def __init__(self,databasefile,knowledgebasefile):
"""
Creates list of logs where element is [date,logmessage]
logs are filtered by rule enginge
there is also set of logs which helps creating arff later
"""
self.loglist = list()
self.logset_list = list
logset = set()
re = RuleEngine()
re.parseFacts(knowledgebasefile)
for rawlog in self.queryAllRawlogs(databasefile):
result = re.filterLog(rawlog)
if result == None:
continue
[date,logmessage]= result
self.loglist.append([date,logmessage])
logset.add(logmessage)
self.logset_list = list(logset)
self.loglist = sorted(self.loglist, key=lambda k: k[0]) # sort by date
def test_simple(self):
ps = ParseFacts()
ps.parseLine("extend(\"compressed @@@\")")
rl = RuleEngine()
rl.initFactsDict(ps)
clog1 = CompressedLog("compressed @@@")
clog1.setDiffWordsSet({1})
clog2 = CompressedLog("compressed2 @@@")
clog2.setDiffWordsSet({1})
rawlog1 = RawLog(date=datetime.datetime.now(),log="compressed a")
rawlog2 = RawLog(date=datetime.datetime.now(),log="compressed b")
rawlog3 = RawLog(date=datetime.datetime.now(),log="compressed2 a")
rawlog4 = RawLog(date=datetime.datetime.now(),log="compressed2 b")
clog1.rawlogs.append(rawlog1)
clog1.rawlogs.append(rawlog2)
clog2.rawlogs.append(rawlog3)
clog2.rawlogs.append(rawlog4)
[date1,logmessage1] = rl.filterLog(rawlog1)
[date2,logmessage2] = rl.filterLog(rawlog2)
[date3,logmessage3] = rl.filterLog(rawlog3)
[date4,logmessage4] = rl.filterLog(rawlog4)
self.assertEqual("compressed a",logmessage1)
self.assertEqual("compressed b",logmessage2)
self.assertEqual("compressed2 @@@",logmessage3)
self.assertEqual("compressed2 @@@",logmessage4)
def test_regexp(self):
ps = ParseFacts()
ps.parseLine("default(\"remove\")")
ps.parseLine("clogregexp(\" Start proc.*\")")
rl = RuleEngine()
rl.initFactsDict(ps)
clog_false_str = " End pro @@@ @@@"
clog_true_str = " Start proc @@@ @@@"
rawlog_false = self.create_log_and_clog(" End pro blabla bla", clog_false_str,[3,4])
rawlog_true = self.create_log_and_clog(" Start proc blabla bla", clog_true_str,[3,4])
none_result = rl.filterLog(rawlog_false)
[date2,logmessage_true] = rl.filterLog(rawlog_true)
self.assertEqual(None,none_result)
self.assertEqual(logmessage_true,logmessage_true)
