studiawan · May 20, 2020 11:39
diff --git a/log-parser-pyparsing.py b/log-parser-pyparsing.py
 import sys
 import csv
 from pyparsing import Word, alphas, Suppress, Combine, string, nums, Optional, Regex


 class AuthLogParser(object):
 	def __init__(self, log_file):
 		self.log_file = log_file
 		self.authlog_grammar = self.__get_authlog_grammar()
 	
 	@staticmethod
 	def __get_authlog_grammar():
 		ints = Word(nums)

 		# timestamp
 		month = Word(string.ascii_uppercase, string.ascii_lowercase, exact=3)
 		day = ints
 		hour = Combine(ints + ":" + ints + ":" + ints)
 		timestamp = month + day + hour

 		# hostname, service name, message
 		hostname_or_ip = Word(alphas + nums + "_" + "-" + ".")
 		appname = Word(alphas + "/" + "-" + "_" + ".") + Optional(Suppress("[") + ints + Suppress("]")) + Suppress(":")
 		message = Regex(".*")

 		# auth log grammar
 		authlog_grammar = timestamp.setResultsName('timestamp') + hostname_or_ip.setResultsName('hostname') + \
 						  appname.setResultsName('application') + message.setResultsName('message')

 		return authlog_grammar

 	def __get_fields(self, log_line):        
 		# parsing
 		parsed = self.authlog_grammar.parseString(log_line)
 		
 		# get each field
 		parsed_log = dict()		
 		parsed_log['timestamp'] = ' '.join(parsed.timestamp.asList())
 		parsed_log['hostname'] = parsed.hostname
 		parsed_log['application'] = ' '.join(parsed.application.asList()) 
 		parsed_log['message'] = parsed.message
 		
 		return parsed_log	
 	
 	def parse_authlog(self):
 		try:
 			# open csv file
 			f = open(self.log_file + '.csv', 'wt')
 			writer = csv.writer(f)
 			writer.writerow(['timestamp', 'hostname', 'application', 'message'])
 			
 			with open(self.log_file, 'r') as f:
 				# read each line
 				for line in f:
 					# parse a line
 					result = self.__get_fields(line)
 					
 					# write to csv file and print
 					writer.writerow([result['timestamp'], result['hostname'], result['application'], result['message']])
 					print(result)
 			
 			# close csv file
 			f.close()
 		
 		except FileNotFoundError:
 			print('File not found.')
 			sys.exit(1)


 if __name__ == '__main__':	
 	if len(sys.argv) == 2:
 		file_name = sys.argv[1]
 		parser = AuthLogParser(file_name)
 		parser.parse_authlog()
 	
 	else:
 		print('Please type a correct log file name.')
 		sys.exit(1)
	import sys
	import csv
	from pyparsing import Word, alphas, Suppress, Combine, string, nums, Optional, Regex


	class AuthLogParser(object):
	def __init__(self, log_file):
	self.log_file = log_file
	self.authlog_grammar = self.__get_authlog_grammar()

	@staticmethod
	def __get_authlog_grammar():
	ints = Word(nums)

	# timestamp
	month = Word(string.ascii_uppercase, string.ascii_lowercase, exact=3)
	day = ints
	hour = Combine(ints + ":" + ints + ":" + ints)
	timestamp = month + day + hour

	# hostname, service name, message
	hostname_or_ip = Word(alphas + nums + "_" + "-" + ".")
	appname = Word(alphas + "/" + "-" + "_" + ".") + Optional(Suppress("[") + ints + Suppress("]")) + Suppress(":")
	message = Regex(".*")

	# auth log grammar
	authlog_grammar = timestamp.setResultsName('timestamp') + hostname_or_ip.setResultsName('hostname') + \
	appname.setResultsName('application') + message.setResultsName('message')

	return authlog_grammar

	def __get_fields(self, log_line):
	# parsing
	parsed = self.authlog_grammar.parseString(log_line)

	# get each field
	parsed_log = dict()
	parsed_log['timestamp'] = ' '.join(parsed.timestamp.asList())
	parsed_log['hostname'] = parsed.hostname
	parsed_log['application'] = ' '.join(parsed.application.asList())
	parsed_log['message'] = parsed.message

	return parsed_log

	def parse_authlog(self):
	try:
	# open csv file
	f = open(self.log_file + '.csv', 'wt')
	writer = csv.writer(f)
	writer.writerow(['timestamp', 'hostname', 'application', 'message'])

	with open(self.log_file, 'r') as f:
	# read each line
	for line in f:
	# parse a line
	result = self.__get_fields(line)

	# write to csv file and print
	writer.writerow([result['timestamp'], result['hostname'], result['application'], result['message']])
	print(result)

	# close csv file
	f.close()

	except FileNotFoundError:
	print('File not found.')
	sys.exit(1)


	if __name__ == '__main__':
	if len(sys.argv) == 2:
	file_name = sys.argv[1]
	parser = AuthLogParser(file_name)
	parser.parse_authlog()

	else:
	print('Please type a correct log file name.')
	sys.exit(1)