[prelude-user] Python API
Yoann Vandoorselaere
yoann.v at prelude-technologies.com
Thu Mar 11 10:38:22 CET 2010
Hi Sérgio,
Le vendredi 05 mars 2010 à 09:49 +0000, Sérgio Alves a écrit :
> i'm currently developing a receiver of IDMEF messages from prelude and
> i'm using Prelude Python API PreludeEasy.
> I wonder if there is any other way of waiting for messages instead of a
> typical while(true), which is CPU consumer, without changes to the
> prelude python api.
> I was thinking of an effective way such as signaling.
>
> Any suggestions/ideas or other effective ways?
There are two typicals way of waiting for a message, the first is to use
RecvIDMEF(timeout=X). With a timeout of zero, the function call will
return immediately if there is no events available for reading.
Another possibility is to retrieve the sockets used for communicating
with the various manager:
import PreludeEasy
client = PreludeEasy.ClientEasy("mySensor")
client.Start()
sock_list = []
for i in client.GetConnectionPool().GetConnectionList():
if i.IsAlive():
sock_list.append(i.GetFd())
Using the retrieved sockets, you should be able to monitor events.
Hope this help,
--
Yoann Vandoorselaere | Directeur Technique/CTO | PreludeIDS Technologies
Tel: +33 (0)1 40 24 65 10 Fax: +33 (0)1 40 24 65 28
http://www.prelude-technologies.com
More information about the Prelude-user
mailing list