diff --git a/logparser/parser_test.go b/logparser/parser_test.go index 0f60dd2..0288bfe 100644 --- a/logparser/parser_test.go +++ b/logparser/parser_test.go @@ -52,6 +52,12 @@ var expected = map[int]map[string]string{ "username": "", "src": "185.56.8.191", }, + 7: map[string]string{ + "date": "Feb 3 06:50:51", + "host": "sigmund", + "username": "apples", + "src": "37.117.180.69", + }, } func TestSshdParser(t *testing.T) { @@ -65,7 +71,7 @@ func TestSshdParser(t *testing.T) { scanner := bufio.NewScanner(f) c := 0 for scanner.Scan() { - re := regexp.MustCompile(`^(?P[[:alpha:]]{3}\s\d{2}\s\d{2}:\d{2}:\d{2}) (?P[^ ]+) sshd\[[[:alnum:]]+\]: Invalid user (?P.*) from (?P.*$)`) + re := regexp.MustCompile(`^(?P[[:alpha:]]{3} {1,2}\d{1,2}\s\d{2}:\d{2}:\d{2}) (?P[^ ]+) sshd\[[[:alnum:]]+\]: Invalid user (?P.*) from (?P.*$)`) n1 := re.SubexpNames() r2 := re.FindAllStringSubmatch(scanner.Text(), -1)[0] diff --git a/logparser/test.log b/logparser/test.log index c6cab41..028f24b 100644 --- a/logparser/test.log +++ b/logparser/test.log @@ -4,4 +4,5 @@ Jan 22 11:34:46 sigmund sshd[26125]: Invalid user atpco from 177.152.124.21 Jan 22 11:33:07 sigmund sshd[26109]: Invalid user ki from 49.233.183.158 Jan 22 11:29:16 sigmund sshd[26091]: Invalid user a.min from 185.56.8.191 Jan 22 11:29:16 sigmund sshd[26091]: Invalid user from 185.56.8.191 -Jan 22 11:29:16 sigmund sshd[26091]: Invalid user from 185.56.8.191 \ No newline at end of file +Jan 22 11:29:16 sigmund sshd[26091]: Invalid user from 185.56.8.191 +Feb 3 06:50:51 sigmund sshd[12611]: Invalid user apples from 37.117.180.69 \ No newline at end of file diff --git a/main.go b/main.go index 9242cdf..aaa8d55 100644 --- a/main.go +++ b/main.go @@ -166,7 +166,7 @@ func main() { } sshdrcon2, err := redisParsers.Dial() if err != nil { - log.Fatal("Could not connect to Line one Redis") + log.Fatal("Could not connect to Line two Redis") } sshd := logparser.SshdParser{} sshd.Set(&sshdrcon1, &sshdrcon2)