Slow Friday today, so was digging through my $HOME and found some graphs I was generating a few months ago. I wanted to create some graphs showing the number of connections to a server, and stumbled on CairoPlot.

Show me pretty pictures
Graph generated by CairoPlot

Unfortunately, I believe I hacked my CairoPlot.py file to make the dots and pulled some stuff from other repositories, so the code might not give the same results. You may want to try the trunk. But the general point still exists that it is really easy to use, and the library is really easy to hack. To make the graph above I just ran:


#!/usr/bin/python
colors = [ (0.2, .3, .65), (0.5, 0.7, .1), (.35, .2, .45), ]
graphData = {}
graphData['server1'] = [ 20, 12, 42, 14, 11, 35 ]
graphData['server2'] = [ 18, 23, 10, 17, 23, 25 ]
CairoPlot.dot_line_plot("./graphs/blog", graphData, 500, 500, axis = True, grid = True, dots = True, series_colors = colors)

Obviously this is really easy to script, so you can parse your syslog files, append them to the graphData dictionary corresponding to the server, and bam you have a full report of everything happening etc. What I did was use the datetime module to sort events into time buckets that were then used as graphs, giving a view of 24 hours or whatever the period entered was.

Parsing syslog
I will give you a hand here too. In python, to parse syslog, I used a module called pyparsing. It uses a parsing language which is pretty easy to understand if you give it 20 minutes or so. Ie to parse the syslog lines I was looking for, I did the following:


month = Word(string.uppercase, string.lowercase, exact=3)
integer = Word( nums )
ipAddress = delimitedList( integer, ".", combine=True )
serverDateTime = Combine( month + " " + integer + " " + integer + ":" + integer + ":" + integer )
hostname = Word( alphas + nums + "_" + "-" )
daemon = Word(alphas) + Suppress("[") + integer + Suppress("]:")
ip = Suppress("remote IP address ") + ipAddress
bnf = serverDateTime + ipAddress + daemon + ip

for line in syslogFile:
try:
fields = bnf.parseString(line)
...

Keep in mind I did this very quick, so I am sure it can be refactored a bunch, just an example.

Tags: , , ,