P2P log analysis - lnav format

P2P_log.json

{
    "ConnectDDHH_log" : {
        "title"     : "ConnectDDHH log format",
        "description"   : "Log format used by ConnectDDHH",
        "regex" : {
            "default"   : {
                "pattern" : "^\\[(?<timestamp>\\d{4}-\\d{2}-\\d{2} \\d{2}:\\d{2}:\\d{2}(?:\\.\\d+)?)\\] MSG_CONNECT_RESULT RCode:{(?<RCode>(?:-)?\\d+)} (?<body>.*)$"
            }
        },
        "level-field" : "RCode",
        "level" : {
            "error" : "^[^0]"
        },
        "value" : {
            "RCode" : {
                "kind" : "integer",
                "foreign-key" : true,
                "rewriter" : ";SELECT :RCode || ' (' || :RCode || ') '",
                "description" : "The status code returned by the server"
            },
            "body"  : { "kind" : "string" }
        },
        "sample" : [
            {
                "line"  : "[2021-11-24 18:00:03] MSG_CONNECT_RESULT RCode:{-90} DeviceUID:{LGD9CA8E4DNRWD4M111A} ClientNAT:{0x2} DeviceNAT:{0x0} Mode:{-1} DeviceWANAddr:{0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} DeviceLANAddr:{0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} ClientWANAddr:{106.249.0.0:63654,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} ClientLANAddr:{192.168.10.0:63654,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} DeviceIOTCVer:{00000000} ClientIOTCVer:{03010A07} ClientRandomID:{409354211:3659440597} ClientWANAddrParam:{0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000} DeviceWANAddrParam:{0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000} RelayServerAddress:{0.0.0.0:0} ElapsedTime:{107}"
            },
            {
                "line"  : "[2021-11-24 18:00:06] MSG_CONNECT_RESULT RCode:{0} DeviceUID:{KV9318HKMXGKNNR8111A} ClientNAT:{0x2} DeviceNAT:{0x1} Mode:{0} DeviceWANAddr:{220.119.192.0:47173,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} DeviceLANAddr:{0.0.0.0:60090,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} ClientWANAddr:{122.32.0.0:43099,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} ClientLANAddr:{192.168.219.0:43099,192.0.0.0:43099,0.0.0.0:0,0.0.0.0:0} DeviceIOTCVer:{03010437} ClientIOTCVer:{03030004} ClientRandomID:{1638897646:1629613997} ClientWANAddrParam:{0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000} DeviceWANAddrParam:{0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000} RelayServerAddress:{0.0.0.0:0} ElapsedTime:{484}"

            },
            {
                "line" : "[2021-11-24 18:00:17] MSG_CONNECT_RESULT RCode:{0} DeviceUID:{85KGVTEXTC2WDAAV111A} ClientNAT:{0x2} DeviceNAT:{0x1} Mode:{1} DeviceWANAddr:{211.55.163.0:39521,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} DeviceLANAddr:{211.55.163.0:39521,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} ClientWANAddr:{39.7.0.0:37191,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} ClientLANAddr:{192.0.0.0:37191,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} DeviceIOTCVer:{0301052A} ClientIOTCVer:{03010AD9} ClientRandomID:{1341872039:2027380254} ClientWANAddrParam:{0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000} DeviceWANAddrParam:{0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000} RelayServerAddress:{13.125.0.0:10001} ElapsedTime:{262}"
            },
            {
                "line"  : "[2021-11-24 18:01:47] MSG_CONNECT_RESULT RCode:{0} DeviceUID:{Z3V5BKMJDU8MCTVA111A} ClientNAT:{0x2} DeviceNAT:{0x2} Mode:{2} DeviceWANAddr:{0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} DeviceLANAddr:{0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} ClientWANAddr:{218.155.146.0:36928,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} ClientLANAddr:{10.152.0.0:36928,0.0.0.0:0,0.0.0.0:0,0.0.0.0:0} DeviceIOTCVer:{0301052A} ClientIOTCVer:{03030004} ClientRandomID:{3510779018:2502625263} ClientWANAddrParam:{0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000} DeviceWANAddrParam:{0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000} RelayServerAddress:{0.0.0.0:0} ElapsedTime:{415}"
            }
        ]
    }
}

💡 lnav format installation

Installing Formats

File formats are loaded from subdirectories in /etc/lnav/formats and ~/.lnav/formats/. You can manually create these subdirectories and copy the format files into there. Or, you can pass the ‘-i’ option to lnav to automatically install formats from the command-line. For example:

$ lnav -i P2P_log.json
info: installed: /home/example/.lnav/formats/installed/P2P_log.json

Welcome to lnav's documentation! - lnav 0.10.1 documentation