bind_log_analyzer 0.1.0 → 0.1.1

data/doc/file_list.html

@@ -0,0 +1,49 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    
+      <link rel="stylesheet" href="css/full_list.css" type="text/css" media="screen" charset="utf-8" />
+    
+      <link rel="stylesheet" href="css/common.css" type="text/css" media="screen" charset="utf-8" />
+    
+    
+    
+      <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
+    
+      <script type="text/javascript" charset="utf-8" src="js/full_list.js"></script>
+    
+    
+    <base id="base_target" target="_parent" />
+  </head>
+  <body>
+    <script type="text/javascript" charset="utf-8">
+      if (window.top.frames.main) {
+        document.getElementById('base_target').target = 'main';
+        document.body.className = 'frames';
+      }
+    </script>
+    <div id="content">
+      <h1 id="full_list_header">File List</h1>
+      <div id="nav">
+        
+          <a target="_self" href="class_list.html">Classes</a>
+        
+          <a target="_self" href="method_list.html">Methods</a>
+        
+          <a target="_self" href="file_list.html">Files</a>
+        
+      </div>
+      <div id="search">Search: <input type="text" /></div>
+
+      <ul id="full_list" class="files">
+        
+
+  <li class="r1"><a href="index.html" title="README">README</a></li>
+  
+
+      </ul>
+    </div>
+  </body>
+</html>

data/doc/frames.html

@@ -0,0 +1,13 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"
+	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+	<title>Documentation by YARD 0.7.5</title>
+</head>
+<frameset cols="20%,*">
+  <frame name="list" src="class_list.html" />
+  <frame name="main" src="index.html" />
+</frameset>
+</html>

