def main():
parser = cli_parser()
opts, _ = parser.parse_args(sys.argv)
if not opts.password:
logger.error('Password required, see help (-h)')
sys.exit(-1)
if not opts.domain:
logger.error('yourdomain.efflux.io required, see help (-h)')
sys.exit(-1)
if not opts.token:
logger.error('API token required, see help (-h)')
sys.exit(-1)
auth = 'amqp://{}:{}@{}:{}'.format(
opts.username,
opts.password,
opts.host,
opts.port
)
if opts.mode == 'json':
efflux = CBEventHandler(opts.domain, opts.token)
events = [
'watchlist.hit.process'
]
elif opts.mode == 'protobuf':
events = [
'ingress.event.netconn',
'ingress.event.procstart'
]
if opts.output == 'api':
efflux = CBProtobufHandler(opts.domain, opts.token, mode='post')
elif opts.output == 'file':
efflux = CBProtobufHandler(opts.domain, opts.token, mode='file')
efflux.set_logfile(path='/Users/jtm/telemetry/cb.log')
with(Connection(auth)) as connection:
CarbonBlackConsumer(
connection,
efflux.handle_event,
events=events).run()
评论列表
文章目录
