Class: Indy

Inherits:
Object
  • Object
show all
Defined in:
lib/indy/indy.rb,
lib/indy/time.rb,
lib/indy/search.rb,
lib/indy/source.rb,
lib/indy/version.rb,
lib/indy/log_formats.rb,
lib/indy/log_definition.rb

Defined Under Namespace

Modules: LogFormats Classes: LogDefinition, Search, Source, Time

Constant Summary collapse

VERSION = 
'0.5.1'
DEFAULT_LOG_FORMAT =

Indy default log format e.g.: 2000-09-07 INFO MyApp - Entering APPLICATION.

{:entry_regexp => LogFormats::DEFAULT_ENTRY_REGEXP, :entry_fields => LogFormats::DEFAULT_ENTRY_FIELDS}
LOG4R_DEFAULT_FORMAT =

Uncustomized Log4r log format

{:entry_regexp => LogFormats::LOG4R_DEFAULT_REGEXP, :entry_fields => LogFormats::LOG4R_DEFAULT_FIELDS}
LOG4J_DEFAULT_FORMAT =

Uncustomized Log4j log format (message field only!)

{:entry_regexp => LogFormats::LOG4J_DEFAULT_REGEXP, :entry_fields => LogFormats::LOG4J_DEFAULT_FIELDS}
COMMON_LOG_FORMAT =

NCSA Common Log Format log format

{:entry_regexp => LogFormats::COMMON_REGEXP, :entry_fields => LogFormats::COMMON_FIELDS, :time_format => LogFormats::COMMON_TIME_FORMAT}
COMBINED_LOG_FORMAT =

NCSA Combined Log Format log format

{:entry_regexp => LogFormats::COMBINED_REGEXP, :entry_fields => LogFormats::COMBINED_FIELDS, :time_format => LogFormats::COMMON_TIME_FORMAT}

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(args) ⇒ Indy

Initialize Indy. Also see class method Indy#search.

Examples:


Indy.new(:source => LOG_CONTENTS_STRING)
Indy.new(:source => {:cmd => LOG_COMMAND_STRING})
Indy.new(:entry_regexp => LOG_REGEX_PATTERN, :entry_fields => [:time,:application,:message], :source => LOG_FILE)
Indy.new(:time_format => '%m-%d-%Y', :entry_regexp => LOG_REGEX_PATTERN, :entry_fields => [:time,:application,:message], :source => LOG_FILE)

Raises:

  • (ArgumentError) 


16
17
18
19
20
21
22
23
 
# File 'lib/indy/indy.rb', line 16

def initialize(args)
  params = args.dup
  raise ArgumentError, "Source parameter not specified" unless (params.respond_to?(:keys) && params.keys.include?(:source))
  source_param = params[:source]
  params.delete :source
  @search = Search.new()
  @search.source = Source.new( source_param, LogDefinition.new(params) )
end

Instance Attribute Details

#searchObject

search object



4
5
6
 
# File 'lib/indy/indy.rb', line 4

def search
  @search
end

Class Method Details

.search(params = nil) ⇒ Object

Create a new instance of Indy specifying source, or multiple parameters.

Examples:

string source

Indy.search("INFO 2000-09-07 MyApp - Entering APPLICATION.\nINFO 2000-09-07 MyApp - Entering APPLICATION.").all

command source

Indy.search(:cmd => "cat apache.log").all

file source

Indy.search(:file => "/logs/apache.log").all

source as well as other parameters

Indy.search(:source => {:cmd => "cat apache.log"}, :entry_regexp => REGEXP, :entry_fields => [:field_one, :field_two], :time_format => MY_TIME_FORMAT).all

Parameters:

  • params (String, Hash) (defaults to: nil)

    To specify a source directly, provide log contents as a string. Using a hash you can specify source with a :cmd or :file key. Alternately, a hash with a :source key (among others) can be used to provide multiple initialization parameters. See Indy#new.



47
48
49
50
51
52
53
 
# File 'lib/indy/indy.rb', line 47

def search(params=nil)
  if params.respond_to?(:keys) && params[:source]
    Indy.new(params)
  else
    Indy.new(:source => params, :entry_regexp => LogFormats::DEFAULT_ENTRY_REGEXP, :entry_fields => LogFormats::DEFAULT_ENTRY_FIELDS)
  end
end

.show_version_changes(version) ⇒ Object 



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'lib/indy/version.rb', line 6

def self.show_version_changes(version)
  date = ""
  changes = []
  grab_changes = false

  File.open("#{File.dirname(__FILE__)}/../../History.txt",'r') do |file|
    while (line = file.gets) do

      if line =~ /^===\s*#{version.gsub('.','\.')}\s*\/\s*(.+)\s*$/
        grab_changes = true
        date = $1.strip
      elsif line =~ /^===\s*.+$/
        grab_changes = false
      elsif grab_changes
        changes = changes << line
      end

    end
  end

  { :date => date, :changes => changes }
end

Instance Method Details

#after(scope_criteria) ⇒ Object

Scopes the eventual search to all entries after to this point.

