mirror of
https://github.com/aljazceru/cowrie.git
synced 2025-12-17 05:54:21 +01:00
Added MongoDB output support (#407)
This commit is contained in:
Claud Xiao
committed by
Michel Oosterhof
Michel Oosterhof
parent
cf16ff398e
commit
eb638750a1
@@ -385,6 +385,14 @@ logfile = log/cowrie.json
|
|||||||
#[output_sqlite]
|
#[output_sqlite]
|
||||||
#db_file = cowrie.db
|
#db_file = cowrie.db
|
||||||
|
|
||||||
|
# MongoDB logging module
|
||||||
|
#
|
||||||
|
# MongoDB logging requires an extra Python module: pip install pymongo
|
||||||
|
#
|
||||||
|
#[output_mongodb]
|
||||||
|
#connection_string = mongodb://username:password@host:port/database
|
||||||
|
#database = dbname
|
||||||
|
|
||||||
|
|
||||||
# Splunk SDK output module - Legacy. Requires Splunk API installed
|
# Splunk SDK output module - Legacy. Requires Splunk API installed
|
||||||
# This sends logs directly to Splunk using the Python REST SDK
|
# This sends logs directly to Splunk using the Python REST SDK
|
||||||
|
|||||||
@@ -343,6 +343,14 @@ logfile = log/cowrie.json
|
|||||||
#[output_sqlite]
|
#[output_sqlite]
|
||||||
#db_file = cowrie.db
|
#db_file = cowrie.db
|
||||||
|
|
||||||
|
# MongoDB logging module
|
||||||
|
#
|
||||||
|
# MongoDB logging requires an extra Python module: pip install pymongo
|
||||||
|
#
|
||||||
|
#[output_mongodb]
|
||||||
|
#connection_string = mongodb://username:password@host:port/database
|
||||||
|
#database = dbname
|
||||||
|
|
||||||
|
|
||||||
# Splunk SDK output module - EARLY RELEASE NOT RECOMMENDED
|
# Splunk SDK output module - EARLY RELEASE NOT RECOMMENDED
|
||||||
# This sends logs directly to Splunk using the Python REST SDK
|
# This sends logs directly to Splunk using the Python REST SDK
|
||||||
|
|||||||
49
mongodb.py
Normal file
49
mongodb.py
Normal file
@@ -0,0 +1,49 @@
|
|||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
import pymongo
|
||||||
|
|
||||||
|
from twisted.python import log
|
||||||
|
|
||||||
|
import cowrie.core.output
|
||||||
|
|
||||||
|
|
||||||
|
class Output(cowrie.core.output.Output):
|
||||||
|
"""
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(self, cfg):
|
||||||
|
self.cfg = cfg
|
||||||
|
cowrie.core.output.Output.__init__(self, cfg)
|
||||||
|
|
||||||
|
|
||||||
|
def start(self):
|
||||||
|
"""
|
||||||
|
"""
|
||||||
|
db_addr = self.cfg.get('output_mongodb', 'connection_string')
|
||||||
|
db_name = self.cfg.get('output_mongodb', 'database')
|
||||||
|
|
||||||
|
try:
|
||||||
|
self.mongo_client = pymongo.MongoClient(db_addr)
|
||||||
|
self.mongo_db = self.mongo_client[db_name]
|
||||||
|
self.coll = self.mongo_db['events']
|
||||||
|
except Exception, e:
|
||||||
|
log.msg('output_mongodb: Error: %s' % str(e))
|
||||||
|
|
||||||
|
|
||||||
|
def stop(self):
|
||||||
|
"""
|
||||||
|
"""
|
||||||
|
self.mongo_client.close()
|
||||||
|
|
||||||
|
|
||||||
|
def write(self, entry):
|
||||||
|
"""
|
||||||
|
"""
|
||||||
|
for i in list(entry.keys()):
|
||||||
|
# Remove twisted 15 legacy keys
|
||||||
|
if i.startswith('log_'):
|
||||||
|
del entry[i]
|
||||||
|
try:
|
||||||
|
self.coll.insert_one(entry)
|
||||||
|
except Exception,e:
|
||||||
|
log.msg('output_mongodb: MongoDB Error: %s' % str(e))
|
||||||
@@ -10,6 +10,9 @@ pyes
|
|||||||
# mysql
|
# mysql
|
||||||
MySQL-python
|
MySQL-python
|
||||||
|
|
||||||
|
# mongodb
|
||||||
|
pymongo
|
||||||
|
|
||||||
# rethinkdblog
|
# rethinkdblog
|
||||||
rethinkdb
|
rethinkdb
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user