Activity

The Activity module contains functionality related to reviewing logs generated by the DOLOST application.

class DOLOST.services.activity.ActivityViewer[source]

Bases: object

static review_logs()[source]

Review logs from the activity viewer.

This method retrieves the latest log entries from the activity viewer, specifically focusing on the logs generated by the decoys. It connects to the DolosT-Collector container, which serves as the centralized log collector for all decoys. It then tail the last 50 lines of each log file within the ‘/var/log/decoys/’ folder, continuously monitoring for new log entries.

Returns:

A list containing the latest log entries from the activity viewer.

Return type:

list

review_observable_ips()[source]

Review logs from the activity viewer.

This method retrieves the latest log entries from the activity viewer, specifically focusing on the logs generated by the decoys. It connects to the DolosT-Collector container, which serves as the centralized log collector for all decoys. It then tail the last 50 lines of each log file within the ‘/var/log/decoys/’ folder, continuously monitoring for new log entries.

Returns:

A list containing the latest log entries from the activity viewer.

Return type:

list

turn_on_crond()[source]

This is an auxiliary task to run crond in the collector

Returns:

none

Overview

The Activity module provides methods for interacting with logs generated by the DOLOST application. It includes functionality to review logs from the activity viewer.

Reviewing Logs

The ActivityViewer class includes a static method review_logs that allows users to retrieve and review the latest log entries from the activity viewer.

from DOLOST.services.activity import ActivityViewer

# Retrieve the latest log entries from the activity viewer
logs = ActivityViewer.review_logs()

# Print the retrieved log entries
for log_entry in logs:
    print(log_entry)

This method connects to the DolosT-Collector container, which serves as the centralized log collector for all decoys. It then tails the last 50 lines of each log file within the /var/log/decoys/ folder, continuously monitoring for new log entries.

Parameters

  • container_id (str): The ID of the DolosT-Collector container.

  • folder_path (str): The path to the folder containing log files (/var/log/decoys/ by default).

Returns

  • list: A list containing the latest log entries from the activity viewer.