git/watch-tool
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(service-monitor): add implementation for parsing access-manager logs

Browse source
This commit is contained in:
Patryk Hegenberg 2025-09-04 09:31:29 +02:00
parent 8de06b4b98
commit 81d32a638f
1 changed files with 62 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

65
service_monitor.go
View file

@ -7,6 +7,7 @@ import (
"fmt" "fmt"
"log/slog" "log/slog"
"os/exec" "os/exec"
"regexp"
"strconv" "strconv"
"strings" "strings"
"time" "time"
@ -209,6 +210,8 @@ func (jep *JournalEntryParser) parseServiceSpecific(entry LogEntry) LogEntry {
return parseTJMService(entry) return parseTJMService(entry)
case "nginx": case "nginx":
return parseNginxService(entry) return parseNginxService(entry)
case "access-manager":
return parseAMService(entry)
default: default:
return entry return entry
} }
@ -250,7 +253,7 @@ func parseTixstreamService(entry LogEntry) LogEntry {
newEntry.Fields["transfer_info"] = strings.Join(info[1:], " ") newEntry.Fields["transfer_info"] = strings.Join(info[1:], " ")
default: default:
newEntry.Fields["log_type"] = "log_message" newEntry.Fields["log_type"] = "log_message"
newEntry.Fields["transfer_info"] = info newEntry.Fields["transfer_info"] = strings.Join(info, " ")
} }
return newEntry return newEntry
@ -299,6 +302,62 @@ func parseTJMService(entry LogEntry) LogEntry {
return newEntry return newEntry
} }
func parseNginxService(entry LogEntry) LogEntry { var (
return entry amServicePattern = regexp.MustCompile(`^(\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(?:\.\d+)?Z)\s+(\w+)\s+(\d+)\s+---\s+\[\s*([^\]]*)\]\s+([\w\.]+)\s*:\s*(.*)$`)
nginxAccessPattern = regexp.MustCompile(`^(\S+)\s+\S+\s+(\S+)\s+\[([^\]]+)\]\s+"([^"]+)"\s+(\d+)\s+(\d+|-)\s*(?:"([^"]*)"\s+"([^"]*)")?`)
)
func parseAMService(entry LogEntry) LogEntry {
newEntry := entry
if newEntry.Fields == nil {
newEntry.Fields = make(map[string]any)
}
matches := amServicePattern.FindStringSubmatch(strings.TrimSpace(entry.Message))
if len(matches) != 7 {
return newEntry
}
newEntry.Fields["timestamp"] = matches[1]
newEntry.Fields["log_level"] = matches[2]
newEntry.Fields["process_id"] = matches[3]
newEntry.Fields["thread_name"] = strings.TrimSpace(matches[4])
newEntry.Fields["logger_name"] = matches[5]
newEntry.Fields["log_message"] = matches[6]
return newEntry
}
func parseNginxService(entry LogEntry) LogEntry {
newEntry := entry
if newEntry.Fields == nil {
newEntry.Fields = make(map[string]any)
}
matches := nginxAccessPattern.FindStringSubmatch(strings.TrimSpace(entry.Message))
if len(matches) < 7 {
return newEntry
}
newEntry.Fields["client_ip"] = matches[1]
newEntry.Fields["remote_user"] = matches[2]
newEntry.Fields["timestamp"] = matches[3]
newEntry.Fields["request"] = matches[4]
newEntry.Fields["status_code"] = matches[5]
newEntry.Fields["bytes_sent"] = matches[6]
if len(matches) > 7 && matches[7] != "" {
newEntry.Fields["referer"] = matches[7]
}
if len(matches) > 8 && matches[8] != "" {
newEntry.Fields["user_agent"] = matches[8]
}
if requestParts := strings.Fields(matches[4]); len(requestParts) >= 3 {
newEntry.Fields["http_method"] = requestParts[0]
newEntry.Fields["request_uri"] = requestParts[1]
newEntry.Fields["http_version"] = requestParts[2]
}
return newEntry
} }