def execute_snoopy_test():
logging.getLogger().setLevel(logging.DEBUG)
logging.debug("Starting Program")
logging.debug("Engine_invoker: getting engine instance")
engine = Engine()
logging.debug("Engine_invoker: Removing all previous data")
engine.delete_all()
logging.debug("Engine_invoker: invoking print_collector_names")
engine.print_collector_names()
logging.debug("Engine_invoker: obtaining snoopy collector")
c = engine.get_collector("snoopy")
logging.debug("Engine_invoker: starting collector")
engine.start_collector(c)
class ECELDaemon(object):
def __init__(self, *args, **kwargs):
logging.debug("Initializing ECELDaemon()")
#get the engine object
self.engine = Engine()
logging.debug("Completed initializing ECELDaemon()")
def start_collectors(self):
logging.debug("Instantiating start_collectors()")
collectors = self.engine.get_all_collectors()
for i, collector in enumerate(collectors):
if collector.name != 'manualscreenshot':
logging.debug("Starting Collector: " + collector.name)
self.engine.start_collector(collector)
logging.debug("Completed start_collectors()")
return "Collectors started"
def stop_collectors(self):
logging.debug("Instantiating stop_collectors()")
collectors = self.engine.get_all_collectors()
for i, collector in enumerate(collectors):
if collector.name != 'manualscreenshot':
logging.debug("Starting Collector: " + collector.name)
self.engine.stop_collector(collector)
logging.debug("Completed stop_collectors()")
return "Collectors stopped"
def parse_data_all(self):
logging.debug("Instantiating parse_data_all()")
collectors = self.engine.get_all_collectors()
for i, collector in enumerate(collectors):
logging.debug("PARSER: " + str(collector.name))
self.engine.parser(collector)
logging.debug("Completed parse_data_all()")
def export_data(self, path=None):
logging.debug("Instantiating export_data()")
if path == None or os.path.exists(path) == False:
logging.warning("Valid path was not provided: " + str(path) + ". Writing to /tmp/")
path = "/tmp/"
logging.debug("Exporting data to: " + str(path))
self.engine.export(path)
logging.debug("Completed export_data()")
def remove_data(self):
logging.debug("Instantiating remove_data()")
self.engine.delete_all()
logging.debug("Completed remove_data()")
def execute_manualscreenshot_test():
logging.getLogger().setLevel(logging.DEBUG)
logging.debug("Starting Program")
logging.debug("Engine_invoker: getting engine instance")
engine = Engine()
logging.debug("Engine_invoker: Removing all previous data")
engine.delete_all()
logging.debug("Engine_invoker: invoking print_collector_names")
engine.print_collector_names()
logging.debug("Engine_invoker: obtaining manualscreenshot collector")
c = engine.get_collector("manualscreenshot")
logging.debug("Engine_invoker: starting collector")
engine.start_collector(c)
logging.debug("Engine_invoker: waiting 5 seconds")
time.sleep(5)
logging.debug("Engine_invoker: stopping collector")
engine.stop_collector(c)
def execute_tshark_test():
logging.getLogger().setLevel(logging.DEBUG)
logging.debug("Starting Program")
logging.debug("Engine_invoker: getting engine instance")
engine = Engine()
logging.debug("Engine_invoker: Removing all previous data")
engine.delete_all()
logging.debug("Engine_invoker: invoking print_collector_names")
engine.print_collector_names()
logging.debug("Engine_invoker: obtaining tshark collector")
c = engine.get_collector("tshark")
logging.debug("Engine_invoker: starting collector")
engine.start_collector(c)
logging.debug("Engine_invoker: waiting 5 seconds")
time.sleep(5)
logging.debug("Engine_invoker: stopping collector")
engine.stop_collector(c)
logging.debug("Engine_invoker: parsing data")
engine.parser(c)
logging.debug("Engine_invoker: Complete. Exiting")
def execute_auditd_test():
logging.getLogger().setLevel(logging.DEBUG)
logging.debug("Starting Program")
logging.debug("Engine_invoker: getting engine instance")
engine = Engine()
logging.debug("Engine_invoker: Removing all previous data")
engine.delete_all()
logging.debug("Engine_invoker: invoking print_collector_names")
engine.print_collector_names()
logging.debug("Engine_invoker: obtaining auditd collector")
c = engine.get_collector("auditd")
logging.debug("Engine_invoker: starting collector")
engine.start_collector(c)
logging.debug("Engine_invoker: waiting 10 seconds")
time.sleep(30)
logging.debug("Engine_invoker: stopping collector")
engine.stop_collector(c)
logging.debug("Engine_invoker: parsing data")
engine.parser(c)
logging.debug("Engine_invoker: exporting data")
os.makedirs(AUDITD_DIR, exist_ok=True)
engine.export(AUDITD_DIR)
logging.debug("Engine_invoker: Complete. Exiting")
#logging.getLogger().setLevel(logging.DEBUG)
#logging.debug("Starting Program")
#logging.debug("Engine_invoker: getting engine instance")
#engine = Engine()
#logging.debug("Engine_invoker: Removing all previous data")
#engine.delete_all()
#logging.debug("Engine_invoker: invoking print_collector_names")
#engine.print_collector_names()
#logging.debug("Engine_invoker: obtaining auditd collector")
#c = engine.get_collector("auditd")
#logging.debug("Engine_invoker: starting collector")
#engine.start_collector(c)
#logging.debug("Engine_invoker: waiting 10 seconds")
#time.sleep(30)
#logging.debug("Engine_invoker: stopping collector")
#engine.stop_collector(c)
#logging.debug("Engine_invoker: parsing data")
#engine.parser(c)
#logging.debug("Engine_invoker: exporting data")
#os.makedirs(AUDITD_DIR, exist_ok=True)
#engine.export(AUDITD_DIR)
#logging.debug("Engine_invoker: Auditd Complete.")
if __name__ == "__main__":
engine = Engine()
engine.delete_all()
execute_tshark_test()
execute_pykeylogger_test()
#execute_nmap_test()
#execute_auditd_test()