Snort alert tail...
Cliff Wells
logiplexsoftware at earthlink.net
Sun Jun 16 13:20:54 EDT 2002
On Sun, 2002-06-16 at 05:51, Jan-Eric wrote:
> HEllo !
> I'm trying to write a dynamic firewall script in python that scans the Snort
> alert file like 'tail -f' and takes action based on the infomation it gets
> from that file. But I can't get the 'tail' function to work.It reads the
> file, but any new information that Snort is writing to the file doesn't
> show up to the script.
>
> ex.
> file = open('/var/log/snort', 'r')
> while 1:
> file = file.read()
> print file
> ....
import os, stat
import time
def snort(pathname):
size = os.stat(pathname)[stat.ST_SIZE]
while 1:
lastsize = size
size = os.stat(pathname)[stat.ST_SIZE]
if size > lastsize: # there's new data
f = open(pathname, 'r')
f.seek(lastsize)
print f.readlines()
f.close()
else:
time.sleep(2)
snort("/var/log/snort")
More information about the Python-list
mailing list