Class: Indy

Inherits:
Object
  • Object
show all
Defined in:
lib/indy/indy.rb,
lib/indy/source.rb,
lib/indy/formats.rb,
lib/indy/version.rb,
lib/indy/log_formats.rb

Defined Under Namespace

Modules: LogFormats Classes: Source

Constant Summary

VERSION = 
'0.3.4'
DEFAULT_LOG_FORMAT =

Indy default log format e.g.: INFO 2000-09-07 MyApp - Entering APPLICATION.

[LogFormats::DEFAULT_LOG_REGEXP, LogFormats::DEFAULT_LOG_FIELDS].flatten
LOG4R_DEFAULT_FORMAT =

Uncustomized Log4r log format

[LogFormats::LOG4R_DEFAULT_REGEXP, LogFormats::LOG4R_DEFAULT_FIELDS].flatten
COMMON_LOG_FORMAT =

NCSA Common Log Format log format

[LogFormats::COMMON_REGEXP, LogFormats::COMMON_FIELDS].flatten
COMBINED_LOG_FORMAT =

NCSA Combined Log Format log format

[LogFormats::COMBINED_REGEXP, LogFormats::COMBINED_FIELDS].flatten

Instance Attribute Summary (collapse)

Class Method Summary (collapse)

Instance Method Summary (collapse)

Constructor Details

- (Indy) initialize(args)

Initialize Indy. Also see class method Indy.search()

Examples:


Indy.new(:source => LOG_FILE)
Indy.new(:source => LOG_CONTENTS_STRING)
Indy.new(:source => {:cmd => LOG_COMMAND_STRING})
Indy.new(:log_format => [LOG_REGEX_PATTERN,:time,:application,:message],:source => LOG_FILE)
Indy.new(:time_format => '%m-%d-%Y',:pattern => [LOG_REGEX_PATTERN,:time,:application,:message],:source => LOG_FILE)


36
37
38
39
40
41
42
43
44
45
 
# File 'lib/indy/indy.rb', line 36

def initialize(args)
  @source = @log_format = @time_format = @log_regexp = @log_fields = @multiline = nil

  while (arg = args.shift) do
    send("#{arg.first}=",arg.last)
  end

  update_log_format( @log_format )

end

Instance Attribute Details

- (Object) log_format

array with regexp string and capture groups followed by log field name symbols. :time field is required to use time scoping



17
18
19
 
# File 'lib/indy/indy.rb', line 17

def log_format
  @log_format
end

- (Object) multiline

initialization flag (true || nil) to enable multiline log entries. See README



23
24
25
 
# File 'lib/indy/indy.rb', line 23

def multiline
  @multiline
end

- (Object) source

hash with one key (:string, :file, or :cmd) set to the string that defines the log



13
14
15
 
# File 'lib/indy/indy.rb', line 13

def source
  @source
end

- (Object) time_format

format string for explicit date/time format (optional)



20
21
22
 
# File 'lib/indy/indy.rb', line 20

def time_format
  @time_format
end

Class Method Details

+ (Object) create_struct(line_hash)

Return a Struct::Line object from a hash of values from a log entry

Parameters:

  • line_hash (Hash)

    a hash of :field_name => value pairs for one log line



94
95
96
97
 
# File 'lib/indy/indy.rb', line 94

def create_struct( line_hash )
  params = line_hash.keys.sort_by{|e|e.to_s}.collect {|k| line_hash[k]}
  Struct::Line.new( *params )
end

+ (Object) search(params = nil)

Create a new instance of Indy with @source, or multiple, parameters specified. This allows for a more fluent creation that moves into the execution.

