github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

加入日志审计

pull/2/head
ibuler 2014-11-02 22:54:26 +08:00
parent e5121fe7ea
commit efbcacbec6
7 changed files with 97 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
jumpserver.py
View File

@ -129,19 +129,19 @@ def connect(host, port, user, password):
global foo global foo
foo = pxssh.pxssh() foo = pxssh.pxssh()
foo.login(host, user, password, port=port, auto_prompt_reset=False) foo.login(host, user, password, port=port, auto_prompt_reset=False)
log = Logs(user=user, host=host, logfile=logfile_name, start_time=timestamp_start) # 日志信息记录到数据库 log = Logs(user=user, host=host, logfile=logfile_name, start_time=timestamp_start, ppid=os.getpid()) # 日志信息记录到数据库
log.save() log.save()
pid = Pid(ppid=os.getpid(), cpid=foo.pid) pid = Pid(ppid=os.getpid(), cpid=foo.pid)
pid.save() pid.save()
logfile = open(logfile_name, 'a') # 记录日志文件 logfile = open(logfile_name, 'a') # 记录日志文件
logfile.write('\n%s\n' % logtime_start) logfile.write('\nDateTime:%s' % logtime_start)
foo.logfile = logfile foo.logfile = logfile
foo.sendline('') foo.sendline('')
signal.signal(signal.SIGWINCH, sigwinch_passthrough) signal.signal(signal.SIGWINCH, sigwinch_passthrough)
foo.interact(escape_character=chr(28)) foo.interact(escape_character=chr(28)) # 进入交互模式
logfile.write('\n%s' % time.strftime('%Y/%m/%d %H:%M:%S')) logfile.write('\nEndTime: %s' % time.strftime('%Y/%m/%d %H:%M:%S'))
log.finish = 1 log.finish = 1
log.end_time = int(time.time()) log.end_time = int(time.time())
log.save() log.save()

47
webroot/AutoSa/AutoSa/views.py
View File

@ -4,7 +4,7 @@ from django.http import HttpResponse
from django.template import RequestContext from django.template import RequestContext
from django.shortcuts import render_to_response from django.shortcuts import render_to_response
from django.http import HttpResponseRedirect from django.http import HttpResponseRedirect
from UserManage.models import User, Group from UserManage.models import User, Group, Logs, Pid
from Assets.models import Assets, AssetsUser from Assets.models import Assets, AssetsUser
import subprocess import subprocess
from Crypto.Cipher import AES from Crypto.Cipher import AES
@ -20,6 +20,8 @@ from UserManage.forms import UserAddForm, GroupAddForm
import paramiko import paramiko
from django.core.servers.basehttp import FileWrapper from django.core.servers.basehttp import FileWrapper
from AutoSa.settings import CONF_DIR from AutoSa.settings import CONF_DIR
from django.core.paginator import Paginator, InvalidPage, EmptyPage
import time, datetime
cf = ConfigParser.ConfigParser() cf = ConfigParser.ConfigParser()
@ -285,7 +287,7 @@ def downKey(request):
elif request.session.get('admin') == 2: elif request.session.get('admin') == 2:
username = request.GET.get('username') username = request.GET.get('username')
filename = '%s/keys/%s' % (base_dir, username) filename = '%s/%s' % (rsa_dir, username)
f = open(filename) f = open(filename)
data = f.read() data = f.read()
f.close() f.close()
@ -871,7 +873,7 @@ def chgKey(request):
if error: if error:
return render_to_response('info.html', {'error': error}) return render_to_response('info.html', {'error': error})
keyfile = '%s/keys/%s' % (base_dir, username) keyfile = '%s/%s' % (rsa_dir, username)
jm = PyCrypt(key) jm = PyCrypt(key)
ret = bash('ssh-keygen -p -P %s -N %s -f %s' % (jm.decrypt(user.key_pass), password, keyfile)) ret = bash('ssh-keygen -p -P %s -N %s -f %s' % (jm.decrypt(user.key_pass), password, keyfile))
if ret != 0: if ret != 0:
@ -947,8 +949,41 @@ def downFile(request):
response['Content-Disposition'] = 'attachment; filename=%s' % os.path.basename(path) response['Content-Disposition'] = 'attachment; filename=%s' % os.path.basename(path)
return response return response
return render_to_response('downFile.html', return render_to_response('downFile.html',
{'username': username}, {'username': username},
context_instance=RequestContext(request)) context_instance=RequestContext(request))
@admin_required
def logView(request):
thirtyDayAgo = (datetime.datetime.now() - datetime.timedelta(30))
thirtyDayAgoStamp = int(thirtyDayAgo.timetuple())
logs_all = Logs.objects.filter(start_time__gt=thirtyDayAgoStamp)
paginator = Paginator(logs_all, 20)
try:
page = int(request.GET.get('page', 1))
except ValueError:
page = 1
try:
logs = paginator.page(page)
except (EmptyPage, InvalidPage):
logs = paginator.page(paginator.num_pages)
return render_to_response('logView.html',
{'logs': logs},
context_instance=RequestContext(request))