Examples:

For all messages after specified date


Indy.search(LOG_FILE).after(:time => time).all

Parameters:

  • scope_criteria (Hash)

    the field to scope for as the key and the value to compare against the other log messages



140
141
142
143
144
 
# File 'lib/indy/indy.rb', line 140

def after(scope_criteria)
  params = scope_criteria.merge({:direction => :after})
  within(params)
  self
end

#all(&block) ⇒ Object

Return all entries



80
81
82
 
# File 'lib/indy/indy.rb', line 80

def all(&block)
  @search.iterate_and_compare(:all,nil,&block)
end

#around(scope_criteria) ⇒ Object

Scopes the eventual search to all entries near this point.

Parameters:

  • scope_criteria (Hash)

    the hash containing :time and :span (in minutes) to scope the log. :span defaults to 5 minutes.

Raises:

  • (ArgumentError) 


168
169
170
171
172
173
174
 
# File 'lib/indy/indy.rb', line 168

def around(scope_criteria)
  raise ArgumentError unless scope_criteria.respond_to?(:keys) and scope_criteria[:time]
  time = Indy::Time.parse_date(scope_criteria[:time], @search.source.log_definition.time_format)
  mid_span = ((scope_criteria[:span].to_i * 60)/2).seconds rescue 300.seconds
  within(:start_time => time - mid_span, :end_time => time + mid_span, :inclusive => nil)
  self
end

#before(scope_criteria) ⇒ Object

Scopes the eventual search to all entries prior to this point.

Examples:

For all messages before specified date


Indy.search(LOG_FILE).before(:time => time).all
Indy.search(LOG_FILE).before(:time => time, :span => 10).all

Parameters:

  • scope_criteria (Hash)

    the field to scope for as the key and the value to compare against the other log messages



157
158
159
160
 
# File 'lib/indy/indy.rb', line 157

def before(scope_criteria)
  params = scope_criteria.merge({:direction => :before})
  within(params)
end

#for(search_criteria, &block) ⇒ Object

Search the source and make an == comparison

Parameters:

  • search_criteria (Hash)

    the field to search for as the key and the value to compare against the log entries.



90
91
92
 
# File 'lib/indy/indy.rb', line 90

def for(search_criteria,&block)
  @search.iterate_and_compare(:for,search_criteria,&block)
end

#last(scope_criteria) ⇒ Object

Scopes the eventual search to the last N minutes of entries.

Examples:

For last 10 minutes worth of entries


Indy.search(LOG_FILE).last(:span => 10).all

Parameters:

  • scope_criteria (Hash)

    hash describing the amount of time at the last portion of the source

Raises:

  • (ArgumentError) 


120
121
122
123
124
125
126
127
 
# File 'lib/indy/indy.rb', line 120

def last(scope_criteria)
  raise ArgumentError, "Unsupported parameter to last(): #{scope_criteria.inspect}" unless scope_criteria.respond_to?(:keys) and scope_criteria[:span]
  span = (scope_criteria[:span].to_i * 60).seconds
  entry = last_entries(1)[0]
  start_time = Indy::Time.parse_date(entry[:time], @search.source.log_definition.time_format) - span
  within(:start_time => start_time, :end_time => Indy::Time.forever(@search.source.log_definition.time_format))
  self
end

#like(search_criteria, &block) ⇒ Object Also known as: matching

Search the source and make a regular expression comparison

Examples:

For all applications that end with Service


Indy.search(LOG_FILE).like(:application => '.+service')

Parameters:

  • search_criteria (Hash)

    the field to search for as the key and the value to compare against the log entries. The value will be treated as a regular expression.



105
106
107
 
# File 'lib/indy/indy.rb', line 105

def like(search_criteria,&block)
  @search.iterate_and_compare(:like,search_criteria,&block)
end

#reset_scopeObject

Removes any existing start and end times from the instance Otherwise consecutive search calls retain time scope state



195
196
197
 
# File 'lib/indy/indy.rb', line 195

def reset_scope
  @search.reset_scope
end

#with(params = :default) ⇒ Object

Specify the log format to use as the comparison against each entry within the log file that has been specified.

Examples:

Log formatted as - HH:MM:SS Message


Indy.search(LOG_FILE).with(/^(\d{2}.\d{2}.\d{2})\s*(.+)$/,:time,:message)

Parameters:

  • log_definition (Array, LogDefinition)

    either a LogDefinition object or an Array with the regular expression as the first element followed by list of fields (Symbols) in the log entry to use for comparison against each log entry.



69
70
71
72
73
74
75
 
# File 'lib/indy/indy.rb', line 69

def with(params=:default)
  if params.kind_of?(String) && params.match(/^Indy::/)
    params = params.constantize
  end
  @search.source.log_definition = LogDefinition.new(params)
  self
end

#within(params) ⇒ Object

Scopes the eventual search to all entries between two times.

Examples:

For all messages within the specified dates


Indy.search(LOG_FILE).within(:start_time => start_time, :end_time => end_time, :inclusive => true).all

Parameters:

  • params (Hash)

    the :start_time, :end_time and :inclusive key/value pairs



186
187
188
189
 
# File 'lib/indy/indy.rb', line 186

def within(params)
  @search.time_scope(params)
  self
end