#!/usr/bin/python

# Kototama kototama-code [at] altern [dot] org
# public domain

# script extrayant les logs de snoopy de auth.log

# jui 11 17:41:35 kototama snoopy[12721]: [user, uid:0 sid:954]: bash
# donnera : 'user                      bash      (11 jui 17:41:35)'

import sys
import re

AUTH_FILE = "/var/log/auth.log"
#AUTH_FILE = "./auth2.log"

if __name__ == '__main__':
    
    try:
        f = open(AUTH_FILE)
    except Exception, detail:
        print "Error:", detail
        sys.exit(-1)

    #jui 11 17:41:35 kototama snoopy[12721]: [user, uid:0 sid:954]: bash
    # ^   ^     ^             ^                ^        ^              ^
    # 1   2     3              4                5       6              7

    regex = re.compile("(.*?) (.*?) (.*?) .*? (.*?) \[(.*), .*?:(.*\]:?) (.*)")

    line = f.readline()
    while (line):
        if line.find("snoopy"):
            r = regex.search(line)
            if r != None and r.group(4)[:6] == "snoopy":
                print'%s  %60s \t(%s %s %s)' % (r.group(5), r.group(7), \
                                                r.group(2), r.group(1), \
                                                r.group(3))
        line = f.readline()
    f.close()