折騰了點時間,供參考
# -*- coding: utf-8 -*- __author__ = 'River' import timeit,os import re,time ''' ''' #被監控的文件 log_file="/var/log/messages" #記錄讀取的行數 line_file="/var/log/line.log" ##計算文件行數 def linecount(log_file): count = 0 with open (log_file,'rb') as thefile: while 1: buffer = thefile.read(65536) if not buffer: break count += buffer.count('\n')#通過讀取換行符計算 return count try: ##寧願重複報警,也不能遺漏報警,上次讀取的結尾初始化爲50%文件行數 end_line=int(linecount(log_file)*0.5) while 1: with open (line_file,'r') as fileHandle_line: try: #獲取上次記錄的讀取位置 start_line_record=fileHandle_line.readlines()[0:1][0].strip() start_line = int(start_line_record) except: #start_line=int(end_line*0.5) start_line=int(linecount(log_file)*0.5) with open (log_file,'r') as fileHandle_log: try: fileList = fileHandle_log.readlines()[start_line:] end_line=start_line for line in fileList: end_line=end_line+1 #匹配上正則規則 if re.match(r".*puppet-agent.*\(\/Stage",line): #過濾出需要的文字:時間、主機名、變更內容 tmp_list=line.strip().split(" ") action_time=tmp_list[0]+tmp_list[1]+" "+tmp_list[2]+" "+tmp_list[3] hostname=tmp_list[4] change=line.strip().split("(")[1] print action_time +" "+hostname+" "+change else: continue fileList=[] with open (line_file,'w') as fileHandle_line_w: #保存本次讀到的文件位置 fileHandle_line_w.write(str(end_line)) except: #start_line=int(end_line*0.5) fileHandle_line_w.write(str(end_line)) raise "ERROR 讀取文件失敗%s" %(log_file) #以5s爲間隔,再次從上次記錄的位置讀取文件 time.sleep(5) except: with open (line_file,'w') as fileHandle_line_w: #異常時保存本次讀到的文件位置 fileHandle_line_w.write(str(end_line))