package main

import (
	"fmt"
	"github.com/gemsi/grok"
)

func main() {
//	event()
	systemlog()
}

func event() {
	g, _ := grok.New()
	p := map[string]string {
		"MONTHDAY":                      `(?:(?:0[1-9])|(?:[12][0-9])|(?:3[01])|[1-9])`,
		"MONTHNUM":                      `(?:0?[1-9]|1[0-2])`,
		"HOUR":                          `(?:2[0123]|[01]?[0-9])`,
		"MINUTE":                        `(?:[0-5][0-9])`,
		"SECOND":                        `(?:(?:[0-5][0-9]|60)(?:[:.,][0-9]+)?)`,
		"TIME":                          `([^0-9]?)%{HOUR}:%{MINUTE}(?::%{SECOND})([^0-9]?)`,
		"YEAR":                          `(\d\d){1,2}`,
		"MX_SOURCE":                     `[a-zA-Z0-9._-]+`,
		"MX_SERVERITY":                  `[\p{Han}]{2}`,
		"MX_EVENTID":                    `[0-9]+`,
		"MX_CLASS":                      `[\p{Han}a-zA-Z0-9/]+`,
		"MX_SUMMARY":                    `.+`,
		"MX_CDATETIME":                  `%{YEAR}[/-]%{MONTHNUM}[/-]%{MONTHDAY} %{TIME}`,
		"MX_EVENT_WINDOWS_LOG":          `%{MX_SERVERITY}\t%{MX_CDATETIME}\t%{MX_SOURCE}\t%{MX_EVENTID}\t%{MX_CLASS}\t%{MX_SUMMARY}`,
	}
	for k, v := range p {
		fmt.Printf("%s:%s\n",k,v)
	}
	g.AddPatternsFromMap(p)

	msg := `错误	2015/10/08 18:19:10	Microsoft-Windows-EapHost	4390	日志记录/恢复	SettingSyncHost (9152) 无法创建新的日志文件，因为数据库无法写入日志驱动器。该驱动器可能为只读、磁盘空间不足、配置错误或已损坏。错误 -1032。`
	ok, _ := g.Match("%{MX_EVENT_WINDOWS_LOG}", msg)
	if !ok {
		fmt.Printf("%s\n", "error")
	}
	values, err := g.Parse("%{MX_EVENT_WINDOWS_LOG}", msg)
	if err != nil {
		fmt.Printf("%s\n", err.Error())
	}
	fmt.Println("-----------------------------------------------")
	for k, v := range values {
		fmt.Printf("%+15s: %s\n", k, v)
	}
}

func systemlog() {
	g, _ := grok.New()
	p := map[string]string {
		"MONTHDAY":                  `(?:(?:0[1-9])|(?:[12][0-9])|(?:3[01])|[1-9])`,
		"MONTHNUM":                  `(?:0?[1-9]|1[0-2])`,
		"HOUR":                      `(?:2[0123]|[01]?[0-9])`,
		"MINUTE":                    `(?:[0-5][0-9])`,
		"SECOND":                    `(?:(?:[0-5][0-9]|60)(?:[:.,][0-9]+)?)`,
		"TIME":                      `([^0-9]?)%{HOUR}:%{MINUTE}(?::%{SECOND})([^0-9]?)`,
		"YEAR":                      `(\d\d){1,2}`,
		"MX_SERVERITY":              `[A-Z]{2,8}`,
		"MX_TYPE":                   `\[[a-zA-Z0-9/.-_]+\]`,
		"MX_SUMMARY":                `.+`,
		"MX_CDATETIME":              `%{YEAR}[/-]%{MONTHNUM}[/-]%{MONTHDAY} %{TIME},[0-9]{3}`,
		"MX_CAS_SYSTEMLOG":          `%{MX_SERVERITY}[\s]{1,4}%{MX_TYPE}[\s]%{MX_CDATETIME}\s%{MX_SUMMARY}`,
	}
	for k, v := range p {
		fmt.Printf("%s:%s\n",k,v)
	}
	g.AddPatternsFromMap(p)

	msg := `INFO  [main] 2015-11-04 18:01:56,789 Index.java:95 - Initializing Lucene index`
	ok, _ := g.Match("%{MX_CAS_SYSTEMLOG}", msg)
	if !ok {
		fmt.Printf("%s\n", "error")
	}
	values, err := g.Parse("%{MX_CAS_SYSTEMLOG}", msg)
	if err != nil {
		fmt.Printf("%s\n", err.Error())
	}
	fmt.Println("-----------------------------------------------")
	for k, v := range values {
		fmt.Printf("%+15s: %s\n", k, v)
	}
}