kesor/cloudtrail-parser.js

## cloudtrail-parser.js
#!/usr/bin/env node

const fs = require('fs');

function displayEC2Event(event, type) {
  if (event.errorCode) {
    // -- errors is when someone is using his fat thumbs
    console.log('ERROR: ', event.errorCode, event.errorMessage);
  } else {
    let items = event.responseElements.instancesSet.items;
    for (let item = 0, len = items.length; item <= len; item++) {
      if (items[item] !== undefined) {
        console.log(items[item].instanceId, event.eventTime, type);
      }
    }
  }
}

function parseEvents(eventsData) {
  let data = JSON.parse(eventsData);

  for (let event = 0, len = data.Records.length; event < len; event++) {
    switch(data.Records[event].eventName) {
      case 'RunInstances':
      case 'StartInstances':
      case 'StopInstances':
      case 'TerminateInstances':
        displayEC2Event(data.Records[event], data.Records[event].eventName);
        break;
    }
  }
}

var jsonLine = '';
var totalEvents = 0;
const splitRE = new RegExp('}{', 'g');

const jsonStream = fs.createReadStream(__dirname + '/combined-cloudtrail.json');

jsonStream.on('data', function (chunk) {
  let buffered = (jsonLine + chunk).replace(splitRE, "}\n{").split('\n');
  for (let line = 0, len = buffered.length - 1; line < len; line++) {
    parseEvents(buffered[line]);
    totalEvents++;
  }
  jsonLine = buffered[buffered.length - 1];
});

jsonStream.on('close', function () {
  console.log("\ntotal events parsed: ", totalEvents);
  process.exit(0);
});
	#!/usr/bin/env node

	const fs = require('fs');

	function displayEC2Event(event, type) {
	if (event.errorCode) {
	// -- errors is when someone is using his fat thumbs
	console.log('ERROR: ', event.errorCode, event.errorMessage);
	} else {
	let items = event.responseElements.instancesSet.items;
	for (let item = 0, len = items.length; item <= len; item++) {
	if (items[item] !== undefined) {
	console.log(items[item].instanceId, event.eventTime, type);
	}
	}
	}
	}

	function parseEvents(eventsData) {
	let data = JSON.parse(eventsData);

	for (let event = 0, len = data.Records.length; event < len; event++) {
	switch(data.Records[event].eventName) {
	case 'RunInstances':
	case 'StartInstances':
	case 'StopInstances':
	case 'TerminateInstances':
	displayEC2Event(data.Records[event], data.Records[event].eventName);
	break;
	}
	}
	}

	var jsonLine = '';
	var totalEvents = 0;
	const splitRE = new RegExp('}{', 'g');

	const jsonStream = fs.createReadStream(__dirname + '/combined-cloudtrail.json');

	jsonStream.on('data', function (chunk) {
	let buffered = (jsonLine + chunk).replace(splitRE, "}\n{").split('\n');
	for (let line = 0, len = buffered.length - 1; line < len; line++) {
	parseEvents(buffered[line]);
	totalEvents++;
	}
	jsonLine = buffered[buffered.length - 1];
	});

	jsonStream.on('close', function () {
	console.log("\ntotal events parsed: ", totalEvents);
	process.exit(0);
	});