new: new events.stream.time.format parameter (closes #476)

2025-08-14 10:46:57 -07:00 · 2019-03-09 15:55:45 +01:00 · 2019-03-09 15:55:45 +01:00 · bf4c841ef9
commit bf4c841ef9
parent 416c39a7a8
6 changed files with 39 additions and 26 deletions
--- a/modules/events_stream/events_stream.go
+++ b/modules/events_stream/events_stream.go
@ -25,6 +25,7 @@ type rotation struct {

 type EventsStream struct {
 	session.SessionModule
+	timeFormat    string
 	outputName    string
 	output        *os.File
 	rotation      rotation
@ -42,6 +43,7 @@ func NewEventsStream(s *session.Session) *EventsStream {
 	mod := &EventsStream{
 		SessionModule: session.NewSessionModule("events.stream", s),
 		output:        os.Stdout,
+		timeFormat:    "15:04:05",
 		quit:          make(chan bool),
 		waitChan:      make(chan *session.Event),
 		waitFor:       "",
@ -177,6 +179,11 @@ func NewEventsStream(s *session.Session) *EventsStream {
 		"",
 		"If not empty, events will be written to this file instead of the standard output."))

+	mod.AddParam(session.NewStringParameter("events.stream.time.format",
+		mod.timeFormat,
+		"",
+		"Date and time format to use for events reporting."))
+
 	mod.AddParam(session.NewBoolParameter("events.stream.output.rotate",
 		"true",
 		"If true will enable log rotation."))
@ -235,6 +242,8 @@ func (mod *EventsStream) Configure() (err error) {

 	if err, mod.rotation.Enabled = mod.BoolParam("events.stream.output.rotate"); err != nil {
 		return err
+	} else if err, mod.timeFormat = mod.StringParam("events.stream.time.format"); err != nil {
+		return err
 	} else if err, mod.rotation.Compress = mod.BoolParam("events.stream.output.rotate.compress"); err != nil {
 		return err
 	} else if err, mod.rotation.Format = mod.StringParam("events.stream.output.rotate.format"); err != nil {
--- a/modules/events_stream/events_view.go
+++ b/modules/events_stream/events_view.go
@ -18,11 +18,9 @@ import (
 	"github.com/evilsocket/islazy/zip"
 )

-const eventTimeFormat = "15:04:05"
-
 func (mod *EventsStream) viewLogEvent(e session.Event) {
 	fmt.Fprintf(mod.output, "[%s] [%s] [%s] %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		e.Label(),
 		e.Data.(session.LogMessage).Message)
@ -45,7 +43,7 @@ func (mod *EventsStream) viewEndpointEvent(e session.Event) {

 	if e.Tag == "endpoint.new" {
 		fmt.Fprintf(mod.output, "[%s] [%s] endpoint %s%s detected as %s%s.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Bold(t.IpAddress),
 			tui.Dim(name),
@ -53,7 +51,7 @@ func (mod *EventsStream) viewEndpointEvent(e session.Event) {
 			tui.Dim(vend))
 	} else if e.Tag == "endpoint.lost" {
 		fmt.Fprintf(mod.output, "[%s] [%s] endpoint %s%s %s%s lost.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Red(t.IpAddress),
 			tui.Dim(name),
@ -61,7 +59,7 @@ func (mod *EventsStream) viewEndpointEvent(e session.Event) {
 			tui.Dim(vend))
 	} else {
 		fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			t.String())
 	}
@ -69,7 +67,7 @@ func (mod *EventsStream) viewEndpointEvent(e session.Event) {

 func (mod *EventsStream) viewModuleEvent(e session.Event) {
 	fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		e.Data)
 }
@ -79,7 +77,7 @@ func (mod *EventsStream) viewSnifferEvent(e session.Event) {
 		mod.viewHttpEvent(e)
 	} else {
 		fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			e.Data.(net_sniff.SnifferEvent).Message)
 	}
@ -88,7 +86,7 @@ func (mod *EventsStream) viewSnifferEvent(e session.Event) {
 func (mod *EventsStream) viewSynScanEvent(e session.Event) {
 	se := e.Data.(syn_scan.SynScanEvent)
 	fmt.Fprintf(mod.output, "[%s] [%s] found open port %d for %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		se.Port,
 		tui.Bold(se.Address))
@ -98,7 +96,7 @@ func (mod *EventsStream) viewUpdateEvent(e session.Event) {
 	update := e.Data.(*github.RepositoryRelease)

 	fmt.Fprintf(mod.output, "[%s] [%s] an update to version %s is available at %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Bold(tui.Yellow(e.Tag)),
 		tui.Bold(*update.TagName),
 		*update.HTMLURL)
@ -152,6 +150,12 @@ func (mod *EventsStream) doRotation() {
 }

