安全巡检 python HTML报告
1.报表模板 #cat xunjian_table.html
[root@yinliao-yanshi report_jinja2]# cat xunjian_table.html <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"> <title>insight report</title> </head> <style type="text/css"> h1 {margin-left: 20px} h2 {margin-left: 20px; font-size: 19px; font-weight: bold; display: inline-block; padding-left: 10px; border-left: 5px solid #916dd5;} h3 {margin-left: 20px} h4 {margin-left: 20px; margin-bottom: -5px} table {margin-left: 20px; margin-top: 5px; margin-bottom: 5px} p {margin-left: 20px} a {margin-top: 200px;} </style> <h1>巡检报告</h1> <body> <h2>一、巡检详情</h2> <p>巡检描述:{{ xunjian_description }}</p> <p>巡检时间段:{{ start_time }} --> {{ end_time }} </p> <p>巡检人:{{ people }}</p> </body> </html> <h2>二、巡检结果</h2> <table border="1" width = "40%" cellspacing='0' cellpadding='0'> <tr> <th>ID</th> <th>指标描述</th> <th>巡检结果</th> <th>是否通过</th> </tr> {% for item in items %} <tr align='center'> <td>{{ item.ID }}</td> <td>{{ item.指标描述 }}</td> <td>{{ item.巡检结果 }}</td> <td>{{ item.是否通过 }}</td> </tr> {% endfor%} </table> [root@yinliao-yanshi report_jinja2]#
2. python脚本
[root@yinliao-yanshi report_jinja2]# cat xunjian_command_result.py #!/usr/bin/python3 # -*- coding=utf-8 -*- # author: xiaoweige import subprocess from jinja2 import Environment, FileSystemLoader import datetime overall_info={'xunjian_description': '第一个巡检报告', 'start_time': '2020-01-01', 'end_time': '2021-06-01', 'people': "小伟哥"} all_dict_list = [] indicator_list = [{"ID":1,"指标描述":"密码复杂度","command":"egrep '^password.*minlen.*ocredit' /etc/pam.d/system-auth |wc -l"},{"ID":2,"指标描述":"禁用root用户登录","command":"egrep '^PermitRootLogin.*no' /etc/ssh/sshd_config |wc -l"},{"ID":3,"指标描述":"设置密码有效期","command":"egrep 'PASS_MAX_DAYS.*90' /etc/login.defs|wc -l"}] def exec_command_result(indicator_dict): command_no_wc = indicator_dict["command"].split('|wc')[0] try: indicator_dict["巡检结果"]=subprocess.check_output(command_no_wc,shell=True).decode().strip('\n') except: indicator_dict["巡检结果"]='不存在符合条件的配置' print(command_no_wc) shell_result = subprocess.check_output(indicator_dict["command"], shell=True).decode().strip().split('\n') if shell_result[0] == "1": indicator_dict["是否通过"]="是" else: indicator_dict["是否通过"]="否" return indicator_dict for each_indicator_dict in indicator_list: indicator_result = exec_command_result(each_indicator_dict) all_dict_list.append(indicator_result) env = Environment(loader=FileSystemLoader('./')) template = env.get_template('xunjian_table.html') ip_result=subprocess.check_output("ip a|grep 'inet.*eth0'|awk '{print $2}'| awk -F'/' '{print $1}'",shell=True).decode().strip('\n') with open("{}_xunjian_out_{}.html".format(ip_result,datetime.datetime.now().strftime('%Y_%m_%d_%H_%M')), 'w+', encoding='utf-8') as f: out = template.render(xunjian_description=overall_info['xunjian_description'], start_time=overall_info['start_time'], end_time=overall_info['end_time'], people=overall_info['people'], items = all_dict_list) f.write(out) f.close() [root@yinliao-yanshi report_jinja2]#
用一个例子来演示会更加清晰