-
Notifications
You must be signed in to change notification settings - Fork 3
/
riak-syslog
executable file
·61 lines (45 loc) · 1.4 KB
/
riak-syslog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#!/usr/bin/env ruby
require 'riak-syslog'
require 'riak-syslog/cli'
desc "search syslog messages"
command [:search] do |c|
c.desc 'sort results by timestamp'
c.switch [:r, :timesort]
c.desc 'number of records to return'
c.flag [:l, :limit]
c.desc 'Limit to messages from this time (e.g: 2 days ago)'
c.flag [:f, :from]
c.desc 'Limit to messages to this time (e.g: 1 day ago)'
c.flag [:t, :to]
c.desc 'Show year in timestamp'
c.switch [:y, :showyear]
c.action do |global_options, options, args|
from = nil
to = nil
if options[:f]
from = Chronic.parse(options[:f])
to = Time.now
end
if options[:t]
to = Chronic.parse(options[:t])
# FIXME: From?
end
if options[:y]
time_format = "%Y-%d-%d %H:%M:%S"
else
time_format = "%b-%d %H:%M:%S"
end
sopts = {
:rows => options[:l] || 10
}
if from and to
sopts[:filter] = "timestamp:[#{from.iso8601.gsub(':','\:')} TO #{to.iso8601.gsub(':','\:')}]"
end
if options[:r]
sopts[:sort] = "timestamp desc"
end
rl = Record.search(args.join(" "), sopts).collect { |r| {:host => r.hostname, :time => DateTime.parse(r.timestamp).strftime(time_format), :log => r.msg.strip, :program => r.program} }
puts Brightbox::SimpleTable.render(rl, :fields => [:host, :time, :program, :log], :description => false)
end
end
exit run(ARGV)