diff --git a/NEWS b/NEWS index 55e222a9..22619dbe 100644 --- a/NEWS +++ b/NEWS @@ -8,6 +8,11 @@ lnav v0.9.1: following command to open the command prompt with ":filter-in " already filled in: :prompt command : 'filter-in ' + * Added support for the W3C Extended Log File Format. Note: Since the + columns in a W3C log are specified in the file, the name of the format + and SQLite table will include a hash ID over of the column names + (e.g. w3c_7685df_log). + * Added support for the S3 Access File Format. * To jump to the first search hit above the top line in a view, you can press CTRL+J instead of ENTER in the search prompt. Pressing ENTER will jump to the first hit below the current window. @@ -23,6 +28,8 @@ lnav v0.9.1: Interface Changes: * When copying log lines, the file name and time offset will be included in the copy if they are enabled. + * Log messages that cannot be parsed properly will be given an "invalid" + log level and the invalid portions colored yellow. Fixes: * Unicode text can now be entered in prompts. diff --git a/docs/source/formats.rst b/docs/source/formats.rst index 60d6f461..c5cd4f0d 100644 --- a/docs/source/formats.rst +++ b/docs/source/formats.rst @@ -20,11 +20,19 @@ The following log formats are built into **lnav**: :widths: 8 5 20 :file: format-table.csv -The -`Bro Network Security Monitor `_ -TSV log format is also supported in versions -v0.8.3+. The Bro log format is self-describing, so **lnav** will read the -header to determine the shape of the file. +In addition to the above formats, the following self-describing formats are +supported: + +* The + `Bro Network Security Monitor `_ + TSV log format is supported in lnav versions v0.8.3+. The Bro log format is + self-describing, so **lnav** will read the header to determine the shape of + the file. +* The + `W3C Extend Log File Format `_ + is supported in lnav versions v0.9.1+. The W3C log format is + self-describing, so **lnav** will read the header to determine the shape of + the file. Defining a New Format diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index de3dc2f1..464b970f 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -141,6 +141,7 @@ set(FORMAT_FILES formats/strace_log.json formats/sudo_log.json formats/syslog_log.json + formats/s3_log.json formats/tcf_log.json formats/tcsh_history.json formats/uwsgi_log.json diff --git a/src/Makefile.am b/src/Makefile.am index 2dc6cc72..fc6ac22f 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -47,6 +47,7 @@ FORMAT_FILES = \ $(srcdir)/formats/strace_log.json \ $(srcdir)/formats/sudo_log.json \ $(srcdir)/formats/syslog_log.json \ + $(srcdir)/formats/s3_log.json \ $(srcdir)/formats/tcf_log.json \ $(srcdir)/formats/tcsh_history.json \ $(srcdir)/formats/uwsgi_log.json \ diff --git a/src/all_logs_vtab.cc b/src/all_logs_vtab.cc index 76936997..2fa0eb4f 100644 --- a/src/all_logs_vtab.cc +++ b/src/all_logs_vtab.cc @@ -90,7 +90,7 @@ bool all_logs_vtab::is_valid(log_cursor &lc, logfile_sub_source &lss) auto lf = lss.find(cl); auto lf_iter = lf->begin() + cl; - if (lf_iter->is_continued()) { + if (!lf_iter->is_message()) { return false; } diff --git a/src/base/intern_string.hh b/src/base/intern_string.hh index dbf0d7d2..00b0a2e9 100644 --- a/src/base/intern_string.hh +++ b/src/base/intern_string.hh @@ -155,6 +155,39 @@ struct string_fragment { this->sf_end = -1; }; + void trim(const char *tokens) { + while (this->sf_begin < this->sf_end) { + bool found = false; + + for (int lpc = 0; tokens[lpc] != '\0'; lpc++) { + if (this->sf_string[this->sf_begin] == tokens[lpc]) { + found = true; + break; + } + } + if (!found) { + break; + } + + this->sf_begin += 1; + } + while (this->sf_begin < this->sf_end) { + bool found = false; + + for (int lpc = 0; tokens[lpc] != '\0'; lpc++) { + if (this->sf_string[this->sf_end - 1] == tokens[lpc]) { + found = true; + break; + } + } + if (!found) { + break; + } + + this->sf_end -= 1; + } + } + const char *sf_string; int sf_begin; int sf_end; @@ -190,6 +223,10 @@ public: return std::string(this->is_str, this->is_len); } + string_fragment to_string_fragment() const { + return string_fragment{this->is_str, 0, (int) this->is_len}; + } + bool startswith(const char *prefix) const { const char *curr = this->is_str; @@ -267,6 +304,13 @@ public: return this->ist_interned_string->to_string(); } + string_fragment to_string_fragment() const { + if (this->ist_interned_string == nullptr) { + return string_fragment{"", 0, 0}; + } + return this->ist_interned_string->to_string_fragment(); + } + bool operator<(const intern_string_t &rhs) const { return strcmp(this->get(), rhs.get()) < 0; } diff --git a/src/base/string_util.cc b/src/base/string_util.cc index cd2620d4..244068db 100644 --- a/src/base/string_util.cc +++ b/src/base/string_util.cc @@ -93,6 +93,23 @@ size_t unquote(char *dst, const char *str, size_t len) return index; } +size_t unquote_w3c(char *dst, const char *str, size_t len) +{ + size_t index = 0; + + require(str[0] == '\'' || str[0] == '"'); + + for (size_t lpc = 1; lpc < (len - 1); lpc++, index++) { + dst[index] = str[lpc]; + if (str[lpc] == '"') { + lpc += 1; + } + } + dst[index] = '\0'; + + return index; +} + void truncate_to(std::string &str, size_t len) { static const std::string ELLIPSIS = "\xE2\x8B\xAF"; diff --git a/src/base/string_util.hh b/src/base/string_util.hh index eb811a9b..75e53eb7 100644 --- a/src/base/string_util.hh +++ b/src/base/string_util.hh @@ -44,6 +44,8 @@ inline bool is_line_ending(char ch) { size_t unquote(char *dst, const char *str, size_t len); +size_t unquote_w3c(char *dst, const char *str, size_t len); + inline bool startswith(const char *str, const char *prefix) { return strncmp(str, prefix, strlen(prefix)) == 0; diff --git a/src/field_overlay_source.cc b/src/field_overlay_source.cc index eb6753a6..9d68bd41 100644 --- a/src/field_overlay_source.cc +++ b/src/field_overlay_source.cc @@ -215,7 +215,8 @@ void field_overlay_source::build_field_lines(const listview_curses &lv) auto format = file->get_format(); bool display = false; - if (ll->is_time_skewed()) { + if (ll->is_time_skewed() || + ll->get_msg_level() == log_level_t::LEVEL_INVALID) { display = true; } if (this->fos_active) { @@ -232,6 +233,25 @@ void field_overlay_source::build_field_lines(const listview_curses &lv) return; } + if (ll->get_msg_level() == LEVEL_INVALID) { + for (const auto& sattr : this->fos_log_helper.ldh_line_attrs) { + if (sattr.sa_type != &SA_INVALID) { + continue; + } + + auto emsg = fmt::format(" Invalid log message: {}", + (const char *) sattr.sa_value.sav_ptr); + auto al = attr_line_t(emsg) + .with_attr(string_attr(line_range{1, 2}, + &view_curses::VC_GRAPHIC, + ACS_LLCORNER)) + .with_attr(string_attr(line_range{0, 22}, + &view_curses::VC_ROLE, + view_colors::VCR_INVALID_MSG)); + this->fos_lines.emplace_back(al); + } + } + char old_timestamp[64], curr_timestamp[64], orig_timestamp[64]; struct timeval curr_tv, offset_tv, orig_tv, diff_tv = { 0 }; attr_line_t time_line; @@ -251,8 +271,8 @@ void field_overlay_source::build_field_lines(const listview_curses &lv) time_str.append(" Out-Of-Time-Order Message"); time_lr.lr_start = 3; time_lr.lr_end = time_str.length(); - time_line.with_attr(string_attr(time_lr, &view_curses::VC_STYLE, - vc.attrs_for_role(view_colors::VCR_SKEWED_TIME))); + time_line.with_attr(string_attr(time_lr, &view_curses::VC_ROLE, + view_colors::VCR_SKEWED_TIME)); time_str.append(" --"); } @@ -294,8 +314,8 @@ void field_overlay_source::build_field_lines(const listview_curses &lv) time_lr.lr_end = time_str.length(); time_line.with_attr(string_attr( time_lr, - &view_curses::VC_STYLE, - vc.attrs_for_role(view_colors::VCR_SKEWED_TIME))); + &view_curses::VC_ROLE, + view_colors::VCR_SKEWED_TIME)); timersub(&curr_tv, &actual_tv, &diff_tv); time_str.append("; Diff: "); diff --git a/src/file_collection.cc b/src/file_collection.cc index 04cbc26e..d82c3a95 100644 --- a/src/file_collection.cc +++ b/src/file_collection.cc @@ -186,6 +186,19 @@ file_collection::watch_logfile(const std::string &filename, return make_ready_future(retval); } + auto stat_iter = find_if(this->fc_new_stats.begin(), + this->fc_new_stats.end(), + [&st](auto& elem) { + return st.st_ino == elem.st_ino && + st.st_dev == elem.st_dev; + }); + if (stat_iter != this->fc_new_stats.end()) { + // this file is probably a link that we have already scanned in this + // pass. + return make_ready_future(retval); + } + + this->fc_new_stats.emplace_back(st); auto file_iter = find_if(this->fc_files.begin(), this->fc_files.end(), same_file(st)); @@ -406,5 +419,7 @@ file_collection file_collection::rescan_files(bool required) fq.pop_to(); + this->fc_new_stats.clear(); + return retval; } diff --git a/src/file_collection.hh b/src/file_collection.hh index e68bcc74..d4ecf7bc 100644 --- a/src/file_collection.hh +++ b/src/file_collection.hh @@ -63,6 +63,7 @@ struct file_collection { std::set fc_closed_files; std::map fc_other_files; std::shared_ptr fc_progress; + std::vector fc_new_stats; size_t fc_largest_path_length{0}; file_collection() @@ -76,6 +77,7 @@ struct file_collection { this->fc_files.clear(); this->fc_closed_files.clear(); this->fc_other_files.clear(); + this->fc_new_stats.clear(); } file_collection rescan_files(bool required = false); diff --git a/src/filter_sub_source.hh b/src/filter_sub_source.hh index e1da224b..050cfe52 100644 --- a/src/filter_sub_source.hh +++ b/src/filter_sub_source.hh @@ -67,8 +67,8 @@ public: void rl_display_next(readline_curses *rc); - readline_context fss_regex_context{"regex", nullptr, false}; - readline_context fss_sql_context{"sql", nullptr, false}; + readline_context fss_regex_context{"filter-regex", nullptr, false}; + readline_context fss_sql_context{"filter-sql", nullptr, false}; readline_curses fss_editor; plain_text_source fss_match_source; textview_curses fss_match_view; diff --git a/src/formats/access_log.json b/src/formats/access_log.json index b79477bf..911b8087 100644 --- a/src/formats/access_log.json +++ b/src/formats/access_log.json @@ -15,6 +15,9 @@ "std": { "pattern": "^(?[\\w\\.:\\-]+)\\s+[\\w\\.\\-]+\\s+(?\\S+)\\s+\\[(?[^\\]]+)\\] \"(?:\\-|(?\\w+) (?[^ \\?]+)(?:\\?(?[^ ]*))? (?[\\w/\\.]+))\" (?\\d+) (?\\d+|-)(?: \"(?[^\"]+)\" \"(?[^\"]+)\")?\\s*(?.*)" }, + "std-vhost": { + "pattern": "^(?[\\w\\-\\.]*)(?::\\d+)?\\s+(?[\\w\\.:\\-]+)\\s+[\\w\\.\\-]+\\s+(?\\S+)\\s+\\[(?[^\\]]+)\\] \"(?:\\-|(?\\w+) (?[^ \\?]+)(?:\\?(?[^ ]*))? (?[\\w/\\.]+))\" (?\\d+) (?\\d+|-)(?: \"(?[^\"]+)\" \"(?[^\"]+)\")?\\s*(?.*)" + }, "mod-std": { "module-format": true, "pattern": "^(?[\\w\\.:\\-]+)\\s+[\\w\\.\\-]+\\s+(?\\S+)\\s+\"(?:\\-|(?\\w+) (?[^ \\?]+)(?:\\?(?[^ ]*))? (?[\\w/\\.]+))\" (?\\d+) (?\\d+|-)(?: \"(?[^\"]+)\" \"(?[^\"]+)\")?\\s*(?.*)" @@ -26,6 +29,11 @@ }, "opid-field": "c_ip", "value": { + "cs_host": { + "kind": "string", + "identifier": true, + "description": "The value of the Host header" + }, "c_ip": { "kind": "string", "collate": "ipaddress", @@ -88,6 +96,9 @@ }, { "line": "10.1.10.51 - - [23/Dec/2014:21:20:35 +0000] \"POST /api/1/rest/foo/bar HTTP/1.1\" 200 - \"-\" \"-\" 293" + }, + { + "line": "www.example.com 1.2.3.4 - theuser [10/Feb/2012:16:41:07 -0500] \"GET / HTTP/1.0\" 200 368 \"-\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11\"" } ] } diff --git a/src/formats/s3_log.json b/src/formats/s3_log.json new file mode 100644 index 00000000..1472f87a --- /dev/null +++ b/src/formats/s3_log.json @@ -0,0 +1,158 @@ +{ + "$schema": "https://lnav.org/schemas/format-v1.schema.json", + "s3_log": { + "title": "S3 Access Log", + "description": "S3 server access log format", + "url": "https://docs.aws.amazon.com/AmazonS3/latest/dev/LogFormat.html", + "multiline": false, + "regex": { + "std": { + "pattern": "^(?\\S+)\\s+(?\\S+)\\s+\\[(?[^\\]]+)\\]\\s+(?[\\w*.:-]+)\\s+(?\\S+)\\s+(?\\S+)\\s+(?\\S+)\\s+(?\\S+)\\s+\"(?\\S+)\\s+(?[^ \\?]+)(?:\\?(?[^ ]*))?\\s+(?\\S+)\"\\s+(?\\d+|-)\\s+(?\\S+)\\s+(?\\d+|-)\\s+(?\\d+|-)\\s+(?\\d+|-)\\s+(?\\d+|-)\\s+\"(?.*?)\"\\s+\"(?.*?)\"$" + }, + "std-v2": { + "pattern": "^(?\\S+)\\s+(?