aflansburg · September 4, 2015 15:41
diff --git a/README b/README
 $ python xlogd.py sample.log

 parsed: {'appname': 'test.app', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '68898', 'priority': '132', 'message': 'bla bla bla warn'}
 parsed: {'appname': 'test.app', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '68902', 'priority': '131', 'message': 'bla bla bla error'}
 parsed: {'appname': 'Dock', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '154', 'priority': '11', 'message': 'CGSReleaseWindowList: called with 5 invalid window(s)'}
 parsed: {'appname': 'WindowServer', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '79', 'priority': '11', 'message': 'CGXSetWindowListAlpha: Invalid window 0'}
diff --git a/sample.log b/sample.log
 <132>Sep  6 14:35:48 codezone.local test.app[68898]: bla bla bla warn
 <131>Sep  6 14:35:58 codezone.local test.app[68902]: bla bla bla error
 <11>Sep  6 14:37:53 codezone.local Dock[154]: CGSReleaseWindowList: called with 5 invalid window(s)
 <11>Sep  6 14:38:09 codezone.local WindowServer[79]: CGXSetWindowListAlpha: Invalid window 0
diff --git a/xlog.py b/xlog.py
 from pyparsing import Word, alphas, Suppress, Combine, nums, string, Optional, Regex
 from time import strftime

 class Parser(object):
  def __init__(self):
    ints = Word(nums)

    # priority
    priority = Suppress("<") + ints + Suppress(">")

    # timestamp
    month = Word(string.uppercase, string.lowercase, exact=3)
    day   = ints
    hour  = Combine(ints + ":" + ints + ":" + ints)
    
    timestamp = month + day + hour

    # hostname
    hostname = Word(alphas + nums + "_" + "-" + ".")

    # appname
    appname = Word(alphas + "/" + "-" + "_" + ".") + Optional(Suppress("[") + ints + Suppress("]")) + Suppress(":")

    # message
    message = Regex(".*")
  
    # pattern build
    self.__pattern = priority + timestamp + hostname + appname + message
    
  def parse(self, line):
    parsed = self.__pattern.parseString(line)

    payload              = {}
    payload["priority"]  = parsed[0]
    payload["timestamp"] = strftime("%Y-%m-%d %H:%M:%S")
    payload["hostname"]  = parsed[4]
    payload["appname"]   = parsed[5]
    payload["pid"]       = parsed[6]
    payload["message"]   = parsed[7]
    
    return payload

 """ --------------------------------- """

 def main():
  parser = Parser()
  
  with open('./sample.log') as syslogFile:
    for line in syslogFile:
      fields = parser.parse(line)
      print "parsed:", fields
  
 if __name__ == "__main__":
  main()
	$ python xlogd.py sample.log

	parsed: {'appname': 'test.app', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '68898', 'priority': '132', 'message': 'bla bla bla warn'}
	parsed: {'appname': 'test.app', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '68902', 'priority': '131', 'message': 'bla bla bla error'}
	parsed: {'appname': 'Dock', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '154', 'priority': '11', 'message': 'CGSReleaseWindowList: called with 5 invalid window(s)'}
	parsed: {'appname': 'WindowServer', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '79', 'priority': '11', 'message': 'CGXSetWindowListAlpha: Invalid window 0'}
	<132>Sep 6 14:35:48 codezone.local test.app[68898]: bla bla bla warn
	<131>Sep 6 14:35:58 codezone.local test.app[68902]: bla bla bla error
	<11>Sep 6 14:37:53 codezone.local Dock[154]: CGSReleaseWindowList: called with 5 invalid window(s)
	<11>Sep 6 14:38:09 codezone.local WindowServer[79]: CGXSetWindowListAlpha: Invalid window 0
	from pyparsing import Word, alphas, Suppress, Combine, nums, string, Optional, Regex
	from time import strftime

	class Parser(object):
	def __init__(self):
	ints = Word(nums)

	# priority
	priority = Suppress("<") + ints + Suppress(">")

	# timestamp
	month = Word(string.uppercase, string.lowercase, exact=3)
	day = ints
	hour = Combine(ints + ":" + ints + ":" + ints)

	timestamp = month + day + hour

	# hostname
	hostname = Word(alphas + nums + "_" + "-" + ".")

	# appname
	appname = Word(alphas + "/" + "-" + "_" + ".") + Optional(Suppress("[") + ints + Suppress("]")) + Suppress(":")

	# message
	message = Regex(".*")

	# pattern build
	self.__pattern = priority + timestamp + hostname + appname + message

	def parse(self, line):
	parsed = self.__pattern.parseString(line)

	payload = {}
	payload["priority"] = parsed[0]
	payload["timestamp"] = strftime("%Y-%m-%d %H:%M:%S")
	payload["hostname"] = parsed[4]
	payload["appname"] = parsed[5]
	payload["pid"] = parsed[6]
	payload["message"] = parsed[7]

	return payload

	""" --------------------------------- """

	def main():
	parser = Parser()

	with open('./sample.log') as syslogFile:
	for line in syslogFile:
	fields = parser.parse(line)
	print "parsed:", fields

	if __name__ == "__main__":
	main()