def test_grep(self):
log_list = text_test.read_log()
linux_syslog_head = '(\S+\s+\d+)\s+(\d+:\d+:\d+)\s+(\S+)\s+'
group_data = grep.grep(log_list, linux_syslog_head + '(login|ssh|su|sshd|passwd)\[(\d+)\].*')
self.assertEqual(len(group_data), 11)
group_data = grep.grep(log_list, '[1,4]', False, 'n')
self.assertEqual(len(group_data), 4)
group_data = grep.grep(log_list, '[1,4]', False, 'n')
self.assertEqual(len(group_data), 4)
group_data = grep.grep(log_list, 'pam', False, 's')
self.assertEqual(len(group_data), 6)
group_data = grep.grep(log_list, 'pam', True, 's')
self.assertEqual(len(group_data), 6)
self.assertTrue(string_utils.startswith(group_data[0], '1'))
self.assertTrue(string_utils.startswith(group_data[1], '2'))
self.assertTrue(string_utils.startswith(group_data[4], '12'))
self.assertTrue(string_utils.startswith(group_data[5], '19'))
group_data = grep.grep(log_list, None, True, 'e')
self.assertEqual(len(group_data), 19)
group_data = grep.grep(log_list, grep_action, True, 'a')
self.assertEqual(len(group_data), 3)
group_data = grep.grep(None, None)
self.assertEqual(group_data, None)
def test_group(self):
linux_syslog_head = '(\S+\s+\d+)\s+(\d+:\d+:\d+)\s+(\S+)\s+'
rule_list = [
{
'name' : 'auth',
'pattern': [linux_syslog_head + 'login\[(\d+)\].*',
linux_syslog_head + 'passwd\[(\d+)\].*',
linux_syslog_head + 'su\[(\d+)\].*',
linux_syslog_head + 'sshd\[(\d+)\].*']
},
{
'name' : 'ntp',
'pattern' : [linux_syslog_head + 'ntpdate\[(\d+)\].*',
linux_syslog_head + 'ntpd\[(\d+)\].*']
}
]
group_data = group.group(text_test.read_log(), rule_list)
self.assertEqual(len(group_data.get('auth')), 11)
self.assertEqual(len(group_data.get('ntp')), 4)
