class Brolog
Public Class Methods
new(log = "conn.log")
click to toggle source
Instance methods
# File lib/brolog.rb, line 14 def initialize(log = "conn.log") @this_log = log @log_fields = Hash.new self.get_log_fields end
set_log_directory(location="/usr/local/bro/logs/current/")
click to toggle source
Class methods
# File lib/brolog.rb, line 5 def self.set_log_directory(location="/usr/local/bro/logs/current/") @@bro_log_directory = location end
version()
click to toggle source
# File lib/brolog.rb, line 9 def self.version return "0.0.2" end
Public Instance Methods
fields()
click to toggle source
# File lib/brolog.rb, line 49 def fields @log_fields end
get_log_fields()
click to toggle source
# File lib/brolog.rb, line 20 def get_log_fields file = File.open(@@bro_log_directory + @this_log, "r") or return "Could not open #{@@bro_log_directory+@log}!" @separator = file.gets.gsub(/#separator /,"").chomp.gsub("\\","0").hex.chr @set_separator = file.gets.gsub(/#set_separator\t/,"").chomp @empty_field = file.gets.gsub(/#empty_field\t/,"").chomp @unset_field = file.gets.gsub(/#unset_field\t/,"").chomp @path = file.gets.gsub(/#path\t/, "").chomp @open = file.gets.gsub(/#open\t/, "").chomp @fields = file.gets.gsub(/#fields\t/, "").chomp @types = file.gets.gsub(/#types\t/, "").chomp types = @types.split(@separator) puts types.count puts types @fields.split(@separator).each_with_index { |name,x| @log_fields[name.to_s] = types[x] } @rows = Array.new while line = file.gets do fields = line.chomp.split(@separator) a=Hash.new @log_fields.keys.each_with_index { |key,idx| a[key] = fields[idx] } @rows << a end file.close end
rows()
click to toggle source
# File lib/brolog.rb, line 45 def rows @rows end