Fix processing of conpot event #38

hpfeeds · May 20, 2019 · 5c49150 · 5c49150
2 parents ce027b8 + 096f41d
commit 5c49150
Showing 1 changed file with 29 additions and 29 deletions.
diff --git a/examples/geoloc/processors.py b/examples/geoloc/processors.py
@@ -140,35 +140,35 @@ def kippo_sessions(identifier, payload, gi):
 'city2': geoloc2['city'], 'country2': geoloc2['country_name'], 'countrycode2': geoloc2['country_code']}
 
 def conpot_events(identifier, payload, gi):
-    try:
-        dec = ezdict(json.loads(str(payload)))
-        remote = dec.remote[0]
-
-        # http asks locally for snmp with remote ip = "127.0.0.1"
-        if remote == "127.0.0.1":
-            return
-
-        tstamp = datetime.datetime.strptime(dec.timestamp, '%Y-%m-%dT%H:%M:%S.%f')
-    except:
-        print 'exception processing conpot event'
-        traceback.print_exc()
-        return
-
-    a_family = get_addr_family(remote)
-    if a_family == socket.AF_INET:
-        geoloc = geoloc_none( gi[a_family].record_by_addr(remote) )
-        if dec.public_ip:
-            geoloc2 = geoloc_none( gi[a_family].record_by_addr(dec.public_ip) )
-    elif a_family == socket.AF_INET6:
-        geoloc = geoloc_none( gi[a_family].record_by_addr_v6(remote) )
-        if dec.public_ip:
-            geoloc2 = geoloc_none( gi[a_family].record_by_addr(dec.public_ip) )
-
-    type = 'conpot.events-'+dec.data_type
-
-    message = {'type': type, 'sensor': identifier, 'time': timestr(tstamp),
-itude': geoloc['latitude'], 'longitude': geoloc['longitude'], 'source': remote,
-y': geoloc['city'], 'country': geoloc['country_name'], 'countrycode': geoloc['country_code']}
+	try:
+		dec = ezdict(json.loads(str(payload)))
+		remote = dec.remote[0]
+
+		# http asks locally for snmp with remote ip = "127.0.0.1"
+		if remote == "127.0.0.1":
+			return
+
+		tstamp = datetime.datetime.strptime(dec.timestamp, '%Y-%m-%dT%H:%M:%S.%f')
+	except:
+		print 'exception processing conpot event'
+		traceback.print_exc()
+		return
+
+	a_family = get_addr_family(remote)
+	if a_family == socket.AF_INET:
+		geoloc = geoloc_none( gi[a_family].record_by_addr(remote) )
+		if dec.public_ip:
+			geoloc2 = geoloc_none( gi[a_family].record_by_addr(dec.public_ip) )
+	elif a_family == socket.AF_INET6:
+		geoloc = geoloc_none( gi[a_family].record_by_addr_v6(remote) )
+		if dec.public_ip:
+			geoloc2 = geoloc_none( gi[a_family].record_by_addr(dec.public_ip) )
+
+	type = 'conpot.events-'+dec.data_type
+
+	message = {'type': type, 'sensor': identifier, 'time': timestr(tstamp),
+'latitude': geoloc['latitude'], 'longitude': geoloc['longitude'], 'source': remote,
+'city': geoloc['city'], 'country': geoloc['country_name'], 'countrycode': geoloc['country_code']}
 
     if dec.public_ip:
         message['latitude2'] = geoloc2['latitude']