fixbot: fixbot/logwatch/filters.py@666e638059b2 (annotated)

21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	1	import re
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	2
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	3	class BaseFilter (object) :
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	4	"""
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	5	A filter object matches incoming lines, to determine how they are handled, classify them, and optionally reformat them
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	6	"""
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	7
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	8	# the LogWatchModule event to send
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	9	event_type = None
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	10
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	11	def __init__ (self, event_type) :
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	12	self.event_type = event_type
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	13
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	14	def test (self, line) :
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	15	"""
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	16	Match against the given line, and return one of:
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	17
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	18	None - filter did not match, continue
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	19	False - filter matched, line should be dropped
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	20	(type, <str>)
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	21	- filter matched, pass formatted output
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	22	"""
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	23
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	24	raise NotImplementedError()
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	25
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	26	class FullFilter (BaseFilter) :
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	27	"""
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	28	A trivial filter that matches every possible line as-is
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	29	"""
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	30
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	31	def test (self, line) :
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	32	# pass through
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	33	return self.event_type, line
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	34
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	35	class NullFilter (BaseFilter) :
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	36	"""
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	37	A filter that drops every line matching a given regexp
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	38	"""
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	39
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	40	def __init__ (self, pattern, flags=None) :
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	41	# don't need an event_type
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	42
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	43	self.regexp = re.compile(pattern, flags)
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	44
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	45	def test (self, line) :
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	46	match = self.regexp.search(line)
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	47
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	48	if match :
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	49	# drop
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	50	return False
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	51
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	52	class SimpleFilter (BaseFilter) :
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	53	"""
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	54	A simple filter that passes through any lines that match, optionally reformatting them with the given string
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	55	pattern, using the regexp match groups as parameters.
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	56	"""
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	57
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	58	def __init__ (self, event_type, pattern, format=None) :
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	59	super(SimpleFilter, self).__init__(event_type)
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	60
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	61	# store
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	62	self.regexp = re.compile(pattern)
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	63	self.format = format
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	64
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	65	def test (self, line) :
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	66	# match
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	67	match = self.regexp.search(line)
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	68
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	69	if not match :
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	70	# continue
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	71	return None
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	72
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	73	# reformat?
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	74	if self.format :
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	75	# format with regexp match groups
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	76	return self.event_type, self.format % match.groupdict()
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	77
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	78	else :
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	79	# match as-is
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	80	return self.event_type, line
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	81
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	82	# matches a timestamp prefix
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	83	_timestamp = "\w{3} [0-9 ]\d \d{2}:\d{2}:\d{2}"
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	84
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	85
ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	86	# matches all lines
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	87	all = FullFilter("all")
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	88
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	89	# match all lines, but drop the prefixed timestamp
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	90	all_wo_timestamps = SimpleFilter(
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	91	"all",
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	92	"^" + _timestamp + " (?P<line>.+)$",
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	93	"%(line)s"
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	94	)
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	95
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	96	# match sudo invocations, reformatting them nicely
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	97	sudo = SimpleFilter(
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	98	"sudo",
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	99	"(?P<hostname>\S+)\s+sudo:\s(?P<username>\S+) : TTY=(?P<tty>\S+) ; PWD=(?P<pwd>.+?) ; USER=(?P<target_user>\S+) ; COMMAND=(?P<command>.)",
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	100	"%(username)s:%(tty)s - %(target_user)s@%(hostname)s:%(pwd)s - %(command)r"
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	101	)
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	102
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	103	# match accepted ssh logins
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	104	ssh = SimpleFilter(
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	105	"ssh",
49 666e638059b2 tweak ssh filter output Tero Marttila <terom@fixme.fi> parents: 48 diff changeset	106	"(?P<hostname>\S+)\s+sshd\[\d+\]:\s*Accepted password for (?P<username>\S+) from (?P<ip>\S+) port (?P<port>\S+) (?P<proto>\S+)",
666e638059b2 tweak ssh filter output Tero Marttila <terom@fixme.fi> parents: 48 diff changeset	107	"SSH login for %(username)s@%(hostname)s from %(ip)s:%(port)s"
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	108	)
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	109
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	110	# drops pam output from cron
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	111	cron_killer = NullFilter(
32 4a2aa163a576 update cron_killer for debian lenny Tero Marttila <terom@fixme.fi> parents: 21 diff changeset	112	"^" + _timestamp + " \S+\s+(CRON\|su)\[\d+\]: pam_unix$cron:\w+$: session (opened\|closed) for user \w+( by $uid=\d+$)?$",
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	113	re.IGNORECASE
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	114	)
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	115
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	116	# drops `su nobody` output (from cron)
21 aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	117	su_nobody_killer = NullFilter(
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	118	"^" + _timestamp + " \S+\s+su\[\d+\]: (Successful su for nobody by root\|\+ \?\?\? root:nobody)$",
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	119	re.IGNORECASE
aa6df8f9c44a add initial code back under fixbot/, the git-convert somehow broke terom@fixme.fi parents: diff changeset	120	)
48 ba101beeb062 work on logwatch docs, small tweaks Tero Marttila <terom@fixme.fi> parents: 40 diff changeset	121

author	Tero Marttila <terom@fixme.fi>
	Fri, 05 Feb 2010 02:55:42 +0200
changeset 49	666e638059b2
parent 48	ba101beeb062
child 53	21ab25ffa1e8
permissions	-rw-r--r--