Examples:

filename source

Indy.search("apache.log").for(:severity => "INFO")

string source

Indy.search("INFO 2000-09-07 MyApp - Entering APPLICATION.\nINFO 2000-09-07 MyApp - Entering APPLICATION.").for(:all)

command source

Indy.search(:cmd => "cat apache.log").for(:severity => "INFO")

source as well as other paramters

Indy.search(:source => {:cmd => "cat apache.log"}, :log_format => LOG_FORMAT, :time_format => MY_TIME_FORMAT).for(:all)

Parameters:

  • params (String, Hash) (defaults to: nil)

    To specify @source, provide a filename or log contents as a string. To specify a command, use a :cmd => STRING hash. Alternately, a Hash with a :source key (amoung others) can be used to provide multiple initialization parameters.



80
81
82
83
84
85
86
87
 
# File 'lib/indy/indy.rb', line 80

def search(params=nil)
  
  if params.respond_to?(:keys) && params[:source]
    Indy.new(params)
  else
    Indy.new(:source => params, :log_format => DEFAULT_LOG_FORMAT)
  end
end

+ (Object) show_version_changes(version) 



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'lib/indy/version.rb', line 6

def self.show_version_changes(version)
  date = ""
  changes = []
  grab_changes = false

  File.open("#{File.dirname(__FILE__)}/../../History.txt",'r') do |file|
    while (line = file.gets) do

      if line =~ /^===\s*#{version.gsub('.','\.')}\s*\/\s*(.+)\s*$/
        grab_changes = true
        date = $1.strip
      elsif line =~ /^===\s*.+$/
        grab_changes = false
      elsif grab_changes
        changes = changes << line
      end

    end
  end

  { :date => date, :changes => changes }
end

+ (Object) suppress_warnings {|block| ... }

Yields:

  • (block) 


5
6
7
8
9
10
 
# File 'lib/indy/indy.rb', line 5

def self.suppress_warnings(&block)
  verbose = $VERBOSE
  $VERBOSE = nil
  yield block
  $VERBOSE = verbose
end

Instance Method Details

- (Object) after(scope_criteria)

Scopes the eventual search to all entries after to this point.

Examples:

For all messages after specified date


Indy.search(LOG_FILE).after(:time => time).for(:all)

Parameters:

  • scope_criteria (Hash)

    the field to scope for as the key and the value to compare against the other log messages



212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
 
# File 'lib/indy/indy.rb', line 212

def after(scope_criteria)
  if scope_criteria[:time]
    time = parse_date(scope_criteria[:time])
    @inclusive = @inclusive || scope_criteria[:inclusive] || nil

    if scope_criteria[:span]
      span = (scope_criteria[:span].to_i * 60).seconds
      within(:time => [time, time + span])
    else
      @start_time = time
    end
  end

  self
end

- (Object) around(scope_criteria) 



263
264
265
266
267
268
269
270
271
272
273
274
275
 
# File 'lib/indy/indy.rb', line 263

def around(scope_criteria)
  if scope_criteria[:time]
    time = parse_date(scope_criteria[:time])

    @inclusive = nil
    warn "Ignoring inclusive scope_criteria" if scope_criteria[:inclusive]

    half_span = ((scope_criteria[:span].to_i * 60)/2).seconds rescue 300.seconds
    within(:time => [time - half_span, time + half_span])
  end

  self
end

- (Object) before(scope_criteria)

Scopes the eventual search to all entries prior to this point.

Examples:

For all messages before specified date


Indy.search(LOG_FILE).before(:time => time).for(:all)
Indy.search(LOG_FILE).before(:time => time, :span => 10).for(:all)

Parameters:

  • scope_criteria (Hash)

    the field to scope for as the key and the value to compare against the other log messages



247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
 
# File 'lib/indy/indy.rb', line 247

def before(scope_criteria)
  if scope_criteria[:time]
    time = parse_date(scope_criteria[:time])
    @inclusive = @inclusive || scope_criteria[:inclusive] || nil

    if scope_criteria[:span]
      span = (scope_criteria[:span].to_i * 60).seconds
      within(:time => [time - span, time], :inclusive => scope_criteria[:inclusive])
    else
      @end_time = time
    end
  end

  self
end

- (Object) for(search_criteria)