data/doc/index.html

@@ -0,0 +1,215 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+<title>
+  File: README
+  
+    &mdash; Documentation by YARD 0.7.5
+  
+</title>
+
+  <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" charset="utf-8" />
+
+  <link rel="stylesheet" href="css/common.css" type="text/css" media="screen" charset="utf-8" />
+
+<script type="text/javascript" charset="utf-8">
+  relpath = '';
+  if (relpath != '') relpath += '/';
+</script>
+
+  <script type="text/javascript" charset="utf-8" src="js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="js/app.js"></script>
+
+
+  </head>
+  <body>
+    <script type="text/javascript" charset="utf-8">
+      if (window.top.frames.main) document.body.className = 'frames';
+    </script>
+    
+    <div id="header">
+      <div id="menu">
+  
+    <a href="_index.html" title="Index">Index</a> &raquo; 
+    <span class="title">File: README</span>
+  
+  
+  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
+</div>
+
+      <div id="search">
+  
+    <a id="class_list_link" href="#">Class List</a>
+  
+    <a id="method_list_link" href="#">Method List</a>
+  
+    <a id="file_list_link" href="#">File List</a>
+  
+</div>
+      <div class="clear"></div>
+    </div>
+    
+    <iframe id="search_frame"></iframe>
+    
+    <div id="content"><div id='filecontents'><h1>Bind Log Analyzer</h1>
+
+<p>Simple analysis and SQL storage for Bind DNS server&#39;s logs</p>
+
+<h2>Requirements</h2>
+
+<p>This gem was tested with:</p>
+
+<ul>
+<li>ruby-1.9.3-p125</li>
+<li>rubygem (1.8.15)</li>
+<li>bundler (1.0.21)</li>
+<li>activerecord (3.2.2)</li>
+</ul>
+
+<h2>Installation</h2>
+
+<p>Just install the gem:</p>
+
+<pre class="code ruby"><code><span class='id identifier rubyid_gem'>gem</span> <span class='id identifier rubyid_install'>install</span> <span class='id identifier rubyid_bind_log_analyzer'>bind_log_analyzer</span>
+</code></pre>
+
+<p>The gem requires <strong>active_record</strong> but you probably need to install the right adapter. As example, if you&#39;ll use MySQL, install the <strong>mysql2</strong> gem.</p>
+
+<h2>Configuration</h2>
+
+<h3>Bind</h3>
+
+<p>To configure <strong>Bind</strong> add these lines to <em>/etc/bind/named.conf.options</em> (or whatever your s.o. and bind installation require)</p>
+
+<pre class="code ruby"><code>logging{
+    channel &quot;querylog&quot; {
+            file &quot;/var/log/bind/query.log&quot;;
+            print-time yes;
+    };
+
+    category queries { querylog; };
+};
+</code></pre>
+
+<p>Restart bind and make sure than the <em>query.log</em> file contains lines as this:</p>
+
+<pre class="code ruby"><code>28-Mar-2012 16:48:19.694 client 192.168.10.38#58767: query: www.github.com IN A + (192.168.10.1)
+</code></pre>
+
+<p>or the regexp will fail :(</p>
+
+<h3>Database</h3>
+
+<p>To store the logs you can use every database supported by ActiveRecord. Just create a database and a user with the right privileges. You can provide the -s flag to <em>BindLogAnalyzer</em> to make it create the table. Otherwise create it by yourself.
+This is the MySQL CREATE TABLE syntax:</p>
+
+<pre class="code ruby"><code>CREATE TABLE `logs` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `date` datetime NOT NULL,
+  `client` varchar(255) NOT NULL,
+  `query` varchar(255) NOT NULL,
+  `q_type` varchar(255) NOT NULL,
+  `server` varchar(255) NOT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB AUTO_INCREMENT=11 DEFAULT CHARSET=latin1;
+</code></pre>
+
+<h2>Usage</h2>
+
+<p>Use the provided --help to get various options available. This is the default help:</p>
+
+<pre class="code ruby"><code>-h, --help                       Display this screen
+-v, --verbose LEVEL              Enables verbose output. Use level 1 for WARN, 2 for INFO and 3 for DEBUG
+-s, --setup                      Creates the needed tables in the database.
+-f, --file FILE                  Indicates the log file to parse. It's mandatory.
+-c, --config CONFIG              A yaml file containing the database configurations under the &quot;database&quot; entry
+-a, --adapter ADAPTER            The database name to save the logs
+-d, --database DATABASE          The database name to save the logs
+-H, --host HOST                  The address (IP, hostname or path) of the database
+-P, --port PORT                  The port of the database
+-u, --user USER                  The username to be used to connect to the database
+-p, --password PASSWORD          The password of the user
+</code></pre>
+
+<p>There&#39;s only one mandatory argument which is <strong>--file FILE</strong>. With this flag you pass the Bind log file to analyze to <em>BindLogAnalyzer</em>.</p>
+
+<p>The first time you launch <em>BindLogAnalyzer</em> you can use the <strong>-s|--setup</strong> flag to make it create the table (using ActiveRecord::Migration).
+The database credentials can be provided using the needed flags or creating a YAML file containing all the informations under the <strong>database</strong> key. This is an example:</p>
+
+<pre class="code ruby"><code>database:
+  adapter: mysql2
+  database: bindloganalyzer
+  host: localhost
+  port: 3306
+  username: root
+  password:  
+</code></pre>
+
+<h2>Automatization</h2>
+
+<p>A good way to use this script is to let it be launched by <strong>logrotate</strong> so create the <em>/etc/logrotate.d/bind</em> file with this content:</p>
+
+<pre class="code ruby"><code>/var/log/named/query.log {
+    weekly
+    missingok
+    rotate 8
+    compress
+    delaycompress
+    notifempty
+    create 644 bind bind
+    postrotate
+        if [ -e /var/log/named/query.log.1 ]; then
+            exec su - YOUR_USER -c '/usr/local/bin/update_bind_log_analyzer.sh /var/log/named/query.log.1'
+        fi
+    endscript
+} 
+</code></pre>
+
+<p>The script <strong>/usr/local/bin/update<em>bind</em>log_analyzer.sh</strong> can be wherever you prefer. Its typical content if you use RVM and a dedicated gemset for <em>BindLogAnalyzer</em>, can be:</p>
+
+<pre class="code ruby"><code>#!/bin/bash
+
+# *************************** #
+#       EDIT THESE VARS       #
+# *************************** #
+BLA_RVM_GEMSET=&quot;1.9.3-p125@bind_log_analyzer&quot;
+BLA_USER=&quot;my_username&quot;
+BLA_DB_FILE=&quot;/etc/bind_log_analyzer/database.yml&quot;
+
+# *************************** #
+# DO NOT EDIT BELOW THIS LINE #
+# *************************** #
+. /home/$BLA_USER/.rvm/scripts/rvm &amp;&amp; source &quot;/home/$BLA_USER/.rvm/scripts/rvm&quot;
+rvm use $BLA_RVM_GEMSET
+bind_log_analyzer --config $BLA_DB_FILE --file $1
+</code></pre>
+
+<h2>Performance</h2>
+
+<p>On a 1.6 Ghz Intel Core i5 with SSD SATA2 disk, using Ruby-1.9.3-p125 and MySQL 5.5.15, this is the performance:</p>
+
+<pre class="code ruby"><code>~$ time bind_log_analyzer -f query.log -c database.yml   
+Analyzed 319758 lines and correctly stored 319758 logs
+bind_log_analyzer -f query.log -c database.yml  322,44s user 22,90s system 76% cpu 7:33,17 total
+</code></pre>
+
+<p>which is equivalent to ±706 query/sec.</p>
+
+<h2>To do</h2>
+
+<ul>
+<li>Add a web interface to show the queries (with awesome graphs, obviously :)</li>
+</ul>
+</div></div>
+    
+    <div id="footer">
+  Generated on Tue Apr  3 17:01:09 2012 by 
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.7.5 (ruby-1.9.3).
+</div>
+
+  </body>
+</html>

