Skip to main content

fail2ban_log_parser_core/parser/
mod.rs

1mod date;
2mod event;
3mod header;
4mod ip;
5mod jail;
6mod level;
7mod pid;
8mod time;
9mod timestamp;
10
11pub use event::Fail2BanEvent;
12pub use header::Fail2BanHeaderType;
13pub use level::Fail2BanLevel;
14
15use std::net::IpAddr;
16
17use chrono::{DateTime, Utc};
18use winnow::Parser;
19
20use crate::parser::{
21    event::parse_event, header::parse_header, ip::parse_ip, jail::parse_jail, level::parse_level,
22    pid::parse_pid, timestamp::parse_timestamp,
23};
24use winnow::ascii::multispace1;
25
26#[derive(Debug, Clone, PartialEq, Default)]
27#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
28pub struct Fail2BanStructuredLog<'a> {
29    timestamp: Option<DateTime<Utc>>,
30    header: Option<Fail2BanHeaderType>,
31    pid: Option<u32>,
32    level: Option<Fail2BanLevel>,
33    #[cfg_attr(feature = "serde", serde(borrow))]
34    jail: Option<&'a str>,
35    event: Option<Fail2BanEvent>,
36    ip: Option<IpAddr>,
37}
38
39impl Fail2BanStructuredLog<'_> {
40    #[must_use]
41    pub fn ip(&self) -> Option<&IpAddr> {
42        self.ip.as_ref()
43    }
44
45    #[must_use]
46    pub fn event(&self) -> Option<&Fail2BanEvent> {
47        self.event.as_ref()
48    }
49
50    #[must_use]
51    pub fn jail(&self) -> Option<&str> {
52        self.jail
53    }
54
55    #[must_use]
56    pub fn level(&self) -> Option<&Fail2BanLevel> {
57        self.level.as_ref()
58    }
59
60    #[must_use]
61    pub fn pid(&self) -> Option<u32> {
62        self.pid
63    }
64
65    #[must_use]
66    pub fn header(&self) -> Option<&Fail2BanHeaderType> {
67        self.header.as_ref()
68    }
69
70    #[must_use]
71    pub fn timestamp(&self) -> Option<DateTime<Utc>> {
72        self.timestamp
73    }
74}
75
76pub(crate) fn parse_log_line<'a>(input: &mut &'a str) -> winnow::Result<Fail2BanStructuredLog<'a>> {
77    let timestamp = parse_timestamp.parse_next(input)?;
78    multispace1.parse_next(input)?;
79    let header = parse_header.parse_next(input)?;
80    multispace1.parse_next(input)?;
81    let pid = parse_pid.parse_next(input)?;
82    multispace1.parse_next(input)?;
83    let level = parse_level.parse_next(input)?;
84    multispace1.parse_next(input)?;
85    let jail = parse_jail.parse_next(input)?;
86    multispace1.parse_next(input)?;
87    let event = parse_event.parse_next(input)?;
88    multispace1.parse_next(input)?;
89    let ip = parse_ip.parse_next(input)?;
90
91    Ok(Fail2BanStructuredLog {
92        timestamp,
93        header,
94        pid,
95        level,
96        jail,
97        event,
98        ip,
99    })
100}