From 438ef9f34817d5577c8430280f5464ee4016b6f6 Mon Sep 17 00:00:00 2001 From: Pepe Fagoaga Date: Wed, 22 Jun 2022 13:26:29 +0200 Subject: [PATCH] feat(logger): Logs to file with custom log level (#1217) --- lib/logger.py | 44 +++++++++++++++++++++++++++++++++++--------- prowler | 17 ++++++++++++----- 2 files changed, 47 insertions(+), 14 deletions(-) diff --git a/lib/logger.py b/lib/logger.py index a5e5010d..9656ac8e 100644 --- a/lib/logger.py +++ b/lib/logger.py @@ -1,5 +1,4 @@ import logging -import sys # Logging levels logging_levels = { @@ -10,14 +9,41 @@ logging_levels = { "DEBUG": logging.DEBUG, } -# Initialize you log configuration using the base class -# https://docs.python.org/3/library/logging.html#logrecord-attributes -logging.basicConfig( - stream=sys.stdout, - format="%(asctime)s [File: %(filename)s:%(lineno)d] \t[Module: %(module)s]\t %(levelname)s: %(message)s", - datefmt="%m/%d/%Y %I:%M:%S %p", -) + +def set_logging_config(log_file: str = None, log_level: str = "ERROR"): + # Logs formatter + stream_formatter = logging.Formatter( + "%(asctime)s [File: %(filename)s:%(lineno)d] \t[Module: %(module)s]\t %(levelname)s: %(message)s" + ) + log_file_formatter = logging.Formatter( + '{"timestamp": "%(asctime)s", "filename": "%(filename)s:%(lineno)d", "level": "%(levelname)s", "module": "%(module)s", "message": "%(message)s"}' + ) + + # Where to put logs + logging_handlers = [] + + # Include stdout by default + stream_handler = logging.StreamHandler() + stream_handler.setFormatter(stream_formatter) + logging_handlers.append(stream_handler) + + # Log to file configuration + if log_file: + # Set log to file handler + log_file_handler = logging.FileHandler(log_file) + log_file_handler.setFormatter(log_file_formatter) + # Append the log formatter + logging_handlers.append(log_file_handler) + + # Configure Logger + # Initialize you log configuration using the base class + # https://docs.python.org/3/library/logging.html#logrecord-attributes + logging.basicConfig( + level=logging_levels.get(log_level), + handlers=logging_handlers, + datefmt="%m/%d/%Y %I:%M:%S %p", + ) + # Retrieve the logger instance logger = logging.getLogger() -logger.setLevel(logging.ERROR) diff --git a/prowler b/prowler index 765ddd1e..a56e39ec 100755 --- a/prowler +++ b/prowler @@ -17,7 +17,7 @@ from lib.check.check import ( set_output_options, ) from lib.check.checks_loader import load_checks_to_execute -from lib.logger import logger, logging_levels +from lib.logger import logger, set_logging_config from providers.aws.aws_provider import provider_set_session if __name__ == "__main__": @@ -50,12 +50,20 @@ if __name__ == "__main__": parser.add_argument( "-q", "--quiet", action="store_true", help="Show only Prowler failed findings" ) + + # Both options can be combined to only report to file some log level parser.add_argument( "--log-level", choices=["DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"], default="ERROR", help="Select Log Level", ) + parser.add_argument( + "--log-file", + nargs="?", + help="Set log file name", + ) + parser.add_argument( "-p", "--profile", @@ -103,8 +111,8 @@ if __name__ == "__main__": groups = args.groups checks_file = args.checks_file - # Set Logger - logger.setLevel(logging_levels.get(args.log_level)) + # Set Logger configuration + set_logging_config(args.log_file, args.log_level) # Role assumption input options tests if args.session_duration not in range(900, 43200): @@ -165,7 +173,7 @@ if __name__ == "__main__": # Setting output options set_output_options(args.quiet) - + # Set global session provider_set_session( args.profile, @@ -174,7 +182,6 @@ if __name__ == "__main__": args.external_id, args.filter_region, ) - # Execute checks if len(checks_to_execute):