折騰了點時間,供參考
# -*- coding: utf-8 -*-
__author__ = 'River'
import timeit,os
import re,time
'''
'''
#被監控的文件
log_file="/var/log/messages"
#記錄讀取的行數
line_file="/var/log/line.log"
##計算文件行數
def linecount(log_file):
count = 0
with open (log_file,'rb') as thefile:
while 1:
buffer = thefile.read(65536)
if not buffer:
break
count += buffer.count('\n')#通過讀取換行符計算
return count
try:
##寧願重複報警,也不能遺漏報警,上次讀取的結尾初始化爲50%文件行數
end_line=int(linecount(log_file)*0.5)
while 1:
with open (line_file,'r') as fileHandle_line:
try:
#獲取上次記錄的讀取位置
start_line_record=fileHandle_line.readlines()[0:1][0].strip()
start_line = int(start_line_record)
except:
#start_line=int(end_line*0.5)
start_line=int(linecount(log_file)*0.5)
with open (log_file,'r') as fileHandle_log:
try:
fileList = fileHandle_log.readlines()[start_line:]
end_line=start_line
for line in fileList:
end_line=end_line+1
#匹配上正則規則
if re.match(r".*puppet-agent.*\(\/Stage",line):
#過濾出需要的文字:時間、主機名、變更內容
tmp_list=line.strip().split(" ")
action_time=tmp_list[0]+tmp_list[1]+" "+tmp_list[2]+" "+tmp_list[3]
hostname=tmp_list[4]
change=line.strip().split("(")[1]
print action_time +" "+hostname+" "+change
else:
continue
fileList=[]
with open (line_file,'w') as fileHandle_line_w:
#保存本次讀到的文件位置
fileHandle_line_w.write(str(end_line))
except:
#start_line=int(end_line*0.5)
fileHandle_line_w.write(str(end_line))
raise "ERROR 讀取文件失敗%s" %(log_file)
#以5s爲間隔,再次從上次記錄的位置讀取文件
time.sleep(5)
except:
with open (line_file,'w') as fileHandle_line_w:
#異常時保存本次讀到的文件位置
fileHandle_line_w.write(str(end_line))