學習練習程序:根據日期提取日誌的python腳本。

#!/usr/bin/python
#! *-* coding:utf-8 *-*
#file:Analysis_logs.py
#import os
import string
import re
month={ '1':'Jan',
        '2':'Feb',
        '3':'Mar',
        '4':'Apr',
        '5':'May',
        '6':'Jun',
        '7':'Jul',
        '8':'Aug',
        '9':'Sep',
        '10':'Oct',
        '11':'Nov',
        '12':'Dec'}
LogFilePath=r'/var/log/secure'
def Check_Ex_log():
        Ex_str='Accepted password'
        f=open(LogFilePath,'r')
        text=f.readlines()
        f.close
        Count_line=0
        outlog=''
        text_lines=len(text)
        print text_lines
        while Count_line < text_lines:
                str_line=text[Count_line]
                if Ex_str in str_line:
                        outlog+=str_line
                Count_line+=1
        f1=open('Ex_Mess.log','w')
        f1.write(outlog)
        f1.close
        print '完成'
#Check_Ex_log()
def JieQu_day():
        date=raw_input('請輸入要截取日誌的日期,格式爲月份-日期,例:6-1:\n')
        Mon=string.split(date,'-')
        test=month.items()
        for i in test:
                if i[0]==Mon[0]:
                        f=open(LogFilePath,'r')
                        text=f.readlines()
                        f.close()
                        Count_line=0
                        text_line=len(text)
                        output=''
                        Time=i[1]+' '+Mon[1]
                        while Count_line < text_line:
                                str_line=text[Count_line]
                                if Time in str_line:
                                        output+=str_line
                                Count_line+=1
                        outputname='message-%s-%s.log'%(i[1],Mon[1])
                        f=open(outputname,'w')
                        f.write(output)
                        f.close()
                        print '完成'
def JieQu_hour():
        hour=raw_input('請輸入要截取日誌的時間,例:6-24-1,,6-24-10:表示截取6月24日1點-10點的日誌:')
        Hou=string.split(hour,',')
        t1=string.split(Hou[0],'-')
        t2=string.split(Hou[1],'-')
        test=month.items()
        for i in test:
                if t1[0]==i[0]:
                        str1=i[1]+' '+t1[1]+' '+t1[2]
                        str2=i[1]+' '+t2[1]+' '+t2[2]
        #               print str1+'---------------'
        #               print str2+'---------------'
                        f=open(LogFilePath,'r')
                        text=f.readlines()
                        f.close()
                        text_lines=len(text)
                        start_Count=0
                        for i in text:                          #獲取開始行的行號       
                                n=re.match(str1,i)
                                if n != None:
                                        start=start_Count+1
                                        break
                                start_Count+=1
                        end_Count=0
                        end_list=[]
                        for j in text:                          #獲取結束行的行號
                                u=re.match(str2,j)
                                if u != None:
                                        end_list.append(end_Count)
                                        break
                                end_Count+=1
                        Count=1
                        output=''
                        while Count <= end_Count:
                                if Count >= start_Count:
                                        output+=text[Count]
                                Count+=1
                        f1=open(hour+'.log','w')
                        f1.write(output)
                        f1.close()
                        print '完成'
def chose():
        num=raw_input('''本腳本是用於日誌分析,僅供學習參考;
                         請根據需求選擇下列選項:
                        1.截取一段時間內的日誌。
                        2.截取一天的日誌。
                        3.根據特徵碼分析日誌。
                        ''')
        if num=='2':
                JieQu_day()
        elif num=='3':
                Check_Ex_log()
        elif num=='1':
                JieQu_hour()
        else:
                print '您的輸入不正確或者該功能爲開發完成!'
chose()

腳本中截取一段時間的日誌這個功能,若是輸入的開始和結束時間在日誌裏面這兩個時間點沒生成日誌的話,會致使報錯。python

腳本適用於linux系統message,secure相似的日誌文件。
linux

相關文章
相關標籤/搜索