Skip to content
Permalink
Browse files

JSON output support

Add JSON output support ; for high-load sensors might need to
reimplement via async option.

Add '--log-json True' to the startup.
  • Loading branch information...
cudeso committed Mar 29, 2019
1 parent b00eb70 commit aeadc12f7a1223ca50e9337f643124c3a0aab7f5
Showing with 17 additions and 0 deletions.
  1. +9 −0 bin/snare
  2. +8 −0 snare/server.py
@@ -148,6 +148,7 @@ if __name__ == '__main__':
parser.add_argument("--server-header", help="set server-header", default='nignx/1.3.8')
parser.add_argument("--no-dorks", help="disable the use of dorks", type=str_to_bool, default=True)
parser.add_argument("--log-dir", help="path to directory of the log file", default='/opt/snare/')
parser.add_argument("--log-json", help="log also to JSON format", type=str_to_bool, default=True)
args = parser.parse_args()
base_path = '/opt/snare/'
base_page_path = '/opt/snare/pages/'
@@ -157,6 +158,11 @@ if __name__ == '__main__':
log_debug = args.log_dir + "snare.log"
log_err = args.log_dir + "snare.err"
Logger.create_logger(log_debug, log_err, __package__)

# Setup JSON logging
log_json = args.log_dir + "json/snare.json"
args.logger_json_f = open(log_json, "a")

if args.list_pages:
print('Available pages:\n')
for page in os.listdir(base_page_path):
@@ -207,3 +213,6 @@ if __name__ == '__main__':
if compare_version_fut:
compare_version_fut.cancel()
loop.close()

# Close JSON logger
args.logger_json_f.close()
@@ -9,6 +9,7 @@
from snare.middlewares import SnareMiddleware
from snare.tanner_handler import TannerHandler

import datetime

class HttpRequestHandler():
def __init__(self, meta, run_args, snare_uuid, debug=False, keep_alive=75, **kwargs):
@@ -49,6 +50,13 @@ def __init__(self, meta, run_args, snare_uuid, debug=False, keep_alive=75, **kwa
# Submit the event to the TANNER service
event_result = await self.tanner_handler.submit_data(data)

# Log the event to JSON if enabled
if self.run_args.log_json == True:
data_json = data
data_json['timestamp'] = ("%s" % datetime.datetime.now())
self.run_args.logger_json_f.write(json.dumps(data_json) + "\n")
self.run_args.logger_json_f.flush()

# Log the event to slurp service if enabled
if self.run_args.slurp_enabled:
await self.submit_slurp(request.path_qs)

0 comments on commit aeadc12

Please sign in to comment.
You can’t perform that action at this time.