Default values added

Path to warden-client should by configured

warden3/contrib/connectors/hp-kippo/README

@@ -37,6 +37,7 @@ C. Usage
 D. Configuration
    
    warden_client-kippo.cfg
+    warden - path to warden-client config, e.g. 'warden/warden_client.cfg'
     name - sensor's source id used as a source of events, e.g. 'cz.cesnet.server.kippo'
 
     dbhost - hostname/IP of MySQL DB server 

warden3/contrib/connectors/hp-kippo/warden3-kippo-sender.py

@@ -15,6 +15,11 @@ from os import path
 import MySQLdb as my
 import MySQLdb.cursors as mycursors
 
+DEFAULT_ACONFIG = 'warden_client-kippo.cfg'
+DEFAULT_WCONFIG = 'warden_client.cfg'
+DEFAULT_NAME = 'org.example.warden.test'
+DEFAULT_AWIN = 5
+
 def get_precise_timestamp(epoch=None):
     t = epoch if epoch else time()
     us = trunc((t-trunc(t))*1000000)
@@ -30,7 +35,7 @@ def gen_event_idea(client_name, detect_time, win_start_time, win_end_time, conn_
      "DetectTime": detect_time,
      "WinStartTime": win_start_time,
      "WinEndTime": win_end_time,
-     "Category": ["Attempt.Login", "Test"],
+     "Category": ["Attempt.Login"],
      "Note": "SSH login attempt",
      "ConnCount": conn_count,
      "Source": [
@@ -58,9 +63,12 @@ def gen_event_idea(client_name, detect_time, win_start_time, win_end_time, conn_
   return event
 
 def main():
-    wconfig = read_cfg("warden_client.cfg")
-    aconfig = read_cfg("warden_client-kippo.cfg")
-    wconfig['name'] = aconfig['name']
+    aconfig = read_cfg(DEFAULT_ACONFIG)
+    wconfig = read_cfg(aconfig.get('warden', DEFAULT_WCONFIG))
+    
+    aname = aconfig.get('name', DEFAULT_NAME)
+    awin = aconfig.get('awin', DEFAULT_AWIN)
+    wconfig['name'] = aname
 
     wclient = Client(**wconfig)   
 
@@ -70,19 +78,19 @@ def main():
     crs = con.cursor()
 
     events = []
-    query = ["SELECT UNIX_TIMESTAMP(s.starttime) as starttime, s.ip, COUNT(s.id) as attack_scale, sn.ip as sensor \
+    query =  "SELECT UNIX_TIMESTAMP(s.starttime) as starttime, s.ip, COUNT(s.id) as attack_scale, sn.ip as sensor \
               FROM sessions s \
               LEFT JOIN sensors sn ON s.sensor=sn.id \
               WHERE s.starttime > DATE_SUB(UTC_TIMESTAMP(), INTERVAL + %s MINUTE) \
-              GROUP BY s.ip ORDER BY s.starttime ASC;"]
+              GROUP BY s.ip ORDER BY s.starttime ASC;"
 
-    crs.execute("".join(query), aconfig['awin'])
+    crs.execute(query, awin)
     rows = crs.fetchall()
     for row in rows:
       dtime = get_precise_timestamp(row['starttime'])
       etime = get_precise_timestamp(time())
-      stime = get_precise_timestamp(time() - aconfig['awin'] * 60)
-      events.append(gen_event_idea(client_name = aconfig['name'], detect_time = dtime, win_start_time = stime, win_end_time = etime, conn_count = row['attack_scale'], src_ip4 = row['ip'], dst_ip4 = row['sensor'], aggr_win = aconfig['awin']))
+      stime = get_precise_timestamp(time() - awin * 60)
+      events.append(gen_event_idea(client_name = aname, detect_time = dtime, win_start_time = stime, win_end_time = etime, conn_count = row['attack_scale'], src_ip4 = row['ip'], dst_ip4 = row['sensor'], aggr_win = awin))
         
     print "=== Sending ==="
     start = time()
@@ -91,7 +99,7 @@ def main():
     if ret:
       wclient.logger.info("%d event(s) successfully delivered." % len(rows))
 
-    print "Time: %f" % (time()-start)
+    print "Time: %f" % (time() - start)
 
 
 if __name__ == "__main__":

warden3/contrib/connectors/hp-kippo/warden_client-kippo.cfg

 {
+    "warden": "warden_client.cfg",
     "name": "cz.cesnet.server.kippo",
     "sensor_ip4": "195.113.x.x",