feat(aa-log): add --raw option.

cmd/aa-log/main.go

@@ -29,6 +29,7 @@ Options:
     -f, --file FILE    Set a logfile or a suffix to the default log file.
     -s, --systemd      Parse systemd logs from journalctl.
     -r, --rules        Convert the log into AppArmor rules.
+    -R, --raw          Print the raw log without any formatting.
 
 `
 
@@ -38,6 +39,7 @@ var (
 	rules   bool
 	path    string
 	systemd bool
+	raw     bool
 )
 
 func aaLog(logger string, path string, profile string) error {
@@ -56,6 +58,11 @@ func aaLog(logger string, path string, profile string) error {
 		return err
 	}
 
+	if raw {
+		fmt.Print(logs.Raw(file, profile))
+		return nil
+	}
+
 	aaLogs := logs.NewApparmorLogs(file, profile)
 	if rules {
 		profiles := aaLogs.ParseToProfiles()
@@ -77,6 +84,8 @@ func init() {
 	flag.BoolVar(&systemd, "systemd", false, "Parse systemd logs from journalctl.")
 	flag.BoolVar(&rules, "r", false, "Convert the log into AppArmor rules.")
 	flag.BoolVar(&rules, "rules", false, "Convert the log into AppArmor rules.")
+	flag.BoolVar(&raw, "R", false, "Print the raw log without any formatting.")
+	flag.BoolVar(&raw, "raw", false, "Print the raw log without any formatting.")
 }
 
 func main() {

pkg/logs/loggers.go

@@ -5,13 +5,18 @@
 package logs
 
 import (
+	"bufio"
 	"bytes"
 	"encoding/json"
+	"fmt"
 	"io"
 	"os"
 	"os/exec"
 	"path/filepath"
+	"regexp"
 	"strings"
+
+	"github.com/roddhjav/apparmor.d/pkg/util"
 )
 
 // LogFiles is the list of default path to query
@@ -29,7 +34,7 @@ type systemdLog struct {
 func GetAuditLogs(path string) (io.Reader, error) {
 	file, err := os.Open(filepath.Clean(path))
 	if err != nil {
-		return nil, err
+		return file, err
 	}
 	return file, err
 }
@@ -87,3 +92,31 @@ func SelectLogFile(path string) string {
 	}
 	return ""
 }
+
+func Raw(file io.Reader, profile string) string {
+	res := ""
+	isAppArmorLog := isAppArmorLogTemplate.Copy()
+	if profile != "" {
+		exp := `apparmor=("DENIED"|"ALLOWED"|"AUDIT")`
+		exp = fmt.Sprintf(exp+`.* (profile="%s.*"|label="%s.*")`, profile, profile)
+		isAppArmorLog = regexp.MustCompile(exp)
+	}
+
+	// Select Apparmor logs
+	scanner := bufio.NewScanner(file)
+	for scanner.Scan() {
+		line := scanner.Text()
+		if isAppArmorLog.MatchString(line) {
+			res += line + "\n"
+		}
+	}
+
+	// Clean & remove doublon in logs
+	for _, aa := range regCleanLogs {
+		res = aa.Regex.ReplaceAllLiteralString(res, aa.Repl)
+	}
+	logs := strings.Split(res, "\n")
+	logs = util.RemoveDuplicate(logs)
+
+	return strings.Join(logs, "\n")
+}

pkg/logs/loggers_test.go

@@ -78,7 +78,7 @@ func TestSelectLogFile(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			if got := SelectLogFile(tt.path); got != tt.want {
-				t.Errorf("getLogFile() = %v, want %v", got, tt.want)
+				t.Errorf("SelectLogFile() = %v, want %v", got, tt.want)
 			}
 		})
 	}