Add log size to MySQL database

2025-12-17 22:14:19 +01:00 · 2015-12-30 12:18:00 +00:00
parent 9519cb3566
commit 1fea62fdee
5 changed files with 15 additions and 7 deletions
--- a/cowrie/core/output.py
+++ b/cowrie/core/output.py
@@ -37,7 +37,7 @@ import copy
 import socket

 # COW0001 : create session
-# COW0002 : succesful login
+# COW0002 : successful login
 # COW0003 : failed login
 # COW0004 : TTY log opened
 # COW0005 : handle command
@@ -168,4 +168,3 @@ class Output(object):
        if ev['eventid'] == 'COW0011':
            del self.sessions[sessionno]
            del self.ips[sessionno]
-
--- a/cowrie/insults/insults.py
+++ b/cowrie/insults/insults.py
@@ -59,11 +59,13 @@ class LoggingServerProtocol(insults.ServerProtocol):
            time.strftime('%Y%m%d-%H%M%S'), transportId, channelId)
        self.stdinlog_open = False

-        insults.ServerProtocol.connectionMade(self)
+        self.ttylog_size = {self.ttylog_file: 0}

+        insults.ServerProtocol.connectionMade(self)

    def write(self, bytes):
        """
+        Output sent back to user
        """
        for i in self.interactors:
            i.sessionWrite(bytes)
@@ -72,11 +74,14 @@ class LoggingServerProtocol(insults.ServerProtocol):
            ttylog.ttylog_write(self.ttylog_file, len(bytes),
                ttylog.TYPE_OUTPUT, time.time(), bytes)

+            self.ttylog_size[self.ttylog_file] += len(bytes)
+
        insults.ServerProtocol.write(self, bytes)


    def dataReceived(self, data):
        """
+        Input received from user
        """
        self.bytesReceived += len(data)
        if self.bytesReceivedLimit and self.bytesReceived > self.bytesReceivedLimit:
@@ -154,8 +159,9 @@ class LoggingServerProtocol(insults.ServerProtocol):
                self.stdinlog_open = False

        if self.ttylog_open:
+            size = self.ttylog_size[self.ttylog_file]
            log.msg(eventid='COW0012', format='Closing TTY Log: %(ttylog)s',
-                ttylog=self.ttylog_file)
+                ttylog=self.ttylog_file, size=size)
            ttylog.ttylog_close(self.ttylog_file, time.time())
            self.ttylog_open = False

--- a/cowrie/output/mysql.py
+++ b/cowrie/output/mysql.py
@@ -187,7 +187,7 @@ class Output(cowrie.core.output.Output):

        elif entry["eventid"] == 'COW0012':
            self.simpleQuery(
-                'INSERT INTO `ttylog` (`session`, `ttylog`) VALUES (%s, %s)',
-                (entry["session"], entry["ttylog"]))
+                'INSERT INTO `ttylog` (`session`, `ttylog`, `size`) VALUES (%s, %s, %s)',
+                (entry["session"], entry["ttylog"], entry["size"]))

 # vim: set sw=4 et:
--- a/doc/sql/mysql.sql
+++ b/doc/sql/mysql.sql
@@ -46,7 +46,8 @@ CREATE TABLE `sessions` (
 CREATE TABLE `ttylog` (
  `id` int(11) NOT NULL auto_increment,
  `session` char(32) NOT NULL,
-  `ttylog` mediumblob NOT NULL,
+  `ttylog` varchar(100) NOT NULL,
+  `size` int(11) NOT NULL,
  PRIMARY KEY  (`id`)
 ) ;

--- a/doc/sql/update9.sql
+++ b/doc/sql/update9.sql
@@ -0,0 +1,2 @@
+ALTER TABLE `ttylog` CHANGE `ttylog` `ttylog` VARCHAR(100) NOT NULL;
+ALTER TABLE `ttylog` ADD `size` INT(11) NOT NULL;