Databases
StackOverflow2013
Postsdbo
POAppropriate Data Organization for Parsing file
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POAppropriate Data Organization for Parsing file
    text
    copied!<p>Right now I'm working on project to parse the nmap-os-db file which is part of the NMap source code. It contains entries similar to this:</p> <pre><code># Apple Time Capsule, firmware 7.3.1 # Apple Airport Extreme # Linux 2.6.25.18-0.2-default #1 SMP 2008-10-21 16:30:26 +0200 x86_64 x86_64 x86_64 GNU/Linux Fingerprint Apple AirPort Extreme WAP or Time Capsule NAS device (NetBSD) Class Apple | embedded || storage-misc Class Apple | embedded || WAP CPE cpe:/h:apple:airport_extreme SEQ(SP=CC-D8%GCD=1-6%ISR=D7-E1%TI=I%II=I%SS=S%TS=0) OPS(O1=M5B4NW0NNT01SNN%O2=M5B4NW0NNT01SNN%O3=M5B4NW0NNT01%O4=M5B4NW0NNT01SNN%O5=M5B4NW0NNT01SNN%O6=M5B4NNT01SNN) WIN(W1=8000%W2=8000%W3=8000%W4=8000%W5=8000%W6=8000) ECN(R=Y%DF=Y%T=3B-45%TG=40%W=8000%O=M5B4NW0SNN%CC=N%Q=) T1(R=Y%DF=Y%T=3B-45%TG=40%S=O%A=S+%F=AS%RD=0%Q=) T2(R=Y%DF=N%T=3B-45%TG=40%W=0%S=Z%A=S%F=AR%O=%RD=0%Q=) T3(R=Y%DF=Y%T=3B-45%TG=40%W=8000%S=O%A=S+%F=AS%O=M5B4NW0NNT01SNN%RD=0%Q=) T4(R=Y%DF=N%T=3B-45%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=) T5(R=Y%DF=N%T=3B-45%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=) T6(R=Y%DF=N%T=3B-45%TG=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=) T7(R=Y%DF=N%T=3B-45%TG=40%W=0%S=Z%A=S%F=AR%O=%RD=0%Q=) U1(DF=N%T=FA-104%TG=FF%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=I%RUCK=G%RUD=G) IE(DFI=N%T=FA-104%TG=FF%CD=S) </code></pre> <p>The requirements I have is after parsing this text file with approximately 3000 entries very similar to the above. I need to be able to make summary statistics, as in print out every possible value on the right of the equal sign for the SP test inside of the SEQ line and it's relative percentage. I also need to be able to bring up the entire entry if necessary and potentially group them into similar products, as in Apple with Apple, Microsoft with Microsoft, etc. </p> <p>Below I have the code for the structs I have done that have let me complete the summary and individual entry requirements. I have no trouble parsing out the information, just want to know if there is a better way to keep track of them.</p> <pre><code>//Holds a test value typedef struct { char *name; int numberOccurences; void *nextValue; } Value; //Holds all the possible values for a given test typedef struct { char *name; Value *value_head; int totalOccurences; void *nextTest; } Test; //Create probe type to hold the all the possible tests for a given probe typedef struct { char *name; Test *test_head; void *nextProbe; } Probe; typedef struct { char *classLine; char *manufacturer; char *product; void *nextClass; } PrintClass; //Create type to hold all the gathered fingerprints typedef struct { char *name; //char **class; //int numClass; PrintClass *class_head; char **cpe; int numCPE; char **probes; int numProbes; void *nextPrint; } Fingerprint; typedef struct { char *name; void *nextProduct; } Product; typedef struct { char *manufacturer; Product *product_head; void *nextGroup; } PrintGroup; </code></pre> <p>My main issue is I'm concerned that what I have may be more cumbersome than it needs to be and I may be too focused on making it object oriented. I just wanted to know if anyone had a more intelligent way of doing it or areas where I may be able to improve or condense it maybe into one type. I hope it's clear what I'm asking. </p> <p>In case it wasn't clear from the code, I have the struct for the fingerprint that keeps track of all the individual entries from the file, I have the probe struct and all the structs attached to it gather up the statistics for each probe(SEQ,OPS,etc.) their tests(SP,GCD,ISR,etc.), and the test values. Lastly I have the print group to keep track of print families, such as Apple, Microsoft, etc although that part is still a work in progress. </p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload