mirror of
https://github.com/cowrie/cowrie.git
synced 2025-07-01 18:07:27 -04:00
'Z' after timestamp doesn't work. Set TZ=GMT with callback function
This commit is contained in:
Michel Oosterhof
@ -39,6 +39,13 @@ class ReconnectingConnectionPool(adbapi.ConnectionPool):
|
|||||||
self, interaction, *args, **kw)
|
self, interaction, *args, **kw)
|
||||||
|
|
||||||
|
|
||||||
|
def cp_set_timezone(conn):
|
||||||
|
"""
|
||||||
|
Callback to set timezone to GMT in connection to MySQL
|
||||||
|
"""
|
||||||
|
cursor = conn.cursor()
|
||||||
|
cursor.execute("SET time_zone = \"+00:00\";")
|
||||||
|
|
||||||
|
|
||||||
class Output(cowrie.core.output.Output):
|
class Output(cowrie.core.output.Output):
|
||||||
"""
|
"""
|
||||||
@ -70,6 +77,7 @@ class Output(cowrie.core.output.Output):
|
|||||||
user = self.cfg.get('output_mysql', 'username'),
|
user = self.cfg.get('output_mysql', 'username'),
|
||||||
passwd = self.cfg.get('output_mysql', 'password'),
|
passwd = self.cfg.get('output_mysql', 'password'),
|
||||||
port = port,
|
port = port,
|
||||||
|
cp_openfun = cp_set_timezone,
|
||||||
cp_min = 1,
|
cp_min = 1,
|
||||||
cp_max = 1)
|
cp_max = 1)
|
||||||
except MySQLdb.Error as e:
|
except MySQLdb.Error as e:
|
||||||
@ -119,7 +127,7 @@ class Output(cowrie.core.output.Output):
|
|||||||
self.simpleQuery(
|
self.simpleQuery(
|
||||||
"INSERT INTO `sessions` (`id`, `starttime`, `sensor`, `ip`)"
|
"INSERT INTO `sessions` (`id`, `starttime`, `sensor`, `ip`)"
|
||||||
+ " VALUES (%s, STR_TO_DATE(%s, %s), %s, %s)",
|
+ " VALUES (%s, STR_TO_DATE(%s, %s), %s, %s)",
|
||||||
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%fZ',
|
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%f',
|
||||||
sensorid, entry["src_ip"]))
|
sensorid, entry["src_ip"]))
|
||||||
|
|
||||||
elif entry["eventid"] == 'cowrie.login.success':
|
elif entry["eventid"] == 'cowrie.login.success':
|
||||||
@ -127,48 +135,48 @@ class Output(cowrie.core.output.Output):
|
|||||||
', `username`, `password`, `timestamp`)' + \
|
', `username`, `password`, `timestamp`)' + \
|
||||||
' VALUES (%s, %s, %s, %s, STR_TO_DATE(%s, %s))',
|
' VALUES (%s, %s, %s, %s, STR_TO_DATE(%s, %s))',
|
||||||
(entry["session"], 1, entry['username'], entry['password'],
|
(entry["session"], 1, entry['username'], entry['password'],
|
||||||
entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%fZ'))
|
entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%f'))
|
||||||
|
|
||||||
elif entry["eventid"] == 'cowrie.login.failed':
|
elif entry["eventid"] == 'cowrie.login.failed':
|
||||||
self.simpleQuery('INSERT INTO `auth` (`session`, `success`' + \
|
self.simpleQuery('INSERT INTO `auth` (`session`, `success`' + \
|
||||||
', `username`, `password`, `timestamp`)' + \
|
', `username`, `password`, `timestamp`)' + \
|
||||||
' VALUES (%s, %s, %s, %s, STR_TO_DATE(%s, %s))',
|
' VALUES (%s, %s, %s, %s, STR_TO_DATE(%s, %s))',
|
||||||
(entry["session"], 0, entry['username'], entry['password'],
|
(entry["session"], 0, entry['username'], entry['password'],
|
||||||
entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%fZ'))
|
entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%f'))
|
||||||
|
|
||||||
elif entry["eventid"] == 'cowrie.command.success':
|
elif entry["eventid"] == 'cowrie.command.success':
|
||||||
self.simpleQuery('INSERT INTO `input`' + \
|
self.simpleQuery('INSERT INTO `input`' + \
|
||||||
' (`session`, `timestamp`, `success`, `input`)' + \
|
' (`session`, `timestamp`, `success`, `input`)' + \
|
||||||
' VALUES (%s, STR_TO_DATE(%s, %s), %s , %s)',
|
' VALUES (%s, STR_TO_DATE(%s, %s), %s , %s)',
