def __init__(self, *args, **kwargs): LogEntry.__init__(self, *args, **kwargs) if self.program == 'sshd': session = self.logfile.sessioncache.match(self) if session is not None: session.append(self) else: session = SSHSession(self.logfile.sessioncache, self) self.logfile.sessioncache.append(session)
def __init__(self, line, year, source_formats=[]): LogEntry.__init__(self, line, year, source_formats) self.chain = None self.is_iptables = False self.tokens = IPTablesTokenGroup() if self.program not in ('kernel'): return for format in RE_IPTABLES_FORMATS: m = format.match(self.message) if m: self.chain = m.groupdict()['chain'] self.program = 'iptables' self.is_iptables = True group = self.tokens parent = group unparsed = None for token in m.groupdict()['tokens'].split(): if token.startswith('['): token = token[1:] group = IPTablesTokenGroup(parent) if token.endswith(']'): group = group.parent token = token[:-1] if token == '': continue if token in FLAGS: group['flags'].append(token) else: try: if isinstance(unparsed, basestring): unparsed = group.add_token(' '.join( [unparsed, token])) else: unparsed = group.add_token(token) except ValueError, emsg: raise ValueError('%s: %s' % (self.message, emsg)) if unparsed is not None: raise ValueError('Unparsed data left: %s' % unparsed) break
def __init__(self, line, year, source_formats=[]): LogEntry.__init__(self, line, year, source_formats) self.chain = None self.is_iptables = False self.tokens = IPTablesTokenGroup() if self.program not in ('kernel'): return for format in RE_IPTABLES_FORMATS: m = format.match(self.message) if m: self.chain = m.groupdict()['chain'] self.program = 'iptables' self.is_iptables = True group = self.tokens parent = group unparsed = None for token in m.groupdict()['tokens'].split(): if token.startswith('['): token = token[1:] group = IPTablesTokenGroup(parent) if token.endswith(']'): group = group.parent token = token[:-1] if token == '': continue if token in FLAGS: group['flags'].append(token) else: try: if isinstance(unparsed, basestring): unparsed = group.add_token(' '.join([unparsed,token])) else: unparsed = group.add_token(token) except ValueError, emsg: raise ValueError('%s: %s' % (self.message, emsg)) if unparsed is not None: raise ValueError('Unparsed data left: %s' % unparsed) break