#!/usr/bin/env python # coding: utf-8 # guoiang.han import time,datetime import sys import os.path import re import smtplib from email.mime.text import MIMEText #定義日誌的日期名稱 date = time.strftime('%F') #定義要過濾的日誌名字 log_file = 'localhost_access_log.%s.txt' % date #記錄日誌讀取過的指針位置 seek_file = '/tmp/log_check_seek.tmp' global data data = { 'code' : {}, 'time_range' : { '3s': 0, '5s': 0, '10s': 0,'11s+': 0 } } #定義郵件發送 mailto_list=['[email protected]',''] mail_host="smtp.163.com" #設置服務器 mail_user="alert" #用戶名 mail_pass="aaatest" #口令 mail_postfix="163.com" #發件箱的後綴 def send_mail(to_list,sub,content): me="tomcat_log"+"<"+mail_user+"@"+mail_postfix+">" msg = MIMEText(content,_subtype='plain',_charset='gb2312') msg['Subject'] = sub msg['From'] = me msg['To'] = ";".join(to_list) try: server = smtplib.SMTP() server.connect(mail_host) server.login(mail_user,mail_pass) server.sendmail(me, to_list, msg.as_string()) server.close() return True except Exception, e: print str(e) return False #如果seek文件存在,解析時間和位置,否則seek 爲0,指針移動到文件末尾 if os.path.exists(seek_file): #讀取文件內容 with open(seek_file) as f: seek_tmp = f.readlines() #解析時間和本地時間 算時間差,如果差300s或當前時間小於文件時間,都將指針移動到文件末尾 time_seek = datetime.datetime.strptime(seek_tmp[0].strip(),'%Y-%m-%d %H:%M:%S') time_local = datetime.datetime.now() time_delta = time_local - time_seek #計算本地時間是否大於seek的記錄時間 if time_local > time_seek: #計算時間差,如果是在300s以內,認爲有效,增量讀,否則移動到文件末尾 if time_delta.seconds < 300: try: seek = int(seek_tmp[1].strip()) seek_where = 0 except IndexError: seek = 0 seek_where = 2 else: seek = 0 seek_where = 2 else: seek = 0 seek_where = 2 else: seek = 0 seek_where = 2 #讀取日誌 #如果日誌最後的指針小於文件記錄中的seek,則將指針移動到文件末尾 with open(log_file) as f: f.seek(0,2) if seek < f.tell(): f.seek(seek,seek_where) pattren = re.compile(r'(?P<client_ip>\d+.\d+.\d+.\d+) (?P<remote_user>.*) (?P<remote_auth>.*) (?P<time>\[.*\]) \"(?P<request>.*)\" (?P<status_code>.*) (?P<sent_byte>.*) (?P<request_time>.*)') re_uri = re.compile(r'(?P<request_method>\w+) (?P<request_uri>.*) (?P<http_version>.*)') for i in f.xreadlines(): match = pattren.match(i) #生成uri的key request = re_uri.match(match.groupdict()['request']) request_uri = request.groupdict()['request_uri'].split('?')[0] request_uri = request_uri.split('%')[0] if not data.has_key(request_uri): data[request_uri] = {'code' : {}, 'time_range' : { '3s': 0, '5s': 0, '10s': 0,'11s+': 0 }} #計算uri 下的code status_code = int(match.groupdict()['status_code']) if data[request_uri]['code'].has_key(status_code): data[request_uri]['code'][status_code] +=1 else: data[request_uri]['code'][status_code] = 1 if data['code'].has_key(status_code): data['code'][status_code] +=1 else: data['code'][status_code] = 1 #計算uri 下的time range time_range = int(match.groupdict()['request_time']) if time_range in range(0,4): data[request_uri]['time_range']['3s'] += 1 data['time_range']['3s'] += 1 elif time_range in range(4,6): data[request_uri]['time_range']['5s'] += 1 data['time_range']['5s'] += 1 elif time_range in range(6,11): data[request_uri]['time_range']['10s'] += 1 data['time_range']['10s'] += 1 elif time_range in range(11,60): data[request_uri]['time_range']['11s+'] += 1 data['time_range']['11s+'] += 1 content = [] alert = [] for k in data.keys(): if k not in ['code','time_range']: tt = k total_sum = 0 for t in sorted(data[k]['code'].keys()): total_sum += data[k]['code'][t] tt += " " + str(t) + ":" + str(data[k]['code'][t]) if data[k]['code'].has_key(200): success_code = data[k]['code'][200]/total_sum*100 else: data[k]['code'][200]=0 success_code = data[k]['code'][200]/total_sum*100 for rr in sorted(data[k]['time_range'].keys()): tt += " " + rr + ":" + str(data[k]['time_range'][rr]) success_time = data[k]['time_range']['3s']/total_sum*100 if success_time < 90: alert.append(tt) if success_code < 99: alert.append(tt) content.append(tt) msg = '\x0a\x0d'.join(alert) print msg if len(alert) > 0: if send_mail(mailto_list,"TV_tomcat_Alert-Report",msg): print 'send ok' else: print 'send err' seek = f.tell() with open(seek_file,'w') as f: f.write(time.strftime('%F %X')+"\n") f.write(str(seek)+"\n")
Python的一個增量讀分析日誌的腳本
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.