allSystemsGo Posted January 29, 2013 Share Posted January 29, 2013 (edited) Hi, everybody. I am new to this so bear with me. As part of my sysadmin responsibilities, I monitor several logs. I decided to try my hand at making a script that would combine them into one window for viewing and be able to use some tools within the same interface. So far, I am trying this with just one log. I want to be able to read the log, search within the log for certain strings of text, and be able to launch a network tool called Fing. I have all of this working except for the find function. I open the file, then read the file within a text box that is generated by Koda form generator. I want to be able to search within the text of that file. Any help is appreciated. I will post the code below. Edit** Forgot to paste the #include portion. expandcollapse popup#include <ButtonConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <WindowsConstants.au3> #include <GuiEdit.au3> Local $file = FileOpen("z:\logs\server.log", 0) ; Check if file opened for reading OK If $file = -1 Then MsgBox(0, "Error", "Unable to open file.") Exit EndIf $text = FileRead($file) #Region ### START Koda GUI section ### Form=c:\program files\autoit3\scripts\form.kxf $Form1_1 = GUICreate("Server Log", 615, 438, 192, 124) $Fing = GUICtrlCreateButton("Fing", 440, 24, 113, 57, $BS_ICON) $Find = GUICtrlCreateButton("Find", 440, 112, 113,57) $hEdit= GUICtrlCreateEdit($text, 64, 24, 505, 233, _ BitOR($ES_AUTOVSCROLL, $WS_VSCROLL, $ES_MULTILINE, $WS_HSCROLL, $ES_NOHIDESEL)) GUICtrlSetImage(-1, "C:\Users\User1\Downloads\overlook-fing-2.1.exe", -1) $Edit1 = GUICtrlCreateEdit("", 32, 0, 393, 417) GUICtrlSetData(-1, $text) GUISetState(@SW_SHOW) #EndRegion ### END Koda GUI section ### MouseMove (232, 156) MouseClick ("left", 232, 156) Send ("{CTRLDOWN}" & "{END}") sleep (15) Send ("{CTRLUP}") While 1 $nMsg = GUIGetMsg() Select Case $nMsg = $GUI_EVENT_CLOSE ExitLoop Case $nMsg=$Fing Run(@ComSpec & " /c " & "C:\fing.lnk") Case $nMsg=$Find _GUICtrlEdit_Find($hEdit) EndSelect WEnd FileClose($file) Edited January 29, 2013 by zsutton92 Link to comment Share on other sites More sharing options...
kylomas Posted January 29, 2013 Share Posted January 29, 2013 (edited) zsutton92, A couple questions / observations: 1 - Your edit controls are overlapping. Also, based on your description I would guess that you want to populate one edit control with the contents of the log file and show search results in the other edit control. However, you are currently populating both edit controls with the contents of the file. 2 - Nothing in your description needs "mouse moves", "mouse clicks" or "sends". What is the intent with these functions? 3 - To offer and real advice for searching we will need to see an example of the log file. kylomas edit: and your buttons do not show Edited January 29, 2013 by kylomas Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
allSystemsGo Posted January 29, 2013 Author Share Posted January 29, 2013 (edited) zsutton92,A couple questions / observations:1 - Your edit controls are overlapping. Also, based on your description I would guess that you want to populate one edit control with the contents of the log file and show search results in the other edit control. However, you are currently populating both edit controls with the contents of the file.2 - Nothing in your description needs "mouse moves", "mouse clicks" or "sends". What is the intent with these functions?3 - To offer and real advice for searching we will need to see an example of the log file.kylomasedit: and your buttons do not show1. The $hEdit came into play with the Find function that I am trying to perform...the $Edit1 control was made by the Koda designer. I tried removing the $Edit1, but this removes the text area that the log gets imported to.2. The mouse moves makes the cursor move to the end of the document, just like CRTL+END does in Notepad...Like I said I am new to this and was the only way I had figured to make it happen. I know it can cause problems if there are other windows open at the time.3. The log I am viewing is just a simple text file generated by a FTP server. I want to be able to search for keywords such as "banned" like I can do in Notepad..but I want to be able to do it in one interface, not having to open up several instances of text viewers. Eventually it will have tabs to be able to switch between the different files...(or at least I am hoping.)edit: The buttons show when the script is ran....Hope that can help you help me...Thanks! Edited January 29, 2013 by zsutton92 Link to comment Share on other sites More sharing options...
