#!/usr/bin/env python
# -*- coding: utf-8 -*-
#
# warden-map.py
#
# Copyright (C) 2016 Cesnet z.s.p.o
# Use of this source is governed by a 3-clause BSD-style license, see LICENSE file.
import GeoIP
import codecs
import time
def getLastEvents(events, client, key, cert, cacert, secret):
ses = Session()
#req = Request('POST', 'https://warden-hub.cesnet.cz/warden3/getEvents?client='+ client + ('&secret='+ secret if secret else "")+'&count=' + events + '&id=0')
req = Request('POST', 'https://warden-hub.cesnet.cz/warden3/getEvents?client='+ client + ('&secret='+ secret if secret else "")+'&count=' + events)
#req = Request('POST', 'https://warden-hub.cesnet.cz/warden3/getEvents?nocat=Other&client='+ client + ('&secret='+ secret if secret else "")+'&count=' + events)
pre = req.prepare()
res = ses.send(pre, cert = (cert, key), verify=cacert)
data = res.json()
i = 0
eventsList = []
for p in data['events']:
event = {}
if i < events:
for key, value in { 'event': 'Category', 'time': 'DetectTime', 'origin': 'Source', 'destination': 'Target'}.iteritems():
if value in p:
if (key == 'origin') or (key == 'destination'):
event[key] = {}
if 'IP4' in p[value][0]:
event[key]['ip'] = p[value][0]['IP4'][0]
else:
event[key] = {}
elif (key == 'event'):
event[key] = ', '.join(p[value])
else:
event[key] = p[value]
else:
if (key == 'origin') or (key == 'destination'):
event[key] = {}
else:
event[key] = {}
if 'ip' in event['origin']:
eventsList.append(event)
i += 1
else:
break
return eventsList
def getGeolocation(ip, db):
data = db.record_by_addr(ip)
if not data:
return {}
else:
return {
'latitude': data['latitude'],
'longitude': data['longitude'],
'country_name': unicode(data['country_name'], "utf-8") if data['country_name'] else None,
'city': unicode(data['city'], "utf-8") if data['city'] else None
}
def main(args):
events = args.events[0]
client = args.client[0]
key = args.key[0]
cert = args.cert[0]
cacert = args.cacert[0]
secret = args.secret[0]
if args.output is not None:
path = args.output[0] + 'warden-map.json'
else:
path = 'warden-map.json'
db = GeoIP.open("GeoLiteCity.dat", GeoIP.GEOIP_MEMORY_CACHE)
db.set_charset(GeoIP.GEOIP_CHARSET_UTF8)
wardenEvents = getLastEvents(events, client, key, cert, cacert, secret)
for p in wardenEvents:
for target in {'origin', 'destination'}:
geoData = {}
if 'ip' in p[target]:
geoData = getGeolocation(p[target]['ip'], db)
for value in {'latitude', 'longitude', 'country_name', 'city'}:
if value in geoData:
if not geoData[value]:
p[target][value] = "???"
else:
p[target][value] = geoData[value]
else:
p[target][value] = "???"
else:
p[target]['ip'] = "???"
p[target]['country_name'] = "Czech Republic"
p[target]['city'] = "???"
p[target]['latitude'] = 49.743
p[target]['longitude'] = 15.338
wardenEvents.append(int(time.time()));
with codecs.open(path, 'w', encoding="utf-8") as outfile:
json.dump(wardenEvents, outfile, ensure_ascii = False)
return 0
if __name__ == '__main__':
import sys
import json
from requests import Request, Session
import requests
import argparse
parser = argparse.ArgumentParser(description='Creates warden-map.json for warden-map.html frontend.',
formatter_class=lambda prog: argparse.HelpFormatter(prog,max_help_position=30))
parser.add_argument('--output', metavar='path/', type=str,
nargs=1, help='path where warden-map.json should be saved')
requiredNamed = parser.add_argument_group('required arguments')
requiredNamed.add_argument('--events', metavar='<number>', type=str, required=True,
nargs=1, help='count of events for a map')
requiredNamed.add_argument('--client', metavar='<org.ex.cl>', type=str, required=True,
nargs=1, help='client name')
requiredNamed.add_argument('--key', metavar='path/key.pem', type=str, required=True,
nargs=1, help='SSL key for a client')
requiredNamed.add_argument('--cert', metavar='path/cert.pem', type=str, required=True,
nargs=1, help='SSL cert for a client')
requiredNamed.add_argument('--cacert', metavar='path/cacert.pem', type=str, required=True,
nargs=1, help='SSL cacert for a client')
requiredNamed.add_argument('--secret', metavar='<SeCreT>', type=str, required=True,
nargs=1, help='secret key for a client')
args = parser.parse_args()
main(args)