This script fetches data from the Shodan API based on specified queries and saves the results to a log file. It is designed to run continuously, appending new data to the log file and rotating the log file every six runs to manage disk space usage. This imitates current functionality of Splunk's Shodan Integration. This can add many more queries for your environment.
- Shodan Data Fetching: Executes predefined Shodan search queries for open ports and vulnerabilities.
- Configuration: Uses a
config.jsonfile to specify Shodan queries, log folder, and API key. - Logging: Comprehensive logging to a dedicated log file (
shodan_script.log) and console output for real-time monitoring. - Error Handling: Includes retry mechanisms and detailed error logging.
- Log Management: Rotates the log file every six runs to prevent excessive disk space usage.
- Graceful Shutdown: Handles
SIGINTandSIGTERMsignals for a graceful shutdown.
- Python 3.x
- Shodan Python module
- Retrying module
Install the required Python modules using pip:
pip install shodan retrying