else:
path = '/usr/local/waf_test/analysis/' + guid + '-' + mode
errorDic = {} # 按域名存储错误日志
total_dic = {} # 按域名存储状态码信息
format_error = []
header = ['wafStatus', 'original_status', 'channel']
total = ['400', '403', '408', '499', '500', '502', '503']
while True:
res = []
if os.path.exists('/usr/local/nginx/logs/access/access.log') and
os.path.getsize('/usr/local/nginx/logs/access/access.log'):
# 拉取日志
try:
os.system('rm -f /usr/local/waf_test/tmp/tmp/*')
os.system('mv /usr/local/nginx/logs/access/access.log
/usr/local/waf_test/tmp/tmp/access.log')
print('拉取日志成功')
except Exception as msg:
logging.error(str(msg))
# 通知进程重新产生日志
count = 0
while count < 3:
_, pID = commands.getstatusoutput('cat
/usr/local/nginx/logs/nginx.pid')
os.system('kill -s USR1 ' + pID)
time.sleep(5)
if
os.path.exists('/usr/local/nginx/logs/access/access.log'):
print('access.log regenerate succeed')
break
count += 1
if count == 3:
print('access.log regenerate failed')
logging.error('access.log regenerate failed')
# 对本次拉取的日志进行分析
with open("/usr/local/waf_test/tmp/tmp/access.log", "r") as
f:
for line in f:
if line.find('pepp4_') == -1:
try:
lineList = []
index1 = line.index('HTTP/')
index2 = line[index1 + 10:].index(' ')
Li = line[index1:index1 + 10 +
index2].split()
index3 = line.index('WAF_')
li = line[index3:].split()
# 保存异常状态的日志信息,按域名分类
if li[5] == '-' and Li[1] in total:
lineList.append(Li[1])
lineList.append(li[5])
lineList.append(li[6])
res.append(lineList)
if lineList[2] in errorDic: