chainsaw 0.0.4

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in chainsaw.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2012 ljfauscett
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,57 @@
+# Chainsaw
+
+Parses a log file and returns lines matching the time period provided.
+
+Chronic is used to parse the time strings, so any format chronic
+supports, chainsaw supports. A list of supported formats can
+be found here: https://github.com/mojombo/chronic
+
+## Installation
+    
+    gem install chainsaw
+
+## Usage
+
+    > chainsaw access.log 1 hour ago                  # entries from one hour ago to now
+    > chainsaw access.log august                      # entries from August to now
+    > chainsaw access.log 2012-08-06                  # entries from August 6th to now
+    > chainsaw access.log 2012-08-27 10:00            # entries from August 27th at 10:00 to now
+
+    # You can use a hypen to specify a time range (you can mix and match formats)
+
+    > chainsaw access.log 2012-08-01 - 2012-09-17     # entries within August 1st and September 17th
+    > chainsaw access.log august - yesterday          # entries within August and September
+
+## Features
+
+### Additional text filter
+
+You can specify an additional simple text pattern to filter (in addition to the time arguments) with the `-f` option.
+
+    > chainsaw access.log -f GET 1 hour ago
+
+### Colorize output
+
+You can have chainsaw colorize the timestamp for easy scanning with the `-c` option.
+
+    > chainsaw access.log -c 1 hour ago
+    
+### Interactive mode
+
+If you want to print a line and wait for input (press return) before moving to the next found line, you can use the `-i` option.
+    
+    > chainsaw access.log -i 1 hour ago
+    
+### Output to a file
+
+Chainsaw will output the found log lines to a file on the system if you specify with `-o FILENAME`.
+
+    > chainsaw access.log yesterday -o yesterday.log
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,8 @@
+#!/usr/bin/env rake
+require 'rake/testtask'
+require 'bundler/gem_tasks'
+
+Rake::TestTask.new do |t|
+    t.libs << 'test'
+    t.test_files = FileList['test/*_test.rb']
+end

data/bin/chainsaw

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+$LOAD_PATH.unshift(File.expand_path('../../lib', __FILE__))
+
+require 'chainsaw'
+
+Chainsaw::CLI.run

data/chainsaw.gemspec

@@ -0,0 +1,22 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/chainsaw/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ['ljfauscett']
+  gem.email         = ['ljfauscett@gmail.com']
+  gem.description   = 'Cutting up logs like shelby stanga'
+  gem.summary       = 'wahhhhh'
+  gem.homepage      = ''
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = 'chainsaw'
+  gem.require_paths = ['lib']
+  gem.version       = Chainsaw::VERSION
+
+  gem.add_dependency 'chronic', '~> 0.7.0'
+
+  gem.add_development_dependency 'minitest', '~> 3.0.0'
+  gem.add_development_dependency 'mocha', '~> 0.11.4'
+end

data/lib/chainsaw.rb

@@ -0,0 +1,15 @@
+require 'date'
+require 'ostruct'
+require 'optparse'
+
+require 'chronic'
+
+require 'chainsaw/cli'
+require 'chainsaw/format'
+require 'chainsaw/detector'
+require 'chainsaw/filter'
+require 'chainsaw/version'
+
+module Chainsaw
+
+end

