如何解析nagios日志文件以在给定的日志文件中计算主机数量?

时间:2015-06-05 17:45:32

标签: python

我有一个日志文件如下:

[Sun May 31 19:07:41 2015] HOST ALERT: US0837;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Sun May 31 20:08:09 2015] HOST ALERT: PK273;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Sun May 31 21:18:28 2015] HOST ALERT: US1549;DOWN;HARD;10;Connection refused <br>
[Sun May 31 21:55:25 2015] HOST ALERT: USDM1120;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Sun May 31 21:57:03 2015] HOST ALERT: US1563;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Sun May 31 22:21:56 2015] HOST ALERT: US1420;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Sun May 31 22:50:38 2015] HOST ALERT: US1420;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Sun May 31 22:54:38 2015] HOST ALERT: US1420;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Sun May 31 23:52:43 2015] HOST ALERT: US1354;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds<br>
[Mon Jun  1 00:57:08 2015] HOST ALERT: US3033;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Mon Jun  1 04:57:28 2015] HOST ALERT: FR0744;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Mon Jun  1 05:22:39 2015] HOST ALERT: ID1135;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Mon Jun  1 05:35:57 2015] HOST ALERT: IL1308;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Mon Jun  1 06:15:55 2015] HOST ALERT: ID1135;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Mon Jun  1 07:44:24 2015] HOST ALERT: US1354;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Mon Jun  1 11:18:55 2015] HOST ALERT: VN1320;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Mon Jun  1 11:33:07 2015] HOST ALERT: US1118;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Mon Jun  1 13:50:12 2015] HOST ALERT: VN373;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Mon Jun  1 14:02:58 2015] HOST ALERT: US1565;DOWN;HARD;10;Connection refused <br>
[Mon Jun  1 14:04:27 2015] HOST ALERT: VN1320;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Mon Jun  1 14:52:40 2015] HOST ALERT: US1311;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>
[Mon Jun  1 16:39:38 2015] HOST ALERT: US1311;DOWN;HARD;10;CRITICAL - Socket timeout after 10 seconds <br>

[1433021896] HOST ALERT:US1420; DOWN; SOFT; 1; CRITICAL - 10秒后套接字超时 [1433021944]主机警告:US1420; DOWN; SOFT; 2; CRITICAL - 10秒后套接字超时 [1433022043]主机警告:US1420; DOWN; SOFT; 1; CRITICAL - 10秒后套接字超时 [1433022047]主机警告:US1354; DOWN; SOFT; 1; CRITICAL - 10秒后套接字超时 [1433022079]主机警告:US1354; DOWN; SOFT; 2; CRITICAL - 10秒后套接字超时 [1433022243]主机警告:US1354; DOWN; SOFT; 3; CRITICAL - 10秒后套接字超时 [1433022244]主机警报:VN1320; DOWN; SOFT; 1; CRITICAL - 10秒后套接字超时 [1433022816]主机警告:VN1320; DOWN; SOFT; 1; CRITICAL - 10秒后套接字超时 [1433022874]主机警报:VN1320; DOWN; SOFT; 2; CRITICAL - 10秒后套接字超时 [1433023025]主机警告:US1311; DOWN; SOFT; 1; CRITICAL - 10秒后套接字超时 [1433023184]主机警告:US1311; DOWN; SOFT; 3; CRITICAL - 10秒后套接字超时

输出:

No. HostName    State   Count (HARD DOWN) Count(SOFT DOWN)
1.  US1311       DOWN    2                  4<br>
2.  VN1320       DOWN    2                  2 <br>
3.  US1420       DOWN    4                  3 <br>

代码:

!/ usr / bin / python

from prettytable import PrettyTable <br>
import string <br>
import subprocess <br>
import numpy as np <br>

logfile = open("nagioslog","w")
log = subprocess.call("cat nagios-06-02-2015-00.log | perl -pe 's/(\d+)/localtime($1)/e' | grep 'HOST ALERT' | grep 'DOWN;HARD;10'",     shell=True, stdout= logfile)<br>
f = open("nagioslog","r") <br>
for line in f: <br>
    fields = line.strip().split()<br>
    host = fields[8] <br>
    state = fields[9] <br>
    statetype = fields[10] <br>
    f = open("output.txt", "a") <br>
    f.write(host + ' ' + state + ' ' + statetype + '\n') <br>


a = file.write("hostdown_count.txt","a") <br>

z = PrettyTable(["Host", "State", "StateType", "Count"]) <br>
z.align["Host"] = "l" <br>
z.align["State"] = "l" <br>
z.align["StateType"] = "l" <br>
z.align["Count"] = "l" <br>
z.padding_width = 1 <br>
with open ("hostdown_count.txt", "r") as g: <br>
    for line in g: <br>
        row = line.split() <br>
        t=z.add_row(row) <br>

print (z) <br>

提前致谢。

1 个答案:

答案 0 :(得分:0)

我会使用re和dict:

from collections import OrderedDict

od = OrderedDict() 

import re

with open('in.log') as f:
    r = re.compile("(?<=ALERT:\s)\S+")
    for line in f:
        name, st, con, _, _ = r.search(line).group().split(";")
        od.setdefault(name, {"State": st, "StateType": con,"Count":0})
        od[name]["State"] = st
        od[name]["StateType"] = con
        od[name]["Count"] += 1


for k,v in od.items():
    print("{}, {}".format(k,v))

输出:

US0837, {'Count': 1, 'State': 'DOWN', 'StateType': 'HARD'}
PK273, {'Count': 1, 'State': 'DOWN', 'StateType': 'HARD'}
US1549, {'Count': 1, 'State': 'DOWN', 'StateType': 'HARD'}
USDM1120, {'Count': 1, 'State': 'DOWN', 'StateType': 'HARD'}
US1563, {'Count': 1, 'State': 'DOWN', 'StateType': 'HARD'}
US1420, {'Count': 3, 'State': 'DOWN', 'StateType': 'HARD'}
US1354, {'Count': 2, 'State': 'DOWN', 'StateType': 'HARD'}
US3033, {'Count': 1, 'State': 'DOWN', 'StateType': 'HARD'}
FR0744, {'Count': 1, 'State': 'DOWN', 'StateType': 'HARD'}
ID1135, {'Count': 2, 'State': 'DOWN', 'StateType': 'HARD'}
IL1308, {'Count': 1, 'State': 'DOWN', 'StateType': 'HARD'}
VN1320, {'Count': 2, 'State': 'DOWN', 'StateType': 'HARD'}
US1118, {'Count': 1, 'State': 'DOWN', 'StateType': 'HARD'}
VN373, {'Count': 1, 'State': 'DOWN', 'StateType': 'HARD'}
US1565, {'Count': 1, 'State': 'DOWN', 'StateType': 'HARD'}
US1311, {'Count': 2, 'State': 'DOWN', 'StateType': 'HARD'}