-
Notifications
You must be signed in to change notification settings - Fork 0
/
proxy_log_generator.py
55 lines (47 loc) · 2.66 KB
/
proxy_log_generator.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import random
from datetime import datetime, timedelta
def generate_dummy_log_data(num_sources=200):
start_time = datetime(2023, 3, 2, 20, 58, 27)
end_time = start_time + timedelta(hours=24)
current_time = start_time
time_increment = timedelta(seconds=1)
beacon_time = start_time
beacon_increment = timedelta(minutes=1)
sources = [f"172.30.0.{i}" for i in range(1, num_sources + 1)]
usernames = [f"user{i}" for i in range(1, num_sources + 1)]
source_username_pairs = list(zip(sources, usernames))
dest_ips = [f"99.11.99.{i}" for i in range(1, 21)]
categories = ['"category"']
methods = ["POST"]
ports = [443]
domains = [f"domain{i}.com" for i in range(1, 101)]
uris = ["/index.html"]
filetypes = [0]
agents = ['"Mozilla/5.0_(Windows_NT_10.0;_Win64;_x64)_AppleWebKit/537.36_(KHTML,_like_Gecko)_Chrome/109.0.0.0_Safari/537.36"']
beacon_source_username_pair = random.choice(source_username_pairs)
beacon_dest_ip = random.choice(dest_ips)
while current_time < end_time:
source_username_pair = random.choice(source_username_pairs + [("-", "-")])
source = source_username_pair[0]
username = source_username_pair[1]
dest_ip = random.choice(dest_ips + ["-"])
category = random.choice(categories)
method = random.choice(methods)
port = random.choice(ports)
domain = random.choice(domains)
uri = random.choice(uris)
filetype = random.choice(filetypes)
agent = random.choice(agents)
bytes_received = random.randint(100, 1000)
bytes_sent = random.randint(1000, 10000)
if current_time >= beacon_time:
delim = ' '
#jitter = timedelta(seconds=random.randint(-10, 10))
jitter = timedelta(0) ## uncomment to remove jitter
beacon_time += beacon_increment + jitter
sent_bytes = 300 + random.randint(-400, 400) # uncomment to add randomness
rec_bytes = 400 + random.randint(-400, 400) # uncomment to add randomness
print(f"{current_time.strftime('%Y-%m-%d-%H:%M:%S')}{delim}{beacon_source_username_pair[0]}{delim}{beacon_source_username_pair[1]}{delim}{beacon_dest_ip}{delim}{category}{delim}{method}{delim}{port}{delim}itsabeacon.com{delim}{uri}{delim}{filetype}{delim}{agent}{delim}{rec_bytes}{delim}{sent_bytes}")
print(f"{current_time.strftime('%Y-%m-%d-%H:%M:%S')}{delim}{source}{delim}{username}{delim}{dest_ip}{delim}{category}{delim}{method}{delim}{port}{delim}{domain}{delim}{uri}{delim}{filetype}{delim}{agent}{delim}{bytes_received}{delim}{bytes_sent}")
current_time += time_increment
generate_dummy_log_data()