0

I am running Python 3.8.6 on Windows-10 machine.

I have been running a python script to parse log files with no issues until now, recently I migrated to rsyslog server running on Ubuntu.

The script fails on:

fields_data = re_data.match(line)

with error"

'NoneType' object has no attribute 'group'

Log string stored in variable 'line':

2020-12-18 13:34:37 - ive - [173.168.115.108] username(CCC Digital Certs)[All_Users] - Agent login succeeded for username/CCC Digital Certs from 173.168.115.108 with Pulse-Secure/9.0.3.1667 (Windows 10) Pulse/9.0.3.1667.#015

RegEx expression:

re_data = re.compile(r'(\d{4}.\d{2}.\d{2})\s(\d+.\d+.\d+)\s.+\[(\d+\.\d+\.\d+\.\d+)\]\s(\w+)')

I've tested the regex expression on line with the string shown below and it gives me the correct answer of 4 groups Date, Time, IP, Name.

Code:

fields_data = re_data.match(line)
out_file.write(f'{fields_data.group(1)},{fields_data.group(2)},{fields_data.group(3)},{fields_data.group(4)},login\n')
Improve this question
0

1 Answer 1

Reset to default
1

You are clearly not processing a line with a match. See re.match documentation

re.match(pattern, string, flags=0)
If zero or more characters at the beginning of string match the regular expression pattern, return a corresponding match object. Return None if the string does not match the pattern; note that this is different from a zero-length match. (emphasis mine)

Avoid this error by checking:

fields_data = re_data.match(line)
if fields_data and len(fields_data.groups()) > 4: # 0 + 4 groups == 5 minimum
    out_file.write(f'{fields_data.group(1)},{fields_data.group(2)},'
                   f'{fields_data.group(3)},{fields_data.group(4)},login\n')
else:
    print(f"Not a match: '{line}'")

or error handling (would suggest using checking here):

fields_data = re_data.match(line)
try:
    out_file.write(f'{fields_data.group(1)},{fields_data.group(2)},'
                   f'{fields_data.group(3)},{fields_data.group(4)},login\n')
except AttributeError: 
     pass

This kind of error often happens if you feed it "empty" lines in between or at the end of the file. Might want to check for that:

if not line.strip(): continue  # skip empty lines
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I read through the re.match documentation as suggested and I found th eproblem the new syslog server is adding a space at the front of the string, and you were correct the match fails. I corrected the error by putting the blank space in the search pattern. Now the script is running again. Thank You.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.