0

以下のように 1 つの ascii プレーン入力テキスト ファイルがあり、多くのケースがあります。ここでは 2 つのスイッチ ケースを示しています。私が必要とするのは、詳細関数で「$」で始まるすべての文字列を抽出する必要があることです (太字) 以下のテキストファイルに入れ、新しいファイル 1 に入れます。次に、nvp_add 関数で「$」で始まるすべての文字列を抽出する必要があります (太字) )を以下のテキストファイルに追加し、新しいファイル2に入れます。次のような出力を期待しています:

出力はファイル 1 にあると予想されます:

    case "11": ### eventDDoSLow

$severity、$description、$eventID、$eventURL、$alertLevel、$eventStart、$eventSourceCount

    case "15": ### eventWormLow

$severity、$description、$eventID、$eventURL、$alertLevel、$eventStart、$eventSourceCount、$eventSourceTable、$eventDestCount、$eventDestTable、$eventProtocolCount、$eventProtocolTable、$eventServiceCount、$eventServiceTable、$mazuSourceName

出力はファイル 2 にあると予想されます。

    case "11": ### eventDDoSLow

$severity、$description、$eventID、$eventURL、$alertLevel、$eventStart、$eventSourceCount

    case "15": ### eventWormLow

$severity、$description、$eventID、$eventURL、$alertLevel、$eventStart、$eventSourceCount、$eventSourceTable、$eventDestCount、$eventDestTable、$eventProtocolCount、$eventProtocolTable、$eventServiceCount、$eventServiceTable、$mazuSourceName

入力ファイル (プレーン ascii):

switch($specific-trap)
{


    case "11": ### eventDDoSLow

        ##########
        # $1 = severity
        # $2 = description
        # $3 = eventID
        # $4 = eventURL
        # $5 = alertLevel
        # $6 = eventStart
        # $7 = eventSourceCount
        # $8 = eventSourceTable
        # $9 = eventDestCount
        # $10 = eventDestTable
        # $11 = eventProtocolCount
        # $12 = eventProtocolTable
        # $13 = eventServiceCount
        # $14 = eventServiceTable
        # $15 = eventNormalBPS
        # $16 = eventCurrentBPS
        # $17 = eventNormalPPS
        # $18 = eventCurrentPPS
        ##########

        $severity = $1
        $description = $2
        $eventID = $3
        $eventURL = $4
        $alertLevel = lookup($5, AlertLevel)
        $eventStart = $6
        $eventSourceCount = $7
        $eventSourceTable = $8
        $eventDestCount = $9
        $eventDestTable = $10
        $eventProtocolCount = $11
        $eventProtocolTable = $12
        $eventServiceCount = $13
        $eventServiceTable = $14
        $eventNormalBPS = $15
        $eventCurrentBPS = $16
        $eventNormalPPS = $17
        $eventCurrentPPS = $18

        include "$NC_RULES_HOME/include-snmptrap/riverbed/riverbed-  
MAZU-MIB.parser.include.snmptrap.rules"

        @URL = $eventURL

        $OS_EventId = "SNMPTRAP-riverbed-MAZU-MIB-eventDDoSLow"

        @AlertGroup = "Denial Of Service"
        @AlertKey = "Event ID: " + $eventID
        @Summary = "Denial of Service  ( Src: " + $mazuSourceName + ", Dest: " + 
$mazuDestName + " )" + " ( " + @AlertKey + " ) "

        $DEFAULT_Severity = 2
        $DEFAULT_Type = 1
        $DEFAULT_ExpireTime = 0               

        @Identifier = @Node + " " + @AlertKey + " " + @AlertGroup + " " + 
$DEFAULT_Type + " " + @Agent + " " + @Manager + " " + $specific-trap

        $alertLevel = $alertLevel + " ( " + $5 + " )"
        if(match($OPTION_EnableDetails, "1") or   
match($OPTION_EnableDetails_riverbed, "1")) {
            **details****($severity, $description, $eventID, $eventURL, $alertLevel, 
$eventStart, $eventSourceCount)**
        }
        **@ExtendedAttr = **nvp_add**(@ExtendedAttr, "severity", $severity,
"description", $description, "eventID", $eventID,
             "eventURL", $eventURL, "alertLevel", $alertLevel, 
"eventStart", $eventStart,
             "eventSourceCount", $eventSourceCount)**

    case "15": ### eventWormLow

        ##########
        # $1 = severity
        # $2 = description
        # $3 = eventID
        # $4 = eventURL
        # $5 = alertLevel
        # $6 = eventStart
        # $7 = eventSourceCount
        # $8 = eventSourceTable
        # $9 = eventDestCount
        # $10 = eventDestTable
        # $11 = eventProtocolCount
        # $12 = eventProtocolTable
        # $13 = eventServiceCount
        # $14 = eventServiceTable
        ##########