\\S+)\\s+\\[(?[^\\]]+)\\]\\s+(?[\\w*.:-]+)\\s+(?\\S+)\\s+(?\\S+)\\s+(?\\S+)\\s+(?\\S+)\\s+\"(?\\S+)\\s+(?[^ \\?]+)(?:\\?(?[^ ]*))?\\s+(?\\S+)\"\\s+(?\\d+|-)\\s+(?\\S+)\\s+(?\\d+|-)\\s+(?\\d+|-)\\s+(?\\d+|-)\\s+(?\\d+|-)\\s+\"(?.*?)\"\\s+\"(?.*?)\"\\s+(?\\S+)\\s+(?\\S+)\\s+(?\\S+)\\s+(?\\S+)\\s+(?\\S+)\\s+(?\\S+)\\s+(?\\S+)$" + } + }, + "level-field": "sc_status", + "level": { + "error": "^[^123].*" + }, + "opid-field": "c_ip", + "value": { + "owner": { + "kind": "string", + "identifier": true, + "description": "The bucket owner" + }, + "bucket": { + "kind": "string", + "identifier": true, + "description": "The bucket" + }, + "c_ip": { + "kind": "string", + "collate": "ipaddress", + "identifier": true, + "description": "The client IP address" + }, + "cs_userid": { + "kind": "string", + "identifier": true, + "description": "The user ID passed from the client to the server" + }, + "req_id": { + "kind": "string", + "description": "The request ID" + }, + "op": { + "kind": "string", + "identifier": true, + "description": "The operation" + }, + "cs_key": { + "kind": "string", + "identifier": true, + "description": "The key for the bucket" + }, + "cs_method": { + "kind": "string", + "identifier": true, + "description": "The request method" + }, + "cs_uri_stem": { + "kind": "string", + "identifier": true, + "description": "The path part of the request URI" + }, + "cs_uri_query": { + "kind": "string", + "description": "The query parameters in the request URI" + }, + "cs_version": { + "kind": "string", + "identifier": true, + "description": "The client's HTTP version" + }, + "sc_status": { + "kind": "integer", + "foreign-key": true, + "rewriter": ";SELECT :sc_status || ' (' || (SELECT message FROM http_status_codes WHERE status = :sc_status) || ') '", + "description": "The status code returned by the server" + }, + "sc_error_code": { + "kind": "string", + "identifier": true, + "description": "The Amazon S3 error code" + }, + "sc_bytes": { + "kind": "integer", + "description": "The number of bytes returned by the server" + }, + "obj_size": { + "kind": "integer", + "description": "The size of the object" + }, + "total_time": { + "kind": "integer", + "description": "The total time taken to satisfy the request" + }, + "turn_around_time": { + "kind": "integer", + "description": "The turn around time" + }, + "cs_referer": { + "kind": "string", + "identifier": true, + "description": "The client's referrer" + }, + "cs_user_agent": { + "kind": "string", + "identifier": true, + "description": "The client's HTTP agent" + }, + "version_id": { + "kind": "string", + "identifier": true, + "description": "The version ID" + }, + "host_id": { + "kind": "string", + "identifier": true, + "description": "The host ID" + }, + "sig_version": { + "kind": "string", + "identifier": true, + "description": "The signature version" + }, + "cipher_suite": { + "kind": "string", + "identifier": true, + "description": "The SSL layer negotiated cipher suite" + }, + "auth_type": { + "kind": "string", + "identifier": true, + "description": "The type of request authentication used" + }, + "cs_host": { + "kind": "string", + "identifier": true, + "description": "The endpoint used to connect to S3" + }, + "tls_version": { + "kind": "string", + "identifier": true, + "description": "The TLS version negotiated by the client" + } + }, + "sample": [ + { + "line": "b659b576cff1e15e4c0313ff8930fba9f53e6794567f5c60dab3abf2f8dfb6cc www.example.com [10/Feb/2012:16:42:07 -0500] 1.2.3.4 arn:aws:iam::179580289999:user/phillip.boss EB3502676500C6BE WEBSITE.GET.OBJECT index \"GET /index HTTP/1.1\" 200 - 368 368 10 9 \"-\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11\"" + }, + { + "line": "79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be awsexamplebucket1 [06/Feb/2019:00:00:38 +0000] 192.0.2.3 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be 3E57427F3EXAMPLE REST.GET.VERSIONING - \"GET /awsexamplebucket1?versioning HTTP/1.1\" 200 - 113 - 7 - \"-\" \"S3Console/0.4\" - s9lzHYrFp76ZVxRcpX9+5cjAnEH2ROuNkd2BHfIa6UkFVdtjf5mKR3/eTPFvsiP/XV/VLi31234= SigV2 ECDHE-RSA-AES128-GCM-SHA256 AuthHeader awsexamplebucket1.s3.us-west-1.amazonaws.com TLSV1.1" + } + ] + } +} \ No newline at end of file diff --git a/src/formats/syslog_log.json b/src/formats/syslog_log.json index 594bb302..e9c157da 100644 --- a/src/formats/syslog_log.json +++ b/src/formats/syslog_log.json @@ -18,7 +18,7 @@ "warning": "(?:(?:(?i)warn)|not responding|init: cannot execute)" }, "opid-field": "log_pid", - "multiline": false, + "multiline": true, "module-field": "log_procname", "value": { "log_pri": { diff --git a/src/hotkeys.cc b/src/hotkeys.cc index ddbcab8a..5d5aedfb 100644 --- a/src/hotkeys.cc +++ b/src/hotkeys.cc @@ -61,7 +61,7 @@ public: content_line_t cl = this->lh_sub_source.at(this->lh_current_line); std::shared_ptr lf = this->lh_sub_source.find(cl); auto ll = lf->begin() + cl; - while (ll->is_continued()) { + while (!ll->is_message()) { --ll; --this->lh_current_line; } @@ -503,7 +503,7 @@ bool handle_paging_key(int ch) } lss->set_time_offset(true); while (next_top < tc->get_inner_height()) { - if (lss->find_line(lss->at(next_top))->is_continued()) { + if (!lss->find_line(lss->at(next_top))->is_message()) { } else if (lss->get_line_accel_direction(next_top) == log_accel::A_DECEL) { @@ -527,7 +527,7 @@ bool handle_paging_key(int ch) } lss->set_time_offset(true); while (0 <= next_top && next_top < tc->get_inner_height()) { - if (lss->find_line(lss->at(next_top))->is_continued()) { + if (!lss->find_line(lss->at(next_top))->is_message()) { } else if (lss->get_line_accel_direction(next_top) == log_accel::A_DECEL) { @@ -645,7 +645,7 @@ bool handle_paging_key(int ch) } } logline &next_line = next_helper.current_line(); - if (next_line.is_continued()) { + if (!next_line.is_message()) { continue; } if (next_line.get_opid() != opid_hash) { diff --git a/src/internals/config-v1.schema.json b/src/internals/config-v1.schema.json index d9dc305d..cd442394 100644 --- a/src/internals/config-v1.schema.json +++ b/src/internals/config-v1.schema.json @@ -108,7 +108,7 @@ "$ref": "#/definitions/style" }, "skewed-time": { - "description": "Styling for timestamps ", + "description": "Styling for timestamps that are different from the received time", "title": "/ui/theme-defs//styles/skewed-time", "$ref": "#/definitions/style" }, @@ -117,6 +117,11 @@ "title": "/ui/theme-defs//styles/offset-time", "$ref": "#/definitions/style" }, + "invalid-msg": { + "description": "Styling for invalid log messages", + "title": "/ui/theme-defs//styles/invalid-msg", + "$ref": "#/definitions/style" + }, "popup": { "description": "Styling for popup windows", "title": "/ui/theme-defs//styles/popup", @@ -266,7 +271,7 @@ "title": "/ui/theme-defs//log-level-styles", "type": "object", "patternProperties": { - "(trace|debug5|debug4|debug3|debug2|debug|info|stats|notice|warning|error|critical|fatal)": { + "(trace|debug5|debug4|debug3|debug2|debug|info|stats|notice|warning|error|critical|fatal|invalid)": { "title": "/ui/theme-defs//log-level-styles/", "$ref": "#/definitions/style" } diff --git a/src/lnav.cc b/src/lnav.cc index 612f8342..33c63bdd 100644 --- a/src/lnav.cc +++ b/src/lnav.cc @@ -1339,7 +1339,7 @@ static void looper() setup_highlights(lnav_data.ld_views[LNV_PRETTY].get_highlights()); setup_highlights(lnav_data.ld_preview_view.get_highlights()); - for (auto format : log_format::get_root_formats()) { + for (const auto& format : log_format::get_root_formats()) { for (auto &hl : format->lf_highlighters) { if (hl.h_fg.empty()) { hl.with_attrs(hl.h_attrs | vc.attrs_for_ident(hl.h_pattern)); @@ -1483,8 +1483,8 @@ static void looper() timer.start_fade(index_counter, 1); - log_debug("rescan started"); file_collection active_copy; + log_debug("rescan started %p", &active_copy); active_copy.merge(lnav_data.ld_active_files); active_copy.fc_progress = lnav_data.ld_active_files.fc_progress; future rescan_future = @@ -2476,7 +2476,7 @@ int main(int argc, char *argv[]) continue; } for (auto line_iter = lf->begin(); line_iter != lf->end(); ++line_iter) { - if (!line_iter->is_continued()) { + if (line_iter->get_msg_level() != log_level_t::LEVEL_INVALID) { continue; } diff --git a/src/lnav_commands.cc b/src/lnav_commands.cc index 01a4c36b..65b4538a 100644 --- a/src/lnav_commands.cc +++ b/src/lnav_commands.cc @@ -3776,7 +3776,7 @@ public: auto format = lf->get_format(); shared_buffer_ref sbr; - if (ll->is_continued()) { + if (!ll->is_message()) { continue; } @@ -3829,7 +3829,7 @@ public: auto format = lf->get_format(); shared_buffer_ref sbr; - if (ll->is_continued()) { + if (!ll->is_message()) { continue; } diff --git a/src/lnav_config.cc b/src/lnav_config.cc index d65604c9..39adb9e2 100644 --- a/src/lnav_config.cc +++ b/src/lnav_config.cc @@ -531,7 +531,7 @@ static struct json_path_container theme_styles_handlers = { }) .with_children(style_config_handlers), yajlpp::property_handler("skewed-time") - .with_description("Styling for timestamps ") + .with_description("Styling for timestamps that are different from the received time") .with_obj_provider([](const yajlpp_provider_context &ypc, lnav_theme *root) { return &root->lt_style_skewed_time; }) @@ -542,6 +542,12 @@ static struct json_path_container theme_styles_handlers = { return &root->lt_style_offset_time; }) .with_children(style_config_handlers), + yajlpp::property_handler("invalid-msg") + .with_description("Styling for invalid log messages") + .with_obj_provider([](const yajlpp_provider_context &ypc, lnav_theme *root) { + return &root->lt_style_invalid_msg; + }) + .with_children(style_config_handlers), yajlpp::property_handler("popup") .with_description("Styling for popup windows") .with_obj_provider([](const yajlpp_provider_context &ypc, lnav_theme *root) { @@ -702,7 +708,7 @@ static struct json_path_container theme_status_styles_handlers = { }; static struct json_path_container theme_log_level_styles_handlers = { - yajlpp::pattern_property_handler("(?trace|debug5|debug4|debug3|debug2|debug|info|stats|notice|warning|error|critical|fatal)") + yajlpp::pattern_property_handler("(?trace|debug5|debug4|debug3|debug2|debug|info|stats|notice|warning|error|critical|fatal|invalid)") .with_obj_provider([](const yajlpp_provider_context &ypc, lnav_theme *root) { style_config &sc = root->lt_level_styles[ string2level(ypc.ypc_extractor.get_substr_i("level").get())]; diff --git a/src/lnav_util.hh b/src/lnav_util.hh index 73904d60..eeb13739 100644 --- a/src/lnav_util.hh +++ b/src/lnav_util.hh @@ -53,6 +53,7 @@ #include "byte_array.hh" #include "optional.hpp" #include "base/result.h" +#include "base/intern_string.hh" #include "fmt/format.h" #include "ghc/filesystem.hpp" @@ -80,6 +81,12 @@ public: return *this; } + hasher &update(const string_fragment &str) { + this->h_context.Update(str.data(), str.length()); + + return *this; + } + hasher &update(const char *bits, size_t len) { this->h_context.Update(bits, len); diff --git a/src/log_data_helper.hh b/src/log_data_helper.hh index b9ecfe3e..5283c983 100644 --- a/src/log_data_helper.hh +++ b/src/log_data_helper.hh @@ -86,7 +86,7 @@ public: this->ldh_y_offset += 1; } this->ldh_line = ll; - if (ll->is_continued()) { + if (!ll->is_message()) { this->ldh_parser.reset(); this->ldh_scanner.reset(); this->ldh_namer.reset(); diff --git a/src/log_data_table.hh b/src/log_data_table.hh index d25eb871..7335d7bf 100644 --- a/src/log_data_table.hh +++ b/src/log_data_table.hh @@ -147,7 +147,7 @@ public: std::shared_ptr lf = lss.find(cl); auto lf_iter = lf->begin() + cl; - if (lf_iter->is_continued()) { + if (!lf_iter->is_message()) { return false; } diff --git a/src/log_format.cc b/src/log_format.cc index f9ca2de8..24cfa346 100644 --- a/src/log_format.cc +++ b/src/log_format.cc @@ -119,6 +119,7 @@ logline_value::logline_value(const intern_string_t name, case VALUE_STRUCT: case VALUE_TEXT: case VALUE_QUOTED: + case VALUE_W3C_QUOTED: case VALUE_TIMESTAMP: this->lv_sbr.subset(sbr, start, end - start); break; @@ -181,23 +182,28 @@ std::string