Skip to content

Instantly share code, notes, and snippets.

@DBarney

DBarney/gist:3691565

Created September 10, 2012 15:32
Show Gist options
  • Save DBarney/3691565 to your computer and use it in GitHub Desktop.
Save DBarney/3691565 to your computer and use it in GitHub Desktop.
Download ZIP
syslog parser
Raw
gistfile1.erl
%% we don't want to use a regex to match out the parts that we need, its much too flexible.
%% and we need something FAST, the following functions should do the fast part just fine :)
%"<13>May 17 08:32:41 123.456 daniel: this is a message\n"
%"^<[\\d]{2}>[\\S]{3} [\\d]{1,2} [\\d]{1,2}:[\\d]{1,2}:[\\d]{1,2} ([^.]+?)[.]([\\S]+) ([\\S\\D]+)"
head(<<$<,I/integer,$>,Rest/binary>>,Client) when
I > $0 , I =< $9 -> date(Rest,Client);
head(<<$<,I/integer,I2/integer,$>,Rest/binary>>,Client) when
I > $0 , I =< $9,
I2 > $0 , I2 =< $9-> date(Rest,Client);
head(<<$<,I/integer,I2/integer,I3/integer,$>,Rest/binary>>,Client) when
I > $0 , I =< $9,
I2 > $0 , I2 =< $9,
I3 > $0 , I3 =< $9 -> date(Rest,Client);
head(_,_) ->
{error,header}.
-define(VALID(D),
(D /= <<"Jan ">>) and
(D /= <<"Feb ">>) and
(D /= <<"Mar ">>) and
(D /= <<"Apr ">>) and
(D /= <<"May ">>) and
(D /= <<"Jun ">>) and
(D /= <<"Jul ">>) and
(D /= <<"Aug ">>) and
(D /= <<"Sep ">>) and
(D /= <<"Oct ">>) and
(D /= <<"Nov ">>) and
(D /= <<"Dec ">>) and
(D /= <<"jan ">>) and
(D /= <<"feb ">>) and
(D /= <<"mar ">>) and
(D /= <<"apr ">>) and
(D /= <<"may ">>) and
(D /= <<"jun ">>) and
(D /= <<"jul ">>) and
(D /= <<"aug ">>) and
(D /= <<"sep ">>) and
(D /= <<"oct ">>) and
(D /= <<"nov ">>) and
(D /= <<"dec ">>)).
date(<<_:4/binary,D/integer,32,_/binary>>,_) when D =< $0, D > $9 -> {error,date};
%% remove bas dates
date(<<Date:4/binary,D/integer,D1/integer,32,_/binary>>,_)
when D =< $0, D > $9, D1 =< $0, D1 > $9;
D == $3 , D1 > $1;
?VALID(Date)
-> {error,date};
date(<<Date:5/binary,32,Rest/binary>>,Client) -> time(Rest,Date,Client);
date(<<Date:6/binary,32,Rest/binary>>,Client) -> time(Rest,Date,Client);
date(_,_) -> {error,date}.
%1:1:1 11:11:11
-define(T(L),time(<<Time:L/binary,32,Rest/binary>>,Date,Client) ->
case valid_time(Time) of
true -> app(Rest,Date,Time,Client);
false -> {error,time}
end).
?T(5);?T(6);?T(7);?T(8);
time(_,_,_) ->
{error,time}.
valid_time(<<T/integer,T2/integer,$:,Rest/binary>>) when
T == $2, T2 >= $0, T2 < $5;
T < $2, T >= $0, T2 >= $0, T2 =< $9 -> valid_time(Rest);
valid_time(<<T/integer,$:,Rest/binary>>) when
T =< $9, T >= $0 ->valid_time(Rest);
valid_time(<<T/integer,T2/integer>>) when
T == $2, T2 >= $0, T2 < $5;
T < $2, T >= $0, T2 >= $0, T2 =< $9 -> true;
valid_time(<<T/integer>>) when
T =< $9, T >= $0 -> true;
valid_time(<<>>) -> true;
valid_time(_) -> false.
-define(C(L),
app(<<App:L/binary,$.,Rest/binary>>,Date,Time,Client) ->
case validate(App) of
true -> component(Rest,App,Date,Time,Client);
false -> {error,app}
end).
?C(1);?C(2);?C(3);?C(4);
?C(5);?C(6);?C(7);?C(8);
?C(9);?C(10);?C(11);?C(12);
?C(13);?C(14);?C(15);?C(16);
?C(17);?C(18);?C(19);?C(20);
?C(21);?C(22);?C(23);?C(24);
?C(25);?C(26);?C(27);?C(28);
?C(29);?C(30);?C(31);?C(32);
app(_,_,_,_) ->
{error,app}.
-define(A(L),component(<<Component:L/binary,32,Message/binary>>,App,Date,Time,Client)->
case validate(Component) of
true -> handle(App,Component,Message,Date,Time,Client);
false -> {error,component}
end).
?A(1);?A(2);?A(3);?A(4);
?A(5);?A(6);?A(7);?A(8);
?A(9);?A(10);?A(11);?A(12);
?A(13);?A(14);?A(15);?A(16);
?A(17);?A(18);?A(19);?A(20);
?A(21);?A(22);?A(23);?A(24);
?A(25);?A(26);?A(27);?A(28);
?A(29);?A(20);?A(31);?A(32);
component(_,_,_,_,_) ->
{error,component}.
validate(<<I/integer,Rest/binary>>) when I >= $0, I =< $9; I >= $a, I =< $f; I >= $A, I =< $F -> validate(Rest);
validate(<<>>) -> true;
validate(_) -> false.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment