current-charts.rb - honeypot - A custom version of kippo used for SSH honeypot analysis and reporting.
(HTM) git clone git://jay.scot/honeypot
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
---
current-charts.rb (2212B)
---
1 #!/usr/bin/ruby
2 #
3 # Generates the current graph.
4 #
5 # gem install gruff
6 # gem install mysql
7 #
8
9 require 'rubygems'
10 require 'gruff'
11 require 'mysql'
12
13 # Set the dates we want
14 date = Time.new
15 current_date = "#{date.year}-0#{date.month}"
16 string_month = Date::MONTHNAMES[date.month]
17
18 puts current_date
19 g = Gruff::Line.new("600x300")
20 g.title = "#{string_month} 2012 Attacks"
21
22 # Set the font options
23 g.font = 'LiberationMono-Regular.ttf'
24 g.marker_font_size = 12
25 g.legend_font_size = 12
26 g.title_font_size = 12
27
28 # Set the chart colours
29 @green = '#339933'
30 @purple = '#cc99cc'
31 @blue = '#336699'
32 @yellow = '#a21764'
33 @red = '#ff0000'
34 @orange = '#cf5910'
35 @black = 'black'
36 @colors = [@yellow, @blue, @green, @red, @black, @purple, @orange]
37
38 # Set the chart look
39 g.legend_box_size = 12
40 g.marker_count = 12
41 g.line_width = 1
42 g.dot_radius = 2
43 g.theme = {
44 :colors => @colors,
45 :marker_color => '#aea9a9',
46 :font_color => 'black',
47 :background_colors => 'white'
48 }
49
50 # Change the password to the kippo DB
51 con_kippo = Mysql.new('localhost', 'kippo', 'your-pass', 'kippo')
52
53 rs_sensors = con_kippo.query("SELECT id, ip FROM sensors")
54
55 while row_sensor = rs_sensors.fetch_row do
56
57 rs_current = con_kippo.query("SELECT DISTINCT DATE(starttime) AS Date, COUNT(*) AS Total
58 FROM sessions
59 WHERE starttime
60 LIKE '#{current_date}%'
61 AND sensor=#{row_sensor[0]}
62 GROUP BY Date
63 ORDER BY Date")
64
65 attack_list = []
66 total_attacks = 0
67
68 puts "Current sensor is #{row_sensor[1]}"
69 puts "Number of rows #{rs_current.num_rows}"
70 while row = rs_current.fetch_row do
71 #puts "Row 1 = #{row[1]} Row 2 = #{row[0]}"
72 attack_list << row[1].to_i
73 total_attacks = total_attacks + row[1].to_i
74 end
75
76 #puts "Attack list is #{attack_list}"
77
78 if total_attacks > 0 then
79 legend = "#{row_sensor[1]} (#{total_attacks})"
80 g.data(legend, attack_list)
81 end
82
83 rs_current.free
84
85 end
86
87 x = 0
88 days_list = {}
89
90 while x < 31 do
91 days_list[x] = "#{x +1}"
92 x = x + 1
93 end
94
95 g.labels = days_list
96 g.write('current-month.png')
97
98 con_kippo.close
99