mirror of
https://github.com/hastagAB/Awesome-Python-Scripts.git
synced 2024-11-23 20:11:07 +00:00
Merge pull request #62 from 0xBACE/logpye
added logpye an easy to use log4j parser
This commit is contained in:
commit
a140a0453e
20
logpye_log4j_search/README.md
Normal file
20
logpye_log4j_search/README.md
Normal file
|
@ -0,0 +1,20 @@
|
|||
# script-logpye
|
||||
|
||||
![help](screenshot/help.png)
|
||||
|
||||
|
||||
## usage
|
||||
|
||||
* -h/--help : displays help in picture above
|
||||
* -f/--file : points to log file(is required)
|
||||
* -as/--asciisearch : ascii text search, searches for a string in the log element
|
||||
* -rs/--regexsearch : regex search, input valid regex to search for in log element
|
||||
* -fe/--frontend : edit frontend printing this has to be valid python for now
|
||||
|
||||
###example
|
||||
|
||||
``python logpye.py -f core.log -as joystick``
|
||||
|
||||
``python logpye.py -f core.log -rx "\bjoystick\b.*?\botn-inst01\b"``
|
||||
|
||||
``python logpye.py -f core.log -as fathom -fe "error_level, logger, message, timestamp, thread"``
|
104
logpye_log4j_search/logpye.py
Normal file
104
logpye_log4j_search/logpye.py
Normal file
|
@ -0,0 +1,104 @@
|
|||
def itirate_of(logfile):
|
||||
logging.debug("itirate_of")
|
||||
lineCount = 0
|
||||
start_flag = 0
|
||||
elementarray = []
|
||||
array2 = []
|
||||
with open(logfile, "r") as ifile:
|
||||
for line in ifile:
|
||||
lineCount += 1
|
||||
if "<log4j:event" in line:
|
||||
logging.debug("found <log4j:event")
|
||||
array2.append(line)
|
||||
logging.debug("line: %s", line)
|
||||
start_flag = 1
|
||||
|
||||
elif "</log4j:event>" in line:
|
||||
logging.debug("found </log4j:event>")
|
||||
start_flag = 0
|
||||
array2.append(line)
|
||||
logging.debug("line: %s", line)
|
||||
elementarray.append(array2)
|
||||
array2 = []
|
||||
|
||||
elif start_flag == 1:
|
||||
logging.debug("startflag set")
|
||||
array2.append(line)
|
||||
logging.debug("line: %s", line)
|
||||
|
||||
return elementarray, lineCount
|
||||
|
||||
|
||||
def parse(xmlelement):
|
||||
logging.debug("parse")
|
||||
root = ET.fromstring(xmlelement)
|
||||
message = root[0].text
|
||||
logger = root.attrib['logger']
|
||||
timestamp = root.attrib['timestamp']
|
||||
error_level = root.attrib['level']
|
||||
thread = root.attrib['thread']
|
||||
|
||||
return message, logger, timestamp, error_level, thread
|
||||
|
||||
|
||||
def ruleset(rule, message, logger, timestamp, error_level, thread):
|
||||
logging.debug("ruleset")
|
||||
compiled = message + logger + timestamp + error_level + thread
|
||||
if args.regexsearch:
|
||||
finder = re.findall(rule, compiled)
|
||||
if finder:
|
||||
frontend(message, logger, timestamp, error_level, thread)
|
||||
if args.asciisearch:
|
||||
if rule in compiled:
|
||||
frontend(message, logger, timestamp, error_level, thread)
|
||||
else:
|
||||
if rule in compiled:
|
||||
frontend(message, logger, timestamp, error_level, thread)
|
||||
|
||||
|
||||
def frontend(message, logger, timestamp, error_level, thread):
|
||||
logging.debug("frontend")
|
||||
if args.frontend:
|
||||
print(eval(args.frontend))
|
||||
else:
|
||||
print("{}: {} - {}".format(error_level, logger, timestamp))
|
||||
|
||||
|
||||
def main(logfile, itir_file, ruleset, frontend):
|
||||
logging.debug("main")
|
||||
errors = 0
|
||||
warns = 0
|
||||
if args.asciisearch:
|
||||
rule = args.asciisearch
|
||||
elif args.regexsearch:
|
||||
rule = args.regexsearch
|
||||
else:
|
||||
rule = ""
|
||||
elementarray, lineCount = itir_file(logfile)
|
||||
string = ""
|
||||
for i in range(len(elementarray)):
|
||||
xmlelement = "".join(elementarray[i])
|
||||
message, logger, timestamp, error_level, thread = parse(xmlelement.replace("log4j:", "").rstrip('\n'))
|
||||
ruleset(rule, message, logger, timestamp, error_level, thread)
|
||||
if error_level == "ERROR":
|
||||
errors += 1
|
||||
if error_level == "WARN":
|
||||
warns += 1
|
||||
|
||||
|
||||
if __name__ in '__main__':
|
||||
import xml.etree.ElementTree as ET
|
||||
import logging
|
||||
import sys
|
||||
import re
|
||||
import argparse
|
||||
|
||||
parser = argparse.ArgumentParser()
|
||||
parser.add_argument('-f','--file', help='log4j file to parse', type=str, required=True)
|
||||
parser.add_argument('-as','--asciisearch', help='ascii search pattern', type=str, required=False, default="")
|
||||
parser.add_argument('-rs','--regexsearch', help='regex search pattern', type=str, required=False, default="")
|
||||
parser.add_argument('-fe', '--frontend', help='customize output: message, logger, timestamp, error_level, thread', type=str, required=False, default="error_level, logger, timestamp")
|
||||
args = parser.parse_args()
|
||||
|
||||
logging.basicConfig(format='%(levelname)s:%(message)s', level=logging.INFO)
|
||||
main(args.file, itirate_of, ruleset, frontend)
|
BIN
logpye_log4j_search/screenshot/help.png
Normal file
BIN
logpye_log4j_search/screenshot/help.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 130 KiB |
Loading…
Reference in New Issue
Block a user