better logline parsing
This commit is contained in:
parent
0a8194b941
commit
5e1fbb2266
1 changed files with 6 additions and 2 deletions
8
memed.py
8
memed.py
|
@ -33,11 +33,15 @@ def parse_logstr(string):
|
||||||
# '2015-02-11T19:05:10+00:00 labrat-1 snoopy[896]: [uid:0 sid:11679
|
# '2015-02-11T19:05:10+00:00 labrat-1 snoopy[896]: [uid:0 sid:11679
|
||||||
# tty:/dev/pts/2 cwd:/root filename:/usr/bin/cat]: cat /etc/fstab.BAK'
|
# tty:/dev/pts/2 cwd:/root filename:/usr/bin/cat]: cat /etc/fstab.BAK'
|
||||||
# I really need to parse the uid, cwd and the command out of that.
|
# I really need to parse the uid, cwd and the command out of that.
|
||||||
|
|
||||||
|
# '[uid:123 sid:440 tty:/dev/pts/4 cwd:/root filename:/bin/chmod]: AAAA BBBBBB CCCCCCCC'
|
||||||
|
# THIS IS WHAT WE PARSE NOW.
|
||||||
|
|
||||||
splitted = string.split(':')
|
splitted = string.split(':')
|
||||||
command = splitted[-1].strip()
|
command = splitted[-1].strip()
|
||||||
|
|
||||||
k = string.find('[')
|
k = string.find('[')
|
||||||
important = string[string.find('[', k + 1):]
|
important = string[k:]
|
||||||
|
|
||||||
lst = important.replace('[', '').replace(']', '').split()
|
lst = important.replace('[', '').replace(']', '').split()
|
||||||
|
|
||||||
|
@ -46,7 +50,7 @@ def parse_logstr(string):
|
||||||
|
|
||||||
uid = [e[1] for e in s if e[0] == 'uid'][0]
|
uid = [e[1] for e in s if e[0] == 'uid'][0]
|
||||||
cwd = [e[1] for e in s if e[0] == 'cwd'][0]
|
cwd = [e[1] for e in s if e[0] == 'cwd'][0]
|
||||||
return uid, cwd, command
|
return int(uid), cwd, command
|
||||||
|
|
||||||
|
|
||||||
async def read_msg(reader):
|
async def read_msg(reader):
|
||||||
|
|
Loading…
Reference in a new issue