logger = logging.getLogger(__name__)
def parse_log():
- output = ''
logger.debug("Starting sshd section")
- output += opentag('div', 1, 'sshd', 'section')
+ section = Section("ssh")
logger.debug("Searching for matches in {0}".format(config.prefs['logs']['auth']))
matches = re.findall('.*sshd.*Accepted publickey for .* from .*', readlog(config.prefs['logs']['auth'])) # get all logins
logger.debug("Finished searching for logins")
ip = entry.group(2)
userhost = user + '@' + resolve(ip, fqdn=config.prefs['sshd']['resolve-domains'])
- exists = [i for i, item in enumerate(users) if re.search(userhost, item[0])]
- if (exists == []):
- users.append([userhost, 1])
- else:
- users[exists[0]][1] += 1
+ users.append(userhost)
logger.debug("Parsed list of authorised users")
- output += writetitle('sshd')
- subtitle = plural('login', num) + ' from'
- if (len(users) == 1): # if only one user, do not display no of logins for this user
- logger.debug("found " + str(len(matches)) + " ssh logins for user " + users[0][0])
- subtitle += ' ' + users[0][0]
- output += writedata(subtitle)
- else:
- for user in users:
- data.append(user[0] + ' (' + str(user[1]) + ')')
- if len(data) > config.prefs['maxlist']: # if there are lots of users, truncate them
- data.append('+ ' + str(len(users) - config.prefs['maxlist'] - 1) + " more")
- break
- logger.debug("found " + str(len(matches)) + " ssh logins for users " + str(data))
- output += writedata(subtitle, data)
- output += closetag('div', 1)
+ auth_data = Data(subtitle=plural('login', num) + ' from', items=users)
+
+ if (len(auth_data.items) == 1): # if only one user, do not display no of logins for this user
+ logger.debug("found " + str(len(matches)) + " ssh logins for user " + users[0])
+ auth_data.subtitle += ' ' + auth_data.items[0]
+ auth_data.orderbyfreq()
+ auth_data.truncl(config.prefs['maxlist'])
+ logger.debug("Found " + str(len(matches)) + " ssh logins for users " + str(data))
+ section.append_data(auth_data)
logger.info("Finished sshd section")
- return output
+ return section