#!/usr/bin/env python
# waccess - Copyright (c) 2001, TundraWare Inc., All Rights Reserved
# $Id: waccess,v 1.3 2002/08/30 21:52:07 tundra Exp $
#
# Look for selected strings passed on the command line in the http access log.
# If found, dump the address, name, item retrieved, and access date for the
# matching record.
import commands
import getopt
import socket
import sys
##########
# Booleans
##########
FALSE = 0==1
TRUE = not FALSE
##########
# Constants
##########
##########
# Function Defintions
##########
def usage():
print "usage: waccess [-rs -f logfile]"
sys.exit(2)
##########
# Command Line Processing
##########
LOG = "/var/log/httpd-access.log"
REVERSE = FALSE
SHOW = TRUE
try:
opts, args = getopt.getopt(sys.argv[1:], '-f:rs')
except getopt.GetoptError:
usage()
for opt, val in opts:
if opt == "-f":
LOG = val
if opt == "-r":
REVERSE = TRUE
SHOW = TRUE
if opt == "-s":
SHOW = FALSE
REVERSE = FALSE
##########
# Process the log
##########
f = open(LOG)
matched = {}
for a in args:
matched[a] = 0
total = 0
# Read in the whole log file
for record in f.read().splitlines():
total += 1
# Check each log record for a match with any command line argument
MATCHED = FALSE
for a in args:
if record.count(a):
fields = record.split()
i = 0
revname = ""
matched[a] += 1
MATCHED = TRUE
# But only display the matching record once, regardless of how many
# matching substrings are found.
if MATCHED:
if REVERSE:
try:
revname = socket.gethostbyaddr(fields[0])[0]
except:
revname = "NO REVERSE RESOLUTION"
if SHOW:
print fields[3][1:], " " * (19 - len(fields[3][1:])), \
fields[0], " " * (15 - len(fields[0])), \
revname[-(35+1):], " " * (35 - len(revname)), \
fields[5], " " * (8 - len(fields[5])), fields[6]
f.close()
print "\nProcessed %d Total Records.\n" % (total,)
for a in args:
print "Found %d Matching Records Containing: %s" % (matched[a], a)
tundra