python 日志增量抓取实现方法
实例如下所示:
import time import pickle import os import re class LogIncScaner(object): def __init__(self,log_file, reg_ex,seek_file='/tmp/log-inc-scan.seek.temp'): self.log_file = log_file self.reg_ex = reg_ex self.seek_file = seek_file def scan(self): seek = self._get_seek() file_mtime = os.path.getmtime(self.log_file) if file_mtime <= seek['time']: print 'file mtime not change since last scan' seek['time'] = file_mtime self._dump_seek(seek) return [] file_size = os.path.getsize(self.log_file) if file_size <= seek['position']: print 'file size not change since last scan' seek['position'] = file_size self._dump_seek(seek) return [] print 'file changed,start to scan' matchs = [] with open(self.log_file, 'rb') as logfd: logfd.seek(seek['position'],os.SEEK_SET) for match in re.finditer(self.reg_ex, logfd.read()): matchs.append(match) seek = {'time':time.time(),'position': logfd.tell()} print seek self._dump_seek(seek) return matchs def _get_seek(self): seek = {'time':time.time(),'position':0} if os.path.exists(self.seek_file): with open(self.seek_file,'rb') as seekfd: try: seek = pickle.load(seekfd) except: pass print seek return seek def _dump_seek(self, seek): with open(self.seek_file,'wb') as seekfd: pickle.dump(seek,seekfd) def reset_seek(self): self._dump_seek({'time':time.time(),'position':0}) if __name__ == "__main__": scaner = LogIncScaner('/var/log/messages',r'(\w+ \d+ \d+:\d+:\d+) .+?exception') scaner.reset_seek() while True: matchs = scaner.scan() for match in matchs: print 'fond at:' + match.group(1) + ' content:' + match.group(0) time.sleep(5)
相关推荐
YENCSDN 2020-11-17
lsjweiyi 2020-11-17
houmenghu 2020-11-17
Erick 2020-11-17
HeyShHeyou 2020-11-17
以梦为马不负韶华 2020-10-20
lhtzbj 2020-11-17
夜斗不是神 2020-11-17
pythonjw 2020-11-17
dingwun 2020-11-16
lhxxhl 2020-11-16
坚持是一种品质 2020-11-16
染血白衣 2020-11-16
huavhuahua 2020-11-20
meylovezn 2020-11-20
逍遥友 2020-11-20
weiiron 2020-11-16