notebook.community

Edit and run



In [16]:

    
import requests
import json
from datetime import datetime



In [18]:

    
#put a doc in to test
anevent=json.loads(r'''{
    "category": "syslog",
    "processid": "0",
    "severity": "ERROR",
    "utctimestamp": "",
    "timestamp": "",
    "hostname": "testhost.somewhere.com",
    "summary": "Failed none for invalid user janitor from 10.2.7.203 port 53524 ssh2\n",
    "eventsource": "systemslogs",
    "details": {
      "processid": "14148",
      "hostname": "testvictim.somewhere.com",
      "program": "sshd",
      "sourceipaddress": "10.2.7.203"
    }
  }''')



In [19]:

    
anevent['timestamp']=datetime.now().isoformat()



In [20]:

    
json.dumps(anevent)









    Out[20]:





'{"category": "syslog", "processid": "0", "severity": "ERROR", "utctimestamp": "", "timestamp": "2015-05-27T15:44:19.179687", "hostname": "testhost.somewhere.com", "summary": "Failed none for invalid user janitor from 10.2.7.203 port 53524 ssh2\\n", "eventsource": "systemslogs", "details": {"sourceipaddress": "10.2.7.203", "processid": "14148", "program": "sshd", "hostname": "testvictim.somewhere.com"}}'



In [ ]:

    
#es.index(adoc,'events','event')



In [24]:

    
for i in range(1,20):
    anevent['timestamp']=datetime.now().isoformat()
    r=requests.put(url="http://servername.goes.here:8080/events",data=json.dumps(anevent))
    print(r)









    



<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>
<Response [200]>



In [ ]: