diff options
| author | Rich Megginson <rmeggins@redhat.com> | 2009-11-24 12:16:23 -0700 |
|---|---|---|
| committer | Rich Megginson <rmeggins@redhat.com> | 2009-11-25 11:10:10 -0700 |
| commit | 16e255be98bbb8b3bcfb080c632add7f048cfd44 (patch) | |
| tree | 5c28a326b327c95ffb38ca2f9fcce19b5c684dea /ldap/admin/src/scripts/logregex.py | |
| parent | b2e2a3f5294707e1ccf2b25fd281ce3653dac819 (diff) | |
| download | ds-16e255be98bbb8b3bcfb080c632add7f048cfd44.tar.gz ds-16e255be98bbb8b3bcfb080c632add7f048cfd44.tar.xz ds-16e255be98bbb8b3bcfb080c632add7f048cfd44.zip | |
Add Named Pipe Log Script, plugins, man page
The Named Pipe Log Script allows you to replace a log file with a named pipe attached to a script. The server can then send the log output to a script instead of to a log file. This allows you to do many different things such as:
* log only certain events e.g. failed binds, connections from certain ip addresses, etc.
* log only lines that match a certain pattern
* log only the last N lines - useful for enabling full error log debug levels in production environments
* send an email or other notification when a certain event is detected
The script is written in python, and allows plugins. By default, the script will log the last N lines (default 1000). There are two plugins provided - one to log only failed bind attempts, and one that will log only lines that match given regular expressions.
Reviewed by: nkinder (Thanks!) - found a bug in a comment
Resolves: bug 486171
Bug Description: [RFE] Access log - Failed binds
Diffstat (limited to 'ldap/admin/src/scripts/logregex.py')
| -rw-r--r-- | ldap/admin/src/scripts/logregex.py | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/ldap/admin/src/scripts/logregex.py b/ldap/admin/src/scripts/logregex.py new file mode 100644 index 00000000..ac329227 --- /dev/null +++ b/ldap/admin/src/scripts/logregex.py @@ -0,0 +1,36 @@ +import sys +import re +import __main__ # to use globals + +# supports more than one regex - multiple regex are combined using AND logic +# OR logic is easily supported with the '|' regex modifier +regex_regex_ary = [] +buffer = [] + +def pre(plgargs): + global regex_regex_ary + regexary = plgargs.get('regex', None) + if not regexary: + print "Error: missing required argument logregex.regex" + return False + if isinstance(regexary,list): + regex_regex_ary = [re.compile(xx) for xx in regexary] + else: + regex_regex_ary.append(re.compile(regexary)) + return True + +def post(): + global buffer + sys.stdout.writelines(buffer) + buffer = [] + +def plugin(line): + global buffer + for rx in regex_regex_ary: + if not rx.search(line): + break # must match all regex + else: # all regexes matched + buffer.append(line) + if len(buffer) > __main__.maxlines: + del buffer[0] + return True |