chg: [sshd] sshd parses logline and pushed to redis

gallypette · gallypette · commit 75a917b6b8c5 · 2020-01-28T10:48:19.000+01:00
diff --git a/conf.sample/redis b/conf.sample/redis
diff --git a/logparser/parser.go b/logparser/parser.go
@@ -1,13 +1,14 @@
 package logparser
 
+import "github.com/gomodule/redigo/redis"
+
 type (
 	// Parser provides the interface for a Parser
 	// It should provide:
+	//  Set to assign a redis connection to it
 	//  Parse to parse a line of log
-	//  GetAttributes to get list of attributes (map keys)
 	Parser interface {
+		Set(*redis.Conn)
 		Parse(string) error
-		Push() error
-		Pop() map[string]string
 	}
 )
diff --git a/logparser/sshd.go b/logparser/sshd.go
@@ -2,35 +2,22 @@ package logparser
 
 import (
 	"fmt"
-	"log"
 	"regexp"
 	"strconv"
 	"time"
 
 	"github.com/gomodule/redigo/redis"
 )
 
-// Sshd is a struct that corresponds to a line
-type Sshd struct {
-	Date string
-	Host string
-	User string
-	Src  string
-}
-
 // SshdParser Holds a struct that corresponds to a sshd log line
 // and the redis connection
 type SshdParser struct {
-	logs Sshd
-	r    *redis.Conn
+	r *redis.Conn
 }
 
-// New Creates a new sshd parser
-func New(rconn *redis.Conn) *SshdParser {
-	return &SshdParser{
-		logs: Sshd{},
-		r:    rconn,
-	}
+// Set set the redic connection to this parser
+func (s *SshdParser) Set(rconn *redis.Conn) {
+	s.r = rconn
 }
 
 // Parse parses a line of sshd log
@@ -54,43 +41,37 @@ func (s *SshdParser) Parse(logline string) error {
 	parsedTime, _ := time.ParseInLocation("Jan 02 15:04:05 2006", md["date"], loc)
 	md["date"] = string(strconv.FormatInt(parsedTime.Unix(), 10))
 
-	// Pushing logline in redis
-	redislog := fmt.Sprintf("HMSET %v:%v username \"%v\" src \"%v\"", md["date"], md["host"], md["username"], md["src"])
-	a, err := r.Do(redislog)
-	fmt.Println(a)
+	// Pushing loglines in database 0
+	if _, err := r.Do("SELECT", 0); err != nil {
+		r.Close()
+		return err
+	}
+	_, err := redis.Bool(r.Do("HSET", fmt.Sprintf("%v:%v", md["date"], md["host"]), "username", md["username"], "src", md["src"]))
 	if err != nil {
-		log.Fatal("Could connect to the Redis database")
+		r.Close()
+		return err
+	}
+
+	// Pushing statistics in database 1
+	if _, err := r.Do("SELECT", 1); err != nil {
+		r.Close()
+		return err
 	}
-	today := time.Now()
-	// Statistics
-	dailysrc := fmt.Sprintf("ZINCBY %v%v%v:statssrc 1 %v", today.Year(), int(today.Month()), today.Day(), md["src"])
-	_, err = r.Do(dailysrc)
+	_, err = redis.String(r.Do("ZINCRBY", fmt.Sprintf("%v%v%v:statssrc", parsedTime.Year(), int(parsedTime.Month()), parsedTime.Day()), 1, md["src"]))
 	if err != nil {
-		log.Fatal("Could connect to the Redis database")
+		r.Close()
+		return err
 	}
-	dailyusername := fmt.Sprintf("ZINCBY %v%v%v:statsusername 1 %v", today.Year(), int(today.Month()), today.Day(), md["username"])
-	fmt.Println(dailyusername)
-	_, err = r.Do(dailyusername)
+	_, err = redis.String(r.Do("ZINCRBY", fmt.Sprintf("%v%v%v:statsusername", parsedTime.Year(), int(parsedTime.Month()), parsedTime.Day()), 1, md["username"]))
 	if err != nil {
-		log.Fatal("Could connect to the Redis database")
+		r.Close()
+		return err
 	}
-	dailyhost := fmt.Sprintf("ZINCBY %v%v%v:statshost 1 %v", today.Year(), int(today.Month()), today.Day(), md["host"])
-	_, err = r.Do(dailyhost)
+	_, err = redis.String(r.Do("ZINCRBY", fmt.Sprintf("%v%v%v:statshost", parsedTime.Year(), int(parsedTime.Month()), parsedTime.Day()), 1, md["host"]))
 	if err != nil {
-		log.Fatal("Could connect to the Redis database")
+		r.Close()
+		return err
 	}
 
 	return nil
 }
-
-// Push pushed the parsed line into redis
-func (s *SshdParser) Push() error {
-	//TODO
-	return nil
-}
-
-// Pop returns the list of attributes
-func (s *SshdParser) Pop() map[string]string {
-	//TODO
-	return nil
-}
diff --git a/main.go b/main.go
@@ -111,6 +111,7 @@ func main() {
 	}
 	rd4.redisQueue = string(config.ReadConfigFile(*confdir, "redis_queue"))
 	// Connect to D4 Redis
+	// TODO use DialOptions to Dial with a timeout
 	redisD4, err = redis.Dial("tcp", rd4.redisHost+":"+rd4.redisPort, redis.DialDatabase(rd4.redisDB))
 	if err != nil {
 		log.Fatal(err)
@@ -149,8 +150,9 @@ func main() {
 				if err != nil {
 					log.Fatal("Could connect to the Redis database")
 				}
-				sshd := logparser.New(&sshdrcon)
-				torun = append(torun, sshd)
+				sshd := logparser.SshdParser{}
+				sshd.Set(&sshdrcon)
+				torun = append(torun, &sshd)
 			}
 		}
 	} else if *specific != "" {
@@ -178,7 +180,10 @@ func main() {
 
 		// Run the parsers
 		for _, v := range torun {
-			v.Parse(logline)
+			err := v.Parse(logline)
+			if err != nil {
+				log.Fatal(err)
+			}
 		}
 
 	}

Original file line number	Diff line number	Diff line change
`@@ -111,6 +111,7 @@ func main() {`
`111`	`111`	`}`
`112`	`112`	`rd4.redisQueue = string(config.ReadConfigFile(*confdir, "redis_queue"))`
`113`	`113`	`// Connect to D4 Redis`
	`114`	`+ // TODO use DialOptions to Dial with a timeout`
`114`	`115`	`redisD4, err = redis.Dial("tcp", rd4.redisHost+":"+rd4.redisPort, redis.DialDatabase(rd4.redisDB))`
`115`	`116`	`if err != nil {`
`116`	`117`	`log.Fatal(err)`
`@@ -149,8 +150,9 @@ func main() {`
`149`	`150`	`if err != nil {`
`150`	`151`	`log.Fatal("Could connect to the Redis database")`
`151`	`152`	`}`
`152`		`- sshd := logparser.New(&sshdrcon)`
`153`		`- torun = append(torun, sshd)`
	`153`	`+ sshd := logparser.SshdParser{}`
	`154`	`+ sshd.Set(&sshdrcon)`
	`155`	`+ torun = append(torun, &sshd)`
`154`	`156`	`}`
`155`	`157`	`}`
`156`	`158`	`} else if *specific != "" {`
`@@ -178,7 +180,10 @@ func main() {`
`178`	`180`
`179`	`181`	`// Run the parsers`
`180`	`182`	`for _, v := range torun {`
`181`		`- v.Parse(logline)`
	`183`	`+ err := v.Parse(logline)`
	`184`	`+ if err != nil {`
	`185`	`+ log.Fatal(err)`
	`186`	`+ }`
`182`	`187`	`}`
`183`	`188`
`184`	`189`	`}`