Parsing log in SQL DB to change IPs to hostnames
Kushal Kumaran
kushal.kumaran at gmail.com
Tue Apr 10 12:11:34 EDT 2007
On Apr 10, 8:37 pm, "KDawg44" <KDaw... at gmail.com> wrote:
> Hi,
>
> I am brand new to Python. In learning anything, I find it useful to
> actually try to write a useful program to try to tackle an actual
> problem.
>
> I have a syslog server and I would like to parse the syslog messages
> and try to change any ips to resolved hostnames. Unfortunately, I am
> not getting any matches on my regular expression.
>
> A message will look something like this:
> Apr 10 2007 00:30:58 DEVICE : %DEVICEINFO: 1.1.1.1 Accessed URL
> 10.10.10.10:/folder/folder/page.html
>
> I would like to change the message to have the hostnames, or even
> better actually, have it appear as hostname-ip address. So a changed
> message would look like:
>
> Apr 10 2007 00:30:58 DEVICE : %DEVICEINFO: pcname-1.1.1.1 Accessed
> URLwww.asite.com-10.10.10.10:/folder/folder/page.html
>
> or some equivalent.
>
> Here is what i have so far. Please be kind as it is my first python
> program.... :)
>
> #! /usr/bin/python
>
> import socket
> import re
> import string
> import MySQLdb
>
> ipRegExC = r"\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"
> ipRegEx = re.compile(ipRegExC)
>
> try:
> conn = MySQLdb.connect(host="REMOVED", user="REMOVED",
> passwd="REMOVED", db="REMOVED")
>
> except MySQLdb.Error, e:
> print "Error connecting to the database: %d - %s " %
> (e.args[0], e.args[1])
> sys.exit(1)
>
> cursor = conn.cursor()
> cursor.execute("SELECT msg, seq FROM `logs` WHERE seq = 507702")
> # one specific message so that it doesn't parse the whole DB during
> testing...
> while(1):
> row = cursor.fetchone()
> if row == None:
> break
> if ipRegEx.match(row[0]):
> ....
> <snipped rest of the code>
See the documentation of the re module for the difference between
matching and searching.
--
Kushal
More information about the Python-list
mailing list