data/lib/chainsaw/cli.rb

@@ -0,0 +1,112 @@
+module Chainsaw
+  class CLI
+    CHRONIC_OPTIONS = { :context => :past, :guess => false }
+    BANNER = <<-BANNER
+    Usage: chainsaw LOGFILE INTERVAL [OPTIONS]
+
+    Description:
+      Parses a log file and returns lines matching the time period provided.
+
+      Chronic is used to parse the time strings, so any format chronic
+      supports, chainsaw supports. A list of supported formats can
+      be found here: https://github.com/mojombo/chronic
+
+    Examples:
+
+      > chainsaw access.log 1 hour ago                  # entries from one hour ago to now
+      > chainsaw access.log august                      # entries from August to now
+      > chainsaw access.log 2012-08-06                  # entries from August 6th to now
+      > chainsaw access.log 2012-08-27 10:00            # entries from August 27th at 10:00 to now
+
+      You can use a hypen to specify a time range (you can mix and match formats)
+
+      > chainsaw access.log 2012-08-01 - 2012-09-17     # entries within August 1st and September 17th
+      > chainsaw access.log august - yesterday          # entries within August and September
+
+    BANNER
+
+    # Use OptionParser to parse options, then we remove them from
+    # ARGV to help ensure we're parsing times correctly
+    def self.parse_options
+      @options = OpenStruct.new({
+        :interactive => false,
+        :colorize    => false
+      })
+
+      @opts = OptionParser.new do |opts|
+        opts.banner = BANNER.gsub(/^ {4}/, '')
+
+        opts.separator ''
+        opts.separator 'Options:'
+
+        opts.on('-f [FILTER]', 'Provide a regexp pattern to match on as well as the interval given') do |filter|
+          @options.filter = filter
+        end
+
+        opts.on('-i', 'Work in interactive mode, one line at a time') do
+          @options.interactive = true
+        end
+
+        opts.on('-c', 'Colorize output (dates and patterns given)') do
+          @options.colorize = true
+        end
+
+        opts.on('-o [FILE]', 'Output the filtered lines to a file') do |file|
+          @options.output_file = file
+        end
+
+        opts.on('-v', 'Print the version') do
+          puts Chainsaw::VERSION
+          exit
+        end
+
+        opts.on( '-h', '--help', 'Display this help.' ) do
+          puts opts
+          exit
+        end
+      end
+
+      @opts.parse!
+    end
+
+    # Check the leftover arguments to see if we're given a range or not.
+    # If we have a range, parse them, if not, parse the single time arguments.
+    #
+    # args - an Array of String arguments
+    #
+    # Returns a Time object or Range representing the requested time
+    def self.parse_time_args(args)
+      delimiter = args.index('-')
+
+      if delimiter
+        starting = Chronic.parse(args[0..(delimiter - 1)].join(' '), CHRONIC_OPTIONS).begin
+        ending   = Chronic.parse(args[(delimiter + 1)..-1].join(' '), CHRONIC_OPTIONS).begin
+
+        starting..ending
+      else
+        Chronic.parse(args.join(' '), CHRONIC_OPTIONS).begin
+      end
+    end
+
+    def self.validate_logfile
+    end
+
+    def self.print_usage_and_exit!
+      puts @opts
+      exit
+    end
+
+    # Called from the executable. Parses the command line arguments
+    # and passes them through to Filter.
+    def self.run
+      parse_options
+      print_usage_and_exit! if ARGV.empty?
+
+      logfile = ARGV.first
+      time    = parse_time_args(ARGV[1..-1])
+
+      trap(:INT) { exit }
+      Filter.filter(logfile, time, @options)
+    end
+  end
+end

