,
                                            proto=args.proto)

for index in range(0, args.number):
    mymessage = get_mock_message(index)
    client.log(message=mymessage, program="")
client.close()
Пример #5
0
def syslogclient(host, port, prot, count, message):
    client = pysyslogclient.SyslogClientRFC5424(host, port, proto=prot)

    for i in range(int(count)):
        client.log(message)
        print(f"sendcount:{str(i+1)}")
Пример #6
0
    def RuleHit(self, InputData, InputRule, HitItem):
        '数据分析方法接口,接收被分析的dict()类型数据和命中的规则作为参考数据,返回值定义同SingleRuleTest()函数'
        # 该方法是唯一一个由分析引擎直接调用的方法。
        repostOption = InputRule.get("Repost", 0)
        if repostOption == 1: # JSON全文转发
            LogContent = json.dumps(InputData)
        elif repostOption == 2: # XML全文转发
            def dict2xml(InputData, RootName):
                from xml.dom.minidom import Document
                import copy
                if type(InputData) != dict:
                    raise TypeError("Invalid InputData type, expecting dict")
                def build(father, structure):
                    if type(structure) == dict:
                        for k in structure:
                            tag = doc.createElement(str(k))
                            father.appendChild(tag)
                            build(tag, structure[k])

                    elif type(structure) == list:
                        grandFather = father.parentNode
                        tagName = father.tagName
                        grandFather.removeChild(father)
                        for l in structure:
                            tag = doc.createElement(tagName)
                            build(tag, l)
                            grandFather.appendChild(tag)

                    else:
                        father.appendChild(doc.createTextNode(str(structure)))
                doc = Document()
                root = doc.createElement(RootName)
                doc.appendChild(root)
                build(root, InputData)

                return doc.toprettyxml()

            LogContent = dict2xml(InputData, InputData['DataType'])
        else:
            LogContent =self.ReplaceSpaceHolder(InputData, InputRule.get('LogContent', ""))

        Facility =int(self._SettingItems.get("Facility", 23))
        LogPriority = int(InputRule.get("LogPriority", self._SettingItems.get("LogPriority", 7)))
        SyslogServerUrl = InputRule.get('SyslogServerUrl', self._SettingItems.get("DefaultSyslogServerUrl", ""))
        if SyslogServerUrl:
            TargetUrl = urllib.parse.urlparse(SyslogServerUrl)
            TargetProtocol = TargetUrl.scheme
            TargetHost, TargetPort = urllib.parse.splitnport(TargetUrl.netloc, 0)
            if TargetProtocol and TargetHost and TargetPort:
                TargetProtocol = TargetProtocol.lower()
                if TargetProtocol not in {'tcp', 'udp'}:
                    TargetProtocol = 'udp'
                pysyslogclient.SyslogClientRFC5424(
                    server=TargetHost,
                    port=TargetPort,
                    proto=TargetProtocol
                ).log(
                    message=LogContent, 
                    facility=Facility,
                    severity=LogPriority
                )
            else:
                self.__SyslogClient.log(LogContent, Facility, LogPriority)
        else:
            self.__SyslogClient.log(LogContent, Facility, LogPriority)
        
        if self._SettingItems.get('LocalLog'):
            self._PluginLogger.info(LogContent)

        return super().DataPreProcess(InputData, InputRule, HitItem)