Windowsi DHCP logi kogumine
Pooleli...
Kuna Windows-i DHCP logide roteerumist seadistada ei saa( hoitakse ühe nädala jagu )
siis tuleb kasutada muud lahendust logide pikaajaliseks säilitamiseks.
Seoses sellega, et DHCP server hoiab logifaile lukus on sealt ridahaaval
andmete kättesaamine raskendatud. Näiteks SyslogAgent ja Epilog
ei saanud logist kõiki ridasid kätte.
dhcplogdb.py - skript mis sisestab eelmise päeva DHCP logist mac aadressiga read andmebaasi
Skript eeldab MySQL andmebaasi dhcp_log ja kasutajat dhcp_log kellel on õigused CREATE ja INSERT
15 1 * * * /usr/bin/python/ /home/user/scripts/dhcplogdb.py server1 /mnt/loghosts/server1
Kus server1 on DHCP serveri identifikaator ( SQL-i tabel luuakse nime järgi ) ja
/mnt/hosts/server1 kataloog sisaldab Windows-i DHCP logisid kujul:
DhcpSrvLog-{'Sun','Mon','Tue','Wed','Thu','Fri','Sat'}.log
Usage: dhcplogdb.py <dhcpservername> </path/to/logfiles>
<nowiki>from datetime import datetime, date, time
import MySQLdb, sys, re, string
class DhcpLogToDB:
def __init__(self, db, name): self.db = db self.name = name self.dbc = self.db.cursor()
def checktable(self, name): if self.dbc.execute("SELECT * FROM information_schema.tables WHERE table_name='" + name + "'") == 0: sqlcreate = \ "CREATE TABLE " + name + \ " ( `date` date NOT NULL, \ `time` time NOT NULL, \ `addr` varchar(15) NOT NULL, \ `hostname` varchar(40) NOT NULL, \ `mac` varchar(12) NOT NULL)" self.dbc.execute(sqlcreate) return
def additem(self, date, time, addr, hostname, mac): sql = "INSERT INTO " + self.name + " VALUES( '" + date + "','" + time + "','" + addr + "','" + hostname + "','" + mac + "')" self.dbc.execute(sql) return
def main():
if len(sys.argv) != 3: print 'Usage: %s <dhcpserver-name> </path/to/logfiles>' % (sys.argv[0]) sys.exit(1)
name = sys.argv[1] # DHCP server ( MySQL table name, creates new table if not exists ) path = sys.argv[2] # Path to logfiles macx = '([a-fA-F0-9]{2}){6}' # Windows DhcpSrvLog-*.log mac address format Weekdays = ('Sun', 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat') # 0 - Sun, 6 - Sat
yesterday = datetime.now().isoweekday() - 1 file = path + "/DhcpSrvLog-" + Weekdays[yesterday] + ".log"
db = MySQLdb.connect( db="dhcp_log", user="dhcp_log") log = DhcpLogToDB(db, name) log.checktable(name) for line in open(file): dhcp = re.compile(macx).search(line) if dhcp: a = line.split(',') log.additem(a[1], a[2], a[4], a[5], a[6])
if __name__ == '__main__':
main()