data/lib/chainsaw/detector.rb

@@ -0,0 +1,91 @@
+module Chainsaw
+  class Detector
+
+    CLF_PATTERN          = /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} (?:-|[^ ]+) (?:-|[^ ]+) \[(\d{2}\/[a-z]{3}\/\d{4}:\d{2}:\d{2}:\d{2} -\d{4})\]/i
+    APACHE_ERROR_PATTERN = /^\[([a-z]{3} [a-z]{3} \d{2} \d{2}:\d{2}:\d{2} \d{4})\]/i
+    NGINX_ERROR_PATTERN  = /^(\d{4}\/\d{2}\/\d{2} \d{2}:\d{2}:\d{2})/i
+    RUBY_LOGGER_PATTERN  = /^[a-z]{1}, \[(\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2})\.\d+ #\d+\]/i
+    RAILS_PATTERN        = /^started [a-z]+ "[^"]+" for \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} at (\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2} -\d{4})/i
+    SYSLOG_PATTERN       = /^([a-z]{3}  ?\d{1,2} \d{2}:\d{2}:\d{2})/i
+    REDIS_PATTERN        = /^\[\d+\]  ?(\d{1,2} [a-z]{3} \d{2}:\d{2}:\d{2})/i
+    PUPPET_PATTERN       = /^\[(\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2})\]/i
+    MONGODB_PATTERN      = /^(\w{3} \w{3} \d{2} \d{2}:\d{2}:\d{2})/i
+    RACK_PATTERN         = /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} (?:-|[^ ]+) (?:-|[^ ]+) \[(\d{2}\/[a-z]{3}\/\d{4} \d{2}:\d{2}:\d{2})\]/i
+    PYTHON_PATTERN       = /^(\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2})/i
+    DJANGO_PATTERN       = /^\[(\d{2}\/[a-z]{3}\/\d{4} \d{2}:\d{2}:\d{2})\]/i
+
+    def self.detect(log)
+      format = nil
+
+      log.each_line do |line|
+        format = _detect(line)
+        break unless format.type.nil?
+      end
+
+      if format.nil?
+        puts "\033[31mUnable to determine log format :(\033[0m"
+        exit
+      else
+        format
+      end
+    end
+
+    def self._detect(line)
+      format = Format.new
+
+      case line
+      when CLF_PATTERN
+        format.type        = 'clf'
+        format.time_format = '%d/%b/%Y:%H:%M:%S %z'
+        format.pattern     = CLF_PATTERN
+      when APACHE_ERROR_PATTERN
+        format.type        = 'apache_error'
+        format.time_format = '%a %b %d %H:%M:%S %Y'
+        format.pattern     = APACHE_ERROR_PATTERN
+      when NGINX_ERROR_PATTERN
+        format.type        = 'nginx_error'
+        format.time_format = '%Y/%m/%d %H:%M:%S'
+        format.pattern     = NGINX_ERROR_PATTERN
+      when RUBY_LOGGER_PATTERN
+        format.type        = 'ruby_logger'
+        format.time_format = '%Y-%m-%dT%H:%M:%S'
+        format.pattern     = RUBY_LOGGER_PATTERN
+      when RAILS_PATTERN
+        format.type        = 'rails'
+        format.time_format = '%Y-%m-%d %H:%M:%S %z'
+        format.pattern     = RAILS_PATTERN
+      when SYSLOG_PATTERN
+        format.type        = 'syslog'
+        format.time_format = '%b %e %H:%M:%S'
+        format.pattern     = SYSLOG_PATTERN
+      when REDIS_PATTERN
+        format.type        = 'redis'
+        format.time_format = '%e %b %H:%M:%S'
+        format.pattern     = REDIS_PATTERN
+      when PUPPET_PATTERN
+        format.type        = 'puppet'
+        format.time_format = '%Y-%m-%d %H:%M:%S'
+        format.pattern     = PUPPET_PATTERN
+      when MONGODB_PATTERN
+        format.type        = 'mongodb'
+        format.time_format = '%a %b %d %H:%M:%S'
+        format.pattern     = MONGODB_PATTERN
+      when RACK_PATTERN
+        format.type        = 'rack'
+        format.time_format = '%d/%b/%Y %H:%M:%S'
+        format.pattern     = RACK_PATTERN
+      when PYTHON_PATTERN
+        format.type        = 'python'
+        format.time_format = '%Y-%m-%d %H:%M:%S'
+        format.pattern     = PYTHON_PATTERN
+      when DJANGO_PATTERN
+        format.type        = 'django'
+        format.time_format = '%d/%b/%Y %H:%M:%S'
+        format.pattern     = DJANGO_PATTERN
+      end
+
+      format
+    end
+
+  end
+end

