API tools faq
paste
DeaD_EyE

log anonymizer

DeaD_EyE
Apr 14th, 2020
271
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.57 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python3
  2.  
  3. """
  4. Log Anonymizer reads a logfile, where the first field must be a valid IPv4
  5. or IPv6 address. It anonymizes 16 bits with IPv4 addresses and
  6. 32 bits with IPv6 addresses.
  7.  
  8. If required the ip address could be hashed.
  9. It is more anonymized if you use the random generated token.
  10.  
  11. By default the file is not overwritten.
  12. If you use the command without -o, then the anonymized logfile
  13. is printed to console.
  14. """
  15.  
  16.  
  17. import os
  18. import ipaddress
  19. import hashlib
  20. import secrets
  21. import argparse
  22. import sys
  23. from pathlib import Path
  24.  
  25.  
  26. def log_anonymizer(log: Path, hash_ip: bool=True, salt: bool=True):
  27.     def anonymize(ip, ipv4_mask=16, ipv6_mask=32):
  28.         ip = ipaddress.ip_address(ip)
  29.         mask = 2 ** ip.max_prefixlen - 1
  30.         if ip.version == 4:
  31.             mask -= 2 ** ipv4_mask - 1
  32.         elif ip.version == 6:
  33.             mask -= 2 ** ipv6_mask - 1
  34.         return ipaddress.ip_address(int(ip) & mask)
  35.     if salt:
  36.         salt_val = secrets.token_hex()
  37.     with open(log) as fd:
  38.         for idx, line in enumerate(fd, start=1):
  39.             try:
  40.                 ip, rest = line.strip().split(maxsplit=1)
  41.             except ValueError:
  42.                 print("Error with line no {}".format(idx), file=sys.stderr)
  43.                 yield line.strip()
  44.                 continue
  45.             try:
  46.                 ip = str(anonymize(ip))
  47.             except ValueError:
  48.                 print("Could not parse ip in line no {}".format(idx), file=sys.stderr)
  49.                 yield line.strip()
  50.                 continue
  51.             if salt:
  52.                 ip += salt_val
  53.             if salt or hash_ip:
  54.                 ip = hashlib.sha256(ip.encode()).hexdigest()
  55.             yield " ".join((ip, rest))
  56.  
  57.  
  58.  
  59. if __name__ == "__main__":
  60.     parser = argparse.ArgumentParser(description=__doc__)
  61.     parser.add_argument("logfile", type=Path, help="Logfile to anonymize")
  62.     parser.add_argument("-H", action="store_true", help="hash ip address with sha256 after anonymize")
  63.     parser.add_argument("-s", action="store_true", help="Add random salt before hashing")
  64.     parser.add_argument("-o", action="store_true", help="Overwrite file.")
  65.     args = parser.parse_args()
  66.     log = log_anonymizer(args.logfile, args.H, args.s)
  67.     if args.o:
  68.         new_name = args.logfile.name + ".anon"
  69.         new_file = args.logfile.with_name(new_name)
  70.         with new_file.open("w") as fd:
  71.             for line in log:
  72.                 fd.write(line + os.linesep)
  73.         new_file.rename(args.logfile)
  74.     else:
  75.         for line in log:
  76.             print(line)
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!