Python Syslog Server
版权 © 2011, 2012 http://netkiller.github.com
摘要
本程序用于收集,防火墙,路由器,交换机等日志
下面是我多年积累下来的经验总结,整理成文档供大家参考:
logging enable logging timestamp logging trap warnings logging host inside 172.16.0.5 logging facility local0
172.16.0.5 改为你的syslog服务器地址
*注意:Python版本必须3.0以上
chmod 700 syslogd
./syslogd
#!/srv/python/bin/python3
# -*- encoding: utf-8 -*-
# Cisco ASA Firewall - Syslog Server by neo
# Author: neo<openunix@163.com>
import logging
import socketserver
import threading
LOG_FILE = '/var/log/asa5550.log'
logging.basicConfig(level=logging.INFO,
format='%(message)s',
datefmt='',
filename=LOG_FILE,
filemode='a')
class SyslogUDPHandler(socketserver.BaseRequestHandler):
def handle(self):
data = bytes.decode(self.request[0].strip())
socket = self.request[1]
print( "%s : " % self.client_address[0], str(data))
logging.info(str(data))
# socket.sendto(data.upper(), self.client_address)
if __name__ == "__main__":
try:
HOST, PORT = "0.0.0.0", 514
server = socketserver.UDPServer((HOST, PORT), SyslogUDPHandler)
server.serve_forever(poll_interval=0.5)
except (IOError, SystemExit):
raise
except KeyboardInterrupt:
print ("Crtl+C Pressed. Shutting down.")
