[Apparmor-dev] aa-parselog: simple script that parses log messages
and print apparmor messages.
Matt Barringer
mbarringer at suse.de
Sun Jun 24 13:39:15 MDT 2007
On Tue, 19 Jun 2007, Mathias Gug wrote:
> I'm quite interested to use the logparser library. There are a couple of
> places now in the code where log parsing is done. I'm parsing log
> messages into aa-parselog, but I'm not sure that every case is covered.
Sorry it took so long, I ran into several general flex/bison problems, and
the current syntax isn't exactly easy to parse.
But I believe it covers both old and new syntax[1] now, and it passes all
the grammar tests I've thrown at it, so I've checked it into SVN under
trunk/management/libaalogparse. The library should be thread safe, fast,
and stable, although the parser grammar needs to be cleaned up. There are
SWIG interfaces generated for ruby, python, and perl, with java and C#
coming after Hack Week, but I have *not* tested them yet. Let me know if
you have any problems/comments/bugs/etc.
Thanks,
Matt
--
[1] - The new syntax uses a key="value" scheme, I'm not sure if anyone has
posted details about that to apparmor-dev yet.
More information about the Apparmor-dev
mailing list