Untitled

avatar
unknown
plain_text
2 years ago
2.5 kB
5
Indexable
Bookmark Index: 570000
Purging Logs...
Bookmark Line: 2023-05-14T06:09:00+00:00 LONSTBYRDEV02 tag_audit_log: type=CRYPTO_KEY_USER msg=audit(1684040930.591:68351274): pid=13413 uid=0 auid=3007 ses=1963406 msg='op=destroy kind=server fp=SHA256:af:60:43:39:43:24:13:d0:e6:2a:eb:b4:90:a8:ae:be:cf:e2:51:ec:4d:fc:bd:7c:54:cc:2a:70:13:0d:b7:b5 direction=? spid=13413 suid=0  exe="/usr/sbin/sshd" hostname=? addr=10.72.208.221 terminal=? res=success'

Traceback (most recent call last):
  File "/App/jar/KPI/syslog_purging_linecache.py", line 141, in <module>
    purge_logs()
  File "/App/jar/KPI/syslog_purging_linecache.py", line 123, in purge_logs
    line_date = datetime.datetime.strptime(timestamp, "%Y-%m-%dT%H:%M:%S+00:00")
  File "/home/CAPEUSER/Python/python-3.10.10/lib/python3.10/_strptime.py", line 568, in _strptime_datetime
    tt, fraction, gmtoff_fraction = _strptime(data_string, format)
  File "/home/CAPEUSER/Python/python-3.10.10/lib/python3.10/_strptime.py", line 349, in _strptime
    raise ValueError("time data %r does not match format %r" %
ValueError: time data '\n' does not match format '%Y-%m-%dT%H:%M:%S+00:00'


This is the purge logs further after getting Bookmark Line-

bookmark_timestamp = get_timestamp_from_line(bookmark_line)

        # Calculate the purging date (retention_period days before the bookmark timestamp)
        bookmark_date = datetime.datetime.strptime(bookmark_timestamp, "%Y-%m-%dT%H:%M:%S+00:00")
        purging_date = bookmark_date - datetime.timedelta(days=retention_period)

        # Perform the log purging
        lines_to_keep = []
        lines_purged = 0  # Counter for purged lines
        with open(syslog_file, "r") as file:
            for line in file:
                timestamp = get_timestamp_from_line(line)
                line_date = datetime.datetime.strptime(timestamp, "%Y-%m-%dT%H:%M:%S+00:00")
                if line_date > purging_date:
                    lines_to_keep.append(line)
                else:
                    lines_purged += 1

        # Write the lines to keep back to the syslog file
        with open(syslog_file, "w") as file:
            file.writelines(lines_to_keep)

        print("Purging Completed")
        print(f"Lines Purged: {lines_purged}")
        print("Printing First Two Lines:")
        with open(syslog_file, "r") as file:
            print(file.readline())
            print(file.readline())
Editor is loading...