Python structured event expression in json log.
Project description
通用事件结构化表达-Json格式化日志
通用事件结构化表达-Json格式化日志模块继承于Python logging 模块,提供一种JSON格式输出网络安全事件日志。
网络空间安全事件表达模型详见“网络空间拟态防御领域通用日志表达标准规范.md”。
1. 功能特性
本模块继承Python logging模块的Formatters 与 FileHandler,提供JsonFormatter 与 JsonRotatingFileHandler。
**JsonFormatter:**实现日志的JSON格式化输出,其日志消息结构符合“网络空间拟态防御领域通用日志表达标准规范.md”。
**JsonRotatingFileHandler:**实现日志文件记录,其日志文件命名符合“网络空间拟态防御领域通用日志表达标准规范.md”。
2. API说明
本模块对外目前仅提供一个接口:
def setup_logging(path: str, device_name: str, mode_name: str, log_type: str, log_level, skip_attrs:List[str]=[]):
"""
用于Logger object的生成,根据用户提供的配置,配置JsonFormatter与JsonRotatingFileHandler
:param path: 日志文件存放的目录路径
:param device_name: 需要记录日志的设备或系统名字
:param mode_name: 事件发生时所在的模块名
:param log_type: 日志类型,日志类型参见“网络空间拟态防御领域通用日志表达标准规范.md”
:param log_level: 参见python logging 中日志级别设置
:param skip_attrs: 需要在最终输出中隐藏的固定属性值
:return: 无
"""
可以设置隐藏的属性值:
STATIC_ATTRS: Tuple[str, ...] = (
'filename', 'modulename', 'funcname', 'process', 'processName', 'thread', 'threadName', 'lineno',
)
3. demo
from structured_log_json import jsonlogger
import logging
'''
1. inherited logging class Formatter;
2. inherited logging class Handler;
'''
def print_hi(name):
logger = jsonlogger.setup_logging("./", "mimicrouter", __name__, "dmf", logging.INFO,['filename','processName'])
test = {
"event_domain": "mimic_multimode_ruling",
"event_action": "attack",
"router_multimode_ruling":
[
{
"exception_type":"missing_router_item",
"action":"del_route",
"executor_role":"master",
"prefix":"2.2.2.2",
"mask":32,
"nexthop_info.nexthop":["100.0.13.3"],
"nexthop_info.ifname":["GigEth0"],
"nexthop_info.label":[]
},
{
"exception_type":"missing_router_item",
"action":"del_route",
"executor_role":"master",
"prefix":"11.11.11.11",
"mask":32,
"nexthop_info.nexthop":["100.0.13.3"],
"nexthop_info.ifname":["GigEth0"],
"nexthop_info.label":[]
},
{
"exception_type":"missing_router_item",
"action":"del_route",
"executor_role":"master",
"prefix":"100.0.12.0",
"mask":24,
"nexthop_info.nexthop":["100.0.13.3"],
"nexthop_info.ifname":["GigEth0"],
"nexthop_info.label":[]
},
{
"exception_type":"missing_router_item",
"action":"del_route",
"executor_role":"master",
"prefix":"100.0.17.0",
"mask":24,
"nexthop_info.nexthop":["100.0.13.3"]
}
]
}
for i in range(5):
#1. 带message附加信息方式,extra 是自定义字段
logger.info("test",extra=test)
#2. 直接传输自定义字段字典类型
logger.info(test)
# Press the green button in the gutter to run the script.
if __name__ == '__main__':
print_hi('PyCharm')
# See PyCharm help at https://www.jetbrains.com/help/pycharm/
4. How to install
- python 3.6+ must be installed
- Use pip to install module:
python pip install structured_log_json
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file structured_log_json-1.0.0.post2023.tar.gz.
File metadata
- Download URL: structured_log_json-1.0.0.post2023.tar.gz
- Upload date:
- Size: 15.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
df3aaa9d8861fe307952dbedfdfb659b5ee208d1665f059f6c39418a9d8cf4a9
|
|
| MD5 |
7d295cd997b8230f62aa0c270250767a
|
|
| BLAKE2b-256 |
5c582ce7d4addb36aec76079e12be3c34dbccf73a06110ed190c10b7ca53b736
|
