atheiman/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Just messing around with parsing a log file with Ruby...
$ ruby apache_fun.rb
01:02:03 report
  2 INFO messages
  1 WARN messages
01:02:05 report
  2 ERROR messages
  1 INFO messages
01:12:05 report
  2 WARN messages
  1 INFO messages
10:40:11 report
  2 ERROR messages
  2 INFO messages
20:00:01 report
  1 INFO messages
  1 WARN messages
20:00:02 report
  1 WARN messages
  5 ERROR messages
21:00:02 report
  3 INFO messages
Summary report
  10 INFO messages
  5 WARN messages
  9 ERROR messages

Summary of the bad times...
20:00:02: 11
10:40:11: 4
01:02:05: 4
01:12:05: 2
01:02:03: 1
20:00:01: 1
21:00:02: 0


## apache_fun.rb
def array_hash
  Hash.new { |hash, key| hash[key] = [] }
end

lines = IO.readlines(File.expand_path('~/tmp/some-apache.log'))

times = array_hash

apache_regex = /^(?<level>\[\w+\]) (?<time>\d{2}:\d{2}:\d{2}) (?<message>.*)$/

lines.each do |line|
  m = line.match(apache_regex)
  times[m['time']] << [m['level'], m['message']].join(' ')
end

##################################
# lets get some info on these logs

def print_report(level_to_messages_hash, report_prefix)
  puts "#{report_prefix} report"
  level_to_messages_hash.each do |level,messages|
    puts "  #{messages.length} #{level} messages"
  end
end

levels = array_hash
level_message_regex = /^\[(?<level>\w+)\] (?<message>.*)$/

times.each do |time,logs|
  local_levels = array_hash
  logs.each do |log|
    m = log.match(level_message_regex)
    local_levels[m['level']] << m['message']
    levels[m['level']] << m['message']
  end

  print_report(local_levels, time)
end

print_report(levels, 'Summary')

###############################################################
# whats the most disastrous time? (most error or warn messages)

puts

bad_omen_scores = {}

times.each do |time,messages|
  score = 0
  messages.each do |message|
    m = message.match(level_message_regex)
    score += 1 if m['level'].downcase =~ /warn/
    score += 2 if m['level'].downcase =~ /error/
  end
  bad_omen_scores[time] = score
end

bad_omens = bad_omen_scores.sort_by { |time,score| score }.reverse

puts "Summary of the bad times..."
bad_omens.each { |arr| puts "#{arr.first}: #{arr.last}" }

## some-apache.log
[INFO] 01:02:03 this info message
[INFO] 01:02:03 that info message
[WARN] 01:02:03 this warn message
[ERROR] 01:02:05 this error message
[ERROR] 01:02:05 that error message
[INFO] 01:02:05 that info message
[WARN] 01:12:05 that warn message
[WARN] 01:12:05 this warn message
[INFO] 01:12:05 this info message
[ERROR] 10:40:11 that error message
[ERROR] 10:40:11 this error message
[INFO] 10:40:11 this info message
[INFO] 10:40:11 that info message
[INFO] 20:00:01 that info message
[WARN] 20:00:01 this warn message
[WARN] 20:00:02 that warn message
[ERROR] 20:00:02 that error message
[ERROR] 20:00:02 that error message
[ERROR] 20:00:02 that error message
[ERROR] 20:00:02 that error message
[ERROR] 20:00:02 this error message
[INFO] 21:00:02 this info message
[INFO] 21:00:02 this info message
[INFO] 21:00:02 that info message
	def array_hash
	Hash.new { \|hash, key\| hash[key] = [] }
	end

	lines = IO.readlines(File.expand_path('~/tmp/some-apache.log'))

	times = array_hash

	apache_regex = /^(?<level>\[\w+\]) (?<time>\d{2}:\d{2}:\d{2}) (?<message>.*)$/

	lines.each do \|line\|
	m = line.match(apache_regex)
	times[m['time']] << [m['level'], m['message']].join(' ')
	end

	##################################
	# lets get some info on these logs

	def print_report(level_to_messages_hash, report_prefix)
	puts "#{report_prefix} report"
	level_to_messages_hash.each do \|level,messages\|
	puts " #{messages.length} #{level} messages"
	end
	end

	levels = array_hash
	level_message_regex = /^\[(?<level>\w+)\] (?<message>.*)$/

	times.each do \|time,logs\|
	local_levels = array_hash
	logs.each do \|log\|
	m = log.match(level_message_regex)
	local_levels[m['level']] << m['message']
	levels[m['level']] << m['message']
	end

	print_report(local_levels, time)
	end

	print_report(levels, 'Summary')

	###############################################################
	# whats the most disastrous time? (most error or warn messages)

	puts

	bad_omen_scores = {}

	times.each do \|time,messages\|
	score = 0
	messages.each do \|message\|
	m = message.match(level_message_regex)
	score += 1 if m['level'].downcase =~ /warn/
	score += 2 if m['level'].downcase =~ /error/
	end
	bad_omen_scores[time] = score
	end

	bad_omens = bad_omen_scores.sort_by { \|time,score\| score }.reverse

	puts "Summary of the bad times..."
	bad_omens.each { \|arr\| puts "#{arr.first}: #{arr.last}" }
	[INFO] 01:02:03 this info message
	[INFO] 01:02:03 that info message
	[WARN] 01:02:03 this warn message
	[ERROR] 01:02:05 this error message
	[ERROR] 01:02:05 that error message
	[INFO] 01:02:05 that info message
	[WARN] 01:12:05 that warn message
	[WARN] 01:12:05 this warn message
	[INFO] 01:12:05 this info message
	[ERROR] 10:40:11 that error message
	[ERROR] 10:40:11 this error message
	[INFO] 10:40:11 this info message
	[INFO] 10:40:11 that info message
	[INFO] 20:00:01 that info message
	[WARN] 20:00:01 this warn message
	[WARN] 20:00:02 that warn message
	[ERROR] 20:00:02 that error message
	[ERROR] 20:00:02 that error message
	[ERROR] 20:00:02 that error message
	[ERROR] 20:00:02 that error message
	[ERROR] 20:00:02 this error message
	[INFO] 21:00:02 this info message
	[INFO] 21:00:02 this info message
	[INFO] 21:00:02 that info message