Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- queryOutput = []
- ssh = paramiko.SSHClient()
- ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
- try:
- ssh.connect(theIP,username=theUser,password=thePass)
- except:
- print "ERROR: Failed to connect QRadar Console..."
- return None
- chan = ssh.get_transport().open_session()
- chan.settimeout(300)
- command = 'psql -U qradar -A -F \<\|\> -c "%s"' % query
- print "Executing command to get information from DB"
- try:
- chan.exec_command(command)
- # To capture Data. Need to read the entire buffer to caputure output
- contents = "" #StringIO.StringIO()
- error = "" #StringIO.StringIO()
- while not chan.exit_status_ready():
- if chan.recv_ready():
- data = chan.recv(1024)
- while data:
- contents += data
- data = chan.recv(1024)
- if chan.recv_stderr_ready():
- error_buff = chan.recv_stderr(1024)
- while error_buff:
- error += error_buff
- error_buff = chan.recv_stderr(1024)
- exist_status = chan.recv_exit_status()
- except socket.timeout:
- raise socket.timeout
- output = contents.split("\n")
- error_value = error.split("\n")
- if exist_status <> 0:
- print "ERROR: Command execution failure:"
- for error_line in error_value:
- print " > " + error_line
- return
- for i, line in enumerate(output):
- line = line.strip()
- columns = line.split('<|>')
- # skip headers and underline
- if i == 0:
- continue
- # skip bad entries
- if len(columns) < 4:
- continue
- queryOutput.append(columns)
- ssh.close()
- print "Command executed."
- print "Found %s active offenses." % len(queryOutput)
- return queryOutput
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
