def __init__(self,databasefile,knowledgebasefile): """ Creates list of logs where element is [date,logmessage] logs are filtered by rule enginge there is also set of logs which helps creating arff later """ self.loglist = list() self.logset_list = list logset = set() re = RuleEngine() re.parseFacts(knowledgebasefile) for rawlog in self.queryAllRawlogs(databasefile): result = re.filterLog(rawlog) if result == None: continue [date,logmessage]= result self.loglist.append([date,logmessage]) logset.add(logmessage) self.logset_list = list(logset) self.loglist = sorted(self.loglist, key=lambda k: k[0]) # sort by date
def test_simple(self): ps = ParseFacts() ps.parseLine("extend(\"compressed @@@\")") rl = RuleEngine() rl.initFactsDict(ps) clog1 = CompressedLog("compressed @@@") clog1.setDiffWordsSet({1}) clog2 = CompressedLog("compressed2 @@@") clog2.setDiffWordsSet({1}) rawlog1 = RawLog(date=datetime.datetime.now(),log="compressed a") rawlog2 = RawLog(date=datetime.datetime.now(),log="compressed b") rawlog3 = RawLog(date=datetime.datetime.now(),log="compressed2 a") rawlog4 = RawLog(date=datetime.datetime.now(),log="compressed2 b") clog1.rawlogs.append(rawlog1) clog1.rawlogs.append(rawlog2) clog2.rawlogs.append(rawlog3) clog2.rawlogs.append(rawlog4) [date1,logmessage1] = rl.filterLog(rawlog1) [date2,logmessage2] = rl.filterLog(rawlog2) [date3,logmessage3] = rl.filterLog(rawlog3) [date4,logmessage4] = rl.filterLog(rawlog4) self.assertEqual("compressed a",logmessage1) self.assertEqual("compressed b",logmessage2) self.assertEqual("compressed2 @@@",logmessage3) self.assertEqual("compressed2 @@@",logmessage4)
def test_regexp(self): ps = ParseFacts() ps.parseLine("default(\"remove\")") ps.parseLine("clogregexp(\" Start proc.*\")") rl = RuleEngine() rl.initFactsDict(ps) clog_false_str = " End pro @@@ @@@" clog_true_str = " Start proc @@@ @@@" rawlog_false = self.create_log_and_clog(" End pro blabla bla", clog_false_str,[3,4]) rawlog_true = self.create_log_and_clog(" Start proc blabla bla", clog_true_str,[3,4]) none_result = rl.filterLog(rawlog_false) [date2,logmessage_true] = rl.filterLog(rawlog_true) self.assertEqual(None,none_result) self.assertEqual(logmessage_true,logmessage_true)