100x'ed sa speed, fixed avg request length/time display, updated readme

QpxDesign · Feb 13, 2024 · d998dfc · d998dfc
1 parent 82cd186
commit d998dfc
Show file tree

Hide file tree

Showing 3 changed files with 55 additions and 44 deletions.
diff --git a/src/utils/keep_line.rs b/src/utils/keep_line.rs
@@ -18,50 +18,54 @@ pub fn keep_line(parsed_line: LineParseResult) -> bool {
         if !ARGS.plain_text.is_none() && ARGS.plain_text == Some(true) {
             if !parsed_line
                 .full_text
-                .contains(&ARGS.search.clone().unwrap().to_string())
+                .contains(&ARGS.search.to_owned().unwrap().to_string())
             {
                 return false;
             }
         } else {
-            let re = Regex::new(&ARGS.search.clone().unwrap().to_string()).unwrap();
+            let re = Regex::new(&ARGS.search.to_owned().unwrap().to_string()).unwrap();
             if !re.is_match(&parsed_line.full_text) {
                 return false;
             }
         }
     }
     if !ARGS.start_date.is_none() && ARGS.end_date.is_none() {
         if parse_nginx_time_format(&parsed_line.time)
-            < parse_input_time(ARGS.start_date.clone().unwrap(), tz.to_string())
+            < parse_input_time(ARGS.start_date.to_owned().unwrap(), tz.to_string())
         {
             return false;
         }
     }
     if !ARGS.end_date.is_none() && ARGS.start_date.is_none() {
         if parse_nginx_time_format(&parsed_line.time)
-            > parse_input_time(ARGS.end_date.clone().unwrap(), tz.to_string())
+            > parse_input_time(ARGS.end_date.to_owned().unwrap(), tz.to_string())
         {
             return false;
         }
     }
     if !ARGS.start_date.is_none()
         && !ARGS.end_date.is_none()
         && (parse_nginx_time_format(&parsed_line.time)
-            > parse_input_time(ARGS.end_date.clone().unwrap(), tz.to_string())
+            > parse_input_time(ARGS.end_date.to_owned().unwrap(), tz.to_string())
             || parse_nginx_time_format(&parsed_line.time)
-                < parse_input_time(ARGS.start_date.clone().unwrap(), tz.to_string()))
+                < parse_input_time(ARGS.start_date.to_owned().unwrap(), tz.to_string()))
     {
         return false;
     }
-    if !ARGS.host.is_none() && parsed_line.host != ARGS.host.clone().unwrap() {
+    if !ARGS.host.is_none() && parsed_line.host != ARGS.host.to_owned().unwrap() {
         return false;
     }
-    if !ARGS.request.is_none() && !parsed_line.request.contains(&ARGS.request.clone().unwrap()) {
+    if !ARGS.request.is_none()
+        && !parsed_line
+            .request
+            .contains(&ARGS.request.to_owned().unwrap())
+    {
         return false;
     }
-    if !ARGS.http_status.is_none() && parsed_line.status != ARGS.http_status.clone().unwrap() {
+    if !ARGS.http_status.is_none() && parsed_line.status != ARGS.http_status.to_owned().unwrap() {
         return false;
     }
-    if !ARGS.referer.is_none() && parsed_line.referer != ARGS.referer.clone().unwrap() {
+    if !ARGS.referer.is_none() && parsed_line.referer != ARGS.referer.to_owned().unwrap() {
         return false;
     }
     let start = SystemTime::now();

diff --git a/src/utils/session_analytics.rs b/src/utils/session_analytics.rs
@@ -1,7 +1,6 @@
 use crate::utils::parse_line::parse_line;
-use crate::utils::{parse_line, sessionize::sessionize};
+use crate::utils::{parse_line, parse_nginx_time_format, sessionize::sessionize};
 use std::collections::HashMap;
-use std::path;
 
 struct HostPath {
     path: String,
@@ -10,30 +9,43 @@ struct HostPath {
 struct SessionAnalysisStats {
     total_count: i64,
     host_paths: HashMap<String, HostPath>,
-    average_request_count: usize,
+    average_request_count: i64,
     average_request_length: i64,
+    request_count_sum: i64,
+    request_length_sum: i64,
 }
 pub fn session_analytics(log_selection: Vec<crate::structs::LineParseResult::LineParseResult>) {
     let mut sessions = sessionize(log_selection);
     let mut stats: SessionAnalysisStats = SessionAnalysisStats {
         total_count: 0,
         host_paths: HashMap::new(),
         average_request_count: 0,
+        request_count_sum: 0,
+        request_length_sum: 0,
         average_request_length: 0,
     };
 