        $severity = $1
        $description = $2
        $eventID = $3
        $eventURL = $4
        $alertLevel = lookup($5, AlertLevel)
        $eventStart = $6
        $eventSourceCount = $7
        $eventSourceTable = $8
        $eventDestCount = $9
        $eventDestTable = $10
        $eventProtocolCount = $11
        $eventProtocolTable = $12
        $eventServiceCount = $13
        $eventServiceTable = $14

        include "$NC_RULES_HOME/include-snmptrap/riverbed/riverbed-
MAZU-MIB.parser.include.snmptrap.rules"

        @URL = $eventURL

        $OS_EventId = "SNMPTRAP-riverbed-MAZU-MIB-eventWormLow"

        @AlertGroup = "Worm Detected"
        @AlertKey = "Event ID: " + $eventID
        @Summary = "Worm Detected  ( Src: " + $mazuSourceName + ", Dest: " + 
$mazuDestName + " )" + " ( " + @AlertKey + " ) "

        $DEFAULT_Severity = 2
        $DEFAULT_Type = 1
        $DEFAULT_ExpireTime = 0               

        @Identifier = @Node + " " + @AlertKey + " " + @AlertGroup + " " + 
$DEFAULT_Type + " " + @Agent + " " + @Manager + " " + $specific-trap

        $alertLevel = $alertLevel + " ( " + $5 + " )"
        if(match($OPTION_EnableDetails, "1") or 
match($OPTION_EnableDetails_riverbed, "1")) {
            **details($severity, $description, $eventID, $eventURL, $alertLevel,
$eventStart, $eventSourceCount, $eventSourceTable, $eventDestCount, $eventDestTable, 
$eventProtocolCount, $eventProtocolTable, $eventServiceCount, $eventServiceTable, 
$mazuSourceName)**
        }
        **@ExtendedAttr = nvp_add(@ExtendedAttr, "severity", $severity, "description", $description, "eventID", $eventID,
             "eventURL", $eventURL, "alertLevel", $alertLevel, "eventStart", $eventStart,
             "eventSourceCount", $eventSourceCount, "eventSourceTable", $eventSourceTable, "eventDestCount", $eventDestCount,
             "eventDestTable", $eventDestTable, "eventProtocolCount", $eventProtocolCount, "eventProtocolTable", $eventProtocolTable,
             "eventServiceCount", $eventServiceCount, "eventServiceTable", $eventServiceTable, "mazuSourceName", $mazuSourceName)**
4

1 に答える 1

0 
import re


functions = ["details", "nvp_add"]
caselines_index = []
cases = []
readlines = []

def read(in_file):
  global cases
  global caselines_index
  global readlines
  with open(in_file, 'r') as file:
    for line in file.readlines():
      readlines.append(line.strip())
    for line in readlines:
      case_search = re.search("case\s\".+?\"\:\s", line)
      if case_search:
        caselines_index.append(readlines.index(line))
    print caselines_index
    caselines_index_iter = iter(caselines_index)
    int_line_index = int(next(caselines_index_iter))
    int_next_index = int(next(caselines_index_iter))
    while True:
      try:
        case_text = ' '.join(readlines[int_line_index:int_next_index]).strip()
        case = [readlines[int_line_index].strip(), case_text]
        cases.append(case)
        int_line_index = int_next_index
        int_next_index = int(next(caselines_index_iter))
      except StopIteration:
        case_text = ' '.join(readlines[int_line_index:len(readlines) - 1]).strip()
        case = [readlines[int_line_index].strip(), case_text]
        cases.append(case)
        break

def work():
  for func in functions:
    with open(func+".txt", 'w+') as result_file:
      for case_list in cases:
        caseline = case_list[0].strip()
        result_file.write(caseline + "\n")
        nvp = re.findall(func+"\(.+?\)", case_list[1].strip())

        for item in nvp:
          result_list = re.findall("(\$.+?)[\,\)]", item)

          for result in result_list:
            if "$*" not in result:
              result_file.write(result + "\n")

def main():
  global functions
  in_file = "input.txt"
  read(in_file)
  work()


if __name__=="__main__":
  main()

私はそれを試してみましたが、うまくいきます。

于 2013-08-19T18:05:44.970 に答える