data/doc/js/app.js

@@ -0,0 +1,205 @@
+function createSourceLinks() {
+    $('.method_details_list .source_code').
+        before("<span class='showSource'>[<a href='#' class='toggleSource'>View source</a>]</span>");
+    $('.toggleSource').toggle(function() {
+       $(this).parent().nextAll('.source_code').slideDown(100);
+       $(this).text("Hide source");
+    },
+    function() {
+        $(this).parent().nextAll('.source_code').slideUp(100);
+        $(this).text("View source");
+    });
+}
+
+function createDefineLinks() {
+    var tHeight = 0;
+    $('.defines').after(" <a href='#' class='toggleDefines'>more...</a>");
+    $('.toggleDefines').toggle(function() {
+        tHeight = $(this).parent().prev().height();
+        $(this).prev().show();
+        $(this).parent().prev().height($(this).parent().height());
+        $(this).text("(less)");
+    },
+    function() {
+        $(this).prev().hide();
+        $(this).parent().prev().height(tHeight);
+        $(this).text("more...");
+    });
+}
+
+function createFullTreeLinks() {
+    var tHeight = 0;
+    $('.inheritanceTree').toggle(function() {
+        tHeight = $(this).parent().prev().height();
+        $(this).parent().toggleClass('showAll');
+        $(this).text("(hide)");
+        $(this).parent().prev().height($(this).parent().height());
+    },
+    function() {
+        $(this).parent().toggleClass('showAll');
+        $(this).parent().prev().height(tHeight);
+        $(this).text("show all");
+    });
+}
+
+function fixBoxInfoHeights() {
+    $('dl.box dd.r1, dl.box dd.r2').each(function() {
+       $(this).prev().height($(this).height()); 
+    });
+}
+
+function searchFrameLinks() {
+  $('#method_list_link').click(function() {
+    toggleSearchFrame(this, relpath + 'method_list.html');
+  });
+
+  $('#class_list_link').click(function() {
+    toggleSearchFrame(this, relpath + 'class_list.html');
+  });
+
+  $('#file_list_link').click(function() {
+    toggleSearchFrame(this, relpath + 'file_list.html');
+  });
+}
+
+function toggleSearchFrame(id, link) {
+  var frame = $('#search_frame');
+  $('#search a').removeClass('active').addClass('inactive');
+  if (frame.attr('src') == link && frame.css('display') != "none") {
+    frame.slideUp(100);
+    $('#search a').removeClass('active inactive');
+  }
+  else {
+    $(id).addClass('active').removeClass('inactive');
+    frame.attr('src', link).slideDown(100);
+  }
+}
+
+function linkSummaries() {
+  $('.summary_signature').click(function() {
+    document.location = $(this).find('a').attr('href');
+  });
+}
+
+function framesInit() {
+  if (window.top.frames.main) {
+    document.body.className = 'frames';
+    $('#menu .noframes a').attr('href', document.location);
+    $('html head title', window.parent.document).text($('html head title').text());
+  }
+}
+
+function keyboardShortcuts() {
+  if (window.top.frames.main) return;
+  $(document).keypress(function(evt) {
+    if (evt.altKey || evt.ctrlKey || evt.metaKey || evt.shiftKey) return;
+    if (typeof evt.target !== "undefined" &&
+        (evt.target.nodeName == "INPUT" ||
+        evt.target.nodeName == "TEXTAREA")) return;
+    switch (evt.charCode) {
+      case 67: case 99:  $('#class_list_link').click(); break;  // 'c'
+      case 77: case 109: $('#method_list_link').click(); break; // 'm'
+      case 70: case 102: $('#file_list_link').click(); break;   // 'f'
+      default: break;
+    }
+  });
+}
+
+function summaryToggle() {
+  $('.summary_toggle').click(function() {
+    localStorage.summaryCollapsed = $(this).text();
+    $(this).text($(this).text() == "collapse" ? "expand" : "collapse");
+    var next = $(this).parent().parent().nextAll('ul.summary').first();
+    if (next.hasClass('compact')) {
+      next.toggle();
+      next.nextAll('ul.summary').first().toggle();
+    } 
+    else if (next.hasClass('summary')) {
+      var list = $('<ul class="summary compact" />');
+      list.html(next.html());
+      list.find('.summary_desc, .note').remove();
+      list.find('a').each(function() {
+        $(this).html($(this).find('strong').html());
+        $(this).parent().html($(this)[0].outerHTML);
+      });
+      next.before(list);
+      next.toggle();
+    }
+    return false;
+  });
+  if (localStorage) {
+    if (localStorage.summaryCollapsed == "collapse") $('.summary_toggle').click();
+    else localStorage.summaryCollapsed = "expand";
+  }
+}
+
+function fixOutsideWorldLinks() {
+  $('a').each(function() {
+    if (window.location.host != this.host) this.target = '_parent';
+  });
+}
+
+function generateTOC() {
+  if ($('#filecontents').length === 0) return;
+  var _toc = $('<ol class="top"></ol>');
+  var show = false;
+  var toc = _toc;
+  var counter = 0;
+  var tags = ['h2', 'h3', 'h4', 'h5', 'h6'];
+  var i;
+  if ($('#filecontents h1').length > 1) tags.unshift('h1');
+  for (i = 0; i < tags.length; i++) { tags[i] = '#filecontents ' + tags[i]; }
+  var lastTag = parseInt(tags[0][1], 10);
+  $(tags.join(', ')).each(function() {
+    if (this.id == "filecontents") return;
+    show = true;
+    var thisTag = parseInt(this.tagName[1], 10);
+    if (this.id.length === 0) {
+      var proposedId = $(this).text().replace(/[^a-z0-9-]/ig, '_');
+      if ($('#' + proposedId).length > 0) { proposedId += counter; counter++; }
+      this.id = proposedId;
+    }
+    if (thisTag > lastTag) { 
+      for (i = 0; i < thisTag - lastTag; i++) { 
+        var tmp = $('<ol/>'); toc.append(tmp); toc = tmp; 
+      } 
+    }
+    if (thisTag < lastTag) { 
+      for (i = 0; i < lastTag - thisTag; i++) toc = toc.parent(); 
+    }
+    toc.append('<li><a href="#' + this.id + '">' + $(this).text() + '</a></li>');
+    lastTag = thisTag;
+  });
+  if (!show) return;
+  html = '<div id="toc"><p class="title"><a class="hide_toc" href="#"><strong>Table of Contents</strong></a> <small>(<a href="#" class="float_toc">left</a>)</small></p></div>';
+  $('#content').prepend(html);
+  $('#toc').append(_toc);
+  $('#toc .hide_toc').toggle(function() { 
+    $('#toc .top').slideUp('fast');
+    $('#toc').toggleClass('hidden');
+    $('#toc .title small').toggle();
+  }, function() {
+    $('#toc .top').slideDown('fast');
+    $('#toc').toggleClass('hidden');
+    $('#toc .title small').toggle();
+  });
+  $('#toc .float_toc').toggle(function() { 
+    $(this).text('float');
+    $('#toc').toggleClass('nofloat');
+  }, function() {
+    $(this).text('left');
+    $('#toc').toggleClass('nofloat');
+  });
+}
+
+$(framesInit);
+$(createSourceLinks);
+$(createDefineLinks);
+$(createFullTreeLinks);
+$(fixBoxInfoHeights);
+$(searchFrameLinks);
+$(linkSummaries);
+$(keyboardShortcuts);
+$(summaryToggle);
+$(fixOutsideWorldLinks);
+$(generateTOC);