-    stats.average_request_count =
-        (stats.average_request_count as usize) / ((stats.total_count + 1) as usize);
-    stats.average_request_length = stats.average_request_length / (stats.total_count + 1);
-
     let mut ips_text: String = "".to_string();
     let mut ip_index = 0;
 
     sessions.sort_by_key(|a| a.sessions.len());
     sessions.reverse();
     for s in sessions {
         stats.total_count += 1;
+        stats.request_count_sum += i64::try_from(s.lines.len()).unwrap();
         let mut host_path: Vec<String> = [].to_vec();
+        for ses in s.sessions.clone() {
+            if ses.len() > 1 {
+                stats.request_length_sum += parse_nginx_time_format::parse_nginx_time_format(
+                    &parse_line(ses[ses.len() - 1].as_str()).time,
+                )
+                .timestamp()
+                    - parse_nginx_time_format::parse_nginx_time_format(
+                        &parse_line(ses[0].as_str()).time,
+                    )
+                    .timestamp();
+            }
+        }
         for l in s.lines {
             let a = parse_line(l.as_str()).host;
             if host_path.len() == 0 || host_path[host_path.len() - 1] != a {
@@ -75,7 +87,9 @@ pub fn session_analytics(log_selection: Vec<crate::structs::LineParseResult::Lin
     }
     let mut host_text: String = "".to_string();
     let mut h_index = 0;
-    let a: Vec<&HostPath> = stats.host_paths.values().collect();
+    let mut a: Vec<&HostPath> = stats.host_paths.values().collect();
+    a.sort_by_key(|a| a.count);
+    a.reverse();
     for path_entry in a {
         if h_index < 5 {
             host_text = host_text
@@ -108,8 +122,8 @@ IPS WITH MOST SESSIONS
 {ips_txt}
     ",
         stats_tc = stats.total_count,
-        stats_arc = stats.average_request_count,
-        stats_asl = stats.average_request_length,
+        stats_arc = stats.request_count_sum / stats.total_count,
+        stats_asl = (stats.request_length_sum / stats.total_count) / 60,
         h_text = host_text,
         ips_txt = ips_text
     )

diff --git a/src/utils/sessionize.rs b/src/utils/sessionize.rs
@@ -19,7 +19,7 @@ pub fn sessionize(
         if parsed_line.ip_address != "-" {
             let time: DateTime<Utc> = parse_nginx_time_format(parsed_line.time.as_str());
             if !occurrences.contains_key(&parsed_line.ip_address) {
-                let cl = parsed_line.ip_address.clone();
+                let cl = parsed_line.ip_address.to_owned();
                 let mut l = Vec::new();
                 l.push(parsed_line.full_text);
                 let mut t = Vec::new();
@@ -44,31 +44,24 @@ pub fn sessionize(
                     .unwrap()
                     .times
                     .push(time);
-                let entry: Option<&SessionOccurrences> = occurrences.get(&parsed_line.ip_address);
-                if entry.is_some() {
-                    let mut sessions: Vec<Vec<String>> = Vec::new();
-                    let mut index = 0;
-                    let mut tmp: Vec<String> = Vec::new();
-                    for l in &entry.unwrap().times {
-                        if index == 0 {
-                            tmp.push(entry.unwrap().lines[0].clone());
-                        } else if l.timestamp() - entry.unwrap().times[index - 1].timestamp()
-                            < session_cutoff_min * 60
-                        {
-                            tmp.push(entry.unwrap().lines[index].clone());
-                        } else {
-                            sessions.push(tmp.clone());
+            }
+        }
+    }
+
+    for entry in occurrences.values_mut() {
+        let mut index = 0;
+        let mut tmp: Vec<String> = Vec::new();
+        for l in &entry.times {
+            if index == 0 {
+                tmp.push(entry.lines[0].clone());
+            } else if l.timestamp() - entry.times[index - 1].timestamp() < session_cutoff_min * 60 {
+                tmp.push(entry.lines[index].clone());
+            } else {
+                entry.sessions.push(tmp);
 
-                            tmp = Vec::new();
-                        }
-                        index += 1;
-                    }
-                    occurrences
-                        .get_mut(&parsed_line.ip_address)
-                        .unwrap()
-                        .sessions = sessions;
-                }
+                tmp = Vec::new();
             }
+            index += 1;
         }
     }
     return occurrences.into_values().collect();