在 python3 中使用 parsedmarc 創建 dmarc 解析器以在 AWS s3 中使用

Question

我對編程很陌生。 我正在開發一個管道來分析發送到我的 email 帳戶的 DMARC 報告文件，我手動將其放入 s3 存儲桶中。 此任務的目標是使用 parsedmarc 下載、提取和分析文件： https://github.com/domainaware/parsedmarc我遇到困難的部分是設置條件語句以提取.gz 文件，如果目標文件不是.zip 文件。 我假設gzip庫足以滿足此目的。 這是我到目前為止的代碼。 我正在為 AWS 使用 python3 和 boto3 庫。 任何幫助表示贊賞！

import parsedmarc    
import pprint
import json
import boto3
import zipfile
import gzip

pp = pprint.PrettyPrinter(indent=2)

def main():
    #Set default session profile and region for sandbox account. Access keys are pulled from /.aws/config and /.aws/credentials.
    #The 'profile_name' value comes from the header for the account in question in /.aws/config and /.aws/credentials
    boto3.setup_default_session(region_name="aws-region-goes-here")
    boto3.setup_default_session(profile_name="aws-account-profile-name-goes-here")

    #Define the s3 resource, the bucket name, and the file to download. It's hardcoded for now...
    s3_resource = boto3.resource(s3)
    s3_resource.Bucket('dmarc-parsing').download_file('source-dmarc-report-filename.zip' '/home/user/dmarc/parseme.zip')

    #Use the zipfile python library to extract the file into its raw state.
    with zipfile.ZipFile('/home/user/dmarc/parseme.zip', 'r') as zip_ref:
        zip_ref.extractall('/home/user/dmarc')

    #Ingest all locations for xml file source
    dmarc_report_directory = '/home/user/dmarc/'
    dmarc_report_file = 'parseme.xml'

    """I need an if statement here for extracting .gz files if the file type is not .zip. The contents of every archive are .xml files"""

    #Set report output variables using functions in parsedmarc. Variable set to equal the output
    pd_report_output=parsedmarc.parse_aggregate_report_file(_input=f"{dmarc_report_directory}{dmarc_report_file}")
    #use jsonify to make the output in json format
    pd_report_jsonified = json.loads(json.dumps(pd_report_output))

    dkim_status = pd_report_jsonified['records'][0]['policy_evaluated']['dkim']
    spf_status = pd_report_jsonified['records'][0]['policy_evaluated']['spf']

    if dkim_status == 'fail' or spf_status == 'fail':
        print(f"{dmarc_report_file} reports failure. oh crap. report:")
    else:
        print(f"{dmarc_report_file} passes. great. report:")

    pp.pprint(pd_report_jsonified['records'][0]['auth_results'])


if __name__ == "__main__":
    main()

Answer 1

這是使用我找到的parsedmarc.parse_aggregate_report_xml方法的代碼。 希望這有助於其他人解析這些報告：

import parsedmarc
import pprint
import json
import boto3
import zipfile
import gzip

pp = pprint.PrettyPrinter(indent=2)

def main():

    #Set default session profile and region for account. Access keys are pulled from ~/.aws/config and ~/.aws/credentials.
    #The 'profile_name' value comes from the header for the account in question in ~/.aws/config and ~/.aws/credentials
    boto3.setup_default_session(profile_name="aws_profile_name_goes_here", region_name="region_goes_here")

    source_file = 'filename_in_s3_bucket.zip'
    destination_directory = '/tmp/'
    destination_file = 'compressed_report_file'

    #Define the s3 resource, the bucket name, and the file to download. It's hardcoded for now...
    s3_resource = boto3.resource('s3')
    s3_resource.Bucket('bucket-name-for-dmarc-report-files').download_file(source_file, f"{destination_directory}{destination_file}")

    #Extract xml
    outputxml = parsedmarc.extract_xml(f"{destination_directory}{destination_file}")

    #run parse dmarc analysis & convert output to json
    pd_report_output = parsedmarc.parse_aggregate_report_xml(outputxml)
    pd_report_jsonified = json.loads(json.dumps(pd_report_output))

    #loop through results and find relevant status info and pass fail status
    dmarc_report_status = ''
    for record in pd_report_jsonified['records']:
        if False in record['alignment'].values():
            dmarc_report_status = 'Failed'
            #************ add logic for interpreting results

    #if fail, publish to sns
    if dmarc_report_status == 'Failed':

        message = "Your dmarc report failed a least one check. Review the log for details"

        sns_resource = boto3.resource('sns')
        sns_topic = sns_resource.Topic('arn:aws:sns:us-west-2:112896196555:TestDMARC')
        sns_publish_response = sns_topic.publish(Message=message)


if __name__ == "__main__":
    main()