> Dec 18 10:04:45 dragon logger: TCPWRAP: SERVICE=sshd@::ffff:192.168.0.1
> ,TYPE=ALL_DENY,HOST_ADDRESS=::ffff:195.145.94.75,HOST_INFO=::ffff:
> 195.145.94.75,HOST_NAME=unknown,USER_NAME=unknown,OTHERINFO=
Hi Will,
Observation: the output above looks comma delimited, at least the stuff
after the 'TCPWRAP:' part.
> self.twist_fail_re =
> rc('SERVICE=\S*\sHOST_ADDRESS=\S*\sHOST_INFO=\S*\sHOST_NAME=\S*\sUSER_NAME=\S*\s')
The line given as example doesn't appear to have whitespace in the places
that the regular expression expects. It does contain commas as delimiters
between the key/value pairs encoded in the line.
There's more information on regular expressions here:
http://www.amk.ca/python/howto/regex/
that should help you get started.
As an aside: the structure of the log line above is simple enough that you
might not even need regexes --- regular string methods might just be
powerful enough. For example, strings have a 'split()' method to break a
string into a list of substrings:
######
>>> 'hello,world,this,is,a,test'.split(",")
['hello', 'world', 'this', 'is', 'a', 'test']
######
If you have more questions, please feel free to ask.
_______________________________________________
Tutor maillist - Tutor@python.org
http://mail.python.org/mailman/listinfo/tutor