1
webroot/AutoSa/UserManage/models.py
View File

@ -28,6 +28,7 @@ class Logs(models.Model):
host = models.CharField(max_length=20) host = models.CharField(max_length=20)
logfile = models.CharField(max_length=1000) logfile = models.CharField(max_length=1000)
finish = models.SmallIntegerField(max_length=4, default=0) finish = models.SmallIntegerField(max_length=4, default=0)
ppid = models.IntegerField()
start_time = models.IntegerField() start_time = models.IntegerField()
end_time = models.IntegerField(default=0) end_time = models.IntegerField(default=0)

4
webroot/AutoSa/templates/base.html
View File

@ -121,6 +121,10 @@
<li><a href="/showPerm/"><i class="glyphicon glyphicon-send"></i> 查看权限</a></li> <li><a href="/showPerm/"><i class="glyphicon glyphicon-send"></i> 查看权限</a></li>
<li><a href="/addPerm/"><i class="glyphicon glyphicon-send"></i> 添加权限</a></li> <li><a href="/addPerm/"><i class="glyphicon glyphicon-send"></i> 添加权限</a></li>
</ul> </ul>
<div class="menu-first" ><a href="#logMenu" data-toggle="collapse"><i class="glyphicon glyphicon-th"></i> 日志审计</a></div>
<ul id="logMenu" class="nav nav-list navbar-collapse menu-second">
<li><a href="/logView/"><i class="glyphicon glyphicon-send"></i> 查看日志</a></li>
</ul>
<div class="menu-first" ><a href="#fileMenu" data-toggle="collapse"> <div class="menu-first" ><a href="#fileMenu" data-toggle="collapse">
<i class="glyphicon glyphicon-th"></i> 文件传输</a> <i class="glyphicon glyphicon-th"></i> 文件传输</a>
</div> </div>

35
webroot/AutoSa/templates/logView.html Normal file
View File

@ -0,0 +1,35 @@
{% extends 'base.html' %}
{% block content %}
<form method="post" action="">
<table class="table table-striped table-hover table-condensed">
<thead>
<tr>
<th><input onclick="selectAll()" type="checkbox" name="select_all" style="select_all" id="select_all"/></th>
<th>id</th>
<th>用户名</th>
<th>主机</th>
<th>监控</th>
<th>命令统计</th>
<th>阻断</th>
<th>开始时间</th>
<th>结束时间</th>
</tr>
</thead>
<tbody>
{% for log in logs.object_list %}
<tr>
<td><input type="checkbox" name="selected" value="{{ log.id }}"></td>
<td>{{ log.user }}</td>
<td>{{ log.host }}</td>
<td><a href="#">监控</a></td>
<td><a href="#">命令统计</a></td>
<td><a href="#">阻断</a> </td>
<td>{{ log.start_time|stamp2str }}</td>
<td>{{ log.end_time|stamp2str }}</td>
</tr>
{% endfor %}
</tbody>
</table>
<!--<button class="btn btn-primary">删除</button>-->
</form>
{% endblock %}

1
webroot/AutoSa/templates/showServer.html
View File

@ -27,7 +27,6 @@
</tr> </tr>
{% endfor %} {% endfor %}
</tbody> </tbody>
</form>
</table> </table>
<button class="btn btn-primary">删除</button> <button class="btn btn-primary">删除</button>
</form> </form>

12
webroot/AutoSa/templatetags/mytags.py Normal file
View File

@ -0,0 +1,12 @@
import time
from django import template
register = template.Library
@register.filter('stamp2str')
def stamp2str(value):
try:
return time.strftime('%Y/%m/%d %H:%M:%S',time.localtime(value))
except AttributeError:
return '0000/00/00 00:00:00'