Search the source and make an == comparison

Parameters:

  • search_criteria (Hash, Symbol)

    the field to search for as the key and the value to compare against the other log messages. This function also supports symbol :all to return all messages



126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
 
# File 'lib/indy/indy.rb', line 126

def for(search_criteria)
  results = ResultSet.new
  case search_criteria
  when Enumerable
    results += _search do |result|
      result_struct = Indy.create_struct(result) if search_criteria.reject {|criteria,value| result[criteria] == value }.empty?
      yield result_struct if block_given? and result_struct
      result_struct
    end

  when :all
    results += _search do |result|
      result_struct = Indy.create_struct(result)
      yield result_struct if block_given?
      result_struct
    end
  end

  results.compact
end

- (Object) last(scope_criteria)

Scopes the eventual search to the last N entries, or last N minutes of entries.

the last portion of the source

Examples:

For last 10 minutes worth of entries


Indy.search(LOG_FILE).last(:span => 100).for(:all)

Parameters:

  • scope_criteria (Hash)

    hash describing the amount of time at



183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
 
# File 'lib/indy/indy.rb', line 183

def last(scope_criteria)
  case scope_criteria
  when Enumerable
    raise ArgumentError unless scope_criteria[:span] || scope_criteria[:rows]
    
    if scope_criteria[:span]
      span = (scope_criteria[:span].to_i * 60).seconds
      starttime = parse_date(last_entry[:_time]) - span

      within(:time => [starttime, forever])
    end
  else
    raise ArgumentError, "Invalid parameter: #{scope_criteria.inspect}"
  end

  self
end

- (Object) like(search_criteria) Also known as: matching

Search the source and make a regular expression comparison

Examples:

For all applications that end with Service


Indy.search(LOG_FILE).like(:application => '.+service')

Parameters:

  • search_criteria (Hash)

    the field to search for as the key and the value to compare against the other log messages



158
159
160
161
162
163
164
165
166
167
168
 
# File 'lib/indy/indy.rb', line 158

def like(search_criteria)
  results = ResultSet.new

  results += _search do |result|
    result_struct = Indy.create_struct(result) if search_criteria.reject {|criteria,value| result[criteria] =~ /#{value}/i }.empty?
    yield result_struct if block_given? and result_struct
    result_struct
  end

  results.compact
end

- (Object) reset_scope

Removes any existing start and end times from the instance Otherwise consecutive search calls retain time scope state



232
233
234
 
# File 'lib/indy/indy.rb', line 232

def reset_scope
  @inclusive = @start_time = @end_time = nil
end

- (Object) with(log_format = :default)

Specify the log format to use as the comparison against each line within the log file that has been specified.

Examples:

Log formatted as - HH:MM:SS Message


Indy.search(LOG_FILE).with(/^(\d{2}.\d{2}.\d{2})\s*(.+)$/,:time,:message)

Parameters:

  • log_format (Array) (defaults to: :default)

    an Array with the regular expression as the first element followed by list of fields (Symbols) in the log entry to use for comparison against each log line.



114
115
116
117
 
# File 'lib/indy/indy.rb', line 114

def with(log_format = :default)
  update_log_format( log_format )
  self
end

- (Object) within(scope_criteria)

Scopes the eventual search to all entries between two times.

Examples:

For all messages within the specified dates


Indy.search(LOG_FILE).within(:time => [start_time,stop_time]).for(:all)

Parameters:

  • scope_criteria (Hash)

    the field to scope for as the key and the value to compare against the other log messages



288
289
290
291
292
293
294
295
296
 
# File 'lib/indy/indy.rb', line 288

def within(scope_criteria)
  if scope_criteria[:time]
    @start_time, @end_time = scope_criteria[:time].collect {|str| parse_date(str) }

    @inclusive = @inclusive || scope_criteria[:inclusive] || nil
  end

  self
end