|
|
|
|
@ -1,6 +1,9 @@
|
|
|
|
|
# coding=utf-8
|
|
|
|
|
|
|
|
|
|
import os
|
|
|
|
|
import logging
|
|
|
|
|
import re
|
|
|
|
|
import types
|
|
|
|
|
|
|
|
|
|
from logging.handlers import TimedRotatingFileHandler
|
|
|
|
|
from get_argv import config_dir
|
|
|
|
|
@ -44,8 +47,8 @@ def configure_logging(debug=False):
|
|
|
|
|
|
|
|
|
|
# Console logging
|
|
|
|
|
ch = logging.StreamHandler()
|
|
|
|
|
cf = NoExceptionFormatter('%(asctime)-15s - %(name)-32s (%(thread)x) : %(levelname)s (%(module)s:%(lineno)d) '
|
|
|
|
|
'- %(message)s')
|
|
|
|
|
cf = (debug and logging.Formatter or NoExceptionFormatter)(
|
|
|
|
|
'%(asctime)-15s - %(name)-32s (%(thread)x) : %(levelname)s (%(module)s:%(lineno)d) - %(message)s')
|
|
|
|
|
ch.setFormatter(cf)
|
|
|
|
|
|
|
|
|
|
ch.setLevel(log_level)
|
|
|
|
|
@ -81,64 +84,81 @@ def configure_logging(debug=False):
|
|
|
|
|
|
|
|
|
|
class MyFilter(logging.Filter):
|
|
|
|
|
def __init__(self):
|
|
|
|
|
pass
|
|
|
|
|
super(MyFilter, self).__init__()
|
|
|
|
|
|
|
|
|
|
def filter(self, record):
|
|
|
|
|
if record.name != 'root':
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
return 0
|
|
|
|
|
return 1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class ArgsFilteringFilter(logging.Filter):
|
|
|
|
|
def filter_args(self, record, func):
|
|
|
|
|
if isinstance(record.args, (types.ListType, types.TupleType)):
|
|
|
|
|
final_args = []
|
|
|
|
|
for arg in record.args:
|
|
|
|
|
if not isinstance(arg, basestring):
|
|
|
|
|
final_args.append(arg)
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
final_args.append(func(arg))
|
|
|
|
|
record.args = type(record.args)(final_args)
|
|
|
|
|
elif isinstance(record.args, dict):
|
|
|
|
|
for key, arg in record.args.items():
|
|
|
|
|
if not isinstance(arg, basestring):
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
record.args[key] = func(arg)
|
|
|
|
|
|
|
|
|
|
class BlacklistFilter(logging.Filter):
|
|
|
|
|
|
|
|
|
|
class BlacklistFilter(ArgsFilteringFilter):
|
|
|
|
|
"""
|
|
|
|
|
Log filter for blacklisted tokens and passwords
|
|
|
|
|
"""
|
|
|
|
|
APIKEY_RE = re.compile(r'apikey(?:=|%3D)([a-zA-Z0-9]+)')
|
|
|
|
|
|
|
|
|
|
def __init__(self):
|
|
|
|
|
pass
|
|
|
|
|
super(BlacklistFilter, self).__init__()
|
|
|
|
|
|
|
|
|
|
def filter(self, record):
|
|
|
|
|
try:
|
|
|
|
|
apikeys = re.findall(r'apikey(?:=|%3D)([a-zA-Z0-9]+)', record.msg)
|
|
|
|
|
def mask_apikeys(s):
|
|
|
|
|
apikeys = self.APIKEY_RE.findall(s)
|
|
|
|
|
for apikey in apikeys:
|
|
|
|
|
record.msg = record.msg.replace(apikey, 8 * '*' + apikey[-2:])
|
|
|
|
|
s = s.replace(apikey, 8 * '*' + apikey[-2:])
|
|
|
|
|
return s
|
|
|
|
|
|
|
|
|
|
args = []
|
|
|
|
|
for arg in record.args:
|
|
|
|
|
apikeys = re.findall(r'apikey(?:=|%3D)([a-zA-Z0-9]+)', arg) if isinstance(arg, basestring) else []
|
|
|
|
|
for apikey in apikeys:
|
|
|
|
|
arg = arg.replace(apikey, 8 * '*' + apikey[-2:])
|
|
|
|
|
args.append(arg)
|
|
|
|
|
record.args = tuple(args)
|
|
|
|
|
try:
|
|
|
|
|
record.msg = mask_apikeys(record.msg)
|
|
|
|
|
self.filter_args(record, mask_apikeys)
|
|
|
|
|
except:
|
|
|
|
|
pass
|
|
|
|
|
return True
|
|
|
|
|
return 1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class PublicIPFilter(logging.Filter):
|
|
|
|
|
class PublicIPFilter(ArgsFilteringFilter):
|
|
|
|
|
"""
|
|
|
|
|
Log filter for public IP addresses
|
|
|
|
|
"""
|
|
|
|
|
IPV4_RE = re.compile(r'[0-9]+(?:\.[0-9]+){3}(?!\d*-[a-z0-9]{6})')
|
|
|
|
|
|
|
|
|
|
def __init__(self):
|
|
|
|
|
pass
|
|
|
|
|
super(PublicIPFilter, self).__init__()
|
|
|
|
|
|
|
|
|
|
def filter(self, record):
|
|
|
|
|
try:
|
|
|
|
|
# Currently only checking for ipv4 addresses
|
|
|
|
|
ipv4 = re.findall(r'[0-9]+(?:\.[0-9]+){3}(?!\d*-[a-z0-9]{6})', record.msg)
|
|
|
|
|
def mask_ipv4(s):
|
|
|
|
|
ipv4 = self.IPV4_RE.findall(s)
|
|
|
|
|
for ip in ipv4:
|
|
|
|
|
record.msg = record.msg.replace(ip, ip.partition('.')[0] + '.***.***.***')
|
|
|
|
|
s = s.replace(ip, ip.partition('.')[0] + '.***.***.***')
|
|
|
|
|
return s
|
|
|
|
|
|
|
|
|
|
args = []
|
|
|
|
|
for arg in record.args:
|
|
|
|
|
ipv4 = re.findall(r'[0-9]+(?:\.[0-9]+){3}(?!\d*-[a-z0-9]{6})', arg) if isinstance(arg, basestring) else []
|
|
|
|
|
for ip in ipv4:
|
|
|
|
|
arg = arg.replace(ip, ip.partition('.')[0] + '.***.***.***')
|
|
|
|
|
args.append(arg)
|
|
|
|
|
record.args = tuple(args)
|
|
|
|
|
try:
|
|
|
|
|
# Currently only checking for ipv4 addresses
|
|
|
|
|
record.msg = mask_ipv4(record.msg)
|
|
|
|
|
self.filter_args(record, mask_ipv4)
|
|
|
|
|
except:
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
return True
|
|
|
|
|
return 1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def empty_log():
|
|
|
|
|
|
morpheus65535
6 years ago