data/lib/chainsaw/filter.rb

@@ -0,0 +1,126 @@
+module Chainsaw
+  class Filter
+    attr_reader :line_count
+
+    # Initialize a Filter instance. We read the logfile here and
+    # attempt to detect what type of logfile it is.
+    #
+    # logfile - the String path of the logfile to be filtered
+    # bounds  - the "time" period to filter through (Time or Range)
+    # options - an OpenStruct representing the options
+    #
+    # Returns the Filter instance
+    def initialize(logfile, bounds, options = OpenStruct.new)
+      @logfile    = logfile
+      @bounds     = bounds
+      @options    = options
+      @log        = File.open(@logfile)
+      @format     = Detector.detect(@log)
+      @line_count = 0
+
+      @log.rewind
+
+      self
+    end
+
+    # Start iterating through the log lines and filtering them accordingly.
+    def start
+      @log.each_line do |line|
+        filter    = @options.filter
+        match     = line.match(@format.pattern)
+
+        if match
+          timestamp = match[1]
+          time      = Filter.parse_timestamp(timestamp, @format.time_format)
+        else
+          timestamp = time = nil
+        end
+
+        # a match was found if we are filtering additional text, check that too
+        if match && within_bounds?(time) && ( !filter || filter && line.include?(filter) )
+          found(line, timestamp)
+        # a match was found and we are outputting non-timestamped lines
+        elsif match && @outputting
+          @outputting = false
+        # outputting non-timestamped lines
+        elsif @outputting
+          out(line)
+        end
+      end
+
+      unless @options.output_file
+        hind = (@line_count.zero? || @line_count > 1) ? 's' : ''
+        puts "\n\033[33mFound #{@line_count} line#{hind} \033[0m"
+      end
+    end
+
+    # Check to see if the parsed Time is within the bounds
+    # of our given Time or time Range.
+    #
+    # time - the parsed Time from the logline
+    #
+    # Returns true if within bounds
+    def within_bounds?(time)
+      if @bounds.is_a? Range
+        @bounds.cover?(time)
+      else
+        @bounds < time
+      end
+    end
+
+    # A matching line was found, set @outputting incase we
+    # run into lines that aren't timestamped.
+    #
+    # line - the String logline
+    # timestamp - the String timestamp from the logline
+    def found(line, timestamp)
+      @outputting = true
+      @line_count += 1
+
+      out(line, timestamp)
+
+      STDIN.gets if @options.interactive && !@options.output_file
+    end
+
+    # Output the logline to STDOUT or File. We also colorize if requested.
+    #
+    # line - the String logline
+    # timestamp - the String timestamp from the logline
+    def out(line, timestamp = nil)
+      if @options.output_file
+        File.open(@options.output_file, 'a') { |f| f.write(line) }
+      elsif @options.colorize && timestamp
+        puts line.sub(timestamp, "\033[32m#{timestamp}\033[0m")
+      else
+        puts line
+      end
+    end
+
+    # Parse a timestamp using the given time_format. If a timezone
+    # isn't included in the timestamp, we'll set it to the current local
+    # timezone
+    #
+    # timestamp - the String timestamp
+    # time_format - the String time format used to parse
+    #
+    # Returns the parsed Time object
+    def self.parse_timestamp(timestamp, time_format)
+      if time_format.include?('%z')
+        dt = DateTime.strptime(timestamp, time_format)
+      else
+        # ugly, i know... find a better way
+        timestamp   = timestamp + (Time.now.utc_offset / 3600).to_s
+        time_format = time_format + ' %z'
+        dt = DateTime.strptime(timestamp, time_format)
+      end
+      Time.local(dt.year, dt.month, dt.day, dt.hour, dt.min, dt.sec)
+    end
+
+
+    # A convinence method to initialize a Filter object using the
+    # given args and start filtering it
+    def self.filter(*args)
+      new(*args).start
+    end
+  end
+end