cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1897
Views
5
Helpful
2
Replies
Highlighted
Contributor

Stealthwatch Python Script using cron

Alan Nix has created a great python script to import the Talos Blacklist into Stealthwatch. I have successfully run the script manually. I would like to run the script daily using cron. I used crontab, but I am not sure it actually runs.

 

Here is the output from crontab -l

 

# m h dom mon dow command
0 16 * * * root /usr/bin/python /root/scripts/TalosBlacklistImport.py > /root/scripts/log/talos.log

 

Nothing is getting entered into talos.log.

 https://github.com/TheAlanNix/cisco-security-tools/tree/master/TalosBlacklistImport

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Participant

Re: Stealthwatch Python Script using cron

Do you installing your cron job on root user? Can you try to remove the 'root' at the beginning and wait to see the result?

You may also want to redirect the stderr to stdout, so it will also show the error message generated from the script.

For example:
0 16 * * * /usr/bin/python /root/scripts/TalosBlacklistImport.py > /root/scripts/log/talos.log 2>&1

View solution in original post

2 REPLIES 2
Highlighted
Participant

Re: Stealthwatch Python Script using cron

Do you installing your cron job on root user? Can you try to remove the 'root' at the beginning and wait to see the result?

You may also want to redirect the stderr to stdout, so it will also show the error message generated from the script.

For example:
0 16 * * * /usr/bin/python /root/scripts/TalosBlacklistImport.py > /root/scripts/log/talos.log 2>&1

View solution in original post

Highlighted
Contributor

Re: Stealthwatch Python Script using cron

Thank you!

I removed "root" and changed the log setting. I was able confirm the script successfully ran. 

 

swm:~/scripts/log# crontab -l
# m h dom mon dow command
10 16 * * * /usr/bin/python /root/scripts/TalosBlacklistImport.py > /root/scripts/log/talos.log 2>&1

 

swm:~/scripts/log# cat talos.log
Fetching new IP data from Talos...
Posting data to the SMC...
Success.
swm:~/scripts/log#

This widget could not be displayed.