我有1个ascii普通输入文本文件,如下所示,很多情况下,我给这里2个开关盒。我需要的是我需要在下面的文本文件中提取所有字符串以详细信息中的'$'开头(以粗体显示)并放入新文件1.然后我需要在nvp_add函数中以'$'开头提取所有字符串(以粗体显示) )在下面的文本文件中并放入新文件2.迫切需要帮助!!! ..我期待这样的输出:
预期输出位于文件1中:
case "11": ### eventDDoSLow
$severity, $description, $eventID, $eventURL, $alertLevel, $eventStart,
$eventSourceCount
case "15": ### eventWormLow
$severity, $description, $eventID, $eventURL, $alertLevel, $eventStart,
$eventSourceCount, $eventSourceTable, $eventDestCount, $eventDestTable,
$eventProtocolCount, $eventProtocolTable, $eventServiceCount, $eventServiceTable,
$mazuSourceName
预期输出位于文件2中:
case "11": ### eventDDoSLow
$severity, $description, $eventID, $eventURL, $alertLevel, $eventStart,
$eventSourceCount
case "15": ### eventWormLow
$severity, $description, $eventID, $eventURL, $alertLevel, $eventStart,
$eventSourceCount, $eventSourceTable, $eventDestCount, $eventDestTable,
$eventProtocolCount, $eventProtocolTable, $eventServiceCount, $eventServiceTable,
$mazuSourceName
输入文件(plain ascii):
switch($specific-trap)
{
case "11": ### eventDDoSLow
##########
# $1 = severity
# $2 = description
# $3 = eventID
# $4 = eventURL
# $5 = alertLevel
# $6 = eventStart
# $7 = eventSourceCount
# $8 = eventSourceTable
# $9 = eventDestCount
# $10 = eventDestTable
# $11 = eventProtocolCount
# $12 = eventProtocolTable
# $13 = eventServiceCount
# $14 = eventServiceTable
# $15 = eventNormalBPS
# $16 = eventCurrentBPS
# $17 = eventNormalPPS
# $18 = eventCurrentPPS
##########
$severity = $1
$description = $2
$eventID = $3
$eventURL = $4
$alertLevel = lookup($5, AlertLevel)
$eventStart = $6
$eventSourceCount = $7
$eventSourceTable = $8
$eventDestCount = $9
$eventDestTable = $10
$eventProtocolCount = $11
$eventProtocolTable = $12
$eventServiceCount = $13
$eventServiceTable = $14
$eventNormalBPS = $15
$eventCurrentBPS = $16
$eventNormalPPS = $17
$eventCurrentPPS = $18
include "$NC_RULES_HOME/include-snmptrap/riverbed/riverbed-
MAZU-MIB.parser.include.snmptrap.rules"
@URL = $eventURL
$OS_EventId = "SNMPTRAP-riverbed-MAZU-MIB-eventDDoSLow"
@AlertGroup = "Denial Of Service"
@AlertKey = "Event ID: " + $eventID
@Summary = "Denial of Service ( Src: " + $mazuSourceName + ", Dest: " +
$mazuDestName + " )" + " ( " + @AlertKey + " ) "
$DEFAULT_Severity = 2
$DEFAULT_Type = 1
$DEFAULT_ExpireTime = 0
@Identifier = @Node + " " + @AlertKey + " " + @AlertGroup + " " +
$DEFAULT_Type + " " + @Agent + " " + @Manager + " " + $specific-trap
$alertLevel = $alertLevel + " ( " + $5 + " )"
if(match($OPTION_EnableDetails, "1") or
match($OPTION_EnableDetails_riverbed, "1")) {
**details****($severity, $description, $eventID, $eventURL, $alertLevel,
$eventStart, $eventSourceCount)**
}
**@ExtendedAttr = **nvp_add**(@ExtendedAttr, "severity", $severity,
"description", $description, "eventID", $eventID,
"eventURL", $eventURL, "alertLevel", $alertLevel,
"eventStart", $eventStart,
"eventSourceCount", $eventSourceCount)**
case "15": ### eventWormLow
##########
# $1 = severity
# $2 = description
# $3 = eventID
# $4 = eventURL
# $5 = alertLevel
# $6 = eventStart
# $7 = eventSourceCount
# $8 = eventSourceTable
# $9 = eventDestCount
# $10 = eventDestTable
# $11 = eventProtocolCount
# $12 = eventProtocolTable
# $13 = eventServiceCount
# $14 = eventServiceTable
##########
$severity = $1
