Skip to content
Snippets Groups Projects
Commit b5692629 authored by Pavel Kácha's avatar Pavel Kácha
Browse files

Added possibility to add "Test" category; implemented Py 2.6 compatible cmd line options

parent 4e1ad1cc
No related branches found
No related tags found
No related merge requests found
...@@ -6,6 +6,7 @@ ...@@ -6,6 +6,7 @@
import os import os
import sys import sys
import getopt
sys.path.append('/data/warden/libs') sys.path.append('/data/warden/libs')
from warden_client import read_cfg, format_time from warden_client import read_cfg, format_time
...@@ -15,6 +16,42 @@ import csv ...@@ -15,6 +16,42 @@ import csv
from time import strptime, mktime from time import strptime, mktime
from uuid import uuid4 from uuid import uuid4
# Command line options handling
# Had to use getopt for 2.6 compatibility. Meh. :(
opt_dict = {
"help": False,
"test": False,
"origdata": False,
"errlog": "/data/warden/var/flowmon-ads-filer_lastrun.log",
"out": "/data/warden/var/feeds-out",
"target": "NONE"
}
getopt_format = [k + (v and "=" or "") for (k, v) in opt_dict.items()]
def help(s=None, exitcode=0):
if s is not None:
print("Error: %s" % s)
print("Usage: %s [%s]" % (sys.argv[0], "] [".join(["--" + v for v in getopt_format])))
sys.exit(exitcode)
def get_opts():
try:
rawopts, args = getopt.getopt(sys.argv[1:], "", getopt_format)
except getopt.GetoptError as err:
help(err, exitcode=2)
if args:
help("unknown arg %s" % ", ".join(args), exitcode=2)
rawopts = dict(rawopts)
if "--help" in rawopts:
help()
opts = {}
for k, v in opt_dict.items():
opts[k] = v and rawopts.get("--" + k, v) or ("--" + k) in rawopts
return opts
# Conversion/validation routines # Conversion/validation routines
def isotime(t): def isotime(t):
if not t: if not t:
...@@ -128,7 +165,7 @@ ads_types = { ...@@ -128,7 +165,7 @@ ads_types = {
def xlat_ads_type(s): def xlat_ads_type(s):
if s not in ads_types.keys(): if s not in ads_types.keys():
return [] return []
return ads_types[s] return ads_types[s][:]
def xlat_ads_proto(s): def xlat_ads_proto(s):
...@@ -141,7 +178,7 @@ def xlat_ads_proto(s): ...@@ -141,7 +178,7 @@ def xlat_ads_proto(s):
return proto return proto
def gen_idea_from_ads(ads, orig_data, anonymised_target): def gen_idea_from_ads(ads, orig_data, anonymised_target, add_test):
# Mandatory # Mandatory
ts = ads["Timestamp"] or time.localtime() ts = ads["Timestamp"] or time.localtime()
...@@ -152,6 +189,9 @@ def gen_idea_from_ads(ads, orig_data, anonymised_target): ...@@ -152,6 +189,9 @@ def gen_idea_from_ads(ads, orig_data, anonymised_target):
"DetectTime": format_time(*ts[0:6]) "DetectTime": format_time(*ts[0:6])
} }
if add_test:
event["Category"].append("Test")
# Optional # Optional
if ads["ID"]: if ads["ID"]:
event["AltNames"] = ["ADS-%i" % ads["ID"]] event["AltNames"] = ["ADS-%i" % ads["ID"]]
...@@ -185,7 +225,7 @@ def gen_idea_from_ads(ads, orig_data, anonymised_target): ...@@ -185,7 +225,7 @@ def gen_idea_from_ads(ads, orig_data, anonymised_target):
if ads["Protocol"]: if ads["Protocol"]:
target["Proto"] = [xlat_ads_proto(p) for p in ads["Protocol"]] target["Proto"] = [xlat_ads_proto(p) for p in ads["Protocol"]]
if anonymised_target: if anonymised_target != "NONE":
tgtips = [anonymised_target] tgtips = [anonymised_target]
else: else:
tgtips = ads["Targets"] tgtips = ads["Targets"]
...@@ -215,9 +255,13 @@ def gen_idea_from_ads(ads, orig_data, anonymised_target): ...@@ -215,9 +255,13 @@ def gen_idea_from_ads(ads, orig_data, anonymised_target):
def main(): def main():
anonymised_target = None opts = get_opts()
add_orig_data = True try:
sdir = SafeDir("/data/warden/var/feeds-out") errlog = open(opts["errlog"], "w")
sys.stderr = errlog
except IOError:
print("Warning: error log %s unavailable (wrong directory or permissions?)" % opts["errlog"])
out = SafeDir(opts["out"])
ads_fields = [it[0] for it in sorted(ads_fieldnames.items(), key=lambda it: it[1]["order"])] ads_fields = [it[0] for it in sorted(ads_fieldnames.items(), key=lambda it: it[1]["order"])]
for row in csv.reader(sys.stdin, dialect="excel-tab"): for row in csv.reader(sys.stdin, dialect="excel-tab"):
...@@ -226,10 +270,10 @@ def main(): ...@@ -226,10 +270,10 @@ def main():
tr_row = {} tr_row = {}
for k, val in zip(ads_fields, row): for k, val in zip(ads_fields, row):
tr_row[k] = xlat_ads_field(k, val) tr_row[k] = xlat_ads_field(k, val)
if not add_orig_data: if not opts["origdata"]:
row = None row = None
event = gen_idea_from_ads(tr_row, row, anonymised_target) event = gen_idea_from_ads(tr_row, row, opts["target"], opts["test"])
nf = sdir.newfile() nf = out.newfile()
try: try:
data = json.dumps(event) data = json.dumps(event)
nf.f.write(data.encode("utf-8")) nf.f.write(data.encode("utf-8"))
...@@ -238,10 +282,8 @@ def main(): ...@@ -238,10 +282,8 @@ def main():
sys.stderr.write("Error source line: %s\n" % row) sys.stderr.write("Error source line: %s\n" % row)
sys.stderr.write("Error event data: %s\n" % str(event)) sys.stderr.write("Error event data: %s\n" % str(event))
nf.f.close() nf.f.close()
nf.moveto(sdir.incoming) nf.moveto(out.incoming)
if __name__ == "__main__": if __name__ == "__main__":
if os.path.exists('/data/warden/var'):
sys.stderr = open('/data/warden/var/flowmon-ads-filer_lastrun.log', 'w')
main() main()
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment