grok 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +10 -0
- data/VERSION +1 -1
- data/examples/gtrace.rb +28 -0
- data/lib/grok.rb +5 -1
- data/lib/grok/watcher.rb +10 -2
- metadata +4 -2
data/README.rdoc
CHANGED
|
@@ -71,6 +71,16 @@ purposes of printing a summary, or whatever you want).
|
|
|
71
71
|
You can define as many of these handlers as you'd like and they'll be run
|
|
72
72
|
when the Ruby process has been sent a SIGINT.
|
|
73
73
|
|
|
74
|
+
==== Start
|
|
75
|
+
You can also define event handlers to run before Grok starts reading it's
|
|
76
|
+
input.
|
|
77
|
+
|
|
78
|
+
start do
|
|
79
|
+
puts "Starting"
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
You can define as many of these event handlers as you'd like
|
|
83
|
+
|
|
74
84
|
== Note on Patches/Pull Requests
|
|
75
85
|
|
|
76
86
|
* Fork the project.
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.0.
|
|
1
|
+
0.0.4
|
data/examples/gtrace.rb
ADDED
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
# Little proof of concept script that straces a running command and tells
|
|
2
|
+
# you how long it's spent in each syscall (aggregated) on exit.
|
|
3
|
+
#
|
|
4
|
+
# ruby gtrace.rb <PID>
|
|
5
|
+
|
|
6
|
+
require 'rubygems'
|
|
7
|
+
require 'grok'
|
|
8
|
+
|
|
9
|
+
configure do |c|
|
|
10
|
+
c.process = "strace -T -p #{ARGV[0]} 2>&1"
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
start do
|
|
14
|
+
@syscalls = {}
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
on /(\S+)\(.* .([\d\.]+)./ do |syscall, seconds|
|
|
18
|
+
if !@syscalls[syscall]
|
|
19
|
+
@syscalls[syscall] = 0.0
|
|
20
|
+
end
|
|
21
|
+
@syscalls[syscall] += seconds.to_f
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
exit do
|
|
25
|
+
@syscalls.keys.each { |syscall|
|
|
26
|
+
puts "#{syscall}: #{@syscalls[syscall].to_s} seconds"
|
|
27
|
+
}
|
|
28
|
+
end
|
data/lib/grok.rb
CHANGED
data/lib/grok/watcher.rb
CHANGED
|
@@ -25,11 +25,17 @@ module Grok
|
|
|
25
25
|
(@events[:log] ||= []) << [Regexp.new(match), block, opts[:times], within]
|
|
26
26
|
end
|
|
27
27
|
|
|
28
|
-
def
|
|
28
|
+
def on_exit(&block)
|
|
29
29
|
(@events[:exit] ||= []) << block
|
|
30
30
|
end
|
|
31
31
|
|
|
32
|
+
def on_start(&block)
|
|
33
|
+
(@events[:start] ||= []) << block
|
|
34
|
+
end
|
|
35
|
+
|
|
32
36
|
def start
|
|
37
|
+
dispatch(:start)
|
|
38
|
+
|
|
33
39
|
if !@config.file.nil?
|
|
34
40
|
File.open(@config.file) do |log|
|
|
35
41
|
log.extend(File::Tail)
|
|
@@ -82,7 +88,9 @@ module Grok
|
|
|
82
88
|
Process.exit
|
|
83
89
|
end
|
|
84
90
|
|
|
85
|
-
if
|
|
91
|
+
if event == :start
|
|
92
|
+
@events[:start].each { |block| invoke block }
|
|
93
|
+
elsif handler = find(event, log)
|
|
86
94
|
regexp, block, times, within = *handler
|
|
87
95
|
self.match = log.match(regexp).captures
|
|
88
96
|
(@event_log[match] ||= []) << Time.now.to_i
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: grok
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tim Sharpe
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2010-02-
|
|
12
|
+
date: 2010-02-19 00:00:00 +11:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
@@ -48,6 +48,7 @@ files:
|
|
|
48
48
|
- README.rdoc
|
|
49
49
|
- Rakefile
|
|
50
50
|
- VERSION
|
|
51
|
+
- examples/gtrace.rb
|
|
51
52
|
- examples/ssh_sentry.rb
|
|
52
53
|
- lib/grok.rb
|
|
53
54
|
- lib/grok/time.rb
|
|
@@ -85,4 +86,5 @@ summary: A ruby log event correlator
|
|
|
85
86
|
test_files:
|
|
86
87
|
- test/test_grok.rb
|
|
87
88
|
- test/helper.rb
|
|
89
|
+
- examples/gtrace.rb
|
|
88
90
|
- examples/ssh_sentry.rb
|