logline_value::to_string() const return std::string(this->lv_sbr.get_data(), this->lv_sbr.length()); case VALUE_QUOTED: + case VALUE_W3C_QUOTED: if (this->lv_sbr.length() == 0) { return ""; } else { switch (this->lv_sbr.get_data()[0]) { case '\'': case '"': { + auto unquote_func = this->lv_kind == VALUE_W3C_QUOTED ? + unquote_w3c : unquote; char unquoted_str[this->lv_sbr.length()]; size_t unquoted_len; - unquoted_len = unquote(unquoted_str, this->lv_sbr.get_data(), - this->lv_sbr.length()); + unquoted_len = unquote_func(unquoted_str, + this->lv_sbr.get_data(), + this->lv_sbr.length()); return std::string(unquoted_str, unquoted_len); } default: return std::string(this->lv_sbr.get_data(), this->lv_sbr.length()); } } + break; case VALUE_INTEGER: snprintf(buffer, sizeof(buffer), "%" PRId64, this->lv_value.i); @@ -596,7 +602,7 @@ static struct json_path_container json_log_rewrite_handlers = { .add_cb(rewrite_json_field) }; -bool external_log_format::scan_for_partial(shared_buffer_ref &sbr, size_t &len_out) +bool external_log_format::scan_for_partial(shared_buffer_ref &sbr, size_t &len_out) const { if (this->elf_type != ELF_TYPE_TEXT) { return false; @@ -672,19 +678,19 @@ log_format::scan_result_t external_log_format::scan(logfile &lf, } else { unsigned char *msg; - int line_count = 1; + int line_count = 2; msg = yajl_get_error(handle, 1, (const unsigned char *)sbr.get_data(), sbr.length()); if (msg != nullptr) { log_debug("Unable to parse line at offset %d: %s", li.li_file_range.fr_offset, msg); - line_count = count(msg, msg + strlen((char *) msg), '\n'); + line_count = count(msg, msg + strlen((char *) msg), '\n') + 1; yajl_free_error(handle, msg); } if (!this->lf_specialized) { return log_format::SCAN_NO_MATCH; } for (int lpc = 0; lpc < line_count; lpc++) { - log_level_t level = LEVEL_ERROR; + log_level_t level = LEVEL_INVALID; ll.set_time(dst.back().get_time()); if (lpc > 0) { @@ -827,6 +833,16 @@ log_format::scan_result_t external_log_format::scan(logfile &lf, return log_format::SCAN_MATCH; } + if (this->lf_specialized && !this->elf_multiline) { + auto& last_line = dst.back(); + + dst.emplace_back(li.li_file_range.fr_offset, + last_line.get_timeval(), + log_level_t::LEVEL_INVALID); + + return log_format::SCAN_MATCH; + } + return log_format::SCAN_NO_MATCH; } @@ -880,7 +896,7 @@ void external_log_format::annotate(uint64_t line_number, shared_buffer_ref &line pcre_context_static<128> pc; pcre_input pi(line.get_data(), 0, line.length()); struct line_range lr; - pcre_context::capture_t *cap, *body_cap, *module_cap = NULL; + pcre_context::capture_t *cap, *body_cap, *module_cap = nullptr; if (this->elf_type != ELF_TYPE_TEXT) { values = this->jlf_line_values; @@ -896,6 +912,12 @@ void external_log_format::annotate(uint64_t line_number, shared_buffer_ref &line lr.lr_start = 0; lr.lr_end = line.length(); sa.emplace_back(lr, &SA_BODY); + if (!this->elf_multiline) { + auto len = pat.p_pcre->match_partial(pi); + sa.emplace_back(line_range{(int) len, -1}, + &SA_INVALID, + (void *) "Log line does not match any pattern"); + } return; } @@ -1171,17 +1193,26 @@ void external_log_format::get_subline(const logline &ll, shared_buffer_ref &sbr, (const unsigned char *)sbr.get_data(), sbr.length()); if (parse_status != yajl_status_ok || yajl_complete_parse(handle) != yajl_status_ok) { - unsigned char *msg; + unsigned char* msg; string full_msg; msg = yajl_get_error(handle, 1, (const unsigned char *)sbr.get_data(), sbr.length()); if (msg != nullptr) { - full_msg = fmt::format("lnav: unable to parse line at offset {}: {}", ll.get_offset(), msg); + full_msg = fmt::format( + "[offset: {}] {}\n{}", + ll.get_offset(), + fmt::string_view{sbr.get_data(), sbr.length()}, + msg); yajl_free_error(handle, msg); } this->jlf_cached_line.resize(full_msg.size()); memcpy(this->jlf_cached_line.data(), full_msg.data(), full_msg.size()); + this->jlf_line_values.clear(); + this->jlf_line_attrs.emplace_back( + line_range{0, -1}, + &SA_INVALID, + (void *) "JSON line failed to parse"); } else { std::vector::iterator lv_iter; bool used_values[this->jlf_line_values.size()]; diff --git a/src/log_format.hh b/src/log_format.hh index a546a0ca..4bb77272 100644 --- a/src/log_format.hh +++ b/src/log_format.hh @@ -105,6 +105,7 @@ public: VALUE_JSON, VALUE_STRUCT, VALUE_QUOTED, + VALUE_W3C_QUOTED, VALUE_TIMESTAMP, VALUE__MAX @@ -343,7 +344,7 @@ public: const line_info &li, shared_buffer_ref &sbr) = 0; - virtual bool scan_for_partial(shared_buffer_ref &sbr, size_t &len_out) { + virtual bool scan_for_partial(shared_buffer_ref &sbr, size_t &len_out) const { return false; }; diff --git a/src/log_format_ext.hh b/src/log_format_ext.hh index 9a97c362..2b3f1a60 100644 --- a/src/log_format_ext.hh +++ b/src/log_format_ext.hh @@ -139,7 +139,7 @@ public: const line_info &offset, shared_buffer_ref &sbr); - bool scan_for_partial(shared_buffer_ref &sbr, size_t &len_out); + bool scan_for_partial(shared_buffer_ref &sbr, size_t &len_out) const; void annotate(uint64_t line_number, shared_buffer_ref &line, string_attrs_t &sa, std::vector &values, bool annotate_module = true) const; diff --git a/src/log_format_fwd.hh b/src/log_format_fwd.hh index 669bb4a5..52065f05 100644 --- a/src/log_format_fwd.hh +++ b/src/log_format_fwd.hh @@ -133,6 +133,17 @@ public: this->ll_millis = tv.tv_usec / 1000; }; + void set_ignore(bool val) { + if (val) { + this->ll_level |= LEVEL_IGNORE; + } + else { + this->ll_level &= ~LEVEL_IGNORE; + } + }; + + bool is_ignored() const { return this->ll_level & LEVEL_IGNORE; } + void set_mark(bool val) { if (val) { this->ll_level |= LEVEL_MARK; @@ -182,6 +193,10 @@ public: return level_names[this->ll_level & ~LEVEL__FLAGS]; }; + bool is_message() const { + return (this->ll_level & (LEVEL_IGNORE|LEVEL_CONTINUED)) == 0; + } + bool is_continued() const { return this->ll_level & LEVEL_CONTINUED; }; diff --git a/src/log_format_impls.cc b/src/log_format_impls.cc index f171c628..de55c5f3 100644 --- a/src/log_format_impls.cc +++ b/src/log_format_impls.cc @@ -33,10 +33,13 @@ #include +#include + #include "pcrepp/pcrepp.hh" #include "sql_util.hh" #include "log_format.hh" #include "log_vtab_impl.hh" +#include "lnav_util.hh" using namespace std; @@ -124,7 +127,7 @@ class generic_log_format : public log_format { { pcre_context_static<30> context; pcre_input pi(line); - string new_line = ""; + string new_line; if (scrub_pattern().match(context, pi)) { pcre_context::capture_t *cap; @@ -252,12 +255,12 @@ lnav_strnstr(const char *s, const char *find, size_t slen) do { do { if (slen < 1 || (sc = *s) == '\0') - return (NULL); + return (nullptr); --slen; ++s; } while (sc != c); if (len > slen) - return (NULL); + return (nullptr); } while (strncmp(s, find, len) != 0); s--; } @@ -270,7 +273,7 @@ struct separated_string { const char *ss_separator; size_t ss_separator_len; - separated_string(const char *str = nullptr, size_t len = -1) + explicit separated_string(const char *str = nullptr, size_t len = -1) : ss_str(str), ss_len(len), ss_separator(",") { this->ss_separator_len = strlen(this->ss_separator); }; @@ -288,7 +291,7 @@ struct separated_string { size_t i_index; iterator(const separated_string &ss, const char *pos) - : i_parent(ss), i_pos(pos), i_index(0) { + : i_parent(ss), i_pos(pos), i_next_pos(pos), i_index(0) { this->update(); }; @@ -340,11 +343,11 @@ struct separated_string { }; iterator begin() { - return iterator(*this, this->ss_str); + return {*this, this->ss_str}; }; iterator end() { - return iterator(*this, this->ss_str + this->ss_len); + return {*this, this->ss_str + this->ss_len}; }; }; @@ -358,7 +361,7 @@ public: std::string fd_collator; int fd_numeric_index; - field_def(const intern_string_t name) + explicit field_def(const intern_string_t name) : fd_name(name), fd_kind(logline_value::VALUE_TEXT), fd_identifier(false), @@ -418,6 +421,10 @@ public: return SCAN_MATCH; } + if (iter.index() >= this->blf_field_defs.size()) { + break; + } + const field_def &fd = this->blf_field_defs[iter.index()]; if (TS == fd.fd_name) { @@ -425,7 +432,7 @@ public: if (this->lf_date_time.scan(sf.data(), sf.length(), - NULL, + nullptr, &tm, tv)) { this->lf_timestamp_flags = tm.et_flags; @@ -603,7 +610,6 @@ public: if (!this->blf_format_name.empty() && !this->blf_separator.empty() && !this->blf_field_defs.empty()) { - this->blf_header_size = dst.size() - 1; dst.clear(); return this->scan_int(dst, li, sbr); } @@ -740,7 +746,6 @@ public: bool full_message) { } - size_t blf_header_size; intern_string_t blf_format_name; intern_string_t blf_separator; intern_string_t blf_set_separator; @@ -750,5 +755,583 @@ public: }; +struct ws_separated_string { + const char *ss_str; + size_t ss_len; + + explicit ws_separated_string(const char *str = nullptr, size_t len = -1) + : ss_str(str), ss_len(len) { + }; + + struct iterator { + enum class state_t { + NORMAL, + QUOTED, + }; + + const ws_separated_string &i_parent; + const char *i_pos; + const char *i_next_pos; + size_t i_index{0}; + state_t i_state{state_t::NORMAL}; + + iterator(const ws_separated_string &ss, const char *pos) + : i_parent(ss), i_pos(pos), i_next_pos(pos) { + this->update(); + }; + + void update() { + const auto &ss = this->i_parent; + bool done = false; + + while (!done && this->i_next_pos < (ss.ss_str + ss.ss_len)) { + switch (this->i_state) { + case state_t::NORMAL: + if (*this->i_next_pos == '"') { + this->i_state = state_t::QUOTED; + } else if (isspace(*this->i_next_pos)) { + done = true; + } + break; + case state_t::QUOTED: + if (*this->i_next_pos == '"') { + this->i_state = state_t::NORMAL; + } + break; + } + if (!done) { + this->i_next_pos += 1; + } + } + }; + + iterator &operator++() { + const auto &ss = this->i_parent; + + this->i_pos = this->i_next_pos; + while (this->i_pos < (ss.ss_str + ss.ss_len) && + isspace(*this->i_pos)) { + this->i_pos += 1; + this->i_next_pos += 1; + } + this->update(); + this->i_index += 1; + + return *this; + }; + + string_fragment operator*() { + const auto &ss = this->i_parent; + int end = this->i_next_pos - ss.ss_str; + + return string_fragment(ss.ss_str, this->i_pos - ss.ss_str, end); + }; + + bool operator==(const iterator &other) const { + return (&this->i_parent == &other.i_parent) && + (this->i_pos == other.i_pos); + }; + + bool operator!=(const iterator &other) const { + return !