Python Syslog Server
Neo Chen (netkiller)
<openunix@163.com>
版权 2011, 2012 http://netkiller.github.com
摘要
本程序用于收集,防火墙,路由器,交换机等日志
下面是我多年积累下来的经验总结,整理成文档供大家参考:
目录
1. 配置Cisco ASA 5550 Firewall2. syslog 服务器脚本
1. 配置Cisco ASA 5550 Firewall
logging enable logging timestamp logging trap warnings logging host inside 172.16.0.5 logging facility local0
172.16.0.5 改为你的syslog服务器地址
2. syslog 服务器脚本
*注意:Python版本必须3.0以上
chmod 700 syslogd
./syslogd
#!/srv/python/bin/python3 # -*- encoding: utf-8 -*- # Cisco ASA Firewall - Syslog Server by neo # Author: neo<openunix@163.com> import logging import socketserver import threading LOG_FILE = '/var/log/asa5550.log' logging.basicConfig(level=logging.INFO, format='%(message)s', datefmt='', filename=LOG_FILE, filemode='a') class SyslogUDPHandler(socketserver.BaseRequestHandler): def handle(self): data = bytes.decode(self.request[0].strip()) socket = self.request[1] print( "%s : " % self.client_address[0], str(data)) logging.info(str(data)) # socket.sendto(data.upper(), self.client_address) if __name__ == "__main__": try: HOST, PORT = "0.0.0.0", 514 server = socketserver.UDPServer((HOST, PORT), SyslogUDPHandler) server.serve_forever(poll_interval=0.5) except (IOError, SystemExit): raise except KeyboardInterrupt: print ("Crtl+C Pressed. Shutting down.")
时间: 2024-11-03 21:52:30