In [None]:
#!/usr/bin/env python3

# Importing necessary modules
import sys  # To handle command-line arguments and system functions
import os   # To handle file paths
import re   # To work with regular expressions

# Function to search for specific error messages in the provided log file
def error_search(log_file):
  # Prompt user for the error keyword or phrase they want to search for
  error = input("What is the error? ")
  # Initialize an empty list to store lines containing the specified error
  returned_errors = []
  
  # Open the log file in read mode with UTF-8 encoding
  with open(log_file, mode='r', encoding='UTF-8') as file:
    # Read each line of the file
    for log in file.readlines():
      # Start with a base pattern that looks for the word "error"
      error_patterns = ["error"]
      
      # Split the input error phrase into words and add each as a pattern
      for i in range(len(error.split(' '))):
        error_patterns.append(r"{}".format(error.split(' ')[i].lower()))
      
      # Check if all patterns (error word and input words) exist in the log line
      if all(re.search(error_pattern, log.lower()) for error_pattern in error_patterns):
        # If all patterns are found, add the log line to the returned_errors list
        returned_errors.append(log)
    
    # Close the file after reading all lines
    file.close()
  
  # Return the list of errors found
  return returned_errors

# Function to write the found errors to a log file
def file_output(returned_errors):
  # Open a file in the user's home directory (in the 'data' folder) to write the errors
  with open(os.path.expanduser('~') + '/data/errors_found.log', 'w') as file:
    # Write each error found to the file
    for error in returned_errors:
      file.write(error)
    # Close the file after writing
    file.close()

# Main execution block
if __name__ == "__main__":
  # Get the log file from the command-line argument (argv[1] is the first argument)
  log_file = sys.argv[1]
  
  # Search the log file for errors based on user input
  returned_errors = error_search(log_file)
  
  # Write the found errors to an output log file
  file_output(returned_errors)
  
  # Exit the program with a status of 0 (indicating success)
  sys.exit(0)



# Lab: Searching Log Files for Errors with Python

## Introduction
Imagine one of your colleagues is struggling with a program that keeps throwing an error. Unfortunately, the program's source code is too complicated to easily find the error there. The good news is that the program outputs a log file you can read! Let's write a script to search the log file for the exact error, then output that error into a separate file so you can work out what's wrong.

### What you'll do
1. Write a script to search the log file using regex to find the exact error.
2. Report the error into a separate file for further analysis.

## Steps to Complete the Lab

### Step 1: Viewing the Log File
In the `/data` directory, there's a file named `fishy.log`, which contains the system log. Each log entry is written in this format:

```
Month Day hour:minute:second mycomputername "process_name"["random 5 digit number"] "ERROR/INFO/WARN" "Error description"
```

To view the log file, use the following command:
```bash
cat ~/data/fishy.log
```

Example output:
```
July 31 00:06:21 mycomputername kernel[96041]: WARN Failed to start network connection
July 31 00:09:53 mycomputername updater[46711]: WARN Computer needs to be turned off and on again
...
```

### Step 2: Creating the Script
We will now create a Python script named `find_error.py` in the `scripts` directory. Start by navigating to the directory and creating the file using `nano`:

```bash
cd ~/scripts
nano find_error.py
```

### Step 3: Writing the Script
Add the shebang line and import the necessary Python modules:
```python
#!/usr/bin/env python3
import sys
import os
import re
```

### Step 4: Defining the `error_search` Function
The function `error_search` takes a log file as a parameter and prompts the user for the error to search. It uses regular expressions to find any errors in the log file that match the user's input. Here's how you can define it:

```python
def error_search(log_file):
    error = input("What is the error? ")
    returned_errors = []
    with open(log_file, mode='r', encoding='UTF-8') as file:
        for log in file.readlines():
            error_patterns = ["error"]
            for i in range(len(error.split(' '))):
                error_patterns.append(r"{}".format(error.split(' ')[i].lower()))
            if all(re.search(error_pattern, log.lower()) for error_pattern in error_patterns):
                returned_errors.append(log)
        file.close()
    return returned_errors
```

### Step 5: Defining the `file_output` Function
Now, create the function `file_output`, which writes the found errors to a file:

```python
def file_output(returned_errors):
    with open(os.path.expanduser('~') + '/data/errors_found.log', 'w') as file:
        for error in returned_errors:
            file.write(error)
        file.close()
```

### Step 6: Writing the Main Block
The main block calls both functions and runs the script:
```python
if __name__ == "__main__":
    log_file = sys.argv[1]
    returned_errors = error_search(log_file)
    file_output(returned_errors)
    sys.exit(0)
```

### Step 7: Making the Script Executable and Running It
Save the file, and then make it executable with the following command:
```bash
sudo chmod +x find_error.py
```

Now, run the script and pass the `fishy.log` file as a parameter:
```bash
./find_error.py ~/data/fishy.log
```

When prompted, enter the type of error to search:
```bash
CRON ERROR Failed to start
```

### Step 8: Viewing the Output
After running the script, check the generated `errors_found.log` file with:
```bash
cat ~/data/errors_found.log
```

The output will show all log entries matching the search criteria:
```
July 31 04:11:32 mycomputername CRON[51253]: ERROR: Failed to start CRON job due to script syntax error. Inform the CRON job owner!
```
