How it works...

We begin with by importing libraries for argument handling and logging, followed by the built-in libraries we need to parse and validate the log information. These include the re regular expression library and shlex lexical analyzer library. We also include sys and csv for handling the output of log messages and reports. We initialize the recipe's logging object by calling the getLogger() method.

from __future__ import print_functionfrom argparse import ArgumentParser, FileTypeimport reimport shleximport loggingimport sysimport csvlogger = logging.getLogger(__file__)

Following the imports, we define patterns for the fields we will parse from the logs. This information may vary a bit between logs, though the patterns expressed ...

Get Python Digital Forensics Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.