基于Python的关键字监控及告警

Python  /  管理员 发布于 7年前   245

为了解决日志文件监控的问题, 使用python脚本完成了基于关键字的告警功能

环境 python 2.7

依赖包 time \ traceback \ filelock \ logging

代码如下:

#!/bin/python#coding:utf-8import sysreload(sys)sys.setdefaultencoding('utf8')import reimport osfrom urllib import urlencodeimport loggingimport filelockimport timeimport traceback#config.conf#文件1:关键字A|关键字B:出现次数:告警方式:联系方式:联系组:某某异常#文件2:关键字C|关键字D:出现次数:告警方式:联系方式:联系组:某某异常#rc.local增加#sudo -u monitor /bin/bash -x /home/apps/logmon-job/deploy_py.shlogging.basicConfig(level=logging.DEBUG,          format='%(asctime)s %(filename)s[line:%(lineno)d] %(levelname)s %(message)s',          datefmt='%a, %d %b %Y %H:%M:%S',          filename='/home/logs/monitor/logmon.log',          #filename='/Users/mac/Desktop/logmon/logmon.log',          filemode='a')basDir='/home/apps/logmon-job/'posFiles=basDir+'/pos.log'configFile=basDir+'config.conf'def readOnly(filename):  return open(filename,'r')  # passdef readWrite(filename):  return open(filename,'rw')  # passdef writeOnly(filename):  return open(filename,'w')  # pass# def closesfile():#   passdef getStartPosLog(posFiles):  txt=readOnly(posFiles)  result={}  for i in txt :    filename,pos=i.split(':')    if filename != '' :      result[filename]=pos  return result  txt.close()def rematch(txt,regular):  resultList=[]  for t in txt.split(r'\n') :    # print t    # pattern = re.compile(r':')    pattern = re.compile(regular)    resultList=(pattern.findall(t))  try :    # print '匹配结果为',resultList     return len(resultList),regular , resultList[0]  except Exception as e :    print e     return 0 , regular , ''  # passdef getEndPost(f):  filename=readOnly(f)  try :    nowpos=filename.tell()    filename.seek(0,2)    endpos=filename.tell()    filename.seek(nowpos,0)  except :    endpos = 0  filename.close()  return endpos   # passdef getDistinct(startpos,endpos):  return endpos-startposdef getText(f,startpos,endpos):  filename=readOnly(f)  filename.seek(startpos,0)  textLength=getDistinct(startpos,endpos)  text=filename.read(textLength)  filename.close()  return textdef updatePosLog(posResult,posFiles):  f=writeOnly(posFiles)  # print 'posResult ',posResult  for k in posResult.keys() :    v=posResult[k]    f.writelines('%s:%s\n' %(k,v))  f.close()  passdef getAlterConfi(filename):  #文件:关键字:出现次数:告警方式:联系方式:联系组  f=readOnly(filename)  result={}  for lines in f.readlines():    # print lines    try :      filename , key , count , alterType , alterAddress , alterGroup ,alterMessage= lines.strip('\n').split(":")      result[filename]={}      result[filename]["key"]     =key      result[filename]["count"]    =count      result[filename]["alterType"]  =alterType      result[filename]["alterAddress"]=alterAddress      result[filename]["alterGroup"] =alterGroup      result[filename]["alterMessage"]=alterMessage    except Exception as e:      print e      print '错误的配置 %s' % (lines.strip('\n'))      pass  return resultdef sendSms(account,message):  data={    'accounts':account ,    'templateName':'opalert' ,    'alertcontent':message ,  }  encodeMessage=urlencode(data)  #正式时需要开启  os.system('curl -I "http://10.1.1.146:8080/sms/send?%s" ' % ( encodeMessage ) )def main():  global posFiles  global configFile  AlterConfi=getAlterConfi(configFile)  print AlterConfi  posResult=getStartPosLog(posFiles)  posResult_bak=getStartPosLog(posFiles)  # print posResult  for filename in AlterConfi.keys() :    keyDict=AlterConfi[filename]    print '开始检查文件 ',filename    #print rematch(filename,r'#')[0]     if not os.path.exists(filename):      print 'file "%s" not exist ,pass' % (filename)      # continue    if os.path.exists(filename):endpos = getEndPost(filename)      if endpos == 0 :        print 'file "%s" is empty ,pass' % (filename)      else :        try :          startpos= int(posResult[filename])        except :          startpos = 0        print 'startpos is %.f , endpos is %.f' %(startpos ,endpos)        #处理切割后,偏移量归位        if startpos > endpos :          startpos = 0        text = getText(filename,startpos,endpos)        # print '%s text is : '%(filename) , text        #分析关键字        #print AposlterConfi[filename]        matchCount , regular , resultList = rematch(text,keyDict['key'])        print '匹配关键字',regular , '匹配长度为', matchCount , '关键字告警阈值' ,keyDict['count'] , '关键字' , resultList        if int(matchCount) >= int(keyDict['count']) :          print 'alterGroup len is ',len(keyDict['alterGroup'])          print 'alterType len is ' ,len(keyDict['alterType'])          if len(keyDict['alterGroup']) > 0:pass          if len(keyDict['alterType']) >0:if keyDict['alterType'].upper() == 'SMS' :  for account in keyDict['alterAddress'].split(',') :    if len(account) >0 :      sendSms(account,'发现%s 告警,关键字:%s ,出现次数:%s ' %(keyDict['alterMessage'] , resultList , matchCount ))pass        #记录末尾偏移量        posResult_bak[filename]=endpos      print '打印文件偏移量信息',posResult_bak      #正式时需要开启  updatePosLog(posResult_bak,posFiles)if __name__ == '__main__':  lock = filelock.FileLock("/home/apps/logmon-job/logmon.py.lock")  if lock:    logging.info("CaiWeiCheng Get Lock.start!!!")  try:    with lock.acquire(timeout=5):      while 1 :        main()        time.sleep(60)      # pass  #except filelock.timeout :  except Exception as e :    print traceback.format_exc()    print "timeout"         logging.warning("get file lock timeout")

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。


  • 上一条:
    用virtualenv建立多个Python独立虚拟开发环境
    下一条:
    Python中装饰器兼容加括号和不加括号的写法详解

    • 昵称:

    邮箱:

    0条评论 (评论内容有缓存机制,请悉知!)
    Top

    Copyright·© 2019 侯体宗版权所有· 粤ICP备20027696号 PHP交流群

    侯体宗的博客