-
-
Save Wimpje/63598f5625b656d1a1661b70d8504f9a to your computer and use it in GitHub Desktop.
Example Datadog IIS log line parser
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| from datetime import datetime | |
| def parse_iis(logger, line): | |
| #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken | |
| #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) cs-host sc-status sc-substatus sc-win32-status time-taken | |
| line_date, line_time, server_ip, cs_method, cs_uri_stem, cs_uri_query, server_port, cs_username, client_ip, cs_user_agent, cs_referer, cs_host, status_code, sub_status, win32_status, time_taken = line.split() | |
| dt = datetime.strptime(line_date+"T"+line_time, "%Y-%m-%dT%H:%M:%S") | |
| dt = time.mktime(dt.timetuple()) | |
| attr_dict = { | |
| 'server.ip': server_ip, | |
| 'server.port': server_port, | |
| 'client.ip': client_ip, | |
| 'client_to_server.method': cs_method, | |
| 'client_to_server.uri_stem': cs_uri_stem, | |
| 'client_to_server.uri_query': cs_uri_query, | |
| 'client_to_server.username': cs_username, | |
| 'client_to_server.user_agent': cs_user_agent, | |
| 'client_to_server.referer': cs_referer, | |
| 'server_to_client.status_code' : int(status_code), | |
| 'server_to_client.sub_status_code': int(sub_status), | |
| 'server_to_client.win32_status_code': int(win32_status), | |
| 'time_taken': int(time_taken) | |
| } | |
| return ("iis.test", dt, 1.0, attr_dict) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment