samba logs - files matching /var/log/samba/*.log
- class insights.parsers.samba_logs.SAMBALog(context)[source]
Bases:
LogFileOutputParser class for reading samba log files. The main work is done by the LogFileOutput super-class.
Sample input:
- [2018/12/07 07:09:44.812154, 5, pid=6434, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1344(free_param_opts)
Freeing parametrics:
- [2018/12/07 07:09:44.812281, 3, pid=6434, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:547(init_globals)
Initialising global parameters
- [2018/12/07 07:09:44.812356, 2, pid=6434, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:319(max_open_files)
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
- [2019/45/899 11:11:04.911891, 3, pid=15822, effective(0, 0), real(0, 0)] ../source3/printing/queue_process.c:236
(bq_sig_hup_handler) Reloading pcap cache after SIGHUP.
Each line is parsed into a dictionary with the following keys:
timestamp - the date of the log line (as a string)
datetime - the date as a datetime object (if conversion is possible)
pid - process id of samba process being run
function - the function within the module
message - the body of the message
raw_message - the raw message before being split.
Examples
>>> 'Fake' in samba_logs True >>> 'pid=15822, effective(0, 0), real(0, 0)]' in samba_logs True >>> len(samba_logs.get('Fake line')) == 1 True
- time_format = '%b %d %H:%M:%S %Y'
The timestamp format assumed for the log files. A subclass can override this for files that have a different timestamp format. This can be:
A string in strptime() format.
A list of strptime() strings.
A dictionary with each item’s value being a strptime() string. This allows the item keys to provide some form of documentation.
A None value when there is no timestamp info in the log file