def gen_alert(remote):
alert = dict()
alert['remote'] = remote
alert['search_url'] = "/rsyslogweb/search?remote="+remote
alert['profile_url'] = "/rsyslogweb/profile_remote?remote="+remote
c = conn.sshd.mapRemoteResult.find({"_id.remote": remote})
alert['profile'] = [{i["_id"]["result"]: i["value"]["count"]} for i in c]
alert['listed'] = rsyslogweblib.remote_listed(remote, conn)
now = datetime.datetime.now(our_zone)
conn.sshd.internalData.update({"type": "alert", "remote":remote},{"$set": {"reported_on": now}}, upsert=True)
print json.dumps(alert, sort_keys=True, indent=1, separators=(',', ': '))
def profile_remote():
if bottle.request.query.hostname:
bottle.request.forms['hostname'] = bottle.request.query.get('hostname',"")
if bottle.request.query.remote:
bottle.request.forms['remote'] = bottle.request.query.get('remote', "")
if bottle.request.forms.hostname and not bottle.request.forms.remote:
try:
bottle.request.forms['remote'] = socket.gethostbyname(bottle.request.forms.get('hostname'))
except socket.herror:
print "doing nothing"
if not bottle.request.forms.hostname and bottle.request.forms.remote:
try:
bottle.request.forms['hostname'] = socket.gethostbyaddr(bottle.request.forms.get('remote'))
except socket.herror:
print "doing nothing"
cp=dict()
cp['remoteresult'] = [i for i in conn.sshd.mapRemoteResult.find({"_id.remote" : bottle.request.forms.get('remote')})]
cp['geo'] =geoip(bottle.request.forms.get('remote', ""))
listed = rsyslogweblib.remote_listed(bottle.request.forms.get('remote'), conn)
return bottle.template('profile_remote', forms=bottle.request.forms, profile=cp, listed=listed)