#!/usr/bin/env python
"""
# simple program to format a CEDPS best-practice style and send it to syslog-ng
# For more information, see: http://www.cedps.net/

Usage: gen_log.py -e event [-h hostname][-p port][-q][name=value ...]
"""

import os, sys, time, getopt, socket, syslog

def usage(prog):
    sys.stdout = sys.stderr
    print 'Usage: %s -e eventname  [-h hostname][-p port][-q][name=value ...] ' % (prog)
    print '     -h hostname (default = localhost)'
    print '     -p port (default = standard syslog port 514) '
    print '     -q = quiet mode: no status messages '
    sys.exit(2)

if __name__ == '__main__':
        
    event = tag = host = port = ""
    quiet = 0
    try:
        options, args = getopt.getopt(sys.argv[1:], 'e:h:p:q')
    except getopt.error, E:
        usage(sys.argv[0])
        sys.exit(1)

    for opt,val in options:
        if opt == '-e':
            event = val
        elif opt == '-h':
            host = val
        elif opt == '-p':
            port = val
        elif opt == '-q':
            quiet = 1

    if port:
        port = int(port)
    else:
        port = 514   # default syslogd port

    if event == "":
        print "Error: Missing Argument"
        usage(sys.argv[0])

    tm = time.time()
    tm_i = int(tm)
    # build ISO date
    dt = "%04d-%02d-%02dT%02d:%02d:%02d" % time.gmtime(tm)[0:6]
    dt += '.%06dZ' % int((tm - tm_i) * 1e6)

    rest = ""
    #insert quotes around remaining name=value pairs if they contain a space
    for arg in args:
        parts = arg.split('=',1)
        if len(parts) <= 1:
            print "Error: additional args not name=value pairs, '=' not found"
            sys.exit(1)
        if ((parts[1].find(" ")) > 0):  # if value contains a space
            nvp = "%s=\"%s\" " % (parts[0], parts[1]) # build name value pair with quotes
            #print "fixed nvp:", nvp
            rest += nvp
        else:
            rest += arg

    logline = "ts=%s event=%s %s" % (dt, event, rest)

    if len(logline) > 1400: # to make sure that the message is not too big, should be less than a MTU
        print "Error: message too long"
        sys.exit(1)

    if host == "":  # send to local syslogd
        if not quiet:
            print "sending to syslog: ", logline
	syslog.syslog(logline)
    else:
	# build syslog 'priority'
        pri =   "<%d>" % (syslog.LOG_USER + syslog.LOG_INFO)

	# build syslog formatted date
        localtime = time.localtime()
        day = time.strftime("%d", localtime)
        if day[0] == "0":
            day = " " + day[1:]  # syslog RFC says this MUST be a space
        val = time.strftime("%b %%s %H:%M:%S", localtime)
	date = val % day

        addr = (host,port)
        UDPSock = socket.socket(socket.AF_INET,socket.SOCK_DGRAM)
	localhost = socket.gethostname() 
	syslog_msg = "%s%s %s cedps-logger: %s" % (pri, date, localhost, logline)
        if not quiet:
            print "sending to %s: %s " % (host, syslog_msg)
	try:
            UDPSock.sendto(syslog_msg,addr)
	except:
	    print "Error sending to ", addr
        UDPSock.close()

    if not quiet:
        print "message sent"