'''
WebSocketClientSendDDOSAttckLog-20171201-ok by 郑瑞国
'''
import websocket
import threading
import time,datetime
import re
import os,os.path
def on_message(ws, message):
print(message)
def on_error(ws, error):
print(error)
def on_close(ws):
print("### closed ###")
def on_open(ws):
def run(*args):
name = 'C:\Program Files\Syslogd\Logs\SyslogCatchAll-'+str(datetime.date.today())+'.txt'
#print(name)
pa = r'.*?\s.*?(AttackType=)"(.*?)".*?(proto=)"(.*?)".*?(src=)"(.*?)".*?(dst=)"(.*?)".*?(total packets=)"(.*?)".*'
#size = os.path.getsize(name)
f = open(name)
list = f.readlines()
f.close()
i = len(list)
#i = 0
while True:
f = open(name)
list = f.readlines()
f.close()
if i<len(list):
print(list[i])
lenth = len(list)
line = list[i]
i += 1
w = re.search(pa,line)
if w is not None:
dt = datetime.datetime.now()
dtext = dt.strftime('%Y-%m-%d %H:%M:%S ')
print(dtext +' '+w.group(1)+(w.group(2)+' '+(w.group(3))+(w.group(4))+' '+(w.group(5))+(w.group(6))+' '+(w.group(7))+(w.group(8)+' '+(w.group(9))+(w.group(10)))))
text = '{"id":"6","source":"exe","receive":"show","lesson":"sys_safe","cate":"ddos","content":[{"string":"'+ dtext +' '+(w.group(1))+(w.group(2))+' '+(w.group(3))+(w.group(4))+' '+(w.group(5))+(w.group(6))+' '+(w.group(7))+(w.group(8))+' '+(w.group(9))+(w.group(10))+'\\n"}]}'
#text2 = text = '{"id":"4","source":"exe","cate":"firewall","content":[{"string":""}]}'
ws.send(text)
#ws.send(text2)
with open('AttackLog'+str(datetime.date.today())+'.txt','at') as f2:
print(w.group(1),w.group(2),w.group(3),w.group(4),w.group(5),w.group(6),w.group(7),w.group(8),w.group(9),w.group(10),file = f2)
f2.close()
#time.sleep(1)
#newSize = os.path.getsize(name)
#while size == newSize:
#size = os.path.getsize(name)
#f = open(name)
#list = f.readlines()
#f.close()
#newLenth = len(list)
#while lenth == newLenth:
#f = open(name)
#list = f.readlines()
#f.close()
#newLenth = len(list)
ws.close()
print("thread terminating...")
#threading.start_new_thread(run, ())
threading.Thread.start(run())
#run()
if __name__ == "__main__":
websocket.enableTrace(True)
ws = websocket.WebSocketApp("ws://192.168.13.112:2012",
on_message = on_message,
on_error = on_error,
on_close = on_close)
ws.on_open = on_open
ws.run_forever()