#!/usr/local/bin/python # waccess - Copyright (c) 2001, TundraWare Inc., All Rights Reserved # $Id: waccess,v 1.1 2001/08/03 19:11:49 tundra Exp $ # # Look for selected strings passed on the command line in the http access log. # If found, dump the address, name, item retrieved, and access date for the # matching record. import commands import getopt import socket import sys ########## # Booleans ########## FALSE = 0==1 TRUE = not FALSE ########## # Constants ########## ANS = ";; ANSWER SECTION" DIG = "/usr/bin/dig -t ptr -x " LOG = "/var/log/httpd-access.log" ########## # Command Line Processing ########## REVERSE = FALSE SHOW = TRUE START = 1 try: opts, args = getopt.getopt(sys.argv[1:], '-rs') except getopt.GetoptError: print "usage: waccess [-rs]" sys.exit(2) for opt, val in opts: START += 1 if opt == "-r": REVERSE = TRUE if opt == "-s": SHOW = FALSE REVERSE = FALSE ########## # Process the log ########## f = open(LOG) matched = {} for a in args: matched[a] = 0 total = 0 # Read in the whole log file for records in f.read().splitlines(): total += 1 # Check each command line argument for a match for a in args: if records.count(a): fields = records.split() i = 0 revname = "" if REVERSE: try: revname = socket.gethostbyaddr(fields[0])[0] except: revname = "NO REVERSE RESOLUTION" if SHOW: print fields[3][1:], " " * (19 - len(fields[3][1:])), \ fields[0], " " * (15 - len(fields[0])), \ revname[-(35+1):], " " * (35 - len(revname)), \ fields[5], " " * (8 - len(fields[5])), fields[6] matched[a] += 1 f.close() print "\nProcessed %d Total Records.\n" % (total,) for a in args: print "Found %d Matching Records Containing: %s" % (matched[a], a)