kaymccormick · August 3, 2018 20:27 · kaymccormick · Aug 3, 2018
diff --git a/README b/README
 $ python xlogd.py sample.log

 parsed: {'appname': 'test.app', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '68898', 'priority': '132', 'message': 'bla bla bla warn'}
 parsed: {'appname': 'test.app', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '68902', 'priority': '131', 'message': 'bla bla bla error'}
 parsed: {'appname': 'Dock', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '154', 'priority': '11', 'message': 'CGSReleaseWindowList: called with 5 invalid window(s)'}
 parsed: {'appname': 'WindowServer', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '79', 'priority': '11', 'message': 'CGXSetWindowListAlpha: Invalid window 0'}
diff --git a/sample.log b/sample.log
 Aug  3 00:05:19 netra liblogging-stdlog:  [origin software="rsyslogd" swVersion="8.24.0" x-pid="24567" x-info="http://www.rsyslog.com"] rsyslogd was HUPed
 Aug  3 00:05:19 netra slapd[27221]: begin get_filter
 Aug  3 00:05:19 netra slapd[27221]: AND
 Aug  3 00:05:19 netra slapd[27221]: begin get_filter_list
 Aug  3 00:05:19 netra slapd[27221]: begin get_filter
 Aug  3 00:05:19 netra slapd[27221]: EQUALITY
diff --git a/xlog.py b/xlog.py
 #!/home/kay/venv/bin/python

 from pyparsing import Word, alphas, Suppress, Combine, nums, string, Optional, Regex, Empty, Literal
 from time import strftime


 class Parser(object):
    def __init__(self):
        ints = Word(nums)

        # priority
        priority = Suppress("<") + ints + Suppress(">")

        # timestamp
        month = Word(string.ascii_uppercase, string.ascii_lowercase, exact=3)
        day = ints
        hour = Combine(ints + ":" + ints + ":" + ints)

        timestamp = month + day + hour

        # hostname
        hostname = Word(alphas + nums + "_" + "-" + ".")

        # appname
        appname = Word(alphas + "/" + "-" + "_" + ".") + Optional(Suppress("[") + ints + Suppress("]"),default=Literal('')) + Suppress(": ")

        # message
        message = Regex(r"(.*)")

        # pattern build
        self.__pattern = timestamp + hostname + appname + message
        print(self.__pattern)
        print(repr(self.__pattern))

    def parse(self, line):
        parsed = self.__pattern.parseString(line)

        payload = {}
        payload["timestamp"] = strftime("%Y-%m-%d %H:%M:%S")
        payload["hostname"] = parsed[3]
        payload["appname"] = parsed[4]
        payload["pid"] = parsed[5]
        payload["message"] = parsed[6]

        return payload


 """ --------------------------------- """


 def main():
    parser = Parser()

    with open(r'd:\dev\email-pyr\syslog') as syslogFile:
        for line in syslogFile:
            fields = parser.parse(line)
            print("parsed:", fields)


 if __name__ == "__main__":
    main()
	$ python xlogd.py sample.log

	parsed: {'appname': 'test.app', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '68898', 'priority': '132', 'message': 'bla bla bla warn'}
	parsed: {'appname': 'test.app', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '68902', 'priority': '131', 'message': 'bla bla bla error'}
	parsed: {'appname': 'Dock', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '154', 'priority': '11', 'message': 'CGSReleaseWindowList: called with 5 invalid window(s)'}
	parsed: {'appname': 'WindowServer', 'timestamp': '2012-09-06 15:19:32', 'hostname': 'codezone.local', 'pid': '79', 'priority': '11', 'message': 'CGXSetWindowListAlpha: Invalid window 0'}
	Aug 3 00:05:19 netra liblogging-stdlog: [origin software="rsyslogd" swVersion="8.24.0" x-pid="24567" x-info="http://www.rsyslog.com"] rsyslogd was HUPed
	Aug 3 00:05:19 netra slapd[27221]: begin get_filter
	Aug 3 00:05:19 netra slapd[27221]: AND
	Aug 3 00:05:19 netra slapd[27221]: begin get_filter_list
	Aug 3 00:05:19 netra slapd[27221]: begin get_filter
	Aug 3 00:05:19 netra slapd[27221]: EQUALITY
	#!/home/kay/venv/bin/python

	from pyparsing import Word, alphas, Suppress, Combine, nums, string, Optional, Regex, Empty, Literal
	from time import strftime


	class Parser(object):
	def __init__(self):
	ints = Word(nums)

	# priority
	priority = Suppress("<") + ints + Suppress(">")

	# timestamp
	month = Word(string.ascii_uppercase, string.ascii_lowercase, exact=3)
	day = ints
	hour = Combine(ints + ":" + ints + ":" + ints)

	timestamp = month + day + hour

	# hostname
	hostname = Word(alphas + nums + "_" + "-" + ".")

	# appname
	appname = Word(alphas + "/" + "-" + "_" + ".") + Optional(Suppress("[") + ints + Suppress("]"),default=Literal('')) + Suppress(": ")

	# message
	message = Regex(r"(.*)")

	# pattern build
	self.__pattern = timestamp + hostname + appname + message
	print(self.__pattern)
	print(repr(self.__pattern))

	def parse(self, line):
	parsed = self.__pattern.parseString(line)

	payload = {}
	payload["timestamp"] = strftime("%Y-%m-%d %H:%M:%S")
	payload["hostname"] = parsed[3]
	payload["appname"] = parsed[4]
	payload["pid"] = parsed[5]
	payload["message"] = parsed[6]

	return payload


	""" --------------------------------- """


	def main():
	parser = Parser()

	with open(r'd:\dev\email-pyr\syslog') as syslogFile:
	for line in syslogFile:
	fields = parser.parse(line)
	print("parsed:", fields)


	if __name__ == "__main__":
	main()