import re
-from ..formatting import *
-from ..util import readlog, resolve
-from .. import config
+from logparse..formatting import *
+from logparse.util import readlog
+from logparse.config import prefs
import logging
logger = logging.getLogger(__name__)
def parse_log():
logger.debug("Starting sudo section")
section = Section("sudo")
- logger.debug("Searching for matches in {0}".format(config.prefs['logs']['auth']))
- umatches = re.findall('.*sudo:session\): session opened.*', readlog(config.prefs['logs']['auth']))
+ logger.debug("Searching for matches in {0}".format(prefs.get("logs", "auth")))
+ umatches = re.findall('.*sudo:session\): session opened.*', readlog(prefs.get("logs", "auth")))
num = sum(1 for line in umatches) # total number of sessions
users = []
data = []
else:
users[exists[0]][1] += 1
commands = []
- cmatches = re.findall('sudo:.*COMMAND\=(.*)', readlog(config.prefs['logs']['auth']))
+ cmatches = re.findall('sudo:.*COMMAND\=(.*)', readlog(prefs.get("logs", "auth")))
for cmd in cmatches:
commands.append(cmd)
logger.debug("Finished parsing sudo sessions")
commands = backticks(commands)
command_data.items = commands
command_data.orderbyfreq()
- command_data.truncl(config.prefs['maxcmd'])
+ command_data.truncl(prefs.getint("logparse", "maxcmd"))
section.append_data(command_data)
logger.info("Finished sudo section")