(*this == other); + }; + + size_t index() const { + return this->i_index; + }; + }; + + iterator begin() { + return {*this, this->ss_str}; + }; + + iterator end() { + return {*this, this->ss_str + this->ss_len}; + }; +}; + +class w3c_log_format : public log_format { +public: + + struct field_def { + const intern_string_t fd_name; + const intern_string_t fd_sql_name; + logline_value::kind_t fd_kind; + bool fd_identifier; + std::string fd_collator; + int fd_numeric_index; + + explicit field_def(const intern_string_t name) + : fd_name(name), + fd_sql_name(intern_string::lookup(sql_safe_ident(name.to_string_fragment()))), + fd_kind(logline_value::VALUE_TEXT), + fd_identifier(false), + fd_numeric_index(-1) { + }; + + field_def(const char *name, logline_value::kind_t kind, bool ident = false, std::string coll = "") + : fd_name(intern_string::lookup(name)), + fd_sql_name(intern_string::lookup(sql_safe_ident(string_fragment(name)))), + fd_kind(kind), + fd_identifier(ident), + fd_collator(std::move(coll)), + fd_numeric_index(-1) { + + } + + field_def &with_kind(logline_value::kind_t kind, + bool identifier = false, + const std::string &collator = "") { + this->fd_kind = kind; + this->fd_identifier = identifier; + this->fd_collator = collator; + return *this; + }; + + field_def &with_numeric_index(int index) { + this->fd_numeric_index = index; + return *this; + } + }; + + w3c_log_format() { + this->lf_is_self_describing = true; + this->lf_time_ordered = false; + }; + + const intern_string_t get_name() const override { + static const intern_string_t name(intern_string::lookup("w3c")); + + return this->wlf_format_name.empty() ? name : this->wlf_format_name; + }; + + void clear() override { + this->log_format::clear(); + this->wlf_time_scanner.clear(); + this->wlf_format_name.clear(); + this->wlf_field_defs.clear(); + }; + + scan_result_t scan_int(std::vector &dst, + const line_info &li, + shared_buffer_ref &sbr) { + static const intern_string_t DATE = intern_string::lookup("date"); + static const intern_string_t DATE_LOCAL = intern_string::lookup("date-local"); + static const intern_string_t DATE_UTC = intern_string::lookup("date-UTC"); + static const intern_string_t TIME = intern_string::lookup("time"); + static const intern_string_t TIME_LOCAL = intern_string::lookup("time-local"); + static const intern_string_t TIME_UTC = intern_string::lookup("time-UTC"); + static const intern_string_t STATUS_CODE = intern_string::lookup("sc-status"); + + ws_separated_string ss(sbr.get_data(), sbr.length()); + struct timeval date_tv{0, 0}, time_tv{0, 0}; + struct exttm date_tm, time_tm; + bool found_date = false, found_time = false; + log_level_t level = LEVEL_INFO; + + for (auto iter = ss.begin(); iter != ss.end(); ++iter) { + if (iter.index() >= this->wlf_field_defs.size()) { + level = LEVEL_INVALID; + break; + } + + const field_def &fd = this->wlf_field_defs[iter.index()]; + string_fragment sf = *iter; + + if (sf.startswith("#")) { + if (sf == "#Date:") { + date_time_scanner dts; + struct exttm tm; + struct timeval tv; + + if (dts.scan(sbr.get_data_at(sf.length() + 1), + sbr.length() - sf.length() - 1, + nullptr, + &tm, + tv)) { + this->lf_date_time.set_base_time(tv.tv_sec); + this->wlf_time_scanner.set_base_time(tv.tv_sec); + } + } + dst.emplace_back(li.li_file_range.fr_offset, 0, 0, LEVEL_IGNORE, 0); + return SCAN_MATCH; + } + + sf.trim("\" \t"); + if (DATE == fd.fd_name || + DATE_LOCAL == fd.fd_name || + DATE_UTC == fd.fd_name) { + if (this->lf_date_time.scan(sf.data(), + sf.length(), + nullptr, + &date_tm, + date_tv)) { + this->lf_timestamp_flags |= date_tm.et_flags; + found_date = true; + } + } else if (TIME == fd.fd_name || + TIME_LOCAL == fd.fd_name || + TIME_UTC == fd.fd_name) { + if (this->wlf_time_scanner.scan(sf.data(), + sf.length(), + nullptr, + &time_tm, + time_tv)) { + this->lf_timestamp_flags |= time_tm.et_flags; + found_time = true; + } + } else if (STATUS_CODE == fd.fd_name) { + if (!sf.empty() && sf[0] >= '4') { + level = LEVEL_ERROR; + } + } + + if (fd.fd_numeric_index >= 0) { + switch (fd.fd_kind) { + case logline_value::VALUE_INTEGER: + case logline_value::VALUE_FLOAT: { + char field_copy[sf.length() + 1]; + double val; + + if (sscanf(sf.to_string(field_copy), "%lf", &val) == 1) { + this->lf_value_stats[fd.fd_numeric_index].add_value(val); + } + break; + } + default: + break; + } + } + } + + if (found_time) { + struct exttm tm = time_tm; + struct timeval tv; + + if (found_date) { + tm.et_tm.tm_year = date_tm.et_tm.tm_year; + tm.et_tm.tm_mday = date_tm.et_tm.tm_mday; + tm.et_tm.tm_mon = date_tm.et_tm.tm_mon; + tm.et_tm.tm_wday = date_tm.et_tm.tm_wday; + tm.et_tm.tm_yday = date_tm.et_tm.tm_yday; + } + + tv.tv_sec = tm2sec(&tm.et_tm); + tv.tv_usec = tm.et_nsec / 1000; + + dst.emplace_back(li.li_file_range.fr_offset, tv, level, 0); + return SCAN_MATCH; + } else { + return SCAN_NO_MATCH; + } + } + + scan_result_t scan(logfile &lf, + std::vector &dst, + const line_info &li, + shared_buffer_ref &sbr) override { + static const field_def KNOWN_FIELDS[] = { + { + "cs-method", + logline_value::kind_t::VALUE_TEXT, + true, + }, + { + "c-ip", + logline_value::kind_t::VALUE_TEXT, + true, + "ipaddress", + }, + { + "cs-bytes", + logline_value::kind_t::VALUE_INTEGER, + false, + }, + { + "cs-host", + logline_value::kind_t::VALUE_TEXT, + true, + }, + { + "cs-uri-stem", + logline_value::kind_t::VALUE_TEXT, + true, + "naturalnocase", + }, + { + "cs-uri-query", + logline_value::kind_t::VALUE_TEXT, + false, + }, + { + "cs-username", + logline_value::kind_t::VALUE_TEXT, + false, + }, + { + "cs-version", + logline_value::kind_t::VALUE_TEXT, + true, + }, + { + "s-ip", + logline_value::kind_t::VALUE_TEXT, + true, + "ipaddress", + }, + { + "s-port", + logline_value::kind_t::VALUE_INTEGER, + true, + }, + { + "s-computername", + logline_value::kind_t::VALUE_TEXT, + true, + }, + { + "s-sitename", + logline_value::kind_t::VALUE_TEXT, + true, + }, + { + "sc-bytes", + logline_value::kind_t::VALUE_INTEGER, + false, + }, + { + "sc-status", + logline_value::kind_t::VALUE_INTEGER, + false, + }, + { + "time-taken", + logline_value::kind_t::VALUE_FLOAT, + false, + }, + }; + + if (!this->wlf_format_name.empty()) { + return this->scan_int(dst, li, sbr); + } + + if (dst.empty() || dst.size() > 20 || sbr.empty() || sbr.get_data()[0] == '#') { + return SCAN_NO_MATCH; + } + + this->clear(); + + for (auto line_iter = dst.begin(); line_iter != dst.end(); ++line_iter) { + auto next_read_result = lf.read_line(line_iter); + + if (next_read_result.isErr()) { + return SCAN_NO_MATCH; + } + + auto line = next_read_result.unwrap(); + ws_separated_string ss(line.get_data(), line.length()); + auto iter = ss.begin(); + + string_fragment directive = *iter; + + if (directive.empty() || directive[0] != '#') { + continue; + } + + ++iter; + if (iter == ss.end()) { + continue; + } + + if (directive == "#Date:") { + date_time_scanner dts; + struct exttm tm; + struct timeval tv; + + if (dts.scan(line.get_data_at(directive.length() + 1), + line.length() - directive.length() - 1, + nullptr, + &tm, + tv)) { + this->lf_date_time.set_base_time(tv.tv_sec); + this->wlf_time_scanner.set_base_time(tv.tv_sec); + } + } else if (directive == "#Fields:") { + hasher id_hash; + int numeric_count = 0; + + do { + string_fragment sf = *iter; + + id_hash.update(sf); + sf.trim(")"); + auto field_iter = std::find_if(begin(KNOWN_FIELDS), + end(KNOWN_FIELDS), + [&sf](auto elem) { + return sf == elem.fd_name; + }); + if (field_iter != end(KNOWN_FIELDS)) { + this->wlf_field_defs.emplace_back(*field_iter); + } else { + this->wlf_field_defs.emplace_back( + intern_string::lookup(sf)); + } + auto& fd = this->wlf_field_defs.back(); + switch (fd.fd_kind) { + case logline_value::kind_t::VALUE_FLOAT: + case logline_value::kind_t::VALUE_INTEGER: + fd.with_numeric_index(numeric_count); + numeric_count += 1; + break; + default: + break; + } + + ++iter; + } while (iter != ss.end()); + + this->wlf_format_name = intern_string::lookup(fmt::format( + "w3c_{}_log", id_hash.to_string().substr(0, 6))); + this->lf_value_stats.resize(numeric_count); + } + } + + if (!this->wlf_format_name.empty() && + !this->wlf_field_defs.empty()) { + dst.clear(); + return this->scan_int(dst, li, sbr); + } + + this->wlf_format_name.clear(); + this->lf_value_stats.clear(); + + return SCAN_NO_MATCH; + }; + + void annotate(uint64_t line_number, shared_buffer_ref &sbr, string_attrs_t &sa, + std::vector &values, bool annotate_module) const override { + ws_separated_string ss(sbr.get_data(), sbr.length()); + + for (auto iter = ss.begin(); iter != ss.end(); ++iter) { + string_fragment sf = *iter; + + if (iter.index() >= this->wlf_field_defs.size()) { + sa.emplace_back(line_range{sf.sf_begin, -1}, + &SA_INVALID, + (void *) "extra fields detected"); + return; + } + + const field_def &fd = this->wlf_field_defs[iter.index()]; + logline_value::kind_t kind = fd.fd_kind; + + if (sf == "-") { + sf.invalidate(); + kind = logline_value::VALUE_NULL; + } + + auto lr = line_range(sf.sf_begin, sf.sf_end); + + if (lr.is_valid()) { + values.emplace_back(fd.fd_sql_name, + sf.startswith("\"") ? + logline_value::kind_t::VALUE_W3C_QUOTED : + kind, + sbr, + fd.fd_identifier, + nullptr, + iter.index(), + lr.lr_start, + lr.lr_end, + false, + this); + } else { + values.emplace_back(fd.fd_sql_name, this); + } + } + }; + + const logline_value_stats *stats_for_value(const intern_string_t &name) const override { + const logline_value_stats *retval = nullptr; + + for (const auto & wlf_field_def : this->wlf_field_defs) { + if (wlf_field_def.fd_sql_name == name) { + if (wlf_field_def.fd_numeric_index < 0) { + break; + } + retval = &this->lf_value_stats[wlf_field_def.fd_numeric_index]; + break; + } + } + + return retval; + }; + + std::shared_ptr specialized(int fmt_lock = -1) override { + return make_shared(*this); + }; + + class w3c_log_table : public log_format_vtab_impl { + public: + explicit w3c_log_table(const w3c_log_format &format) + : log_format_vtab_impl(format), wlt_format(format) { + + } + + void get_columns(vector &cols) const override { + for (const auto &fd : this->wlt_format.wlf_field_defs) { + std::pair type_pair = log_vtab_impl::logline_value_to_sqlite_type(fd.fd_kind); + + cols.emplace_back(fd.fd_sql_name.to_string(), type_pair.first, fd.fd_collator, false, "", type_pair.second); + } + }; + + void get_foreign_keys(std::vector &keys_inout) const override { + this->log_vtab_impl::get_foreign_keys(keys_inout); + + for (const auto &fd : this->wlt_format.wlf_field_defs) { + if (fd.fd_identifier) { + keys_inout.push_back(fd.fd_sql_name.to_string()); + } + } + } + + const w3c_log_format &wlt_format; + }; + + static map> &get_tables() { + static map> retval; + + return retval; + }; + + std::shared_ptr get_vtab_impl() const override { + if (this->wlf_format_name.empty()) { + return nullptr; + } + + std::shared_ptr retval = nullptr; + + auto &tables = get_tables(); + auto iter = tables.find(this->wlf_format_name); + if (iter == tables.end()) { + retval = std::make_shared(*this); + tables[this->wlf_format_name] = retval; + } + + return retval; + }; + + void get_subline(const logline &ll, + shared_buffer_ref &sbr, + bool full_message) override { + } + + date_time_scanner wlf_time_scanner; + intern_string_t wlf_format_name; + vector wlf_field_defs; +}; + log_format::register_root_format bro_log_instance; +log_format::register_root_format w3c_log_instance; log_format::register_root_format generic_log_instance; diff --git a/src/log_format_loader.cc b/src/log_format_loader.cc index e9e0e791..9863489b 100644 --- a/src/log_format_loader.cc +++ b/src/log_format_loader.cc @@ -1015,7 +1015,7 @@ void load_formats(const std::vector &extra_paths, } } - for (auto elf : alpha_ordered_formats) { + for (const auto& elf : alpha_ordered_formats) { for (auto & popped_format : popped_formats) { elf->elf_collision.remove(popped_format); } @@ -1028,7 +1028,10 @@ void load_formats(const std::vector &extra_paths, } auto &roots = log_format::get_root_formats(); - roots.insert(roots.begin(), graph_ordered_formats.begin(), graph_ordered_formats.end()); + auto iter = std::find_if(roots.begin(), roots.end(), [](const auto& elem) { + return elem->get_name() == "generic_log"; + }); + roots.insert(iter, graph_ordered_formats.begin(), graph_ordered_formats.end()); } static void exec_sql_in_path(sqlite3 *db, const ghc::filesystem::path &path, std::vector &errors) diff --git a/src/log_level.cc b/src/log_level.cc index 81715506..5a9a800f 100644 --- a/src/log_level.cc +++ b/src/log_level.cc @@ -31,6 +31,7 @@ #include +#include "base/lnav_log.hh" #include "log_level.hh" const char *level_names[LEVEL__MAX + 1] = { @@ -48,6 +49,7 @@ const char *level_names[LEVEL__MAX + 1] = { "error", "critical", "fatal", + "invalid", nullptr }; @@ -77,6 +79,15 @@ log_level_t abbrev2level(const char *levelstr, ssize_t len) } return LEVEL_DEBUG; case 'I': + if (len == 7 && + toupper(levelstr[1]) == 'N' && + toupper(levelstr[2]) == 'V' && + toupper(levelstr[3]) == 'A' && + toupper(levelstr[4]) == 'L' && + toupper(levelstr[5]) == 'I' && + toupper(levelstr[6]) == 'D') { + return LEVEL_INVALID; + } return LEVEL_INFO; case 'S': return LEVEL_STATS; diff --git a/src/log_level.hh b/src/log_level.hh index 5839cff4..5e35c593 100644 --- a/src/log_level.hh +++ b/src/log_level.hh @@ -52,15 +52,18 @@ enum log_level_t : int { LEVEL_ERROR, LEVEL_CRITICAL, LEVEL_FATAL, + LEVEL_INVALID, LEVEL__MAX, + LEVEL_IGNORE = 0x10, /*< Ignore */ LEVEL_TIME_SKEW = 0x20, /*< Received after timestamp. */ LEVEL_MARK = 0x40, /*< Bookmarked line. */ LEVEL_CONTINUED = 0x80, /*< Continuation of multiline entry. */ /** Mask of flags for the level field. */ LEVEL__FLAGS = ( + LEVEL_IGNORE | LEVEL_TIME_SKEW | LEVEL_MARK | LEVEL_CONTINUED diff --git a/src/log_search_table.cc b/src/log_search_table.cc index 3e6297fd..d24b49f3 100644 --- a/src/log_search_table.cc +++ b/src/log_search_table.cc @@ -108,7 +108,7 @@ bool log_search_table::next(log_cursor &lc, logfile_sub_source &lss) auto lf = lss.find(cl); auto lf_iter = lf->begin() + cl; - if (lf_iter->is_continued()) { + if (!lf_iter->is_message()) { return false; } diff --git a/src/log_vtab_impl.cc b/src/log_vtab_impl.cc index 22994d83..24c7729c 100644 --- a/src/log_vtab_impl.cc +++ b/src/log_vtab_impl.cc @@ -141,6 +141,7 @@ pair log_vtab_impl::logline_value_to_sqlite_type(logline_valu case logline_value::VALUE_TEXT: case logline_value::VALUE_STRUCT: case logline_value::VALUE_QUOTED: + case logline_value::VALUE_W3C_QUOTED: case logline_value::VALUE_TIMESTAMP: type = SQLITE3_TEXT; break; @@ -593,6 +594,7 @@ static int vt_column(sqlite3_vtab_cursor *cur, sqlite3_context *ctx, int col) SQLITE_TRANSIENT); break; } + case logline_value::VALUE_W3C_QUOTED: case logline_value::VALUE_QUOTED: if (lv_iter->lv_sbr.length() == 0) { sqlite3_result_text(ctx, "", 0, SQLITE_STATIC); @@ -606,11 +608,15 @@ static int vt_column(sqlite3_vtab_cursor *cur, sqlite3_context *ctx, int col) case '"': { char *val = (char *)sqlite3_malloc(text_len); - if (val == NULL) { + if (val == nullptr) { sqlite3_result_error_nomem(ctx); } else { - size_t unquoted_len = unquote(val, text_value, text_len); + auto unquote_func = + lv_iter->lv_kind == logline_value::VALUE_W3C_QUOTED ? + unquote_w3c : unquote; + + size_t unquoted_len = unquote_func(val, text_value, text_len); sqlite3_result_text(ctx, val, unquoted_len, sqlite3_free); } break; @@ -899,7 +905,7 @@ static int vt_update(sqlite3_vtab *tab, vis_line_t vl(rowid); content_line_t cl = vt->lss->at(vl); logline *ll = vt->lss->find_line(cl); - if (!ll->is_continued()) { + if (ll->is_message()) { break; } vt->tc->set_user_mark(&textview_curses::BM_USER, vl, val); diff --git a/src/log_vtab_impl.hh b/src/log_vtab_impl.hh index 9a266d04..8655b3b7 100644 --- a/src/log_vtab_impl.hh +++ b/src/log_vtab_impl.hh @@ -116,7 +116,7 @@ public: std::shared_ptr lf = lss.find(cl); auto lf_iter = lf->begin() + cl; - if (lf_iter->is_continued()) { + if (!lf_iter->is_message()) { return false; } @@ -174,7 +174,7 @@ public: auto lf_iter = lf->begin() + cl; uint8_t mod_id = lf_iter->get_module_id(); - if (lf_iter->is_continued()) { + if (!lf_iter->is_message()) { return false; } diff --git a/src/logfile.cc b/src/logfile.cc index f353f06a..89a188a9 100644 --- a/src/logfile.cc +++ b/src/logfile.cc @@ -403,8 +403,6 @@ logfile::rebuild_result_t logfile::rebuild_index() size_t old_size = this->lf_index.size(); - // Update this early so that line_length() works - this->lf_index_size = li.li_file_range.next_offset(); if (old_size == 0) { file_range fr = this->lf_line_buffer.get_available(); auto avail_data = this->lf_line_buffer.read_range(fr); @@ -432,6 +430,9 @@ logfile::rebuild_result_t logfile::rebuild_index() old_size = 0; } + // Update this early so that line_length() works + this->lf_index_size = li.li_file_range.next_offset(); + if (this->lf_logline_observer != nullptr) { this->lf_logline_observer->logline_new_lines( *this, this->begin() + old_size, this->end(), sbr); diff --git a/src/logfile.hh b/src/logfile.hh index 2777bff6..8278b4e8 100644 --- a/src/logfile.hh +++ b/src/logfile.hh @@ -287,7 +287,7 @@ public: auto retval = ll; while (retval != this->begin() && - (retval->get_sub_offset() != 0 || retval->is_continued())) { + (retval->get_sub_offset() != 0 || !retval->is_message())) { --retval; } diff --git a/src/logfile_sub_source.cc b/src/logfile_sub_source.cc index e469a502..ac487a81 100644 --- a/src/logfile_sub_source.cc +++ b/src/logfile_sub_source.cc @@ -368,6 +368,19 @@ void logfile_sub_source::text_attrs_for_line(textview_curses &lv, value_out.emplace_back(lr, &view_curses::VC_STYLE, attrs); + if (this->lss_token_line->get_msg_level() == log_level_t::LEVEL_INVALID) { + for (auto& token_attr : this->lss_token_attrs) { + if (token_attr.sa_type != &SA_INVALID) { + continue; + } + + + value_out.emplace_back(token_attr.sa_range, + &view_curses::VC_ROLE, + view_colors::VCR_INVALID_MSG); + } + } + for (const auto &line_value : line_values) { if ((!(this->lss_token_flags & RF_FULL) && line_value.lv_sub_offset != this->lss_token_line->get_sub_offset()) || @@ -523,8 +536,8 @@ void logfile_sub_source::text_attrs_for_line(textview_curses &lv, value_out, &logline::L_TIMESTAMP); if (time_range.lr_end != -1) { - attrs = vc.attrs_for_role(view_colors::VCR_ADJUSTED_TIME); - value_out.emplace_back(time_range, &view_curses::VC_STYLE, attrs); + value_out.emplace_back(time_range, &view_curses::VC_ROLE, + view_colors::VCR_ADJUSTED_TIME); } } else if ((((this->lss_token_line->get_time() / (5 * 60)) % 2) == 0) && @@ -533,8 +546,8 @@ void logfile_sub_source::text_attrs_for_line(textview_curses &lv, value_out, &logline::L_TIMESTAMP); if (time_range.lr_end != -1) { - attrs = vc.attrs_for_role(view_colors::VCR_ALT_ROW); - value_out.emplace_back(time_range, &view_curses::VC_STYLE, attrs); + value_out.emplace_back(time_range, &view_curses::VC_ROLE, + view_colors::VCR_ALT_ROW); } } @@ -543,8 +556,8 @@ void logfile_sub_source::text_attrs_for_line(textview_curses &lv, value_out, &logline::L_TIMESTAMP); if (time_range.lr_end != -1) { - attrs = vc.attrs_for_role(view_colors::VCR_SKEWED_TIME); - value_out.emplace_back(time_range, &view_curses::VC_STYLE, attrs); + value_out.emplace_back(time_range, &view_curses::VC_ROLE, + view_colors::VCR_SKEWED_TIME); } } @@ -727,7 +740,7 @@ logfile_sub_source::rebuild_result logfile_sub_source::rebuild_index() for (iter = this->lss_files.begin(); iter != this->lss_files.end(); iter++) { - if ((*iter)->get_file() == NULL) + if ((*iter)->get_file() == nullptr) continue; (*iter)->ld_lines_indexed = (*iter)->get_file()->size(); @@ -738,7 +751,7 @@ logfile_sub_source::rebuild_result logfile_sub_source::rebuild_index() uint32_t filter_in_mask, filter_out_mask; this->get_filters().get_enabled_mask(filter_in_mask, filter_out_mask); - if (start_size == 0 && this->lss_index_delegate != NULL) { + if (start_size == 0 && this->lss_index_delegate != nullptr) { this->lss_index_delegate->index_start(*this); } @@ -755,6 +768,10 @@ logfile_sub_source::rebuild_result logfile_sub_source::rebuild_index() auto line_iter = (*ld)->get_file()->begin() + line_number; + if (line_iter->is_ignored()) { + continue; + } + if (!this->tss_apply_filters || (!(*ld)->ld_filter_state.excluded(filter_in_mask, filter_out_mask, line_number) && @@ -826,7 +843,7 @@ void logfile_sub_source::text_update_marks(vis_bookmarks &bm) } auto line_iter = lf->begin() + cl; - if (!line_iter->is_continued()) { + if (line_iter->is_message()) { switch (line_iter->get_msg_level()) { case LEVEL_WARNING: bm[&BM_WARNINGS].insert_once(vl); @@ -855,7 +872,7 @@ log_accel::direction_t logfile_sub_source::get_line_accel_direction( while (vl >= 0) { logline *curr_line = this->find_line(this->at(vl)); - if (curr_line->is_continued()) { + if (!curr_line->is_message()) { --vl; continue; } @@ -1257,7 +1274,7 @@ log_location_history::loc_history_forward(vis_line_t current_top) bool sql_filter::matches(const logfile &lf, logfile::const_iterator ll, shared_buffer_ref &line) { - if (ll->is_continued()) { + if (!ll->is_message()) { return false; } if (this->sf_filter_stmt == nullptr) { diff --git a/src/readline_curses.cc b/src/readline_curses.cc index dcaa3e5b..055f1b60 100644 --- a/src/readline_curses.cc +++ b/src/readline_curses.cc @@ -457,6 +457,37 @@ readline_context::readline_context(const std::string &name, this->rc_append_character = ' '; } +void readline_context::load() +{ + char buffer[128]; + + rl_completer_word_break_characters = (char *)" \t\n|()"; /* XXX */ + /* + * XXX Need to keep the input on a single line since the display screws + * up if it wraps around. + */ + snprintf(buffer, sizeof(buffer), + "set completion-ignore-case %s", + this->rc_case_sensitive ? "off" : "on"); + rl_parse_and_bind(buffer); /* NOTE: buffer is modified */ + + loaded_context = this; + rl_attempted_completion_function = attempted_completion; + history_set_history_state(&this->rc_history); + for (auto &rc_var : this->rc_vars) { + *(rc_var.rv_dst.ch) = (char *) rc_var.rv_val.ch; + } +} + +void readline_context::save() +{ + HISTORY_STATE *hs = history_get_history_state(); + + this->rc_history = *hs; + free(hs); + hs = nullptr; +} + readline_curses::readline_curses() : rc_change(noop_func{}), rc_perform(noop_func{}), diff --git a/src/readline_curses.hh b/src/readline_curses.hh index 8cd52d8a..c26c8471 100644 --- a/src/readline_curses.hh +++ b/src/readline_curses.hh @@ -101,36 +101,9 @@ public: const std::string &get_name() const { return this->rc_name; }; - void load() - { - char buffer[128]; - - rl_completer_word_break_characters = (char *)" \t\n|()"; /* XXX */ - /* - * XXX Need to keep the input on a single line since the display screws - * up if it wraps around. - */ - snprintf(buffer, sizeof(buffer), - "set completion-ignore-case %s", - this->rc_case_sensitive ? "off" : "on"); - rl_parse_and_bind(buffer); /* NOTE: buffer is modified */ - - loaded_context = this; - rl_attempted_completion_function = attempted_completion; - history_set_history_state(&this->rc_history); - for (auto &rc_var : this->rc_vars) { - *(rc_var.rv_dst.ch) = (char *) rc_var.rv_val.ch; - } - }; + void load(); - void save() - { - HISTORY_STATE *hs = history_get_history_state(); - - this->rc_history = *hs; - free(hs); - hs = nullptr; - }; + void save(); void add_possibility(const std::string& type, const std::string& value) { diff --git a/src/sql_util.cc b/src/sql_util.cc index 5400425c..c95d3413 100644 --- a/src/sql_util.cc +++ b/src/sql_util.cc @@ -287,7 +287,7 @@ static int handle_table_list(void *ptr, { struct table_list_data *tld = (struct table_list_data *)ptr; - (*tld->tld_iter)->second.push_back(colvalues[0]); + (*tld->tld_iter)->second.emplace_back(colvalues[0]); if (!tld->tld_callbacks->smc_table_list) { return 0; } @@ -657,7 +657,7 @@ string sql_safe_ident(const string_fragment &ident) char ch = retval[lpc]; if (isalnum(ch) || ch == '_') { - retval[lpc] = ch; + retval[lpc] = tolower(ch); } else { retval[lpc] = '_'; } @@ -703,7 +703,7 @@ void sql_compile_script(sqlite3 *db, log_error("unable to allocate error message"); break; } - errors.push_back(full_msg.in()); + errors.emplace_back(full_msg.in()); break; } else if (script == tail) { break; diff --git a/src/string_attr_type.cc b/src/string_attr_type.cc index c2009ad1..16341605 100644 --- a/src/string_attr_type.cc +++ b/src/string_attr_type.cc @@ -36,3 +36,4 @@ string_attr_type SA_BODY("body"); string_attr_type SA_HIDDEN("hidden"); string_attr_type SA_FORMAT("format"); string_attr_type SA_REMOVED("removed"); +string_attr_type SA_INVALID("invalid"); diff --git a/src/string_attr_type.hh b/src/string_attr_type.hh index d945cd7a..63271cb2 100644 --- a/src/string_attr_type.hh +++ b/src/string_attr_type.hh @@ -45,5 +45,6 @@ extern string_attr_type SA_BODY; extern string_attr_type SA_HIDDEN; extern string_attr_type SA_FORMAT; extern string_attr_type SA_REMOVED; +extern string_attr_type SA_INVALID; #endif diff --git a/src/styling.hh b/src/styling.hh index 10a05503..8870e867 100644 --- a/src/styling.hh +++ b/src/styling.hh @@ -142,6 +142,7 @@ struct lnav_theme { style_config lt_style_adjusted_time; style_config lt_style_skewed_time; style_config lt_style_offset_time; + style_config lt_style_invalid_msg; style_config lt_style_status_title; style_config lt_style_status_title_hotkey; style_config lt_style_status_disabled_title; diff --git a/src/textview_curses.cc b/src/textview_curses.cc index 99c66bb4..2904426e 100644 --- a/src/textview_curses.cc +++ b/src/textview_curses.cc @@ -79,7 +79,7 @@ void text_filter::add_line( logfile_filter_state &lfs, logfile::const_iterator ll, shared_buffer_ref &line) { bool match_state = this->matches(*lfs.tfs_logfile, ll, line); - if (!ll->is_continued()) { + if (ll->is_message()) { this->end_of_message(lfs); } diff --git a/src/themes/default-theme.json b/src/themes/default-theme.json index e50b5e7b..2dcf86dd 100644 --- a/src/themes/default-theme.json +++ b/src/themes/default-theme.json @@ -40,6 +40,9 @@ "offset-time": { "color": "Teal" }, + "invalid-msg": { + "color": "Yellow" + }, "popup": { "color": "Silver", "background-color": "Teal" diff --git a/src/themes/eldar.json b/src/themes/eldar.json index 83390002..9e91b6a2 100644 --- a/src/themes/eldar.json +++ b/src/themes/eldar.json @@ -51,6 +51,9 @@ "offset-time": { "color": "$cyan" }, + "invalid-msg": { + "color": "$yellow" + }, "popup": { "color": "$black", "background-color": "Grey37" diff --git a/src/themes/monocai.json b/src/themes/monocai.json index 2dadb534..6ca74f19 100644 --- a/src/themes/monocai.json +++ b/src/themes/monocai.json @@ -51,6 +51,9 @@ "offset-time": { "color": "$cyan" }, + "invalid-msg": { + "color": "$yellow" + }, "popup": { "color": "$white", "background-color": "$cyan" diff --git a/src/themes/night-owl.json b/src/themes/night-owl.json index 2eb8f6c1..3696d4ea 100644 --- a/src/themes/night-owl.json +++ b/src/themes/night-owl.json @@ -50,6 +50,9 @@ "offset-time": { "color": "$cyan" }, + "invalid-msg": { + "color": "$yellow" + }, "popup": { "color": "$base00", "background-color": "$base3" diff --git a/src/themes/solarized-dark.json b/src/themes/solarized-dark.json index 167d17be..717b51c8 100644 --- a/src/themes/solarized-dark.json +++ b/src/themes/solarized-dark.json @@ -60,6 +60,9 @@ "offset-time": { "color": "$cyan" }, + "invalid-msg": { + "color": "$yellow" + }, "popup": { "color": "$base00", "background-color": "$base3" diff --git a/src/themes/solarized-light.json b/src/themes/solarized-light.json index 7ba4ca41..0b4b075e 100644 --- a/src/themes/solarized-light.json +++ b/src/themes/solarized-light.json @@ -60,6 +60,9 @@ "offset-time": { "color": "$cyan" }, + "invalid-msg": { + "color": "$yellow" + }, "popup": { "color": "$base00", "background-color": "$base3" diff --git a/src/view_curses.cc b/src/view_curses.cc index 79be9bf9..cf539035 100644 --- a/src/view_curses.cc +++ b/src/view_curses.cc @@ -439,12 +439,12 @@ void view_curses::mvwattrline(WINDOW *window, if (attr_range.lr_end > attr_range.lr_start) { int awidth = attr_range.length(); - int color_pair; + int color_pair = 0; if (iter->sa_type == &VC_STYLE) { attrs = iter->sa_value.sav_int & ~A_COLOR; color_pair = PAIR_NUMBER(iter->sa_value.sav_int); - } else { + } else if (iter->sa_type == &VC_ROLE) { attrs = vc.attrs_for_role((view_colors::role_t) iter->sa_value.sav_int); color_pair = PAIR_NUMBER(attrs); attrs = attrs & ~A_COLOR; @@ -808,6 +808,8 @@ void view_colors::init_roles(const lnav_theme <, color_pair_base, lt, lt.lt_style_skewed_time, lt.lt_style_text, reporter); this->vc_role_colors[VCR_OFFSET_TIME] = this->to_attrs( color_pair_base, lt, lt.lt_style_offset_time, lt.lt_style_text, reporter); + this->vc_role_colors[VCR_INVALID_MSG] = this->to_attrs( + color_pair_base, lt, lt.lt_style_invalid_msg, lt.lt_style_text, reporter); this->vc_role_colors[VCR_STATUS] = this->to_attrs(color_pair_base, lt, lt.lt_style_status, lt.lt_style_status, reporter); diff --git a/src/view_curses.hh b/src/view_curses.hh index ff24da05..76456d48 100644 --- a/src/view_curses.hh +++ b/src/view_curses.hh @@ -198,6 +198,7 @@ public: VCR_ADJUSTED_TIME, VCR_SKEWED_TIME, VCR_OFFSET_TIME, + VCR_INVALID_MSG, VCR_STATUS, /*< Normal status line text. */ VCR_WARN_STATUS, VCR_ALERT_STATUS, /*< Alert status line text. */ diff --git a/src/view_helpers.cc b/src/view_helpers.cc index f7ebfc73..e6b5b174 100644 --- a/src/view_helpers.cc +++ b/src/view_helpers.cc @@ -90,7 +90,7 @@ static void open_pretty_view() auto ll = lf->begin() + cl; shared_buffer_ref sbr; - if (!first_line && ll->is_continued()) { + if (!first_line && !ll->is_message()) { continue; } auto ll_start = lf->message_start(ll); diff --git a/test/drive_logfile.cc b/test/drive_logfile.cc index 099b4f6c..b2f7c308 100644 --- a/test/drive_logfile.cc +++ b/test/drive_logfile.cc @@ -157,6 +157,10 @@ int main(int argc, char *argv[]) case MODE_TIMES: for (logfile::iterator iter = lf.begin(); iter != lf.end(); ++iter) { + if (iter->is_ignored()) { + continue; + } + char buffer[1024]; time_t lt; diff --git a/test/logfile_w3c.0 b/test/logfile_w3c.0 new file mode 100644 index 00000000..c6177e76 --- /dev/null +++ b/test/logfile_w3c.0 @@ -0,0 +1,5 @@ +#Software: Microsoft HTTP Server API 2.0 +#Version: 1.0 // the log file version as it's described by "https://www.w3.org/TR/WD-logfile". +#Date: 2002-05-02 17:42:15 // when the first log file entry was recorded, which is when the entire log file was created. +#Fields: date time c-ip cs-username s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status cs(User-Agent) +2002-05-02 17:42:15 172.22.255.255 - 172.30.255.255 80 GET /images/picture.jpg - 200 Mozilla/4.0+(compatible;MSIE+5.5;+Windows+2000+Server) diff --git a/test/logfile_w3c.1 b/test/logfile_w3c.1 new file mode 100644 index 00000000..7e8a4f11 --- /dev/null +++ b/test/logfile_w3c.1 @@ -0,0 +1,7 @@ +#Version: 1.0 +#GMT-Offset: -0800 +#Software: Oracle9iAS Web Cache/2.0.0.2.0 +#Start-Date: 2001-10-31 00:00:18 +#Fields: c-ip c-dns c-auth-id date time cs-method cs-uri sc-status bytes cs(Cookie) cs(Referrer) time-taken cs(User-Agent) +#Date: 2001-10-31 00:00:18 +64.103.37.2 client_joaz7 DMS.user 2001-10-31 00:00:18 GET /admin/images/oc_bottomleft.gif 200 350 "BIGipServerwww_webcache_pool=1443321748.19460.0000;ORA_UCM_AGID=%2fMP%2f8M7%3etSHPV%40%2fS%3f%3fDh3VHO" "http://www.oracle.com/nl/partner/content.html" 370879 "Mozilla/4.5 [en] (WinNT; I)" diff --git a/test/logfile_w3c.2 b/test/logfile_w3c.2 new file mode 100644 index 00000000..c15f08b1 --- /dev/null +++ b/test/logfile_w3c.2 @@ -0,0 +1,22 @@ +#Software: Microsoft Internet Information Server 4.0 +#Version: 1.0 +#Date: 2000-10-09 16:44:49 +#Fields: time c-ip cs-method cs-uri-stem sc-status +16:44:49 1.1.1.1 [2]USER anonymous 331 +16:44:49 1.1.1.1 [2]PASS - 230 +16:48:05 1.1.1.1 [2]QUIT - 226 +16:48:17 1.1.1.1 [3]USER anonymous 331 +16:48:24 1.1.1.1 [3]PASS user@domain.com 230 +16:48:35 1.1.1.1 [3]sent /user/test.c 226 +16:48:41 1.1.1.1 [3]created readme.txt 226 +16:48:41 1.1.1.1 [3]created fileid.diz 226 +16:48:41 1.1.1.1 [3]created names.dll 226 +16:48:41 1.1.1.1 [3]created TEST.EXE 226 +16:48:44 1.1.1.1 [3]QUIT - 226 +#Software: Microsoft Internet Information Server 4.0 +#Version: 1.0 +#Date: 2000-10-10 16:44:49 +#Fields: time c-ip cs-method cs-uri-stem sc-status +16:44:49 1.1.1.1 [2]USER anonymous 331 +16:44:49 1.1.1.1 [2]PASS - 230 +16:48:05 1.1.1.1 [2]QUIT - 226 diff --git a/test/logfile_w3c.3 b/test/logfile_w3c.3 new file mode 100644 index 00000000..2f3d1908 --- /dev/null +++ b/test/logfile_w3c.3 @@ -0,0 +1,10 @@ +#Software: IIS Advanced Logging Module + +#Version: 1.0 + +#Start-Date: 2014-11-18 00:00:00.128 + +#Fields: date-local time-local s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) cs(Host) sc-status sc-substatus sc-win32-status TimeTakenMS +2012-08-15 17:00:00.363 1.2.3.4 GET /Products/theProduct - 80 - "70.95.0.0" "Mozilla/5.0 (Linux; Android 4.4.4; SM-G900V Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.59 Mobile Safari/537.36" "http://example.com/Search/SearchResults.pg?informationRecipient.languageCode.c=en" "xzy.example.com" 200 0 0 109 +2012-08-15 17:00:00.660 10.10.28.140 GET /Topic/hw43061 - 80 - - "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36" - "example.hello.com" 301 0 0 0 +2012-08-15 17:00:00.675 10.10.28.140 GET /hello/world/6,681965 - 80 - "173.5.0.0" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36" - "hello.example.com" 404 " ""garbage"" w/ spaces " 0 359 diff --git a/test/logfile_w3c.4 b/test/logfile_w3c.4 new file mode 100644 index 00000000..76d978be --- /dev/null +++ b/test/logfile_w3c.4 @@ -0,0 +1,6 @@ +#Software: Incapsula LOGS API +#Version: 1.1 +#Date: 28/Jun/2017 07:28:59 +#Fields: date time cs-vid cs-clapp cs-browsertype cs-js-support cs-co-support c-ip s-caip cs-clappsig s-capsupport s-suid cs(User-Agent) cs-sessionid s-siteid cs-countrycode s-tag cs-cicode s-computername cs-lat cs-long s-accountname cs-uri cs-postbody cs-version sc-action s-externalid cs(Referrer) s-ip s-port cs-method cs-uri-query sc-status s-xff cs-bytes cs-start cs-rule cs-severity cs-attacktype cs-attackid s-ruleName +"2017-06-28" "07:26:35" "a1f36498-c34a-45b9-b3a5-ee0bd00f91b6" "Chrome" "Browser" "false" "true" "123.123.123.123" "" "62a660e57ba257275cf7ccf699919eae18e07e84cb11c1075e99b1be98456059d3064ec14d3932ba6e89f5393a158b8b8c2572ad7ad7dadb0fe02a34ae4c3d504c035017bf9a6a7802bb898226378938" "NA" "774502" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36" "452000660051880893" "44850949" "SE" "LS" "Stockholm" "www.example.com" "32.0000" "32.0000" "Customer" "www.example.com/page.php" "" "HTTP" "REQ_PASSED" "118866685985031205" "" "124.124.124.124" "80" "GET" "variable=test" "200" "123.123.123.123" "10117" "1498634795555" "" "" "" "" "" +"2017-06-26" "18:21:17" "daf5e234-24fc-4a69-985c-ab923529b393" "Firefox" "Browser" "false" "true" "125.125.125.125" "" "030404c9ac184e57a6c956e6bfad11dc23186ea6cf166908c6bc7db81aab7170e33740ea4d2972210f96e3365d25eb25a222f316a4f9221f39e56035fa9a49c80f9eedd9b846bb0491abe72a4b988e7cd3e7117283cee9f556726334972b7ce9" "NA" "774502" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 Lightning/4.7.8" "000000830000750000" "85437078" "SE" "XX" "Town" "www.example.com" "66.3333" "66.3333" "Company" "www.example.com/rss/news" "" "HTTP" "REQ_BAD_SERVER_CLOSED_CONNECTION" "3004162128217401" "" "125.125.125.125" "80" "GET" "" "" "125.125.125.125" "" "1498501277430" "" "" "" "" "" diff --git a/test/logfile_w3c.5 b/test/logfile_w3c.5 new file mode 100644 index 00000000..b05bc48f --- /dev/null +++ b/test/logfile_w3c.5 @@ -0,0 +1,2 @@ +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query +2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 283 diff --git a/test/logfile_w3c.6 b/test/logfile_w3c.6 new file mode 100644 index 00000000..0a8f3e2c --- /dev/null +++ b/test/logfile_w3c.6 @@ -0,0 +1,5 @@ +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 00:32:17 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 ÄÖÜäöü\ßßßMözillä/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 283 diff --git a/test/logfile_w3c_big.0 b/test/logfile_w3c_big.0 new file mode 100644 index 00000000..866b8bc2 --- /dev/null +++ b/test/logfile_w3c_big.0 @@ -0,0 +1,254 @@ +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 00:32:17 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 283 +2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 157 +2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 152 +2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 149 +2015-01-13 00:32:17 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 242 137 +2015-01-13 00:32:26 100.79.192.81 GET /p/eToken1.png - 80 - 207.46.13.64 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 245 157 +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 02:05:40 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 02:05:40 100.79.192.81 GET /48672181611.html - 80 - 180.111.242.129 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.1;+Trident/4.0) - 404 0 2 1405 141 2411 +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 08:22:18 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 08:22:18 100.79.192.81 GET /robots.txt - 80 - 66.249.78.6 Mozilla/5.0+(compatible;+Googlebot/2.1;++http://www.google.com/bot.html) - 404 0 2 1405 250 156 +2015-01-13 08:22:18 100.79.192.81 GET /contact/ - 80 - 66.249.64.36 Mozilla/5.0+AppleWebKit/537.36+(KHTML,+like+Gecko;+Google+Web+Preview+Analytics)+Chrome/27.0.1453+Safari/537.36+(compatible;+Googlebot/2.1;++http://www.google.com/bot.html) - 404 0 2 1405 331 376 +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 09:49:46 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 09:49:46 100.79.192.81 GET / - 80 - 188.120.253.124 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US)+AppleWebKit/533.4+(KHTML,+like+Gecko)+Chrome/5.0.375.99+Safari/533.4 http://example.com 200 0 0 960 205 468 +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 10:16:10 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 10:16:10 100.79.192.81 GET /robots.txt - 80 - 37.59.20.217 Mozilla/5.0+(compatible;+MJ12bot/v1.4.5;+http://www.majestic12.co.uk/bot.php?