I had a need to look for certain commands in a list of Oracle audit logs what had been tarred and zipped (*.tar.gz format). I created a list with an ls command:
ls *.gz > dean.txt
I then used the below python code to read through the zipped tar balls looking for certain strings:
#!/usr/bin/python
import tarfile,os
import sys
list_of_tar = open('dean.txt', 'r')
for tar_name in list_of_tar:
tar_name = tar_name.rstrip()
print tar_name
tar = tarfile.open(tar_name,'r:gz')
for member in tar.getnames():
file_name=tar.extractfile(member)
for line in file_name:
line = line.lower()
if 'alter ' in line:
if ' system ' in line:
if 'kill' in line:
print tar_name, member , line
tar.close()
This was a quick and dirty python to fulfill an immediate need. With more time the search condition could be improved.
