Hello, I want to read audit.log file (json format) using python to get the audit_record details but json.load or json.loads is not for for it.
Any suggestions?
Hi Nitika,
I don’t think there should be any issue with parsing the audit log(json format) content using Python.
Just a simple example I am sharing below:
Sample Audit.log File Content:
{"audit_record":{"name":"Query","record":"13149_2021-06-30T15:03:11","timestamp":"2021-06-30T15:07:58 UTC","command_class":"show_databases","connection_id":"2","status":0,"sqltext":"show databases","user":"root[root] @ localhost []","host":"localhost","os_user":"mysql","ip":"1.2.3.4","db":"testing"}}
Python Code:
import json
# Open the audit log file in read mode
with open('Audit.log', 'r') as f:
# Use the json.load() function to parse the contents of the file into a dictionary
audit_log = json.load(f)
# Access the contents of the dictionary using keys and values
for key1, value1 in audit_log.items():
print(key1, value1)
for key2, value2 in value1.items():
print(key2, value2)
Result:
audit_record {'name': 'Query', 'record': '13149_2021-06-30T15:03:11', 'timestamp': '2021-06-30T15:07:58 UTC', 'command_class': 'show_databases', 'connection_id': '2', 'status': 0, 'sqltext': 'show databases', 'user': 'root[root] @ localhost []', 'host': 'localhost', 'os_user': 'mysql', 'ip': '1.2.3.4', 'db': 'testing'}
name Query
record 13149_2021-06-30T15:03:11
timestamp 2021-06-30T15:07:58 UTC
command_class show_databases
connection_id 2
status 0
sqltext show databases
user root[root] @ localhost []
host localhost
os_user mysql
ip 1.2.3.4
db testing
1 Like