def finder(conditions):
DBMS.connect(Configuration.db_path)
log_type = Configuration.doc['input'][conditions['logType']]
if 'related' in log_type:
pass
types = DBMS.getTable(conditions['logType'])
for i in range(0, len(types)):
types[i] = types[i][1]
# 构造的命令由两部分组成:
# 1.有占位符的sql查询语句
# 2.括号内占位符所代表的变量名
command = 'SELECT * FROM ' + conditions['logType']
keys = list(conditions)
data = list(conditions.values())
# 构造查询语句
# 判断是否为第一个
first = True
for i in range(0, len(keys)):
# 如果当前key上的value为None,跳过
if data[i] is None or data[i] == "":
continue
# 跳过名字
if not i:
continue
# 第一个出现的特殊条件用where作为前缀
if i != 0 and first is True:
command += ' WHERE ' + keys[i] + " = '" + data[i] + "'"
first = False
continue
# 其他所有出现的特殊条件都用and作为前缀
command += ' AND ' + keys[i] + " = '" + data[i] + "'"
write_msg(command)
lists = DBMS.search(command)
result = []
for item in lists:
# 字典key和value匹配
pack = dict(zip(types, item))
result.append(pack)
bbb = DBMS.search_mis_clt(pack["pid"], pack.get("SendToHost",""))
if bbb:
result.append(dict(zip(types, bbb)))
write_msg("NOTICE: Search complete, " + str(len(result)) + " eligible items")
DBMS.disconnect()
return result
def spider(file_date=None, log_type=Configuration.logType):
'''
TODO: 用Configuration.logType 作参数不合适
'''
if not DBMS.connect(Configuration.db_path): return False
# 将文件名拆成名字和后缀
file_list = []
if isinstance(log_type, str):
print(log_type, Configuration.logType)
if log_type not in Configuration.logType:
return False
log_type = [log_type]
for t in log_type:
if file_date:
if os.path.isfile(Configuration.log_path + t + '/' + t + '.' +
file_date):
Dealer.classification(Configuration.log_path + t + '/' + t +
'.' + file_date)
file_list.append((t, '.' + file_date))
else:
print "ERROR: file " + Configuration.log_path + t + '/' + t + '.' + file_date + " don't exist."
# 关键字提取
result = None
for name in file_list:
if name[0] in Configuration.doc[
'input'] and 'type' in Configuration.doc['input'][name[0]]:
if name[0] == 'mis_clt':
result = unpacking_general.classifying_mis("".join(
tuple(name)))
else:
result = unpacking_general.classifying("".join(tuple(name)))
# 可以返回json或则入库
DBMS.delete_table(name[0])
DBMS.insert_dict_into_sql(name[0], result)
DBMS.disconnect()
return True
def sensor(file_date=None):
"""
根据fileDate 检测系统中指定配置目录下的日志文件
如fileDate 为None,则检测所有文件
"""
if not DBMS.connect(Configuration.db_path):
return False
for item in file_names(Configuration.log_path):
portion = os.path.splitext(item)
# 检测到配置目录下指定日期的文件
if file_date:
if portion[1] == '.' + file_date:
if DBMS.skip(portion[0], portion[1].replace('.', "")):
continue
DBMS.insert_dict_into_sql('sign', [{'logType': portion[0], 'FileDate': portion[1].replace('.', ""), 'Status': False}])
# 日期为缺省默认处理所有文件
else:
if DBMS.skip(portion[0], portion[1].replace('.', "")):
continue
DBMS.insert_dict_into_sql('sign', [{'logType': portion[0], 'FileDate': portion[1].replace('.', ""), 'Status': False}])
DBMS.disconnect()
return True