 func (mod *EventsStream) View(e session.Event, refresh bool) {
+	var err error
+	if err, mod.timeFormat = mod.StringParam("events.stream.time.format"); err != nil {
+		fmt.Fprintf(mod.output, "%v", err)
+		mod.timeFormat = "15:04:05"
+	}
+
 	if e.Tag == "sys.log" {
 		mod.viewLogEvent(e)
 	} else if strings.HasPrefix(e.Tag, "endpoint.") {
@ -171,7 +175,7 @@ func (mod *EventsStream) View(e session.Event, refresh bool) {
 	} else if e.Tag == "update.available" {
 		mod.viewUpdateEvent(e)
 	} else {
-		fmt.Fprintf(mod.output, "[%s] [%s] %v\n", e.Time.Format(eventTimeFormat), tui.Green(e.Tag), e)
+		fmt.Fprintf(mod.output, "[%s] [%s] %v\n", e.Time.Format(mod.timeFormat), tui.Green(e.Tag), e)
 	}

 	if refresh && mod.output == os.Stdout {
--- a/modules/events_stream/events_view_ble.go
+++ b/modules/events_stream/events_view_ble.go
@ -25,7 +25,7 @@ func (mod *EventsStream) viewBLEEvent(e session.Event) {
 		}

 		fmt.Fprintf(mod.output, "[%s] [%s] new BLE device%s detected as %s%s %s.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			name,
 			dev.Device.ID(),
@ -43,14 +43,14 @@ func (mod *EventsStream) viewBLEEvent(e session.Event) {
 		}

 		fmt.Fprintf(mod.output, "[%s] [%s] BLE device%s %s%s lost.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			name,
 			dev.Device.ID(),
 			vend)
 	} /* else {
 		fmt.Fprintf(s.output,"[%s] [%s]\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag))
 	} */
 }
--- a/modules/events_stream/events_view_hid.go
+++ b/modules/events_stream/events_view_hid.go
@ -13,13 +13,13 @@ func (mod *EventsStream) viewHIDEvent(e session.Event) {
 	dev := e.Data.(*network.HIDDevice)
 	if e.Tag == "hid.device.new" {
 		fmt.Fprintf(mod.output, "[%s] [%s] new HID device %s detected on channel %s.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Bold(dev.Address),
 			dev.Channels())
 	} else if e.Tag == "hid.device.lost" {
 		fmt.Fprintf(mod.output, "[%s] [%s] HID device %s lost.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Red(dev.Address))
 	}
--- a/modules/events_stream/events_view_http.go
+++ b/modules/events_stream/events_view_http.go
@ -124,7 +124,7 @@ func (mod *EventsStream) viewHttpRequest(e session.Event) {
 	req := se.Data.(net_sniff.HTTPRequest)

 	fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		se.Message)

@ -162,7 +162,7 @@ func (mod *EventsStream) viewHttpResponse(e session.Event) {
 	res := se.Data.(net_sniff.HTTPResponse)

 	fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		se.Message)

--- a/modules/events_stream/events_view_wifi.go
+++ b/modules/events_stream/events_view_wifi.go
@ -24,7 +24,7 @@ func (mod *EventsStream) viewWiFiApEvent(e session.Event) {

 	if e.Tag == "wifi.ap.new" {
 		fmt.Fprintf(mod.output, "[%s] [%s] wifi access point %s%s detected as %s%s.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Bold(ap.ESSID()),
 			tui.Dim(tui.Yellow(rssi)),
@ -32,13 +32,13 @@ func (mod *EventsStream) viewWiFiApEvent(e session.Event) {
 			tui.Dim(vend))
 	} else if e.Tag == "wifi.ap.lost" {
 		fmt.Fprintf(mod.output, "[%s] [%s] wifi access point %s (%s) lost.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Red(ap.ESSID()),
 			ap.BSSID())
 	} else {
 		fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			ap.String())
 	}
@ -58,7 +58,7 @@ func (mod *EventsStream) viewWiFiClientProbeEvent(e session.Event) {
 	}

 	fmt.Fprintf(mod.output, "[%s] [%s] station %s%s is probing for SSID %s%s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		probe.FromAddr.String(),
 		tui.Dim(desc),
@ -83,7 +83,7 @@ func (mod *EventsStream) viewWiFiHandshakeEvent(e session.Event) {
 	}

 	fmt.Fprintf(mod.output, "[%s] [%s] captured %s -> %s %s to %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		from,
 		to,
@ -98,14 +98,14 @@ func (mod *EventsStream) viewWiFiClientEvent(e session.Event) {

 	if e.Tag == "wifi.client.new" {
 		fmt.Fprintf(mod.output, "[%s] [%s] new station %s detected for %s (%s)\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			ce.Client.String(),
 			tui.Bold(ce.AP.ESSID()),
 			tui.Dim(ce.AP.BSSID()))
 	} else if e.Tag == "wifi.client.lost" {
 		fmt.Fprintf(mod.output, "[%s] [%s] station %s disconnected from %s (%s)\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			ce.Client.String(),
 			tui.Bold(ce.AP.ESSID()),
@ -123,6 +123,6 @@ func (mod *EventsStream) viewWiFiEvent(e session.Event) {
 	} else if e.Tag == "wifi.client.new" || e.Tag == "wifi.client.lost" {
 		mod.viewWiFiClientEvent(e)
 	} else {
-		fmt.Fprintf(mod.output, "[%s] [%s] %v\n", e.Time.Format(eventTimeFormat), tui.Green(e.Tag), e)
+		fmt.Fprintf(mod.output, "[%s] [%s] %v\n", e.Time.Format(mod.timeFormat), tui.Green(e.Tag), e)
 	}
 }