def test_grep(self): log_list = text_test.read_log() linux_syslog_head = '(\S+\s+\d+)\s+(\d+:\d+:\d+)\s+(\S+)\s+' group_data = grep.grep(log_list, linux_syslog_head + '(login|ssh|su|sshd|passwd)\[(\d+)\].*') self.assertEqual(len(group_data), 11) group_data = grep.grep(log_list, '[1,4]', False, 'n') self.assertEqual(len(group_data), 4) group_data = grep.grep(log_list, '[1,4]', False, 'n') self.assertEqual(len(group_data), 4) group_data = grep.grep(log_list, 'pam', False, 's') self.assertEqual(len(group_data), 6) group_data = grep.grep(log_list, 'pam', True, 's') self.assertEqual(len(group_data), 6) self.assertTrue(string_utils.startswith(group_data[0], '1')) self.assertTrue(string_utils.startswith(group_data[1], '2')) self.assertTrue(string_utils.startswith(group_data[4], '12')) self.assertTrue(string_utils.startswith(group_data[5], '19')) group_data = grep.grep(log_list, None, True, 'e') self.assertEqual(len(group_data), 19) group_data = grep.grep(log_list, grep_action, True, 'a') self.assertEqual(len(group_data), 3) group_data = grep.grep(None, None) self.assertEqual(group_data, None)
def test_group(self): linux_syslog_head = '(\S+\s+\d+)\s+(\d+:\d+:\d+)\s+(\S+)\s+' rule_list = [ { 'name' : 'auth', 'pattern': [linux_syslog_head + 'login\[(\d+)\].*', linux_syslog_head + 'passwd\[(\d+)\].*', linux_syslog_head + 'su\[(\d+)\].*', linux_syslog_head + 'sshd\[(\d+)\].*'] }, { 'name' : 'ntp', 'pattern' : [linux_syslog_head + 'ntpdate\[(\d+)\].*', linux_syslog_head + 'ntpd\[(\d+)\].*'] } ] group_data = group.group(text_test.read_log(), rule_list) self.assertEqual(len(group_data.get('auth')), 11) self.assertEqual(len(group_data.get('ntp')), 4)