utmp log file, IBM AIX version: Go parsing library

This spec can be used to parse utmp, wtmp and other similar as created by IBM AIX.

KS implementation details

License: CC0-1.0

This page hosts a formal specification of utmp log file, IBM AIX version using Kaitai Struct. This specification can be automatically translated into a variety of programming languages to get a parsing library.

Go source code to parse utmp log file, IBM AIX version

aix_utmp.go

Download 

// Code generated by kaitai-struct-compiler from a .ksy source file. DO NOT EDIT.

import "github.com/kaitai-io/kaitai_struct_go_runtime/kaitai"


/**
 * This spec can be used to parse utmp, wtmp and other similar as created by IBM AIX.
 * @see <a href="https://www.ibm.com/docs/en/aix/7.1?topic=files-utmph-file">Source</a>
 */

type AixUtmp_EntryType int
const (
	AixUtmp_EntryType__Empty AixUtmp_EntryType = 0
	AixUtmp_EntryType__RunLvl AixUtmp_EntryType = 1
	AixUtmp_EntryType__BootTime AixUtmp_EntryType = 2
	AixUtmp_EntryType__OldTime AixUtmp_EntryType = 3
	AixUtmp_EntryType__NewTime AixUtmp_EntryType = 4
	AixUtmp_EntryType__InitProcess AixUtmp_EntryType = 5
	AixUtmp_EntryType__LoginProcess AixUtmp_EntryType = 6
	AixUtmp_EntryType__UserProcess AixUtmp_EntryType = 7
	AixUtmp_EntryType__DeadProcess AixUtmp_EntryType = 8
	AixUtmp_EntryType__Accounting AixUtmp_EntryType = 9
)
var values_AixUtmp_EntryType = map[AixUtmp_EntryType]struct{}{0: {}, 1: {}, 2: {}, 3: {}, 4: {}, 5: {}, 6: {}, 7: {}, 8: {}, 9: {}}
func (v AixUtmp_EntryType) isDefined() bool {
	_, ok := values_AixUtmp_EntryType[v]
	return ok
}
type AixUtmp struct {
	Records []*AixUtmp_Record
	_io *kaitai.Stream
	_root *AixUtmp
	_parent kaitai.Struct
}
func NewAixUtmp() *AixUtmp {
	return &AixUtmp{
	}
}

func (this AixUtmp) IO_() *kaitai.Stream {
	return this._io
}

func (this *AixUtmp) Read(io *kaitai.Stream, parent kaitai.Struct, root *AixUtmp) (err error) {
	this._io = io
	this._parent = parent
	this._root = root

	for i := 0;; i++ {
		tmp1, err := this._io.EOF()
		if err != nil {
			return err
		}
		if tmp1 {
			break
		}
		tmp2 := NewAixUtmp_Record()
		err = tmp2.Read(this._io, this, this._root)
		if err != nil {
			return err
		}
		this.Records = append(this.Records, tmp2)
	}
	return err
}
type AixUtmp_ExitStatus struct {
	TerminationCode int16
	ExitCode int16
	_io *kaitai.Stream
	_root *AixUtmp
	_parent *AixUtmp_Record
}
func NewAixUtmp_ExitStatus() *AixUtmp_ExitStatus {
	return &AixUtmp_ExitStatus{
	}
}

func (this AixUtmp_ExitStatus) IO_() *kaitai.Stream {
	return this._io
}

func (this *AixUtmp_ExitStatus) Read(io *kaitai.Stream, parent *AixUtmp_Record, root *AixUtmp) (err error) {
	this._io = io
	this._parent = parent
	this._root = root

	tmp3, err := this._io.ReadS2be()
	if err != nil {
		return err
	}
	this.TerminationCode = int16(tmp3)
	tmp4, err := this._io.ReadS2be()
	if err != nil {
		return err
	}
	this.ExitCode = int16(tmp4)
	return err
}

/**
 * process termination status
 */

/**
 * process exit status
 */
type AixUtmp_Record struct {
	User string
	InittabId string
	Device string
	Pid uint64
	Type AixUtmp_EntryType
	Timestamp int64
	ExitStatus *AixUtmp_ExitStatus
	Hostname string
	DblWordPad int32
	ReservedA []byte
	ReservedV []byte
	_io *kaitai.Stream
	_root *AixUtmp
	_parent *AixUtmp
}
func NewAixUtmp_Record() *AixUtmp_Record {
	return &AixUtmp_Record{
	}
}

func (this AixUtmp_Record) IO_() *kaitai.Stream {
	return this._io
}

func (this *AixUtmp_Record) Read(io *kaitai.Stream, parent *AixUtmp, root *AixUtmp) (err error) {
	this._io = io
	this._parent = parent
	this._root = root

	tmp5, err := this._io.ReadBytes(int(256))
	if err != nil {
		return err
	}
	tmp5 = tmp5
	this.User = string(tmp5)
	tmp6, err := this._io.ReadBytes(int(14))
	if err != nil {
		return err
	}
	tmp6 = tmp6
	this.InittabId = string(tmp6)
	tmp7, err := this._io.ReadBytes(int(64))
	if err != nil {
		return err
	}
	tmp7 = tmp7
	this.Device = string(tmp7)
	tmp8, err := this._io.ReadU8be()
	if err != nil {
		return err
	}
	this.Pid = uint64(tmp8)
	tmp9, err := this._io.ReadS2be()
	if err != nil {
		return err
	}
	this.Type = AixUtmp_EntryType(tmp9)
	tmp10, err := this._io.ReadS8be()
	if err != nil {
		return err
	}
	this.Timestamp = int64(tmp10)
	tmp11 := NewAixUtmp_ExitStatus()
	err = tmp11.Read(this._io, this, this._root)
	if err != nil {
		return err
	}
	this.ExitStatus = tmp11
	tmp12, err := this._io.ReadBytes(int(256))
	if err != nil {
		return err
	}
	tmp12 = tmp12
	this.Hostname = string(tmp12)
	tmp13, err := this._io.ReadS4be()
	if err != nil {
		return err
	}
	this.DblWordPad = int32(tmp13)
	tmp14, err := this._io.ReadBytes(int(8))
	if err != nil {
		return err
	}
	tmp14 = tmp14
	this.ReservedA = tmp14
	tmp15, err := this._io.ReadBytes(int(24))
	if err != nil {
		return err
	}
	tmp15 = tmp15
	this.ReservedV = tmp15
	return err
}

/**
 * User login name
 */

/**
 * /etc/inittab id
 */

/**
 * device name (console, lnxx)
 */

/**
 * process id
 */

/**
 * Type of login
 */

/**
 * time entry was made
 */

/**
 * the exit status of a process marked as DEAD PROCESS
 */

/**
 * host name
 */