kylomas Posted January 29, 2013 Share Posted January 29, 2013 zsutton92, Excellent, what results do you want from a search? kylomas Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
allSystemsGo Posted January 29, 2013 Author Share Posted January 29, 2013 zsutton92,Excellent, what results do you want from a search?kylomasMuch like what happens within Notepad.exe. If you use the shortcut CTRL+F (this does not work with the method I am using) you get the "Find:" and a field to type text in to. I just want to be able to type in a word such as "banned" and then if the word is found within the text then it highlights it. If I hit "Find Next" it should move on to the next instance. So far the Find function seems to work, but it always returns that there was no instance found, when I know for sure that it is there. So my guess is that the way it is written at this point, that it is not searching the file that is open. How do I point it to the same text that is being opened in the OpenFile, ReadFile functions? Link to comment Share on other sites More sharing options...
Moderators JLogan3o13 Posted January 29, 2013 Moderators Share Posted January 29, 2013 (edited) Take a look at _FileReadToArray in the help file. You should be able to read the contents of the file into the array, and then search through it, much more quickly. Edited January 29, 2013 by JLogan3o13 "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum! Link to comment Share on other sites More sharing options...
kylomas Posted January 29, 2013 Share Posted January 29, 2013 (edited) zsutton92, This works for me. I made several changes: 1 - Moved "fileclose" to after you read the file 2 - Reformatted the gui. This is just a model for you to build on. ** Personal opinion - get familiar with the gui building commands and code the gui manually. I've used koda once or twice with mixed results. 3 - File name changed so I could run the code. Just change it back. expandcollapse popup#include <ButtonConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <WindowsConstants.au3> #include <GuiEdit.au3> Local $file = FileOpen(@scriptdir & '\bb\schd.txt', 0) ; Check if file opened for reading OK If $file = -1 Then MsgBox(0, "Error", "Unable to open file.") Exit EndIf $text = FileRead($file) FileClose($file) $gui010 = GUICreate("Server Log", 800,700) $Fing = GUICtrlCreateButton("Fing", 20,670,100,20, $BS_ICON) $Find = GUICtrlCreateButton("Find", 200, 670, 100, 20) guictrlcreatelabel('Log File Contents',25,5,100,15) $hEdit = GUICtrlCreateEdit('', 20, 20, 760, 640, _ BitOR($ES_AUTOVSCROLL, $WS_VSCROLL, $ES_MULTILINE, $WS_HSCROLL, $ES_NOHIDESEL)) GUICtrlSetImage(-1, "C:\Users\User1\Downloads\overlook-fing-2.1.exe", -1) GUICtrlSetData($hedit, $text) GUISetState(@SW_SHOW) While 1 $nMsg = GUIGetMsg() Select Case $nMsg = $GUI_EVENT_CLOSE ExitLoop Case $nMsg = $Fing Run(@ComSpec & " /c " & "C:\fing.lnk") Case $nMsg = $Find _GUICtrlEdit_Find($hEdit) EndSelect WEnd The find works as advertised. It highlights the match and will move to the next match with "Find Next". The edit control can be positioned to the end of the data but I forget how. I'll look it up and get back to you. kylomas edit: with regard to JLogan3o13's advice, when we get that far that can be one possible way to read multiple files. Edited January 29, 2013 by kylomas Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
kylomas Posted January 29, 2013 Share Posted January 29, 2013 zsutton92,So my guess is that the way it is written at this point, that it is not searching the file that is open.The _guictrledit_find command is not searching a file, it is searching the edit control. I would not use this, however, as the find dialog box disappears behind the main gui once it loses focus. You can move it to a different part of the screen but this is a pain in the ass. There are probably workaround for this.kylomas Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
allSystemsGo Posted January 29, 2013 Author Share Posted January 29, 2013 (edited) zsutton92,The _guictrledit_find command is not searching a file, it is searching the edit control. I would not use this, however, as the find dialog box disappears behind the main gui once it loses focus. You can move it to a different part of the screen but this is a pain in the ass. There are probably workaround for this.kylomasOhh, okay. I have tried your code, and while I like the layout better, the buttons are not working for me...Edit---I used some of the original code...now the Fing button launched Fing.exe, but the Find button does not do anything (noticeable) and the exit button does not work. I have to kill the process in order to exit. Edited January 29, 2013 by zsutton92 Link to comment Share on other sites More sharing options...
