随笔- 698 文章- 2 评论- 683 阅读- 85万

安全巡检 python HTML报告

1.报表模板 #cat xunjian_table.html

[root@yinliao-yanshi report_jinja2]# cat xunjian_table.html 
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
<title>insight report</title>
</head>
<style type="text/css">
    h1 {margin-left: 20px}
    h2 {margin-left: 20px;
        font-size: 19px;
        font-weight: bold;
        display: inline-block;
        padding-left: 10px;
        border-left: 5px solid #916dd5;}
    h3 {margin-left: 20px}
    h4 {margin-left: 20px;
        margin-bottom: -5px}
    table {margin-left: 20px;
           margin-top: 5px;
           margin-bottom: 5px}
    p {margin-left: 20px}
    a {margin-top: 200px;}
    </style>
<h1>巡检报告</h1>
<body>
<h2>一、巡检详情</h2>
<p>巡检描述：{{ xunjian_description }}</p>
<p>巡检时间段：{{ start_time }} --> {{ end_time }} </p>
<p>巡检人：{{ people }}</p>
</body>
</html>



<h2>二、巡检结果</h2>

    <table border="1" width = "40%" cellspacing='0' cellpadding='0'>
    <tr>
        <th>ID</th>
        <th>指标描述</th>
        <th>巡检结果</th>
        <th>是否通过</th>
    </tr>

    {% for item in items %}
    <tr align='center'>
        <td>{{ item.ID }}</td>
        <td>{{ item.指标描述 }}</td>
        <td>{{ item.巡检结果 }}</td>
        <td>{{ item.是否通过 }}</td>
    </tr>
    {% endfor%}
    </table>
[root@yinliao-yanshi report_jinja2]#

2. python脚本

[root@yinliao-yanshi report_jinja2]# cat xunjian_command_result.py 
#!/usr/bin/python3
# -*-  coding=utf-8 -*-
# author: xiaoweige
import subprocess
from jinja2 import Environment, FileSystemLoader
import datetime

overall_info={'xunjian_description': '第一个巡检报告',
'start_time': '2020-01-01',
'end_time': '2021-06-01',
'people': "小伟哥"}

all_dict_list = []
indicator_list = [{"ID":1,"指标描述":"密码复杂度","command":"egrep '^password.*minlen.*ocredit'  /etc/pam.d/system-auth |wc -l"},{"ID":2,"指标描述":"禁用root用户登录","command":"egrep '^PermitRootLogin.*no'   /etc/ssh/sshd_config |wc -l"},{"ID":3,"指标描述":"设置密码有效期","command":"egrep 'PASS_MAX_DAYS.*90' /etc/login.defs|wc -l"}]
def exec_command_result(indicator_dict):
    command_no_wc = indicator_dict["command"].split('|wc')[0]
    try:
      indicator_dict["巡检结果"]=subprocess.check_output(command_no_wc,shell=True).decode().strip('\n')
    except:
      indicator_dict["巡检结果"]='不存在符合条件的配置'

    print(command_no_wc)
    shell_result = subprocess.check_output(indicator_dict["command"], shell=True).decode().strip().split('\n')
    if shell_result[0] == "1":
       indicator_dict["是否通过"]="是"
    else:
       indicator_dict["是否通过"]="否"
    return indicator_dict

for each_indicator_dict in indicator_list:
    indicator_result = exec_command_result(each_indicator_dict)
    all_dict_list.append(indicator_result)



env = Environment(loader=FileSystemLoader('./'))
template = env.get_template('xunjian_table.html')
ip_result=subprocess.check_output("ip a|grep 'inet.*eth0'|awk '{print $2}'| awk -F'/' '{print $1}'",shell=True).decode().strip('\n')
with open("{}_xunjian_out_{}.html".format(ip_result,datetime.datetime.now().strftime('%Y_%m_%d_%H_%M')), 'w+', encoding='utf-8') as f:
    out = template.render(xunjian_description=overall_info['xunjian_description'],
                          start_time=overall_info['start_time'],
                          end_time=overall_info['end_time'],
                          people=overall_info['people'],
                          items = all_dict_list)
    f.write(out)
    f.close()


[root@yinliao-yanshi report_jinja2]#