This script implements example notify script in Perl which implements JSON interface for FastNetMon Advanced.
NB! JSON based script uses different arguments from text based notify script. Please keep it in mind!
This script implemented in Python and does not need any additional libraries.
It prints all information received from FastNetMon to log file /tmp/fastnetmon_notify_script.log:
#!/usr/bin/python import sys import logging import json import pprint logging.basicConfig(filename='/tmp/fastnetmon_notify_script.log', format='%(asctime)s %(message)s', level=logging.DEBUG) if len(sys.argv) != 3: logging.error("Please provide two arguments for script: action and IP address") sys.exit(1) # Action could be: ban, unban, partial_block action = sys.argv[1] ip_address = sys.argv[2] logging.info("Start for action %s and IP %s" % (action, ip_address)) # Read all data from stdin stdin_data = sys.stdin.read() logging.info("We got following details: " + stdin_data) parsed_details = json.loads(stdin_data) logging.info("Decoded details from JSON: " + pprint.pformat(parsed_details)) # You can use attack details in this form: # logging.info("Attack direction: " + parsed_details['attack_details']['attack_direction'])
Please put it to file
/usr/local/bin/notify_json.py
And set executable bit for it:
sudo chmod +x /usr/local/bin/notify_json.py
You need to use following mode from FastNetMon to use this script properly:
sudo fcli set main notify_script_enabled enable sudo fcli set main notify_script_format json sudo fcli set main notify_script_path /usr/local/bin/notify_json.py sudo fcli commit
More documentation about JSON formats you could find here