$description = $2
$eventID = $3
$eventURL = $4
$alertLevel = lookup($5, AlertLevel)
$eventStart = $6
$eventSourceCount = $7
$eventSourceTable = $8
$eventDestCount = $9
$eventDestTable = $10
$eventProtocolCount = $11
$eventProtocolTable = $12
$eventServiceCount = $13
$eventServiceTable = $14
include "$NC_RULES_HOME/include-snmptrap/riverbed/riverbed-
MAZU-MIB.parser.include.snmptrap.rules"
@URL = $eventURL
$OS_EventId = "SNMPTRAP-riverbed-MAZU-MIB-eventWormLow"
@AlertGroup = "Worm Detected"
@AlertKey = "Event ID: " + $eventID
@Summary = "Worm Detected ( Src: " + $mazuSourceName + ", Dest: " +
$mazuDestName + " )" + " ( " + @AlertKey + " ) "
$DEFAULT_Severity = 2
$DEFAULT_Type = 1
$DEFAULT_ExpireTime = 0
@Identifier = @Node + " " + @AlertKey + " " + @AlertGroup + " " +
$DEFAULT_Type + " " + @Agent + " " + @Manager + " " + $specific-trap
$alertLevel = $alertLevel + " ( " + $5 + " )"
if(match($OPTION_EnableDetails, "1") or
match($OPTION_EnableDetails_riverbed, "1")) {
**details($severity, $description, $eventID, $eventURL, $alertLevel,
$eventStart, $eventSourceCount, $eventSourceTable, $eventDestCount,
$eventDestTable,
$eventProtocolCount, $eventProtocolTable, $eventServiceCount, $eventServiceTable,
$mazuSourceName)**
}
**@ExtendedAttr = nvp_add(@ExtendedAttr, "severity", $severity, "description",
$description, "eventID", $eventID,
"eventURL", $eventURL, "alertLevel", $alertLevel, "eventStart", $eventStart,
"eventSourceCount", $eventSourceCount, "eventSourceTable", $eventSourceTable,
"eventDestCount", $eventDestCount,
"eventDestTable", $eventDestTable, "eventProtocolCount", $eventProtocolCount,
"eventProtocolTable", $eventProtocolTable,
"eventServiceCount", $eventServiceCount, "eventServiceTable",
$eventServiceTable, "mazuSourceName", $mazuSourceName)**
答案 0 :(得分:0)
import re
functions = ["details", "nvp_add"]
caselines_index = []
cases = []
readlines = []
def read(in_file):
global cases
global caselines_index
global readlines
with open(in_file, 'r') as file:
for line in file.readlines():
readlines.append(line.strip())
for line in readlines:
case_search = re.search("case\s\".+?\"\:\s", line)
if case_search:
caselines_index.append(readlines.index(line))
print caselines_index
caselines_index_iter = iter(caselines_index)
int_line_index = int(next(caselines_index_iter))
int_next_index = int(next(caselines_index_iter))
while True:
try:
case_text = ' '.join(readlines[int_line_index:int_next_index]).strip()
case = [readlines[int_line_index].strip(), case_text]
cases.append(case)
int_line_index = int_next_index
int_next_index = int(next(caselines_index_iter))
except StopIteration:
case_text = ' '.join(readlines[int_line_index:len(readlines) - 1]).strip()
case = [readlines[int_line_index].strip(), case_text]
cases.append(case)
break
def work():
for func in functions:
with open(func+".txt", 'w+') as result_file:
for case_list in cases:
caseline = case_list[0].strip()
result_file.write(caseline + "\n")
nvp = re.findall(func+"\(.+?\)", case_list[1].strip())
for item in nvp:
result_list = re.findall("(\$.+?)[\,\)]", item)
for result in result_list:
if "$*" not in result:
result_file.write(result + "\n")
def main():
in_file = "input.txt"
read(in_file)
work()
if __name__=="__main__":
main()
尝试这个,即使我认为你刚才看到了类似的问题。