Windowsi DHCP logi kogumine

Allikas: Kuutõrvaja

Pooleli...

Kuna Windows-i DHCP logide roteerumist seadistada ei saa( hoitakse ühe nädala jagu )

siis tuleb kasutada muud lahendust logide pikaajaliseks säilitamiseks.

Seoses sellega, et DHCP server hoiab logifaile lukus on sealt ridahaaval

andmete kättesaamine raskendatud. Näiteks SyslogAgent ja Epilog

ei saanud logist kõiki ridasid kätte.


dhcplogdb.py - skript mis sisestab eelmise päeva DHCP logist mac aadressiga read andmebaasi

Skript eeldab MySQL andmebaasi dhcp_log ja kasutajat dhcp_log kellel on õigused CREATE ja INSERT

 15 1 * * * /usr/bin/python/ /home/user/scripts/dhcplogdb.py server1 /mnt/loghosts/server1

Kus server1 on DHCP serveri identifikaator ( SQL-i tabel luuakse nime järgi ) ja

/mnt/hosts/server1 kataloog sisaldab Windows-i DHCP logisid kujul:

 DhcpSrvLog-{'Sun','Mon','Tue','Wed','Thu','Fri','Sat'}.log

Usage: dhcplogdb.py <dhcpservername> </path/to/logfiles>

<nowiki>from datetime import datetime, date, time

import MySQLdb, sys, re, string

class DhcpLogToDB:

     def __init__(self, db, name):
          self.db = db
          self.name = name
          self.dbc = self.db.cursor()


     def checktable(self, name):
          if self.dbc.execute("SELECT * FROM information_schema.tables WHERE table_name='" + name + "'") == 0:
              sqlcreate = \
              "CREATE TABLE " + name + \
              " ( `date` date NOT NULL, \
              `time` time NOT NULL, \
              `addr` varchar(15) NOT NULL, \
              `hostname` varchar(40) NOT NULL, \
              `mac` varchar(12) NOT NULL)"
              self.dbc.execute(sqlcreate)
          return


     def additem(self, date, time, addr, hostname, mac):
          sql = "INSERT INTO " + self.name + " VALUES( '" + date + "','" + time + "','" + addr + "','" + hostname + "','" + mac + "')"
          self.dbc.execute(sql)
          return


def main():

   if len(sys.argv) != 3:
       print 'Usage: %s <dhcpserver-name> </path/to/logfiles>' % (sys.argv[0])
       sys.exit(1)
   name = sys.argv[1]           # DHCP server ( MySQL table name, creates new table if not exists )
   path = sys.argv[2]           # Path to logfiles
   macx = '([a-fA-F0-9]{2}){6}' # Windows DhcpSrvLog-*.log mac address format
   Weekdays = ('Sun', 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat') # 0 - Sun, 6 - Sat
   yesterday = datetime.now().isoweekday() - 1
   file = path + "/DhcpSrvLog-" + Weekdays[yesterday] + ".log"
   db = MySQLdb.connect( db="dhcp_log", user="dhcp_log")
   log = DhcpLogToDB(db, name)
   log.checktable(name)
   for line in open(file):
       dhcp = re.compile(macx).search(line)
       if dhcp:
           a = line.split(',')
           log.additem(a[1], a[2], a[4], a[5], a[6])


if __name__ == '__main__':

     main()