#!/usr/bin/env python
# coding=gbk
from os.path import getsize
import sys
import re
import time
import datetime
import os
from re import compile,IGNORECASE
import smtplib
from email.MIMEText import MIMEText
import socket
reload(sys)
sys.setdefaultencoding('gbk')
##日志文件
log = r'tomcat.log'
##每次执行后的位置,保证不重复统计
last_position_logfile = r'pos.txt'
##获取保存的位置
def get_last_position(file):
data = open(file,'r')
last_position = data.readline()
if last_position:
last_position = int(last_position)
else:
last_position = 0
data.close()
return last_position
##保存上次读写后的位置
def write_this_position(file,last_position):
data = open(file,'w')
data.write(str(last_position))
data.close()
##获取主机ip
def getIpaddr():
myname = socket.getfqdn(socket.gethostname())
myaddr = socket.gethostbyname(myname)
return myaddr
##解析日志文件
def anlysis_log(file):
##设置超时告警阈值
timeout_count_threshold=5
msg_result={}
currentTime=time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
ip = getIpaddr()
data = open(file,'r')
last_position = get_last_position(last_position_logfile)
this_position = getsize(log)
##快速定位位置
if this_position < last_position:
data.seek(0)
elif this_position == last_position:
exit()
elif this_position > last_position:
data.seek(last_position)
##循环读取日志行
for line in data.readlines():
##正则匹配
match=re.search(r'(ASClient)(.*)(elapsed=\d{5})(.*)(method=.*)(.*)(servicename=.*),',line)
if ( not match ):
pass
else:
msg_method=match.group(5).split(',')[0].split('=')[1]
msg_service=match.group(7).split(',')[0].split('=')[1]
if msg_service not in msg_result:
msg_result[msg_service]={'timeout_total':0}
if msg_method not in msg_result[msg_service]:
msg_result[msg_service][msg_method]={'timeout':0}
msg_result[msg_service]['timeout_total']+=1
msg_result[msg_service][msg_method]['timeout']+=1
for (k,v) in msg_result.items():
if ( (k=='test') and v['timeout_total']>timeout_count_threshold ):
msg_report=''
for (x,y) in v.items():
if(x != 'timeout_total'):
pp=' %s [超时次数:%s],'% (x,y['timeout'])
msg_report=msg_report+pp
content='%s超时次数为%s, IP:%s'%(k.upper(),v['timeout_total'],ip)
sendmail('IP:%s, %s调用超时次数为:%s, 超时阀值为10秒, 具体的method如下:<br>%s'%(ip,k,v['timeout_total'],msg_report.replace(',','<br>')),'[报警]系统%s超时'%k.upper())
##把当前位置保存到文件
write_this_position(last_position_logfile,data.tell())
data.close()
print time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
def sendmail(content,subject):
url = r"smtp.163.com"
sender = 'kong@163.com'
receivers = ['kong@163.com']
msg = MIMEText(content,'html','gbk')
msg['Subject'] = subject
msg['To'] = ",".join(receivers)
conn = smtplib.SMTP(url,25)
conn.sendmail(sender,receivers,msg.as_string())
conn.close()
anlysis_log(log)
python解析日志并邮件告警
最新推荐文章于 2024-01-26 11:45:46 发布