kylomas Posted January 29, 2013 Share Posted January 29, 2013 (edited) zsutton92, Only tried the find button and it works for me... edit: re-post the code if the find button does not work... Edited January 29, 2013 by kylomas Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
allSystemsGo Posted January 29, 2013 Author Share Posted January 29, 2013 zsutton92, Only tried the find button and it works for me... edit: re-post the code if the find button does not work... expandcollapse popup#include #include #include #include #include DriveMapAdd("z:","\\server\share", 1, "user", "Pass") Local $file = FileOpen("z:\logs\server.log", 0) ; Check if file opened for reading OK If $file = -1 Then MsgBox(0, "Error", "Unable to open file.") Exit EndIf $text = FileRead($file) FileClose($file) $gui010 = GUICreate("Server Log", 800,700) $Fing = GUICtrlCreateButton("Fing", 20,670,100,20, $BS_ICON) $Find = GUICtrlCreateButton("Find", 200, 670, 100, 20) guictrlcreatelabel('Log File Contents',25,5,100,15) $hEdit = GUICtrlCreateEdit('', 20, 20, 760, 640, _ BitOR($ES_AUTOVSCROLL, $WS_VSCROLL, $ES_MULTILINE, $WS_HSCROLL, $ES_NOHIDESEL)) GUICtrlSetData($hedit, $text) GUISetState(@SW_SHOW) While 1 $nMsg = GUIGetMsg() Select Case $nMsg = $GUI_EVENT_CLOSE ExitLoop Case $nMsg=$Fing Run(@ComSpec & " /c " & "C:\fing.lnk") Case $nMsg=$Find _GUICtrlEdit_Find($hEdit) EndSelect WEnd FileClose($file) Edited code for security reasons....added mapdrive function.. Going home for the day...can pick back up tomorrow. Link to comment Share on other sites More sharing options...
kylomas Posted January 29, 2013 Share Posted January 29, 2013 zsutton92, The "find" button works for me using the gui def and message loop copied directly from your posted code. Also, you can remove the "fileclose" from the buttom of your script. kylomas Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
kylomas Posted January 30, 2013 Share Posted January 30, 2013 zsutton92,You might be interested in reading thread. There are a couple of examples of how sysadmin's handle local and remote logs. Just search all forums.kylomas Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
allSystemsGo Posted January 30, 2013 Author Share Posted January 30, 2013 Okay...I finally have the code working. Is there a way that you can make the Find function of the code, search from the end of the text up, instead from the beginning down? Link to comment Share on other sites More sharing options...
kylomas Posted January 30, 2013 Share Posted January 30, 2013 (edited) zsutton92,Is there a way that you can make the Find function of the code, search from the end of the text up, instead from the beginning down?I've never used the the edit control find function before, but I don't see anything in the doc or dialog that supports this.Before we get into how to search we need to know what we are searching.1 - How much data with all files combined?2 - Is all data in the same format?3 - Is there a date/time stamp or sequence number that these files can be sorted on?kylomasedit: another log viewer! Edited January 30, 2013 by kylomas Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
LarryDalooza Posted January 30, 2013 Share Posted January 30, 2013 Okay...I finally have the code working. Is there a way that you can make the Find function of the code, search from the end of the text up, instead from the beginning down?Perhaps _StringReverse() the data and the search string... search... then do math. AutoIt has helped make me wealthy Link to comment Share on other sites More sharing options...
