better logline parsing

2017-12-03 20:23:01 +00:00 · 2017-12-03 20:23:01 +00:00 · 5e1fbb2266
parent 0a8194b941
commit 5e1fbb2266
1 changed files with 6 additions and 2 deletions
--- a/memed.py
+++ b/memed.py
@ -33,11 +33,15 @@ def parse_logstr(string):
    # '2015-02-11T19:05:10+00:00 labrat-1 snoopy[896]: [uid:0 sid:11679
    #  tty:/dev/pts/2 cwd:/root filename:/usr/bin/cat]: cat /etc/fstab.BAK'
    # I really need to parse the uid, cwd and the command out of that.
+
+    # '[uid:123 sid:440 tty:/dev/pts/4 cwd:/root filename:/bin/chmod]: AAAA BBBBBB CCCCCCCC'
+    # THIS IS WHAT WE PARSE NOW.
+
    splitted = string.split(':')
    command = splitted[-1].strip()

    k = string.find('[')
-    important = string[string.find('[', k + 1):]
+    important = string[k:]

    lst = important.replace('[', '').replace(']', '').split()

@ -46,7 +50,7 @@ def parse_logstr(string):

    uid = [e[1] for e in s if e[0] == 'uid'][0]
    cwd = [e[1] for e in s if e[0] == 'cwd'][0]
-    return uid, cwd, command
+    return int(uid), cwd, command


 async def read_msg(reader):