forked from seclab-ucr/INTANG
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathparse_log.py
More file actions
executable file
·59 lines (36 loc) · 1.07 KB
/
parse_log.py
File metadata and controls
executable file
·59 lines (36 loc) · 1.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#!/usr/bin/env python
import datetime
import re
import sys
from tools import *
LOG_FILE = sys.argv[1]
# options
opt_parse_ts = 1
opt_parse_fourtuple = 1
# preparation
if opt_parse_fourtuple:
pattern = re.compile("\d{1,10}_\d{1,10}_\d{1,10}_\d{1,10}")
f = open(LOG_FILE, 'r')
for line in f:
line = line[:-1]
try:
if opt_parse_ts:
ts, line = line.split(' ', 1)
ts = float(ts)
dt_str = datetime.datetime.fromtimestamp(ts).strftime('%Y-%m-%d %H:%M:%S')
line = dt_str + ' ' + line
if opt_parse_fourtuple:
m = pattern.search(line)
if m:
a, b = pattern.split(line, 1)
sip, sport, dip, dport = parse_4tuple(m.group(0))
sport = str(sport)
dport = str(dport)
line = a + sip + '_' + sport + '_' + dip + '_' + dport + b
print(line)
except Exception as ex:
#print(line, file=sys.stderr)
sys.stderr.write(line + '\n')
#print(line)
raise ex
f.close()