allSystemsGo Posted January 30, 2013 Author Share Posted January 30, 2013 zsutton92,I've never used the the edit control find function before, but I don't see anything in the doc or dialog that supports this.Before we get into how to search we need to know what we are searching.1 - How much data with all files combined?2 - Is all data in the same format?3 - Is there a date/time stamp or sequence number that these files can be sorted on?kylomasedit: another log viewer!1. The data is just a log for an FTP server...its an ever-growing .txt file. Basically what I look for in this log is to see if any IP addresses have been banned recently, then I record the addresses in a file that I keep up with so that I know that they are malicious. That file is not included in this script, as of yet. 2. Like I said, its just a .txt file...nothing special.3. There is a date/time stamp on every entry. Link to comment Share on other sites More sharing options...
kylomas Posted January 30, 2013 Share Posted January 30, 2013 zsutton92,I monitor several logs. I decided to try my hand at making a script that would combine them into one window for viewingThese will have to be merged in some manner, presumably chronological order. To make a reasonable decision for managing this data we need to know:1 - how large the composite is2 - the file formatHow we search the file(s) largely depend on the answers for these questions. Can you post a portion of the log? Did you read the topic that I pointed you to?kylomas Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
allSystemsGo Posted January 30, 2013 Author Share Posted January 30, 2013 i read the topic you pointed me to....it was not really what I was looking for. I just want to be able to open one exe and have all my logs right there, preferably in tabbed sections. Here is a portion of the log....particularly the portion that I will be searching for... (002732) 5/18/2012 17:52:57 PM - (not logged in) (184.107.169.146)> USER Administrador (002732) 5/18/2012 17:52:57 PM - (not logged in) (184.107.169.146)> 331 Password required for administrador (002732) 5/18/2012 17:53:07 PM - (not logged in) (184.107.169.146)> PASS ****** (002732) 5/18/2012 17:53:07 PM - (not logged in) (184.107.169.146)> 530 Login or password incorrect! (002732) 5/18/2012 17:53:31 PM - (not logged in) (184.107.169.146)> USER Administrador (002732) 5/18/2012 17:53:31 PM - (not logged in) (184.107.169.146)> 331 Password required for administrador (002732) 5/18/2012 17:53:48 PM - (not logged in) (184.107.169.146)> PASS ****** (002732) 5/18/2012 17:53:48 PM - (not logged in) (184.107.169.146)> 530 Login or password incorrect! (002732) 5/18/2012 17:54:29 PM - (not logged in) (184.107.169.146)> USER Administrador (002732) 5/18/2012 17:54:29 PM - (not logged in) (184.107.169.146)> 331 Password required for administrador (002732) 5/18/2012 17:54:59 PM - (not logged in) (184.107.169.146)> PASS ****** (002732) 5/18/2012 17:54:59 PM - (not logged in) (184.107.169.146)> 421 Temporarily banned for too many failed login attempts I monitor this log to check on any unauthorized activity on the FTP server. Usually, I will cross-reference the IP and scan it to see if there were any malicious services running on it. This size of this file is rather large for a .txt file...83MB and growing. Thinking there may be a way to break this log down into individual files for every new day. If this is the case there would be no need to search "up" the file, because then all the data would be new to me. Link to comment Share on other sites More sharing options...
kylomas Posted January 30, 2013 Share Posted January 30, 2013 zsutton92,I decided to try my hand at making a script that would combine them into one windowYou want each log in a seperate tab? How many?83MB is not really large. Regardless, based on the format you've posted it would be very easy to parse out data. One possibility is a dialog with 5 or 7 tabs, each tab representing a day's worth of data. You would then have a rolling week's worth of logs.kylomas allSystemsGo 1 Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now