Add humanizer logic to leverage building blocks

This commit is contained in:
Jonathan Claudius 2018-10-29 10:23:33 -04:00
Родитель b96e47592d
Коммит 7f9cf21dd3
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4BCDD990313DFA87
2 изменённых файлов: 45 добавлений и 0 удалений

Просмотреть файл

@ -12,6 +12,16 @@ class Connection:
self.verb = "" self.verb = ""
self.verb_details = "" self.verb_details = ""
def log(self):
return {"conn_id": self.conn_id,
"tls": self.tls,
"client": self.client,
"time": self.time,
"fd": self.fd,
"op": self.op,
"verb": self.verb,
"verb_details": self.verb_details}
# Something happened, this method's job is to update the context # Something happened, this method's job is to update the context
def add_event(self, event): def add_event(self, event):
self.time = event['time'] self.time = event['time']
@ -29,6 +39,10 @@ class Connection:
else: else:
raise Exception('Failed to parse: {}'.format(verb_details)) raise Exception('Failed to parse: {}'.format(verb_details))
def add_tls(self, verb_details):
if verb_details.startswith('established'):
self.tls = True
def add_rest(self, rest): def add_rest(self, rest):
self.fd = "" self.fd = ""
self.op = "" self.op = ""
@ -50,8 +64,12 @@ class Connection:
self.verb = match[3] self.verb = match[3]
self.verb_details = match[4] self.verb_details = match[4]
# Some verbs have a special impact on a connection, so
# we handle those here to update that context.
if self.verb == "ACCEPT": if self.verb == "ACCEPT":
self.add_accept(self.verb_details) self.add_accept(self.verb_details)
elif self.verb == "TLS":
self.add_tls(self.verb_details)
else: else:
raise Exception('Failed to parse: {}'.format(rest)) raise Exception('Failed to parse: {}'.format(rest))

Просмотреть файл

@ -148,3 +148,30 @@ class TestConnection():
assert connection.op == 1 assert connection.op == 1
assert connection.verb == "RESULT" assert connection.verb == "RESULT"
assert connection.verb_details == 'tag=97 err=49 text=' assert connection.verb_details == 'tag=97 err=49 text='
def test_add_event_log(self):
event = {'time': 'Oct 26 12:46:58',
'server': 'ldap.example.com',
'process': 'slapd[11086]',
'conn': '6862452',
'rest': 'fd=34 ACCEPT from IP=192.168.1.1:56822 (IP=0.0.0.0:389)'}
connection = Connection(1245)
connection.add_event(event)
assert connection.time == event["time"]
assert connection.server == event["server"]
assert connection.process == event["process"]
assert connection.conn_id == 1245
assert connection.fd == 34
assert connection.op == ""
assert connection.verb == "ACCEPT"
assert connection.verb_details == "from IP=192.168.1.1:56822 (IP=0.0.0.0:389)"
assert connection.client == "192.168.1.1"
assert connection.log() == {'client': '192.168.1.1',
'conn_id': 1245,
'fd': 34,
'op': '',
'time': 'Oct 26 12:46:58',
'tls': False,
'verb': 'ACCEPT',
'verb_details': 'from IP=192.168.1.1:56822 (IP=0.0.0.0:389)'}