本文共 3500 字，大约阅读时间需要 11 分钟。

logtemplate.py：

#coding:utf-8import ConfigParserfrom string import Templateimport timeimport mathimport Queuefrom getIP import *def getLogByConf(num):    cf = ConfigParser.ConfigParser()    cf.read("logTemplate.conf")    opts = cf.options(cf.sections()[0])    t = Template(cf.get(cf.sections()[0],opts[0]))    dic={}    for i in range(1,len(opts)):        dic[opts[i]] = cf.get(cf.sections()[0],opts[i])    dic['date'] = time.ctime()    getSysIp = getIP()    dic['sysip'] = getSysIp.get_ip_address()    return t.substitute(dic) * numdef getLogByScreenPlay(num):    cf = ConfigParser.ConfigParser()    cf.read("logTemplate.conf")    opts = cf.options(cf.sections()[0])    t = Template(cf.get(cf.sections()[0],opts[0]))    dic={}    for i in range(1,len(opts)):        dic[opts[i]] = cf.get(cf.sections()[0],opts[i])    dic['date'] = time.ctime()    getScreenPlayIp = getIP()    dic['sysip'] = getScreenPlayIp.get_ip_address()    dic['srcip'] = getScreenPlayIp.getIpByScreenPlay()    return t.substitute(dic) * numdef getLogByRandom(num):    cf = ConfigParser.ConfigParser()    cf.read("logTemplate.conf")    opts = cf.options(cf.sections()[0])    t = Template(cf.get(cf.sections()[0],opts[0]))    dic={}    for i in range(1,len(opts)):        dic[opts[i]] = cf.get(cf.sections()[0],opts[i])    getScreenPlayIp = getIP()    dic['sysip'] = getScreenPlayIp.get_ip_address()    q = Queue.Queue()    for i in range(0,num):        dic['date'] = time.ctime()        getRandomIp = getIP()        dic['srcip'] = getRandomIp.getIpByRandom()        dic['srcport'] = int(random.uniform(0, 255))        log = t.substitute(dic)        q.put(log)    return q;

getIP.py：

#coding:utf-8import ConfigParserimport osimport socketimport fcntlimport structimport sysimport reimport random"""获取主机ip地址参数ifname: 通过'lo'获取的为环回地址, 通过'eth0'获取的为主机ip地址"""class getIP:    def get_ip_address(self,ifname = 'lo'):        try:            s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)            return socket.inet_ntoa(fcntl.ioctl(                s.fileno(),                0x8915, # SIOCGIFADDR                struct.pack('256s', ifname[:15])            )[20:24])        except:            ips = os.popen("LANG=C ifconfig | grep \"inet addr\" | grep -v \"127.0.0.1\""                           " | awk -F \":\" '{print $2}' | awk '{print $1}'").readlines()            if len(ips) > 0:                return ips[0]        return ''    def getIpByConf(self):        cf = ConfigParser.ConfigParser()        cf.read("logTemplate.conf")        opts = cf.options(cf.sections()[0])        if 'srcip' in opts:            return cf.get(cf.sections()[0],'srcip')        else:            return '配置文件未配置IP字段'    def getIpByScreenPlay(self):        IpByScreenPlay = raw_input("请输入ip:\n")        IsIP = re.search('^([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.'                  '([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])$', IpByScreenPlay)        if IsIP:            return IpByScreenPlay        else:            return '127.0.0.1'    def getIpByRandom(self):        IpByRandom = (str(int(random.uniform(0, 255))) + '.' + str(int(random.uniform(0, 255))) +                 '.' + str(int(random.uniform(0, 255))) + '.' + str(int(random.uniform(0, 255))))        return IpByRandom

logTemplate.conf:

[conf]template = $date $sysip sshd[$shdcode]: $responsetype for $user from $srcip port $srcport ssh2sysip = 127.0.0.1shdcode = 6666responsetype = Failed passworduser = rootsrcip = 255.255.255.0srcport = 6666

转载地址：http://ohrin.baihongyu.com/