From 75a917b6b8c53d530eb97c2c397167a14eddbcbc Mon Sep 17 00:00:00 2001
From: Jean-Louis Huynen <huynenjl@gmail.com>
Date: Tue, 28 Jan 2020 10:48:19 +0100
Subject: [PATCH] chg: [sshd] sshd parses logline and pushed to redis

---
 conf.sample/redis   |  1 -
 logparser/parser.go |  7 +++--
 logparser/sshd.go   | 77 +++++++++++++++++----------------------------
 main.go             | 11 +++++--
 4 files changed, 41 insertions(+), 55 deletions(-)
 delete mode 100644 conf.sample/redis

diff --git a/conf.sample/redis b/conf.sample/redis
deleted file mode 100644
index 5d6f103..0000000
--- a/conf.sample/redis
+++ /dev/null
@@ -1 +0,0 @@
-localhost:6380/2
diff --git a/logparser/parser.go b/logparser/parser.go
index 6359e65..22f268b 100644
--- a/logparser/parser.go
+++ b/logparser/parser.go
@@ -1,13 +1,14 @@
 package logparser
 
+import "github.com/gomodule/redigo/redis"
+
 type (
 	// Parser provides the interface for a Parser
 	// It should provide:
+	//  Set to assign a redis connection to it
 	//  Parse to parse a line of log
-	//  GetAttributes to get list of attributes (map keys)
 	Parser interface {
+		Set(*redis.Conn)
 		Parse(string) error
-		Push() error
-		Pop() map[string]string
 	}
 )
diff --git a/logparser/sshd.go b/logparser/sshd.go
index 1df6b63..c71d108 100644
--- a/logparser/sshd.go
+++ b/logparser/sshd.go
@@ -2,7 +2,6 @@ package logparser
 
 import (
 	"fmt"
-	"log"
 	"regexp"
 	"strconv"
 	"time"
@@ -10,27 +9,15 @@ import (
 	"github.com/gomodule/redigo/redis"
 )
 
-// Sshd is a struct that corresponds to a line
-type Sshd struct {
-	Date string
-	Host string
-	User string
-	Src  string
-}
-
 // SshdParser Holds a struct that corresponds to a sshd log line
 // and the redis connection
 type SshdParser struct {
-	logs Sshd
-	r    *redis.Conn
+	r *redis.Conn
 }
 
-// New Creates a new sshd parser
-func New(rconn *redis.Conn) *SshdParser {
-	return &SshdParser{
-		logs: Sshd{},
-		r:    rconn,
-	}
+// Set set the redic connection to this parser
+func (s *SshdParser) Set(rconn *redis.Conn) {
+	s.r = rconn
 }
 
 // Parse parses a line of sshd log
@@ -54,43 +41,37 @@ func (s *SshdParser) Parse(logline string) error {
 	parsedTime, _ := time.ParseInLocation("Jan 02 15:04:05 2006", md["date"], loc)
 	md["date"] = string(strconv.FormatInt(parsedTime.Unix(), 10))
 
-	// Pushing logline in redis
-	redislog := fmt.Sprintf("HMSET %v:%v username \"%v\" src \"%v\"", md["date"], md["host"], md["username"], md["src"])
-	a, err := r.Do(redislog)
-	fmt.Println(a)
-	if err != nil {
-		log.Fatal("Could connect to the Redis database")
+	// Pushing loglines in database 0
+	if _, err := r.Do("SELECT", 0); err != nil {
+		r.Close()
+		return err
 	}
-	today := time.Now()
-	// Statistics
-	dailysrc := fmt.Sprintf("ZINCBY %v%v%v:statssrc 1 %v", today.Year(), int(today.Month()), today.Day(), md["src"])
-	_, err = r.Do(dailysrc)
+	_, err := redis.Bool(r.Do("HSET", fmt.Sprintf("%v:%v", md["date"], md["host"]), "username", md["username"], "src", md["src"]))
 	if err != nil {
-		log.Fatal("Could connect to the Redis database")
+		r.Close()
+		return err
 	}
-	dailyusername := fmt.Sprintf("ZINCBY %v%v%v:statsusername 1 %v", today.Year(), int(today.Month()), today.Day(), md["username"])
-	fmt.Println(dailyusername)
-	_, err = r.Do(dailyusername)
-	if err != nil {
-		log.Fatal("Could connect to the Redis database")
+
+	// Pushing statistics in database 1
+	if _, err := r.Do("SELECT", 1); err != nil {
+		r.Close()
+		return err
 	}
-	dailyhost := fmt.Sprintf("ZINCBY %v%v%v:statshost 1 %v", today.Year(), int(today.Month()), today.Day(), md["host"])
-	_, err = r.Do(dailyhost)
+	_, err = redis.String(r.Do("ZINCRBY", fmt.Sprintf("%v%v%v:statssrc", parsedTime.Year(), int(parsedTime.Month()), parsedTime.Day()), 1, md["src"]))
 	if err != nil {
-		log.Fatal("Could connect to the Redis database")
+		r.Close()
+		return err
+	}
+	_, err = redis.String(r.Do("ZINCRBY", fmt.Sprintf("%v%v%v:statsusername", parsedTime.Year(), int(parsedTime.Month()), parsedTime.Day()), 1, md["username"]))
+	if err != nil {
+		r.Close()
+		return err
+	}
+	_, err = redis.String(r.Do("ZINCRBY", fmt.Sprintf("%v%v%v:statshost", parsedTime.Year(), int(parsedTime.Month()), parsedTime.Day()), 1, md["host"]))
+	if err != nil {
+		r.Close()
+		return err
 	}
 
 	return nil
 }
-
-// Push pushed the parsed line into redis
-func (s *SshdParser) Push() error {
-	//TODO
-	return nil
-}
-
-// Pop returns the list of attributes
-func (s *SshdParser) Pop() map[string]string {
-	//TODO
-	return nil
-}
diff --git a/main.go b/main.go
index 235b38a..2d842fa 100644
--- a/main.go
+++ b/main.go
@@ -111,6 +111,7 @@ func main() {
 	}
 	rd4.redisQueue = string(config.ReadConfigFile(*confdir, "redis_queue"))
 	// Connect to D4 Redis
+	// TODO use DialOptions to Dial with a timeout
 	redisD4, err = redis.Dial("tcp", rd4.redisHost+":"+rd4.redisPort, redis.DialDatabase(rd4.redisDB))
 	if err != nil {
 		log.Fatal(err)
@@ -149,8 +150,9 @@ func main() {
 				if err != nil {
 					log.Fatal("Could connect to the Redis database")
 				}
-				sshd := logparser.New(&sshdrcon)
-				torun = append(torun, sshd)
+				sshd := logparser.SshdParser{}
+				sshd.Set(&sshdrcon)
+				torun = append(torun, &sshd)
 			}
 		}
 	} else if *specific != "" {
@@ -178,7 +180,10 @@ func main() {
 
 		// Run the parsers
 		for _, v := range torun {
-			v.Parse(logline)
+			err := v.Parse(logline)
+			if err != nil {
+				log.Fatal(err)
+			}
 		}
 
 	}