Solved: Stealthwatch Python Script using cron

Bill CARTER · ‎02-20-2019

Alan Nix has created a great python script to import the Talos Blacklist into Stealthwatch. I have successfully run the script manually. I would like to run the script daily using cron. I used crontab, but I am not sure it actually runs.

Here is the output from crontab -l

# m h dom mon dow command
0 16 * * * root /usr/bin/python /root/scripts/TalosBlacklistImport.py > /root/scripts/log/talos.log

Nothing is getting entered into talos.log.

https://github.com/TheAlanNix/cisco-security-tools/tree/master/TalosBlacklistImport

ngkin2010 · ‎02-20-2019

Do you installing your cron job on root user? Can you try to remove the 'root' at the beginning and wait to see the result?

You may also want to redirect the stderr to stdout, so it will also show the error message generated from the script.

For example:
0 16 * * * /usr/bin/python /root/scripts/TalosBlacklistImport.py > /root/scripts/log/talos.log 2>&1

View solution in original post

ngkin2010 · ‎02-20-2019

Do you installing your cron job on root user? Can you try to remove the 'root' at the beginning and wait to see the result?

You may also want to redirect the stderr to stdout, so it will also show the error message generated from the script.

For example:
0 16 * * * /usr/bin/python /root/scripts/TalosBlacklistImport.py > /root/scripts/log/talos.log 2>&1

Bill CARTER · ‎02-21-2019

Thank you!

I removed "root" and changed the log setting. I was able confirm the script successfully ran.

swm:~/scripts/log# crontab -l
# m h dom mon dow command
10 16 * * * /usr/bin/python /root/scripts/TalosBlacklistImport.py > /root/scripts/log/talos.log 2>&1

swm:~/scripts/log# cat talos.log
Fetching new IP data from Talos...
Posting data to the SMC...
Success.
swm:~/scripts/log#