Skip to content

Instantly share code, notes, and snippets.

@makevoid

makevoid/[fool] gl_tail named parser core.rb

Created July 25, 2009 00:51
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save makevoid/154642 to your computer and use it in GitHub Desktop.
Save makevoid/154642 to your computer and use it in GitHub Desktop.
Download ZIP
gl_tail named parser core.rb
Raw
[fool] gl_tail named parser core.rb
#-----------------------------------------------------------------------------------------------------------#
# Example:
#-----------------------------------------------------------------------------------------------------------#
#
# - gl_tail.yaml config file:
#
# servers:
# server_named:
# host: dns1.fooldns.com
# files: /var/log/named_querylog
# parser: named
# command: tail -f -n0
# user: root
#
#
# - blocks:
#
# date time host port view query type
# 01-Jul-2009 00:12:34.567 client 127.0.0.1#37534: view vistafool: query: www.thefool.it IN A +E
#
#
#-----------------------------------------------------------------------------------------------------------#
class NamedParser < Parser
def parse( line )
_, date, time, host, port, view, query, type, type2 = /(\d+-\w+-\d+) (\d+:\d+:\d+\.\d+) client (\d+\.\d+\.\d+\.\d+)#(\d+): view (.+): query: (.*) (.*) (.*) (.*)/.match(line).to_a
if host
add_activity(:block => 'time', :name => time, :size => 1, :type => 3)
add_activity(:block => 'host', :name => host, :size => 1, :type => 3)
add_activity(:block => 'port', :name => host, :size => 1, :type => 3)
add_activity(:block => 'view', :name => host, :size => 1, :type => 3)
user_id = Digest::MD5.hexdigest(host)
add_activity(:block => 'dns_user_id', :name => user_id, :size => set_type_size(type))
add_activity(:block => 'query', :name => host)
add_activity(:block => 'type', :name => "#{type} #{type2}", :type => 3)
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment