Relating to main issue Fudge#21, adding in a tshark source. Currently…

… only parses DNS requests
pyro2927 · Apr 25, 2012 · 7435c02 · 7435c02
1 parent 279753c
commit 7435c02
Show file tree

Hide file tree

Showing 5 changed files with 53 additions and 5 deletions.
diff --git a/lib/gl_tail.rb b/lib/gl_tail.rb
@@ -87,9 +87,11 @@ module GlTail
 
 # sources represent event sources defaults to ssh tail
 # future options: JMS queue, spread.org, local tail, etc
-require 'gl_tail/sources/base'
-require 'gl_tail/sources/ssh'
-require 'gl_tail/sources/local'
+# require 'gl_tail/sources/base'
+# require 'gl_tail/sources/ssh'
+# require 'gl_tail/sources/local'
+# switched to require all sources
+Dir.glob( "#{File.dirname(__FILE__)}/gl_tail/sources/*.rb" ).each {|f| require f }
 
 %w( engine activity block item element parser resolver blob_store font_store).each {|f| require "gl_tail/#{f}" }
 

diff --git a/lib/gl_tail/config/yaml_parser.rb b/lib/gl_tail/config/yaml_parser.rb
@@ -40,7 +40,9 @@ def parse_servers
 
         if data['source'] && data['source'].downcase == 'local'
           src = GlTail::Source::Local.new(@config)
-        else 
+        elsif data['source'] && data['source'].downcase == 'tshark'
+          src = GlTail::Source::TShark.new(@config)
+        else
           src = GlTail::Source::SSH.new(@config)
         end
 

diff --git a/lib/gl_tail/sources/local.rb b/lib/gl_tail/sources/local.rb
@@ -15,6 +15,7 @@ def init
         end
 
         def process
+          # tail our local file, and parse each line using the parser defined in our config file
           @log.tail(1) { |line|
             parser.parse(line) 
           }

diff --git a/lib/gl_tail/sources/ssh.rb b/lib/gl_tail/sources/ssh.rb
@@ -101,7 +101,7 @@ def do_tail( file, command )
           channel.on_close do |ch|
             ch[:closed] = true
           end
-
+          # after we have read out information from the stream, run our command again
           channel.exec "#{command} #{file}  "
 
           puts "Pushing #{host}\n" if($VRB > 0 || $DBG > 0)

diff --git a/lib/gl_tail/sources/tshark.rb b/lib/gl_tail/sources/tshark.rb
@@ -0,0 +1,43 @@
+require 'pty'
+module GlTail
+  module Source
+
+    class TShark < Base
+      config_attribute :source, "The type of Source"
+
+        def init
+          @lines = []
+          Thread.new do #start thread
+            begin
+              PTY.spawn( "tshark" ) do |stdin, stdout, pid|
+                begin
+                  # Do stuff with the output here. Just printing to show it works
+                  stdin.each { |line|
+                    if(line.include?('DNS Standard query A'))
+                      @lines.push(line) 
+                    end
+                  }
+                rescue Errno::EIO
+                  # puts "Errno:EIO error, but this probably just means " +
+                  #                       "that the process has finished giving output"
+                end
+              end
+            rescue PTY::ChildExited
+              puts "Tshark has exited!"
+            end
+          end #end thread
+        end
+
+        def process
+          unless @lines.length == 0
+            parser.parse(@lines[0]) 
+            @lines.delete_at(0)
+          end
+        end
+
+        def update
+        end
+
+    end
+  end
+end