logdata-anomaly-miner 0.0.7-1 / etc / aminer / conf-available / generic / SystemdParsingModel.py

This file is indexed.

/etc/aminer/conf-available/generic/SystemdParsingModel.py is in logdata-anomaly-miner 0.0.7-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
from aminer.parsing import AnyByteDataModelElement
from aminer.parsing import DecimalIntegerValueModelElement
from aminer.parsing import DelimitedDataModelElement
from aminer.parsing import FirstMatchModelElement
from aminer.parsing import FixedDataModelElement
from aminer.parsing import SequenceModelElement
from aminer.parsing import VariableByteDataModelElement

def getSystemdModel():
  typeChildren=[]
  typeChildren.append(AnyByteDataModelElement('unparsed'))

  model=SequenceModelElement('systemd', [
      FixedDataModelElement('sname', 'systemd['),
      DecimalIntegerValueModelElement('pid'),
      FixedDataModelElement('s0', ']: '),
      FirstMatchModelElement('msg', typeChildren)])
  return(model)


def getLogindModel(userNameModel=None):
  """This function defines how to parse a systemd logind daemon
  message after any standard logging preamble, e.g. from syslog."""

  if userNameModel == None:
    userNameModel=VariableByteDataModelElement('user', '0123456789abcdefghijklmnopqrstuvwxyz-')

  typeChildren=[]
# FIXME: Will fail on username models including the dot at the end.
  typeChildren.append(SequenceModelElement('new session', [
      FixedDataModelElement('s0', 'New session '),
      DecimalIntegerValueModelElement('session'),
      FixedDataModelElement('s1', ' of user '),
      userNameModel,
      FixedDataModelElement('s2', '.')]))

  typeChildren.append(SequenceModelElement('removed session', [
      FixedDataModelElement('s0', 'Removed session '),
      DecimalIntegerValueModelElement('session'),
      FixedDataModelElement('s1', '.')]))

  model=SequenceModelElement('systemd-logind', [
      FixedDataModelElement('sname', 'systemd-logind['),
      DecimalIntegerValueModelElement('pid'),
      FixedDataModelElement('s0', ']: '),
      FirstMatchModelElement('msg', typeChildren)])
  return(model)


def getTmpfilesModel():
  """This function defines how to parse a systemd tmpfiles daemon
  message after any standard logging preamble, e.g. from syslog."""

  typeChildren=[]
# FIXME: Will fail on username models including the dot at the end.
  typeChildren.append(SequenceModelElement('duplicate', [
      FixedDataModelElement('s0', '[/usr/lib/tmpfiles.d/var.conf:14] Duplicate line for path "'),
      DelimitedDataModelElement('path', '", ignoring.'),
      FixedDataModelElement('s2', '", ignoring.')]))

  model=SequenceModelElement('systemd-tmpfiles', [
      FixedDataModelElement('sname', 'systemd-tmpfiles['),
      DecimalIntegerValueModelElement('pid'),
      FixedDataModelElement('s0', ']: '),
      FirstMatchModelElement('msg', typeChildren)])
  return(model)

APT Browse - Built by Thomas Orozco.