A simple feeder script feeding data from pystemon to AIL.

The configuration matches the default Redis parameters used
in the pystemon configuration.

https://github.com/cvandeplas/pystemon/blob/master/pystemon.yaml#L16
pull/30/head
Alexandre Dulaunoy 2014-09-19 14:03:05 +02:00
parent b0db0e7f74
commit 25757b0fff
2 changed files with 52 additions and 0 deletions

View File

@ -0,0 +1,50 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
#
# This file is part of AIL framework - Analysis Information Leak framework
#
# This a simple feeder script feeding data from pystemon to AIL.
#
# Don't forget to set your pystemonpath and ensure that the
# configuration matches this script. Default is Redis DB 10.
#
# https://github.com/cvandeplas/pystemon/blob/master/pystemon.yaml#L16
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Copyright (c) 2014 Alexandre Dulaunoy - a@foo.be
import zmq
import random
import sys
import time
import redis
import base64
port = "5556"
pystemonpath = "/home/pystemon/pystemon/"
context = zmq.Context()
socket = context.socket(zmq.PUB)
socket.bind("tcp://*:%s" % port)
# check https://github.com/cvandeplas/pystemon/blob/master/pystemon.yaml#L16
r = redis.StrictRedis(host='localhost', db=10)
# 101 pastes processed feed
# 102 raw pastes feed
while True:
time.sleep(1)
topic = 101
paste = r.lpop("pastes")
if paste is None:
continue
socket.send("%d %s" % (topic, paste))
topic = 102
messagedata = open(pystemonpath+paste).read()
socket.send("%d %s %s" % (topic, paste, base64.b64encode(messagedata)))

View File

@ -38,6 +38,8 @@ db = 1
# PUB / SUB : ZMQ
[Feed]
# if you use the pystemon-feeder.py change the configuration
# where the feeder is listening. Usually it's 127.0.0.1:5556
adress = tcp://crf.circl.lu:5556
topicfilter = 102