lex/syslog.py at master · DaveBerkeley/lex · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
#
#   Syslog

import re
import datetime

import dt

r_prog = re.compile("([\w/]+)(?:\[(\d+)\])?")

parser = dt.Parser()

def process(text):
    # syslog format

    d, i = parser.parse(text)

    d['type'] = 'syslog'

    head, tail = text.split(": ", 1)
    parts = head.split()
    parts = parts[i:]

    d['whole'] = d['dt'] + " " + " ".join(parts) + ": " + tail

    def progpid(word):
        match = r_prog.match(word)
        assert match
        return match.groups()

    d['host'] = parts[0]

    prog, pid = progpid(parts[1])
    d['prog'] = prog
    d['pid'] = pid

    d['msg' ] = tail

    if pid:
        d['fmt'] += " %(host)s %(prog)s[%(pid)s]: %(msg)s"
    else:
        d['fmt'] += " %(host)s %(prog)s: %(msg)s"

    return d

# FIN