All geek questions in one place

Python Help - Analyzing Package Logs

I am writing a simple program that will analyze a log file from a packet dump from wirehark into a more readable form. I am doing this with python.

I am currently stuck in this part:

for i in range(len(linelist)):
if '### SERVER' in linelist[i]:
    #do server parsing stuff

    packet = linelist[i:find("\n\n", i, len(linelist))]

linelist is a list created using the readlines () method, so each line in the file is an element in the list. I repeat it in all the ### SERVER meetings, and then grab all the lines after it until the next empty line (which means the end of the package). I have to do something wrong, because not only find () is not working, but I have a feeling that there is a better way to capture everything between ### SERVER and the next occurrence of an empty line.

Any ideas?

+3
source share
4 answers

file.readlines() doc:

file.readlines([sizehint])

EOF readline() , . sizehint, EOF, , (, ). , , sizehint, .

file.readline() doc:

file.readline([])

. ( , ). [6] , ( ), . EOF.

A trailing newline character is kept in the string - , linelist . "\n\n" - ( EOF):

if myline in ("\n", ""):
    handle_empty_line()

. find, pythonic .

+1

:

inpacket = False
packets = []
for line in open("logfile"):
  if inpacket:
    content += line
    if line in ("\n", ""): # empty line
      inpacket = False
      packets.append(content)
  elif '### SERVER' in line:
    inpacket = True
    content = line
# put here packets.append on eof if needed
0

. , , .

fileIter= iter(theFile)
for x in fileIter:
    if "### SERVER" in x:
        block = [x]
        for y in fileIter:
            if len(y.strip()) == 0: # empty line
                break
            block.append(y)
        print block # Or whatever
    # elif some other pattern:

, , , .

In addition, it is quite easy to generalize, since there are no explicit state-change variables, you just go into another loop to absorb the lines into other types of blocks.

0
source

the best way is to use generators to read the presentation. Generating tricks for system programmers. This is the best I've seen about parsing a magazine;)

0
source

Source: https://habr.com/ru/post/1699623/

More articles:


All Articles