def process(self):
locations = self._plugin.get("config", "location")
locations = locations.split(',')
logger.info("*******************")
#REMOTE????
# first check if file exists
#for location in locations:
# self.check_file_path(location)
# compile the list of regexp
unsorted_rules = self._plugin.rules()
keys = unsorted_rules.keys()
keys.sort()
for key in keys:
item = unsorted_rules[key]
self.rules.append(RuleMatch(key, item, self._plugin))
conns = []
host = self._plugin.get("config", "host")
user = self._plugin.get("config", "user")
passwd = self._plugin.get("config", "passwd")
conn = SSHConnection(host, 22, user, passwd)
res = conn.connect()
if res == False:
print "Error connecting to %s for remote logging" % host
self.stop_processing == False
else:
print "Connected to %s" % host
conns.append(conn)
while not self.stop_processing:
# is plugin enabled?
if not self._plugin.getboolean("config", "enable"):
# wait until plugin is enabled
while not self._plugin.getboolean("config", "enable"):
time.sleep(1)
# plugin is now enabled, skip events generated on
# 'disable' state, so move to the end of file
self._thresholding()
for c in conns:
# stop processing tails if requested
if self.stop_processing:
break
transport = c.client.get_transport()
channel = transport.open_session()
if self._plugin.getboolean("config", "readAll"):
cmd = "tail -f -n 10000000000000000000 %s" % locations[0]
else:
cmd = "tail -f -n 0 %s" % locations[0]
print cmd
channel.exec_command(cmd)
tmp_data = ""
while True:
if self.stop_processing:
break
rl, wl, xl = select.select([channel], [], [], 0.0)
if len(rl) > 0:
data = tmp_data + channel.recv(1024)
data = data.split("\n")
tmp_data = data[len(data) - 1]
for d in data:
matches = 0
rules = 0
if self.stop_processing:
break
for rule in self.rules:
rules += 1
rule.feed(d)
if rule.match():
matches += 1
logger.debug('Match rule: [%s] -> %s' %
(rule.name, d))
event = rule.generate_event()
if event is not None:
self.send_message(event)
break
time.sleep(0.1)
for c in conns:
c.client.close()
logger.debug("Processing completed.")
def process(self):
locations = self._plugin.get("config", "location")
locations = locations.split(',')
#REMOTE????
# first check if file exists
#for location in locations:
# self.check_file_path(location)
# compile the list of regexp
unsorted_rules = self._plugin.rules()
keys = unsorted_rules.keys()
keys.sort()
for key in keys:
item = unsorted_rules[key]
self.rules.append(RuleMatch(key, item, self._plugin))
conns = []
host = self._plugin.get("config", "host")
user = self._plugin.get("config", "user")
passwd = self._plugin.get("config", "passwd")
conn = SSHConnection(host, 22, user, passwd)
connected = False
while not connected:
connected = conn.connect()
if not connected:
logger.info("Error connecting to %s for remote logging, retry in 30 seconds." % host)
time.sleep(30)
logger.info("Connected to %s" % host)
conns.append(conn)
while not self.stop_processing:
# is plugin enabled?
if not self._plugin.getboolean("config", "enable"):
# wait until plugin is enabled
while not self._plugin.getboolean("config", "enable"):
time.sleep(1)
# plugin is now enabled, skip events generated on
# 'disable' state, so move to the end of file
self._thresholding()
for c in conns:
# stop processing tails if requested
if self.stop_processing:
break
transport = c.client.get_transport()
channel = transport.open_session()
if self._plugin.getboolean("config", "readAll"):
cmd = "tail -f -n 10000000000000000000 %s" % locations[0]
else:
cmd = "tail -f -n 0 %s" % locations[0]
channel.exec_command(cmd)
tmp_data = ""
while True:
if self.stop_processing:
break
rl, wl, xl = select.select([channel],[],[],0.0)
if len(rl) > 0:
data = tmp_data + channel.recv(1024)
data = data.split("\n")
tmp_data = data[len(data)-1]
for d in data:
matches = 0
rules = 0
if self.stop_processing:
break
for rule in self.rules:
rules += 1
rule.feed(d)
if rule.match():
matches += 1
logger.debug('Match rule: [%s] -> %s' % (rule.name, d))
event = rule.generate_event()
if event is not None:
self.send_message(event)
break
time.sleep(0.1)
for c in conns:
c.closeConnection()
logger.debug("Processing completed.")