|
||||||
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%fZ',
|
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%f',
|
||||||
1, entry["input"]))
|
1, entry["input"]))
|
||||||
|
|
||||||
elif entry["eventid"] == 'cowrie.command.failed':
|
elif entry["eventid"] == 'cowrie.command.failed':
|
||||||
self.simpleQuery('INSERT INTO `input`' + \
|
self.simpleQuery('INSERT INTO `input`' + \
|
||||||
' (`session`, `timestamp`, `success`, `input`)' + \
|
' (`session`, `timestamp`, `success`, `input`)' + \
|
||||||
' VALUES (%s, STR_TO_DATE(%s, %s), %s , %s)',
|
' VALUES (%s, STR_TO_DATE(%s, %s), %s , %s)',
|
||||||
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%fZ',
|
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%f',
|
||||||
0, entry["input"]))
|
0, entry["input"]))
|
||||||
|
|
||||||
elif entry["eventid"] == 'cowrie.session.file_download':
|
elif entry["eventid"] == 'cowrie.session.file_download':
|
||||||
self.simpleQuery('INSERT INTO `downloads`' + \
|
self.simpleQuery('INSERT INTO `downloads`' + \
|
||||||
' (`session`, `timestamp`, `url`, `outfile`, `shasum`)' + \
|
' (`session`, `timestamp`, `url`, `outfile`, `shasum`)' + \
|
||||||
' VALUES (%s, STR_TO_DATE(%s, %s), %s, %s, %s)',
|
' VALUES (%s, STR_TO_DATE(%s, %s), %s, %s, %s)',
|
||||||
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%fZ',
|
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%f',
|
||||||
entry['url'], entry['outfile'], entry['shasum']))
|
entry['url'], entry['outfile'], entry['shasum']))
|
||||||
|
|
||||||
elif entry["eventid"] == 'cowrie.session.file_upload':
|
elif entry["eventid"] == 'cowrie.session.file_upload':
|
||||||
self.simpleQuery('INSERT INTO `downloads`' + \
|
self.simpleQuery('INSERT INTO `downloads`' + \
|
||||||
' (`session`, `timestamp`, `url`, `outfile`, `shasum`)' + \
|
' (`session`, `timestamp`, `url`, `outfile`, `shasum`)' + \
|
||||||
' VALUES (%s, STR_TO_DATE(%s, %s), %s, %s)',
|
' VALUES (%s, STR_TO_DATE(%s, %s), %s, %s)',
|
||||||
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%fZ',
|
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%f',
|
||||||
'', entry['outfile'], entry['shasum']))
|
'', entry['outfile'], entry['shasum']))
|
||||||
|
|
||||||
elif entry["eventid"] == 'cowrie.session.input':
|
elif entry["eventid"] == 'cowrie.session.input':
|
||||||
self.simpleQuery('INSERT INTO `input`' + \
|
self.simpleQuery('INSERT INTO `input`' + \
|
||||||
' (`session`, `timestamp`, `realm`, `input`)' + \
|
' (`session`, `timestamp`, `realm`, `input`)' + \
|
||||||
' VALUES (%s, STR_TO_DATE(%s, %s), %s , %s)',
|
' VALUES (%s, STR_TO_DATE(%s, %s), %s , %s)',
|
||||||
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%fZ',
|
(entry["session"], entry["timestamp"], '%Y-%m-%dT%H:%i:%s.%f',
|
||||||
entry["realm"], entry["input"]))
|
entry["realm"], entry["input"]))
|
||||||
|
|
||||||
elif entry["eventid"] == 'cowrie.client.version':
|
elif entry["eventid"] == 'cowrie.client.version':
|
||||||
@ -197,7 +205,7 @@ class Output(cowrie.core.output.Output):
|
|||||||
self.simpleQuery(
|
self.simpleQuery(
|
||||||
'UPDATE `sessions` SET `endtime` = STR_TO_DATE(%s, %s)' + \
|
'UPDATE `sessions` SET `endtime` = STR_TO_DATE(%s, %s)' + \
|
||||||
' WHERE `id` = %s', (entry["timestamp"],
|
' WHERE `id` = %s', (entry["timestamp"],
|
||||||
'%Y-%m-%dT%H:%i:%s.%fZ', entry["session"]))
|
'%Y-%m-%dT%H:%i:%s.%f', entry["session"]))
|
||||||
|
|
||||||
elif entry["eventid"] == 'cowrie.log.closed':
|
elif entry["eventid"] == 'cowrie.log.closed':
|
||||||
self.simpleQuery(
|
self.simpleQuery(
|
||||||
|
|||||||
Reference in New Issue
Block a user