Skip to content
Snippets Groups Projects
Select Git revision
  • eacc26060229b32d4eff4a50f43ba89d486c3ac5
  • master default protected
  • devel
  • hruska-feature-clients-api
  • malostik-#5066-deduplicate-idea-ids
  • warden-postgresql-port
  • hruska-feature-#6799-filter-keys
  • hruska-feature-5066-duplicateIdeaID
  • warden-client-3.0-beta3
  • warden-server-3.0-beta3
  • warden-client-2.2-final
  • warden-server-2.2-final
  • warden-client-3.0-beta2
  • warden-server-3.0-beta2
  • warden-client-2.2
  • warden-server-2.2-patch3
  • warden-client-3.0-beta1
  • warden-server-3.0-beta1
  • warden-server-2.2-patch1
  • warden-client-3.0-beta0
  • warden-server-3.0-beta0
  • warden-server-2.2
  • warden-server-2.1-patch1
  • warden-client-2.1
  • warden-server-2.1
  • warden-server-2.1-beta6
  • warden-server-2.1-beta5
  • warden-server-2.1-beta4
28 results

sender-cli.pl

Blame
    • Forked from 713 / Warden / Warden - archive
    369 commits behind the upstream repository.
    sender-cli.pl 3.86 KiB 
    #!/usr/bin/perl
#
# Copyright (C) 2011-2015 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.  

use strict;
use warnings;

use DateTime;
use Getopt::Long;
use FindBin qw($RealBin $RealScript);
FindBin::again;

#-------------------------------------------------------------------------------
# Warden 2.2. Command-line Client, Sender
#
# Command-line warden-client sender. For detailed info how to use particular
# variables and/or values see warden-client/doc/README file. 
#-------------------------------------------------------------------------------

#-------------------------------------------------------------------------------
# Preparation of event attributes.

# Mandatory attributes
my $opt_s;      # service
my $opt_t = "" . DateTime->from_epoch(epoch => time()) . ""; # time of detection
my $opt_e;      # type of detected event
my $opt_o;      # event source type

# Optional attributes
my $opt_v = ""; # event source value
my $opt_p = ""; # target protocol
my $opt_r = ""; # target port
my $opt_a = ""; # attack scale
my $opt_n = ""; # note

# Other attributes
my $opt_h; # display help

# Check whether mandatory fields are given. Otherwise print help and exit.
if (!GetOptions("service|s=s" => \$opt_s,
                "timestamp|t=s"    => \$opt_t,
                "event-type|e=s"   => \$opt_e,
                "source-type|o=s"  => \$opt_o,
                "source-value|v=s" => \$opt_v,
                "proto|p=s"        => \$opt_p,
                "port|r=i"         => \$opt_r,
                "attack-scale|a=i" => \$opt_a,
                "note|n=s"         => \$opt_n,
                "help|h"           => \$opt_h) ||
    !defined($opt_s) || !defined($opt_e) || !defined($opt_o) ||
    $opt_h) {
  print "Usage: ./$RealScript -s <service> -e <event_type> -o <source_type> [-t <timestamp_of_detection>] [-v <source>] [-p <protocol>] [-r <port>] [-a <attack_scale>] [-n <note>] [-w <warden_directory>] [-h]\n";
  print "\nArguments:\n\n";
  print "  -s SERVICE, --service=SERVICE                -  Name of detection service\n\n";
  print "  -e EVENT_TYPE, --event-type=EVENT_TYPE       -  Type of detected event\n\n";
  print "  -o SOURCE_TYPE, --source-type=SOURCE_TYPE    -  Type of detected event\'s source\n\n";
  print "\n";
  print "Optional (but important) arguments:\n\n";
  print "  -t TIMESTAMP, --timestamp=TIMESTAMP          -  Timestamp of detection.\n";
  print "                                                  Default is current system time (" . DateTime->from_epoch(epoch => time()) . ")\n\n";
  print "  -v SOURCE_VALUE, --source-value=SOURCE_VALUE -  Source of detected event\n\n";
  print "  -p PROTO, --proto=PROTO                      -  Protocol\n\n";
  print "  -r PORT, --port=PORT                         -  Port\n\n";
  print "  -a ATTACK_SCALE, --attack-scale=ATTACK_SCALE -  Scale of detected event\n\n";
  print "  -n NOTE, --note=NOTE                         -  Note, comment or other data\n\n";
  print "  -h, --help                                   -  Print help\n\n";

  print "\nExample: ./$RealScript -s PhishTracker -e webattack -o URL -v 123.123.098.098 -p TCP -r 443 -a 100 -n \"important notice\"\n";