+) - 404 0 2 1424 170 156 +2015-01-13 10:16:15 100.79.192.81 GET / - 80 - 37.59.20.217 Mozilla/5.0+(compatible;+MJ12bot/v1.4.5;+http://www.majestic12.co.uk/bot.php?+) - 200 0 0 979 313 265 +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 10:46:33 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 10:46:33 100.79.192.81 GET / - 80 - 188.163.80.167 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.1;+WOW64;+Trident/7.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET+CLR+3.5.30729;+.NET+CLR+3.0.30729;+Media+Center+PC+6.0;+.NET4.0C;+.NET4.0E) - 200 0 0 960 327 499 +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 12:30:24 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 12:30:24 100.79.192.81 GET /robots.txt - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 404 0 2 1405 261 283 +2015-01-13 12:30:30 100.79.192.81 GET / - 80 - 157.55.39.146 Mozilla/5.0+(compatible;+bingbot/2.0;++http://www.bing.com/bingbot.htm) - 200 0 0 960 264 418 +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 13:00:56 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 13:00:56 100.79.192.81 GET / - 80 - 192.99.149.88 Mozilla/5.0+(Windows+NT+6.1;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - 200 0 64 0 212 504 +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 16:35:13 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 16:35:13 100.79.192.81 GET / - 80 - 130.211.190.46 NerdyBot - 200 0 0 984 94 503 +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 22:29:42 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 22:29:42 100.79.192.81 GET / - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 200 0 0 960 238 807 +2015-01-13 22:29:42 100.79.192.81 GET /fckeditor/fckconfig.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 260 376 +2015-01-13 22:29:42 100.79.192.81 GET /fckeditor/license.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 259 392 +2015-01-13 22:29:43 100.79.192.81 GET /fckeditor/editor/js/fckeditorcode_ie.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 277 399 +2015-01-13 22:29:43 100.79.192.81 GET /fckeditor/fckeditor.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 260 392 +2015-01-13 22:29:43 100.79.192.81 GET /FCK/editor/js/fckeditorcode_ie.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 271 393 +2015-01-13 22:29:44 100.79.192.81 GET /FCK/fckeditor.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 254 392 +2015-01-13 22:29:44 100.79.192.81 GET /fckeditor.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 250 377 +2015-01-13 22:29:44 100.79.192.81 GET /editor/js/fckeditorcode_ie.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 267 361 +2015-01-13 22:29:45 100.79.192.81 GET /fckeditor/editor/js/fckeditorcode_ie.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 277 352 +2015-01-13 22:29:45 100.79.192.81 GET /ckeditor/ckeditor.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 258 355 +2015-01-13 22:29:45 100.79.192.81 GET / c=4e5e5d7364f443e28fbf0d3ae744a59a 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 200 0 0 960 273 361 +2015-01-13 22:29:46 100.79.192.81 GET /wp-cron.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 345 +2015-01-13 22:29:46 100.79.192.81 GET /wp-content - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 354 +2015-01-13 22:29:46 100.79.192.81 GET /wp-login.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 250 338 +2015-01-13 22:29:47 100.79.192.81 GET /license.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 345 +2015-01-13 22:29:47 100.79.192.81 GET /readme.html - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 346 +2015-01-13 22:29:47 100.79.192.81 GET /robots.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 345 +2015-01-13 22:29:48 100.79.192.81 GET /favicon.ico - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 330 +2015-01-13 22:29:48 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 335 +2015-01-13 22:29:48 100.79.192.81 GET /weblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 325 +2015-01-13 22:29:48 100.79.192.81 GET /wordpress/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 330 +2015-01-13 22:29:50 100.79.192.81 GET /wp/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 241 345 +2015-01-13 22:29:50 100.79.192.81 GET /log/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 330 +2015-01-13 22:29:50 100.79.192.81 GET /archiver - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 345 +2015-01-13 22:29:51 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 330 +2015-01-13 22:29:51 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 329 +2015-01-13 22:29:51 100.79.192.81 GET /discuz/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 346 +2015-01-13 22:29:52 100.79.192.81 GET /docs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 330 +2015-01-13 22:29:52 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 345 +2015-01-13 22:29:52 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 346 +2015-01-13 22:29:53 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 345 +2015-01-13 22:29:53 100.79.192.81 GET /cart/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 345 +2015-01-13 22:29:53 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 346 +2015-01-13 22:29:54 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 345 +2015-01-13 22:29:54 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 361 +2015-01-13 22:29:54 100.79.192.81 GET /shopex/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 344 +2015-01-13 22:29:55 100.79.192.81 GET /administrator/manifests/files/joomla.xml - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 278 363 +2015-01-13 22:29:55 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 361 +2015-01-13 22:29:55 100.79.192.81 GET /joomla/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 361 +2015-01-13 22:29:56 100.79.192.81 GET /public/js/ips.board.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 260 361 +2015-01-13 22:29:56 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 385 +2015-01-13 22:29:56 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 369 +2015-01-13 22:29:57 100.79.192.81 GET /ipboard/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 377 +2015-01-13 22:29:57 100.79.192.81 GET /board/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 377 +2015-01-13 22:29:57 100.79.192.81 GET /data/admin/ver.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 256 393 +2015-01-13 22:29:58 100.79.192.81 GET /digg.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 377 +2015-01-13 22:29:58 100.79.192.81 GET /plus/sitemap.html - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 255 361 +2015-01-13 22:29:58 100.79.192.81 GET /plus/rssmap.html - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 254 377 +2015-01-13 22:29:59 100.79.192.81 GET /plus/heightsearch.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 259 377 +2015-01-13 22:29:59 100.79.192.81 GET /data - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 377 +2015-01-13 22:29:59 100.79.192.81 GET /member/space/company/info.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 267 376 +2015-01-13 22:30:00 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 378 +2015-01-13 22:30:00 100.79.192.81 GET /dedecms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 393 +2015-01-13 22:30:00 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 393 +2015-01-13 22:30:02 100.79.192.81 GET /empirecms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 393 +2015-01-13 22:30:02 100.79.192.81 GET /CHANGELOG.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 251 377 +2015-01-13 22:30:02 100.79.192.81 GET /changelog.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 251 393 +2015-01-13 22:30:03 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 377 +2015-01-13 22:30:03 100.79.192.81 GET /drupal/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 393 +2015-01-13 22:30:03 100.79.192.81 GET /admin - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 378 +2015-01-13 22:30:04 100.79.192.81 GET /list.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 376 +2015-01-13 22:30:04 100.79.192.81 GET /admin/template/article_more/config.htm - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 276 377 +2015-01-13 22:30:04 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 377 +2015-01-13 22:30:05 100.79.192.81 GET /docs.css - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 393 +2015-01-13 22:30:05 100.79.192.81 GET /phpmyadmin/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 408 +2015-01-13 22:30:05 100.79.192.81 GET /rss.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 393 +2015-01-13 22:30:06 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 410 +2015-01-13 22:30:06 100.79.192.81 GET /inc/rsd.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 391 +2015-01-13 22:30:06 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 409 +2015-01-13 22:30:08 100.79.192.81 GET /weblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 408 +2015-01-13 22:30:08 100.79.192.81 GET /log/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 408 +2015-01-13 22:30:08 100.79.192.81 GET /robots.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 424 +2015-01-13 22:30:09 100.79.192.81 GET /tools/rss.aspx - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 0 2127 252 472 +2015-01-13 22:30:09 100.79.192.81 GET /help.aspx - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 0 2122 247 408 +2015-01-13 22:30:09 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 424 +2015-01-13 22:30:10 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 408 +2015-01-13 22:30:10 100.79.192.81 GET /discuz/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 422 +2015-01-13 22:30:10 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 395 +2015-01-13 22:30:11 100.79.192.81 GET /foosun/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 393 +2015-01-13 22:30:11 100.79.192.81 GET /index.php m=search 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 256 345 +2015-01-13 22:30:11 100.79.192.81 GET /index.php m=wap 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 253 315 +2015-01-13 22:30:11 100.79.192.81 GET /index.php m=admin 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 255 314 +2015-01-13 22:30:13 100.79.192.81 GET /index.php m=admin&c=index&a=login&pc_hash= 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 280 314 +2015-01-13 22:30:13 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 313 +2015-01-13 22:30:13 100.79.192.81 GET /phpcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 315 +2015-01-13 22:30:13 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314 +2015-01-13 22:30:14 100.79.192.81 GET /aspcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 313 +2015-01-13 22:30:14 100.79.192.81 GET /admin/inc/xml.xslt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 256 315 +2015-01-13 22:30:14 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314 +2015-01-13 22:30:14 100.79.192.81 GET /feed.asp - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 314 +2015-01-13 22:30:15 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 314 +2015-01-13 22:30:15 100.79.192.81 GET /weblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 315 +2015-01-13 22:30:15 100.79.192.81 GET /log/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314 +2015-01-13 22:30:15 100.79.192.81 GET /zblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 314 +2015-01-13 22:30:16 100.79.192.81 GET /mail/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 315 +2015-01-13 22:30:16 100.79.192.81 GET /webmail/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 314 +2015-01-13 22:30:16 100.79.192.81 GET /archive/archive.css - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 257 314 +2015-01-13 22:30:16 100.79.192.81 GET /clientscript/vbulletin_ajax_htmlloader.