def create(self,configfile): Config.load_config(configfile) sortedEvents = SortedRawAwareEvents() sortedEvents.get_events_from_SQLite() #sortedEvents.get_events_from_MySQL() print "sorted" parser = Parser() result = list() temp_learning_element = LearningSetElement() i =0 for event in sortedEvents: learning_element = temp_learning_element.clone2() parsed_events = parser.parse_event(event) if self.filter_out(parsed_events): continue UpdateElement.update(learning_element,parsed_events) result.append(learning_element) temp_learning_element = learning_element i += 1 percent = float(i)/len(sortedEvents)*100 sys.stdout.write('%s percent \r' %( percent )) sys.stdout.flush() return result
return self._get_events_from_MySQL(username=Config.username, password=Config.password, databasename=Config.databasename, tables=Config.tables) def get_events_from_SQLite(self): con = Config if (Config.dbfile or Config.tables) == None: print "Load config file!" print Config.dbfile, Config.tables return self._get_events_from_SQLite(filename=Config.dbfile, tables=Config.tables) def filter_by_occurance_time(self): #todo there is much more logs from network screen and network_traffic then application, I mean in some point of time application logs do not occur any more pass if __name__ == '__main__': Config.load_config(ConfigVals) sortedEvents = SortedRawAwareEvents() sortedEvents.get_events_from_MySQL() for x in sortedEvents: time = datetime.datetime.fromtimestamp(int(x['values'].timestamp/1000)).strftime('%Y-%m-%d %H:%M:%S') print x['table'].name+" "+str(time) parser = Parser() for event in sortedEvents: parser.parse_event(event)