statool/logar
statool/logar
1
0
Fork 0
Code Issues Pull requests Releases Activity

Added error log anonymization feature.

Browse source
This commit is contained in:
Christian P. MOMON 2021-04-22 18:32:56 +02:00
parent 90dc98fbc5
commit 541e0d9254
3 changed files with 48 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/fr/devinsy/logar/app/Logar.java
View file

@ -102,7 +102,7 @@ public final class Logar
{ {
if (file.getName().contains("access")) if (file.getName().contains("access"))
{ {
anonymizer.anonymizeAccessFile(file); anonymizer.anonymize(file);
} }
else if (file.getName().contains("error")) else if (file.getName().contains("error"))
{ {

75
src/fr/devinsy/logar/app/anonymizer/Anonymizer.java
View file

@ -23,6 +23,7 @@ import java.io.FileOutputStream;
import java.io.IOException; import java.io.IOException;
import java.io.PrintWriter; import java.io.PrintWriter;
import java.time.format.DateTimeParseException; import java.time.format.DateTimeParseException;
import java.util.regex.Matcher;
import java.util.regex.Pattern; import java.util.regex.Pattern;
import java.util.zip.GZIPOutputStream; import java.util.zip.GZIPOutputStream;
@ -59,32 +60,6 @@ public final class Anonymizer
this.map = new AnonMap(); this.map = new AnonMap();
} }
/**
* Anonymize.
*
* @param log
* the log
* @return the log
*/
public Log anonymizeAccess(final Log log)
{
Log result;
String anonIp = this.map.anonymizeIp(log.getIp());
String anonUser = this.map.anonymizeUser(log.getUser());
String line = log.getLine().replace(log.getIp(), anonIp);
if (!log.getUser().equals("-"))
{
line = line.replace(log.getUser(), anonUser);
}
result = new Log(line, log.getDatetime(), anonIp, anonUser);
//
return result;
}
/** /**
* Anonymize. * Anonymize.
* *
@ -93,7 +68,7 @@ public final class Anonymizer
* @param target * @param target
* the target * the target
*/ */
public void anonymizeAccessFile(final File source) public void anonymize(final File source)
{ {
if (source == null) if (source == null)
{ {
@ -188,13 +163,13 @@ public final class Anonymizer
} }
/** /**
* Anonymize error. * Anonymize.
* *
* @param log * @param log
* the log * the log
* @return the log * @return the log
*/ */
public Log anonymizeError(final Log log) public Log anonymizeAccess(final Log log)
{ {
Log result; Log result;
@ -213,6 +188,48 @@ public final class Anonymizer
return result; return result;
} }
/**
* Anonymize error.
*
* @param log
* the log
* @return the log
*/
public Log anonymizeError(final Log log)
{
Log result;
// Search and anonymized Ipv4 addresses.
Matcher matcher = IPV4_PATTERN.matcher(log.getLine());
String anonLine = log.getLine();
while (matcher.find())
{
String left = anonLine.substring(0, matcher.start());
String ipv4 = matcher.group();
String right = anonLine.substring(matcher.end());
String anonIpv4 = this.map.get(ipv4);
anonLine = left + anonIpv4 + right;
}
// Search and anonymized Ipv4 addresses.
matcher = IPV6_PATTERN.matcher(anonLine);
while (matcher.find())
{
String left = anonLine.substring(0, matcher.start());
String ipv6 = matcher.group();
String right = anonLine.substring(matcher.end());
String anonIpv6 = this.map.get(ipv6);
anonLine = left + anonIpv6 + right;
}
result = new Log(anonLine, log.getDatetime());
//
return result;
}
/** /**
* Gets the map table. * Gets the map table.
* *

5
src/fr/devinsy/logar/app/log/LogUtils.java
View file

@ -49,10 +49,7 @@ public final class LogUtils
"^(?<remoteAddress>[a-zA-F0-9\\\\:\\\\.]+) - (?<remoteUser>\\S+) \\[(?<time>[^\\]]+)\\] \"(?<request>[^\"]*)\" (?<status>\\d+) (?<bodyBytesSent>\\d+) \"(?<referer>[^\"]*)\" \"(?<userAgent>[^\"]*)\".*$"); "^(?<remoteAddress>[a-zA-F0-9\\\\:\\\\.]+) - (?<remoteUser>\\S+) \\[(?<time>[^\\]]+)\\] \"(?<request>[^\"]*)\" (?<status>\\d+) (?<bodyBytesSent>\\d+) \"(?<referer>[^\"]*)\" \"(?<userAgent>[^\"]*)\".*$");
public static Pattern NGINX_ACCESSLOG_LINE_PATTERN = Pattern.compile("^(?<remoteAddress>[a-fA-F0-9\\\\:\\\\.]+) - (?<remoteUser>[^\\[]+) \\[(?<time>[^\\]]+)\\] .*$"); public static Pattern NGINX_ACCESSLOG_LINE_PATTERN = Pattern.compile("^(?<remoteAddress>[a-fA-F0-9\\\\:\\\\.]+) - (?<remoteUser>[^\\[]+) \\[(?<time>[^\\]]+)\\] .*$");
public static Pattern NGINX_ERRORLOG_LINE_PATTERN = Pattern.compile("^(?<time>\\S+\\s\\S+)\\s\\[(?<level>[^\\]]*)\\]\\s.*$"); public static Pattern NGINX_ERRORLOG_LINE_PATTERN = Pattern.compile("^(?<time>\\S+\\s\\S+)\\s\\[(?<level>[^\\]]*)\\]\\s(?<message>.*)$");
public static Pattern NGINX_ACCESSLOG_LINE_PATTERN2 = Pattern.compile("^\\S+ - [^\\[]+ \\[(?<time>[^\\]]+)\\] .*$");
public static Pattern NGINX_ERRORLOG_LINE_PATTERN2 = Pattern.compile("^(?<time>\\S+\\s\\S+)\\s\\[(?<level>[^\\]]*)\\]\\s.*$");
/** /**
* Instantiates a new nginx access log parser. * Instantiates a new nginx access log parser.