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 279 314 +2015-01-13 22:30:18 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 330 +2015-01-13 22:30:18 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 361 +2015-01-13 22:30:18 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 392 +2015-01-13 22:30:19 100.79.192.81 GET /phpbb/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 424 +2015-01-13 22:30:19 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 420 +2015-01-13 22:30:19 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 398 +2015-01-13 22:30:20 100.79.192.81 GET /leadbbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 408 +2015-01-13 22:30:20 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 408 +2015-01-13 22:30:20 100.79.192.81 GET /cmseasy/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 392 +2015-01-13 22:30:21 100.79.192.81 GET /history.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 408 +2015-01-13 22:30:21 100.79.192.81 GET /common/common.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 254 378 +2015-01-13 22:30:21 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 361 +2015-01-13 22:30:22 100.79.192.81 GET /weblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 381 +2015-01-13 22:30:22 100.79.192.81 GET /log/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 357 +2015-01-13 22:30:22 100.79.192.81 GET /blog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 361 +2015-01-13 22:30:23 100.79.192.81 GET /log/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 361 +2015-01-13 22:30:23 100.79.192.81 GET /weblog/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 362 +2015-01-13 22:30:23 100.79.192.81 GET /typecho/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 377 +2015-01-13 22:30:25 100.79.192.81 GET /extern.php action=feed&type=atom 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 270 361 +2015-01-13 22:30:25 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 377 +2015-01-13 22:30:25 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 377 +2015-01-13 22:30:26 100.79.192.81 GET /fluxbb/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 377 +2015-01-13 22:30:26 100.79.192.81 GET /inc/Templates/rss.xslt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 260 362 +2015-01-13 22:30:26 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 392 +2015-01-13 22:30:27 100.79.192.81 GET /dvbbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 377 +2015-01-13 22:30:27 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 376 +2015-01-13 22:30:27 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 394 +2015-01-13 22:30:28 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 377 +2015-01-13 22:30:28 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 372 +2015-01-13 22:30:28 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 399 +2015-01-13 22:30:29 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 376 +2015-01-13 22:30:29 100.79.192.81 GET /opencart/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 247 393 +2015-01-13 22:30:29 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 393 +2015-01-13 22:30:30 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 411 +2015-01-13 22:30:30 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 401 +2015-01-13 22:30:30 100.79.192.81 GET /iwebshop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 247 397 +2015-01-13 22:30:31 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 408 +2015-01-13 22:30:31 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 407 +2015-01-13 22:30:31 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 394 +2015-01-13 22:30:33 100.79.192.81 GET /ecshop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 408 +2015-01-13 22:30:33 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 393 +2015-01-13 22:30:33 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 414 +2015-01-13 22:30:34 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 402 +2015-01-13 22:30:34 100.79.192.81 GET /shop7z/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 394 +2015-01-13 22:30:34 100.79.192.81 GET /skin/frontend/default/modern/css/styles.css - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 281 384 +2015-01-13 22:30:35 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 338 +2015-01-13 22:30:35 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 315 +2015-01-13 22:30:35 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 314 +2015-01-13 22:30:35 100.79.192.81 GET /magento/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 314 +2015-01-13 22:30:36 100.79.192.81 GET /api/api_user.xml - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 254 330 +2015-01-13 22:30:36 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314 +2015-01-13 22:30:36 100.79.192.81 GET /kesion/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 314 +2015-01-13 22:30:36 100.79.192.81 GET /archiver - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 314 +2015-01-13 22:30:38 100.79.192.81 GET /robots.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 314 +2015-01-13 22:30:38 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314 +2015-01-13 22:30:38 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 314 +2015-01-13 22:30:38 100.79.192.81 GET /bbsmax/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 313 +2015-01-13 22:30:39 100.79.192.81 GET /inc/playerKinds.xml - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 257 316 +2015-01-13 22:30:39 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314 +2015-01-13 22:30:39 100.79.192.81 GET /maxcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 314 +2015-01-13 22:30:39 100.79.192.81 GET /install - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 315 +2015-01-13 22:30:40 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314 +2015-01-13 22:30:40 100.79.192.81 GET /oecms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 314 +2015-01-13 22:30:40 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 314 +2015-01-13 22:30:40 100.79.192.81 GET /lazycms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 313 +2015-01-13 22:30:41 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 315 +2015-01-13 22:30:41 100.79.192.81 GET /verycms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 314 +2015-01-13 22:30:41 100.79.192.81 GET /template/home.htm - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 255 315 +2015-01-13 22:30:41 100.79.192.81 GET /system/skins/default/system.login.htm - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 275 314 +2015-01-13 22:30:43 100.79.192.81 GET /system/language/zh-cn.xml - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 263 314 +2015-01-13 22:30:43 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 330 +2015-01-13 22:30:43 100.79.192.81 GET /kingcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 345 +2015-01-13 22:30:44 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 331 +2015-01-13 22:30:44 100.79.192.81 GET /metinfo/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 345 +2015-01-13 22:30:44 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 361 +2015-01-13 22:30:45 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 340 +2015-01-13 22:30:45 100.79.192.81 GET /6kbb/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 335 +2015-01-13 22:30:45 100.79.192.81 GET /stylesheet.css - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 252 383 +2015-01-13 22:30:46 100.79.192.81 GET /includes/general.js - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 257 393 +2015-01-13 22:30:46 100.79.192.81 GET /shop/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 424 +2015-01-13 22:30:46 100.79.192.81 GET /store/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 408 +2015-01-13 22:30:47 100.79.192.81 GET /mall/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 417 +2015-01-13 22:30:47 100.79.192.81 GET /oscommerce/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 416 +2015-01-13 22:30:47 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 361 +2015-01-13 22:30:48 100.79.192.81 GET /jxcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 317 +2015-01-13 22:30:48 100.79.192.81 GET /cms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 311 +2015-01-13 22:30:48 100.79.192.81 GET /zcms/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 243 313 +2015-01-13 22:30:48 100.79.192.81 GET /robots.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 248 319 +2015-01-13 22:30:49 100.79.192.81 GET /licence.txt - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 249 310 +2015-01-13 22:30:49 100.79.192.81 GET /rss.php - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 245 317 +2015-01-13 22:30:49 100.79.192.81 GET /bbs/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 242 315 +2015-01-13 22:30:49 100.79.192.81 GET /forum/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 244 314 +2015-01-13 22:30:51 100.79.192.81 GET /phpwind/ - 80 - 183.60.244.30 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 0 2 1405 246 341 +#Software: Microsoft Internet Information Services 8.5 +#Version: 1.0 +#Date: 2015-01-13 23:15:41 +#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken +2015-01-13 23:15:41 100.79.192.81 GET /robots.txt - 80 - 188.165.15.50 Mozilla/5.0+(compatible;+AhrefsBot/5.0;++http://ahrefs.com/robot/) - 404 0 2 1405 170 141 diff --git a/test/test_cmds.sh b/test/test_cmds.sh index 599b8f83..867c685a 100644 --- a/test/test_cmds.sh +++ b/test/test_cmds.sh @@ -156,10 +156,10 @@ run_test ${lnav_test} -nvq \ -c ":config /ui/clock-format" \ ${test_dir}/logfile_access_log.0 -check_error_output "config clock-format" <,2009-07-20 22:59:26.000,0,info,0,,,,192.168.202.254,GET,-,,/vmw/cgi/tramp,gPXE/0.9.7,-,HTTP/1.0,134,200 -1,,2009-07-20 22:59:29.000,3000,error,0,,,,192.168.202.254,GET,-,,/vmw/vSphere/default/vmkboot.gz,gPXE/0.9.7,-,HTTP/1.0,46210,404 -2,,2009-07-20 22:59:29.000,0,info,0,,,,192.168.202.254,GET,-,,/vmw/vSphere/default/vmkernel.gz,gPXE/0.9.7,-,HTTP/1.0,78929,200 +log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_filters,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status,cs_host +0,,2009-07-20 22:59:26.000,0,info,0,,,,192.168.202.254,GET,-,,/vmw/cgi/tramp,gPXE/0.9.7,-,HTTP/1.0,134,200, +1,,2009-07-20 22:59:29.000,3000,error,0,,,,192.168.202.254,GET,-,,/vmw/vSphere/default/vmkboot.gz,gPXE/0.9.7,-,HTTP/1.0,46210,404, +2,,2009-07-20 22:59:29.000,0,info,0,,,,192.168.202.254,GET,-,,/vmw/vSphere/default/vmkernel.gz,gPXE/0.9.7,-,HTTP/1.0,78929,200, EOF @@ -395,8 +406,8 @@ run_test ${lnav_test} -n \ ${test_dir}/logfile_access_log.0 check_output "loglevel collator is not working" <,2009-07-20 22:59:29.000,3000,error,0,,,,192.168.202.254,GET,-,,/vmw/vSphere/default/vmkboot.gz,gPXE/0.9.7,-,HTTP/1.0,46210,404 +log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_filters,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status,cs_host +1,,2009-07-20 22:59:29.000,3000,error,0,,,,192.168.202.254,GET,-,,/vmw/vSphere/default/vmkboot.gz,gPXE/0.9.7,-,HTTP/1.0,46210,404, EOF run_test ${lnav_test} -n \ @@ -1033,8 +1044,8 @@ run_test ${lnav_test} -n \ ${test_dir}/logfile_syslog_with_access_log.0 check_output "access_log not found within syslog file" <,2015-03-24 14:02:50.000,6927348000,info,0,,,,127.0.0.1,GET,,,/includes/js/combined-javascript.js,,-,HTTP/1.1,65508,200 +log_line,log_part,log_time,log_idle_msecs,log_level,log_mark,log_comment,log_tags,log_filters,c_ip,cs_method,cs_referer,cs_uri_query,cs_uri_stem,cs_user_agent,cs_username,cs_version,sc_bytes,sc_status,cs_host +1,,2015-03-24 14:02:50.000,6927348000,info,0,,,,127.0.0.1,GET,,,/includes/js/combined-javascript.js,,-,HTTP/1.1,65508,200, EOF