From 16e255be98bbb8b3bcfb080c632add7f048cfd44 Mon Sep 17 00:00:00 2001
From: Rich Megginson <rmeggins@redhat.com>
Date: Tue, 24 Nov 2009 12:16:23 -0700
Subject: Add Named Pipe Log Script, plugins, man page The Named Pipe Log
 Script allows you to replace a log file with a named pipe attached to a
 script. The server can then send the log output to a script instead of to a
 log file. This allows you to do many different things such as:

* log only certain events e.g. failed binds, connections from certain ip addresses, etc.
* log only lines that match a certain pattern
* log only the last N lines - useful for enabling full error log debug levels in production environments
* send an email or other notification when a certain event is detected

The script is written in python, and allows plugins. By default, the script will log the last N lines (default 1000). There are two plugins provided - one to log only failed bind attempts, and one that will log only lines that match given regular expressions.
Reviewed by: nkinder (Thanks!) - found a bug in a comment
Resolves: bug 486171
Bug Description: [RFE] Access log - Failed binds
---
 ldap/admin/src/scripts/logregex.py | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 ldap/admin/src/scripts/logregex.py

(limited to 'ldap/admin/src/scripts/logregex.py')

diff --git a/ldap/admin/src/scripts/logregex.py b/ldap/admin/src/scripts/logregex.py
new file mode 100644
index 00000000..ac329227
--- /dev/null
+++ b/ldap/admin/src/scripts/logregex.py
@@ -0,0 +1,36 @@
+import sys
+import re
+import __main__ # to use globals
+
+# supports more than one regex - multiple regex are combined using AND logic
+# OR logic is easily supported with the '|' regex modifier
+regex_regex_ary = []
+buffer = []
+
+def pre(plgargs):
+    global regex_regex_ary
+    regexary = plgargs.get('regex', None)
+    if not regexary:
+        print "Error: missing required argument logregex.regex"
+        return False
+    if isinstance(regexary,list):
+        regex_regex_ary = [re.compile(xx) for xx in regexary]
+    else:
+        regex_regex_ary.append(re.compile(regexary))
+    return True
+
+def post():
+    global buffer
+    sys.stdout.writelines(buffer)
+    buffer = []
+
+def plugin(line):
+    global buffer
+    for rx in regex_regex_ary:
+        if not rx.search(line):
+            break # must match all regex
+    else: # all regexes matched
+        buffer.append(line)
+        if len(buffer) > __main__.maxlines:
+            del buffer[0]
+    return True
-- 
cgit