imp_mongodb/parser.go

// parser
package main

import (
	"log"
	"strings"
	"time"
)

type Banner struct {
	Legit string `json:"legit" bson:"legit"`
	Spam  string `json:"spam" bson:"spam"`
	Virus string `json:"virus" bson:"virus"`
}

type Heloehlo struct {
	Legit string `json:"legit" bson:"legit"`
	Spam  string `json:"spam" bson:"spam"`
	Virus string `json:"virus" bson:"virus"`
}

type Auth struct {
	Legit string `json:"legit" bson:"legit"`
	Spam  string `json:"spam" bson:"spam"`
	Virus string `json:"virus" bson:"virus"`
}

type Mailfrom struct {
	Legit string `json:"legit" bson:"legit"`
	Spam  string `json:"spam" bson:"spam"`
	Virus string `json:"virus" bson:"virus"`
}

type Rcptto struct {
	Legit string `json:"legit" bson:"legit"`
	Spam  string `json:"spam" bson:"spam"`
	Virus string `json:"virus" bson:"virus"`
}

type Data struct {
	Legit string `json:"legit" bson:"legit"`
	Spam  string `json:"spam" bson:"spam"`
	Virus string `json:"virus" bson:"virus"`
}

type Content struct {
	Legit string `json:"legit" bson:"legit"`
	Spam  string `json:"spam" bson:"spam"`
	Virus string `json:"virus" bson:"virus"`
}

type Rate struct {
	Smtpp    string `json:"smtpp" bson:"smtpp"`
	Contentp string `json:"contentp" bson:"contentp"`
	Totalp   string `json:"totalp" bson:"totalp"`
}

type MongoImp struct {
	Host     string    `json:"host"`
	Date     time.Time `json:"date"`
	Banner   Banner    `json:banner`
	Heloehlo Heloehlo  `json:heloehlo`
	Auth     Auth      `json:auth`
	Mailfrom Mailfrom  `json:mailfrom`
	Rcptto   Rcptto    `json:rcptto`
	Data     Data      `json:data`
	Content  Content   `json:content`
	Rate     Rate      `json:rate`
}

func parse(body string, stime time.Time) {

	lines := strings.Split(body, "\n")

	mimp := MongoImp{}

	for ind := range lines {
		//		fmt.Println(lines[ind])
		if strings.HasPrefix(lines[ind], "#") {
			h := strings.Split(lines[ind], ":")
			log.Printf("Host: %s - Date: %s\n", h[3], h[4])
			mimp.Host = h[3]
			mimp.Date = stime
		} else if strings.HasPrefix(lines[ind], "counters") {
			k := strings.Split(lines[ind], ";")
			//			fmt.Printf("%s = %s\n", k[0], k[1])
			key := strings.Split(k[0], "/")
			//			fmt.Printf("Keys: %s - %s - %s\n", key[0], key[1], key[2])
			if key[0] == "counters" {
				switch key[1] {
				case "banner":
					switch key[2] {
					case "legit":
						mimp.Banner.Legit = k[1]
					case "spam":
						mimp.Banner.Spam = k[1]
					case "virus":
						mimp.Banner.Virus = k[1]
					}
				case "heloehlo":
					switch key[2] {
					case "legit":
						mimp.Heloehlo.Legit = k[1]
					case "spam":
						mimp.Heloehlo.Spam = k[1]
					case "virus":
						mimp.Heloehlo.Virus = k[1]
					}
				case "auth":
					switch key[2] {
					case "legit":
						mimp.Auth.Legit = k[1]
					case "spam":
						mimp.Auth.Spam = k[1]
					case "virus":
						mimp.Auth.Virus = k[1]
					}
				case "mailfrom":
					switch key[2] {
					case "legit":
						mimp.Mailfrom.Legit = k[1]
					case "spam":
						mimp.Mailfrom.Spam = k[1]
					case "virus":
						mimp.Mailfrom.Virus = k[1]
					}
				case "rcptto":
					switch key[2] {
					case "legit":
						mimp.Rcptto.Legit = k[1]
					case "spam":
						mimp.Rcptto.Spam = k[1]
					case "virus":
						mimp.Rcptto.Virus = k[1]
					}
				case "data":
					switch key[2] {
					case "legit":
						mimp.Data.Legit = k[1]
					case "spam":
						mimp.Data.Spam = k[1]
					case "virus":
						mimp.Data.Virus = k[1]
					}
				case "content":
					switch key[2] {
					case "legit":
						mimp.Content.Legit = k[1]
					case "spam":
						mimp.Content.Spam = k[1]
					case "virus":
						mimp.Content.Virus = k[1]
					}
				case "rate":
					switch key[2] {
					case "smtpp":
						mimp.Rate.Smtpp = k[1]
					case "contentp":
						mimp.Rate.Contentp = k[1]
					case "totalp":
						mimp.Rate.Totalp = k[1]
					}
				}
			}
		}
	}

	err := opts.ll.Insert(mimp)
	if err != nil {
		log.Println("Insert Errro: ", err)
	}
	//	fmt.Printf("%+v\n", mimp)
}