Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1.3.6.1.4.1.11123.1.1.0.33 0x05222841 1.3.6.1.4.1.11123.1.1.45(1,0)
- # sDescription
- 1.3.6.1.4.1.11123.1.1.47(3,0)
- # sTime
- 1.3.6.1.4.1.11123.1.1.50(4,0)
- # sSensor
- 1.3.6.1.4.1.11123.1.1.51(5,0)
- # cNotif cInstanceId
- 1.3.6.1.4.1.9.9.446.2.0.1 0x0991808 1.3.6.1.4.1.9.9.446.2.1.1.1.1.1(1,0)
- # cDescr
- 1.3.6.1.4.1.9.9.446.2.1.1.1.1.11(2,0)
- # cInstId
- 1.3.6.1.4.1.9.9.446.2.1.1.1.1.13(12,0)
- 1.3.6.1.4.1.2231.1.1.0.33 0x0861841 1.3.6.1.4.1.2231.1.1.45(1,0)
- 1.3.6.1.4.1.2234.1.1.0.33 0x06761841 1.3.6.1.4.1.2234.1.1.33(2,0)
- 1.3.6.1.4.1.17163.1.1.4.6.4 0x0986002e
- 1.3.6.1.4.1.94.1.21.1.6.12 0x08960034 1.3.6.1.4.1.94.1.21.1.3.1.1.1(1,2)
- import os
- import sys
- import re
- def overlapped_trap_types(entry_set1, entry_set2):
- trap_type_set1 = set()
- trap_type_set2 = set()
- for entry in entry_set1:
- trap_type_set1.add((entry[0],))
- for entry in entry_set2:
- trap_type_set2.add((entry[0],))
- return trap_type_set1 & trap_type_set2
- def overlapped_trap_with_event_code(entry_set1, entry_set2):
- trap_type_set1 = set()
- trap_type_set2 = set()
- for entry in entry_set1:
- trap_type_set1.add((entry[0],hex(int(entry[1], 16))))
- for entry in entry_set2:
- trap_type_set2.add((entry[0],hex(int(entry[1], 16))))
- return trap_type_set1 & trap_type_set2
- def alert_map_files(dir):
- for root, dirs, files in os.walk(dir):
- for name in files:
- if name == 'AlertMap':
- yield os.path.join(root, name)
- def alert_map_entries(file_paths):
- entry_pattern = r'(?<!\n)^((?:[1-9][0-9]{0,3}|0)(?:.(?:[1-9][0-9]*|0))+)'
- r'[^Srn]*'
- r'(0x[0-9A-F]+)'
- r'[^Srn]*'
- r'((?:[1-9][0-9]{0,3}|0)(?:.(?:[1-9][0-9]*|0))+([^()]*))?'
- entry_re = re.compile(entry_pattern, re.MULTILINE)
- for path in file_paths:
- with open(path) as f:
- for entry in entry_re.findall(f.read()):
- yield entry
- if __name__ == '__main__':
- alert_map_entry_set1 = set(alert_map_entries(alert_map_files(sys.argv[1])))
- alert_map_entry_set2 = set(alert_map_entries(alert_map_files(sys.argv[2])))
- print('nnnn**********************************************************************')
- overlapped_trap_type_set = overlapped_trap_types(alert_map_entry_set1, alert_map_entry_set2)
- print('Overlapped trap types across ENT vs CMNY: ', overlapped_trap_type_set.__len__())
- print('For example:')
- iterator = iter(overlapped_trap_type_set)
- print("One trap type is: {}".format(next(iterator)))
- print("Another one is: {} and so on...n".format(next(iterator)))
- overlapped_trap_type_with_event_code_set = overlapped_trap_with_event_code(alert_map_entry_set1, alert_map_entry_set2)
- print('Overlapped trap types with their event codes across ENT vs CMNY: ', overlapped_trap_type_with_event_code_set.__len__())
- print('For example:')
- iterator = iter(overlapped_trap_type_with_event_code_set)
- print('One trap type with event code: {}'.format(next(iterator)))
- print('Another one is: {} and so on...'.format(next(iterator)))
- print('**********************************************************************')
Add Comment
Please, Sign In to add comment
