Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Given sample log data from a firewall, create a program that prepares the data for analysis. Make a LogEntry Class: Make a new file named
Given sample log data from a firewall, create a program that prepares the data for analysis. Make a LogEntry Class: Make a new file named loganalyzer.py in the directory you created for this application. This file will be a module that you will include into your main directive code. In the loganalyzer.py file, make a new Python class named LogEntry. Each object of class LogEntry will represent one line in the CSV file. The LogEntry class will have the following attributes: eventtime, internalip portnumber, protocol, action, ruleid sourceip country, and countryname. The other fields are optional. The CSV file contains a string with the date and time information. In the initializer for the LogEntry class, use the Python datetime package to ensure that the value for eventdate is stored as a datetime object. This will be important later. Add a property to the LogEntry class called ipvclass that uses a regular expression to examine the sourceip and returns the string value of the IPv address class which will be either ABC or D based on the public IP address range. For example, the sourceip will return A and the sourceip will return C Think: How can you find just the first component of an IPv address? Write Unit Tests for the LogEntry Class: make a new file named testloganalyzer.py in the directory you created for this application. Write several unit tests that evaluate the following functionality of your LogEntry class: Ensure that the eventtime string is properly converted to a datetime object. a For example, you could make a new instance of LogEntry with a string value of :: UTC" for the eventtime. You could then assert that the month of the resulting datetime object b You could also assert that the hour of the resulting datetime object Ensure that the ipvclass returns the correct IPv address class a For example, you can assert that the ipvclass D for the sourceip Write several tests asserts for each of the above scenarios to ensure your class is behaving correctly. Make sure all your tests pass before moving on THINK: What else could go wrong when converting the CSV to objects of class LogEntry? Import the Firewall Log Data: Make an index.py file in the root directory for this program the same directory that contains your CSV file and the loganalyzer.py file Import the LogEntry class from the loganalyzer.py file from loganalyzer import LogEntry the argparse module, and the csv module. Then make a main method and add the if name syntax at the end of the file so that this program can be executed from the command line. make a method to define and parse the command line arguments for your program. Your program will require ONE argument: filename the filename of your CSV file In the main method, do the following: Obtain the filename of the CSV file with your log data and store it in a variable. Use the csvDictReader class to read the data from the firewall log CSV Remember that this will import a "list of dictionaries". For each element of the list, make an instance of the LogEntry class and provide the values for each parameter expected by the class initializer. Add each LogEntry object to a list you will now have a list of objects of class LogEntry Loop through the FIRST FIVE ELEMENTS of the list of LogEntry objects and print the following to the screen for each: a Date of the log entry formatted as a US style string MonthDayYear Hour:Minute TimeZone in Eastern Time b Action c Sourceip d IPv Class e Country Name the country where the connection came from attached below is an image of the CSV file
Given sample log data from a firewall, create a program that prepares the data for analysis.
Make a LogEntry Class:
Make a new file named loganalyzer.py in the directory you created for this application. This file will be a module that you will include into your main directive code.
In the loganalyzer.py file, make a new Python class named LogEntry. Each object of class LogEntry will represent one line in the CSV file.
The LogEntry class will have the following attributes: eventtime, internalip portnumber, protocol, action, ruleid sourceip country, and countryname. The other fields are optional.
The CSV file contains a string with the date and time information. In the initializer for the LogEntry class, use the Python datetime package to ensure that the value for eventdate is stored as a datetime object. This will be important later.
Add a property to the LogEntry class called ipvclass that uses a regular expression to examine the sourceip and returns the string value of the IPv address class which will be either ABC or D based on the public IP address range. For example, the sourceip will return A and the sourceip will return C
Think: How can you find just the first component of an IPv address?
Write Unit Tests for the LogEntry Class:
make a new file named testloganalyzer.py in the directory you created for this application. Write several unit tests that evaluate the following functionality of your LogEntry class:
Ensure that the eventtime string is properly converted to a datetime object.
a For example, you could make a new instance of LogEntry with a string value of :: UTC" for the eventtime. You could then assert that the month of the resulting datetime object
b You could also assert that the hour of the resulting datetime object
Ensure that the ipvclass returns the correct IPv address class
a For example, you can assert that the ipvclass D for the sourceip
Write several tests asserts for each of the above scenarios to ensure your class is behaving correctly. Make sure all your tests pass before moving on
THINK: What else could go wrong when converting the CSV to objects of class LogEntry?
Import the Firewall Log Data:
Make an index.py file in the root directory for this program the same directory that contains your CSV file and the loganalyzer.py file
Import the LogEntry class from the loganalyzer.py file from loganalyzer import LogEntry the argparse module, and the csv module.
Then make a main method and add the if name syntax at the end of the file so that this program can be executed from the command line.
make a method to define and parse the command line arguments for your program. Your program will require ONE argument: filename the filename of your CSV file
In the main method, do the following:
Obtain the filename of the CSV file with your log data and store it in a variable.
Use the csvDictReader class to read the data from the firewall log CSV Remember that this will import a "list of dictionaries".
For each element of the list, make an instance of the LogEntry class and provide the values for each parameter expected by the class initializer.
Add each LogEntry object to a list you will now have a list of objects of class LogEntry
Loop through the FIRST FIVE ELEMENTS of the list of LogEntry objects and print the following to the screen for each:
a Date of the log entry formatted as a US style string MonthDayYear Hour:Minute TimeZone in Eastern Time
b Action
c Sourceip
d IPv Class
e Country Name the country where the connection came from
attached below is an image of the CSV file
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started