In [None]:
import pandas as pd
import numpy as np
import glob
pd.set_option('display.max_rows', 500)
pd.set_option('display.max_columns', 500)
pd.set_option('display.width', 10000)
pd.set_option('display.max_colwidth', -1)

import time
from pandas_profiling import ProfileReport

In [None]:
##################Print Multiple Cmds#####################
from IPython.core.interactiveshell import InteractiveShell
InteractiveShell.ast_node_interactivity = "all"

# IO & PARSING FUNCTIONS

In [None]:
def read_multilog(f):
    lst = []
    with open(f, 'r', encoding='utf8') as filehandle:
        for line in filehandle:
            lst.append(line)
    return lst

In [None]:
def clean_multilog(logList):
    lst = []
    for item in range(len(logList)):
        temp = logList[item].replace('\n','')
        lst.append(temp)
    return lst

In [None]:
def split_pipes(logList):
    splitList = []
    for ii in range(len(logList)):
        temp = logList[ii].split('|')
    return temp

# COMBINE FUNCTIONS

In [None]:
def combine_logfiles(log_file_list):
    combined_logs = []
    filename_list = []
    for log_file in range(len(log_file_list)):
        read_list = read_multilog(log_file_list[log_file])
        temp = clean_multilog(read_list)
#         print(len(temp))
        if len(temp) == 1:
            temp1 = split_pipes(temp)
            combined_logs.append(temp1)
            filename_list.append(log_file_list[log_file])
        else:
            for item in range(len(temp)):
                combined_logs.append(temp[item].split('|'))
                filename_list.append(log_file_list[log_file])
    return combined_logs, filename_list

In [None]:
def split_equalSign_combine(combined_list, filename_list):
    df = pd.DataFrame()
    for item in range(len(combined_list)):
        fields = []
        values = []
        for record in range(len(combined_list[item])):
            temp_record = combined_list[item][record].split('=',1)
            fields.append(temp_record[0])
            values.append(temp_record[1])

        temp_df = pd.DataFrame(data=values).T
        temp_df.columns = fields
        df = df.append(temp_df, sort=False)

    df = pd.concat([pd.DataFrame(filename_list, columns=['Filename']), df.reset_index(drop=True)], axis=1)
    return df

In [None]:
def get_split_pathname(x):
    for k in range(x.shape[0]):
        x.Filename[k] = x.Filename[k].split('\\')[1]        
    return x

# Process logs

### segment mimecast traffic logfiles - receipt / process / delivery / jrnl

In [None]:
traffic_receipt_logfiles = glob.glob('C:/Users/R011846/Desktop/mimecast/logs2/logs2/log_files/receipt*.log')
print('receipt count:', len(traffic_receipt_logfiles))
# traffic_process_logfiles = glob.glob('C:/Users/R011846/Desktop/mimecast/logs2/logs2/log_files/process*.log')
# print('process count:', len(traffic_process_logfiles))
traffic_delivery_logfiles = glob.glob('C:/Users/R011846/Desktop/mimecast/logs2/logs2/log_files/delivery*.log')
print('delivery count:', len(traffic_delivery_logfiles))
# traffic_jrnl_logfiles = glob.glob('C:/Users/R011846/Desktop/mimecast/logs2/logs2/log_files/jrnl*.log')
# print('jrnl count:', len(traffic_jrnl_logfiles))

### complete logfile traffic

In [None]:
# log_file_list = glob.glob('C:/Users/R011846/Desktop/full_logfiles_test/*.log')
# print('all logs count:', len(log_file_list))

# Combine Logs

### Receipt

In [None]:
combined_receipt_list, receipt_filename_list = combine_logfiles(traffic_receipt_logfiles)
print('\nreceipt clean list count:', len(combined_receipt_list))

### Process

In [None]:
# combined_process_list, process_filename_list = combine_logfiles(traffic_process_logfiles)
# print('\nprocess clean list count:', len(combined_process_list))

### Delivery

In [None]:
combined_delivery_list, delivery_filename_list = combine_logfiles(traffic_delivery_logfiles)
print('\ndelivery clean list count:', len(combined_delivery_list))

# Create & write combined dataframe

## Receipt

In [None]:
start = time.time()
df_receipt2 = split_equalSign_combine(combined_receipt_list, receipt_filename_list)
end = time.time()

In [None]:
print('elapsed time in seconds: {:0.1f}'.format(end - start))
print('final dataframe shape:', df_receipt2.shape)

In [None]:
df_receipt2 = get_split_pathname(df_receipt2)
df_receipt2.head(1)

- Example durations (dynamic schema): 700s, n=31,308 | 1304s, n=35,858
#### Output receipt pickle

In [None]:
pklName = 'all_receipt.pkl'
# df_receipt = get_split_pathname(pd.read_pickle(pklName))
# df_receipt.to_pickle(pklName)
df_receipt = pd.read_pickle(pklName)
df_receipt.shape

In [None]:
df_receipt[df_receipt.aCode == '1cep7I0JObKgYoyRv17sPQ'].Filename.value_counts()

## Process

In [None]:
# start = time.time()
# df_process = split_equalSign_combine(combined_process_list, process_filename_list)
# end = time.time()

# print('elapsed time in seconds: {:0.1f}'.format(end - start))
# print('final dataframe shape:', df_process.shape)

- Example durations: 194s, n=24,303
#### Output process pickle

In [None]:
pklName = 'all_process.pkl'
# # df_process = get_split_pathname(pd.read_pickle(pklName))
# # df_process.to_pickle(pklName)
df_process = pd.read_pickle(pklName)
df_process.shape

## Delivery

In [None]:
# start = time.time()
# df_delivery = split_equalSign_combine(combined_delivery_list, delivery_filename_list)
# end = time.time()

# print('elapsed time in seconds: {:0.1f}'.format(end - start))
# print('final dataframe shape:', df_delivery.shape)

- Example durations: 574.2, n=25,555
#### Output delivery pickle

In [None]:
pklName = 'all_delivery.pkl'
# df_delivery = get_split_pathname(pd.read_pickle(pklName))
# df_delivery.to_pickle(pklName)
df_delivery = pd.read_pickle(pklName)
df_delivery.shape

# Process email logs direction - only INBOUND

## Receipt

In [None]:
df_receipt.Dir.value_counts()

df_inbound_rec = df_receipt[(df_receipt.Dir == 'Inbound') & (df_receipt.Act != 'Ign')].reset_index(drop=True)
# df_outbound = df_receipt[df_receipt.Dir == 'Outbound'].reset_index(drop=True)
# df_external = df_receipt[df_receipt.Dir == 'External'].reset_index(drop=True)
# df_internal = df_receipt[df_receipt.Dir == 'Internal'].reset_index(drop=True)
df_inbound_rec.columns = df_inbound_rec.columns + '_receipt'
df_inbound_rec.columns

df_inbound_rec.Dir_receipt.value_counts()

In [None]:
# profile = ProfileReport(df_inbound_rec, title='Pandas Profiling Report - Mimecast Receipt')
# # # # profile.to_notebook_iframe()
# profile.to_file(output_file='mimecast_inbound_traffic_receipt.html')

In [None]:
# df_inbound_rec.to_csv('mimecast_inbound_traffic_receipt.csv', index=False)

## Process - NO DIRECTION - will try to link acodes
- There are duplicates in these files that will be removed - WHY?

In [None]:
# df_process = df_process[~df_process.duplicated()]
# df_process.shape
# # df_process.columns = df_process.columns + '_process'
# df_process.columns

In [None]:
# profile = ProfileReport(df_process, title='Pandas Profiling Report - Mimecast Process')
# # # # profile.to_notebook_iframe()
# profile.to_file(output_file='mimecast_inbound_traffic_process.html')

In [None]:
# df_process.to_csv('mimecast_inbound_traffic_process.csv', index=False)

## Delivery

In [None]:
df_delivery.Dir.value_counts()

df_inbound_del = df_delivery[df_delivery.Dir == 'Inbound'].reset_index(drop=True)
# df_outbound = df_delivery[df_delivery.Dir == 'Outbound'].reset_index(drop=True)
# df_external = df_delivery[df_delivery.Dir == 'External'].reset_index(drop=True)
# df_internal = df_delivery[df_delivery.Dir == 'Internal'].reset_index(drop=True)
df_inbound_del.columns = df_inbound_del.columns + '_delivery'
df_inbound_del.columns

df_inbound_del.Dir_delivery.value_counts()

In [None]:
# profile = ProfileReport(df_inbound_del, title='Pandas Profiling Report - Mimecast Delivery')
# # # # profile.to_notebook_iframe()
# profile.to_file(output_file='mimecast_inbound_traffic_delivery.html')

In [None]:
# df_inbound_del.to_csv('mimecast_inbound_traffic_delivery.csv', index=False)

In [None]:
print('receipt')
df_inbound_rec.sample(1)
# print('process')
# df_process.sample(1)
print('delivery')
df_inbound_del.sample(1)

# Join Data

#### Duplicates - caused by Act (action) in receipt - going to filter Ign

In [None]:
df_joined = df_inbound_rec.merge(df_inbound_del,
                     left_on=['aCode_receipt','Rcpt_receipt'],
                     right_on=['aCode_delivery','Rcpt_delivery'],
                     how='left')

In [None]:
df_joined.head()

In [None]:
profile = ProfileReport(df_joined, title='Pandas Profiling Report - Mimecast Joined Data v1')
# # # profile.to_notebook_iframe()
profile.to_file(output_file='mimecast_inbound_traffic_joined.html')