├── .gitignore
├── README.md
└── syslog_gen.py


/.gitignore:
--------------------------------------------------------------------------------
 1 | # Byte-compiled / optimized / DLL files
 2 | __pycache__/
 3 | *.py[cod]
 4 | 
 5 | # C extensions
 6 | *.so
 7 | 
 8 | # Distribution / packaging
 9 | .Python
10 | env/
11 | bin/
12 | build/
13 | develop-eggs/
14 | dist/
15 | eggs/
16 | lib/
17 | lib64/
18 | parts/
19 | sdist/
20 | var/
21 | *.egg-info/
22 | .installed.cfg
23 | *.egg
24 | 
25 | # Installer logs
26 | pip-log.txt
27 | pip-delete-this-directory.txt
28 | 
29 | # Unit test / coverage reports
30 | htmlcov/
31 | .tox/
32 | .coverage
33 | .cache
34 | nosetests.xml
35 | coverage.xml
36 | 
37 | # Translations
38 | *.mo
39 | 
40 | # Mr Developer
41 | .mr.developer.cfg
42 | .project
43 | .pydevproject
44 | 
45 | # Rope
46 | .ropeproject
47 | 
48 | # Django stuff:
49 | *.log
50 | *.pot
51 | 
52 | # Sphinx documentation
53 | docs/_build/
54 | 
55 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | syslog-generator
 2 | ================
 3 | 
 4 | Generates syslog messages from a user defined file and sends them to a remote host. 
 5 | 
 6 | ### Functionality
 7 | This script generates random hostnames, syslog levels, and tags to be used in a message. The variables and data structures can be modified to fit your needs by changing them towards the top of the script. The script also randomly pulls messages from a user defined file to provide variety to log data.  
 8 | 
 9 | ### Usage
10 | This script is written for Python 3+ and is meant to be run from the command line.
11 | 
12 | #### Required Arguments
13 | 
14 | * --host: IP or hostname to send syslog messages.
15 | * --port: UDP port to send syslog messages.  
16 | * --file: Filename to read syslog messasges from. This file should contain ONLY the text of the message. Syslog format is handled by the script. 
17 | * --count: Number of messages to send at one time. 
18 | 
19 | #### Optional Arguments
20 | 
21 | * --sleep: Number of seconds to sleep until the next batch of messages is sent. Using this argument continues the script indefinitely or until the CTRL-C combination is invoked.  
22 | 
23 | #### Example
24 | 
25 | Send 10 messages at once:
26 | ```
27 | syslog_gen.py --host 192.168.1.100 --port 514 --file sample_logs --count 10 
28 | ```
29 | 
30 | Send 10 messages every 30 seconds:
31 | ```
32 | syslog_gen.py --host 192.168.1.100 --port 514 --file sample_logs --count 10 --sleep 30 
33 | ```
34 | 


--------------------------------------------------------------------------------
/syslog_gen.py:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env python3
  2 | '''
  3 | Syslog Generator
  4 | 
  5 | Had a need to generate generic syslog messages to 
  6 | test open source logging solutions.
  7 | '''
  8 | 
  9 | import socket
 10 | import argparse
 11 | import random
 12 | import sys
 13 | import time
 14 | import logging
 15 | from logging.handlers import SysLogHandler
 16 | 
 17 | """
 18 | Modify these variables to change the hostname, domainame, and tag
 19 | that show up in the log messages. 
 20 | """   
 21 | hostname = "host"
 22 | domain_name = ".example.com"
 23 | tag = ["kernel", "python", "ids", "ips"]
 24 | syslog_level = ["info", "error", "warn", "critical"]
 25 | 
 26 | def raw_udp_sender(message, host, port):
 27 |     # Stubbed in or later use
 28 |     try:
 29 |         sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
 30 |         message = bytes(message, 'UTF-8')
 31 |         send = sock.sendto(message, (host, port))
 32 |     finally:
 33 |         sock.close()
 34 | 
 35 | def open_sample_log(sample_log):
 36 |     try:
 37 |         with open(sample_log, 'r') as sample_log_file:
 38 |             random_logs = random.choice(list(sample_log_file))
 39 |             return random_logs
 40 |     except FileNotFoundError:
 41 |         print("[+] ERROR: Please specify valid filename")
 42 |         return sys.exit()
 43 | 
 44 | def syslogs_sender():
 45 |     # Initalize SysLogHandler
 46 |     logger = logging.getLogger()
 47 |     logger.setLevel(logging.INFO)
 48 |     syslog = SysLogHandler(address=(args.host, args.port))
 49 |     logger.addHandler(syslog)
 50 | 
 51 |     for message in range(1, args.count+1):
 52 |         # Randomize some fields
 53 |         time_output = time.strftime("%b %d %H:%M:%S")
 54 |         random_host = random.choice(range(1,11))
 55 |         random_tag = random.choice(tag)
 56 |         random_level = random.choice(syslog_level)
 57 |         fqdn = "{0}{1}{2}".format(hostname, random_host, domain_name)
 58 |         random_pid = random.choice(range(500,9999))
 59 | 
 60 |         message = open_sample_log(args.file)
 61 |         fields = {'host_field': fqdn, 'date_field': time_output,\
 62 |                 'tag_field': random_tag}
 63 | 	
 64 |         format = logging.Formatter\
 65 |                 ('%(date_field)s %(host_field)s {0}[{1}]: %(message)s'\
 66 |                 .format(random_tag, random_pid))
 67 |         syslog.setFormatter(format)
 68 | 			
 69 |         print("[+] Sent: {0}: {1}".format(time_output, message), end='')
 70 | 
 71 |         getattr(logger, random_level)(message, extra=fields)
 72 | 
 73 |     logger.removeHandler(syslog)
 74 |     syslog.close()
 75 | 
 76 | if __name__ == "__main__":
 77 | 
 78 |     parser = argparse.ArgumentParser()
 79 |     parser.add_argument("--host", required=True,
 80 |                         help="Remote host to send messages")
 81 |     parser.add_argument("--port", type=int, required=True,
 82 |                         help="Remote port to send messages")
 83 |     parser.add_argument("--file", required=True, 
 84 |                         help="Read messages from file")
 85 |     parser.add_argument("--count", type=int, required=True,
 86 |                         help="Number of messages to send")
 87 |     parser.add_argument("--sleep", type=float, help="Use with count flag to \
 88 |                         send X messages every X seconds, sleep being seconds")
 89 | 	
 90 |     args = parser.parse_args()
 91 | 		
 92 |     if args.sleep:
 93 |         print("[+] Sending {0} messages every {1} seconds to {2} on port {3}"\
 94 |             .format(args.count, args.sleep, args.host, args.port))
 95 |         try:
 96 |             while True:
 97 |                 syslogs_sender()
 98 |                 time.sleep(args.sleep)
 99 |         except KeyboardInterrupt:
100 |             # Use ctrl-c to stop the loop
101 |             print("[+] Stopping syslog generator...")
102 |     else:
103 |         print("[+] Sending {0} messages to {1} on port {2}".format
104 |             (args.count, args.host, args.port))
105 |         syslogs_sender()
106 | 


--------------------------------------------------------------------------------