[Php] Server.log Parser (Warden Specific)

Another little script I made out of my free time.

This script takes a Server.log file and reads any line that matches this pattern

#TIME# ERROR: Player X (GUID Y Accountid Y) failed Warden check Z. Action: A

Explanations under the code


  • Warden parser tool
  • Reads the Server.log file and extracts the name of those who failed any Warden checks.
  • Builds an array of the Players with their name, accountId, GUID, and all the checks failed and when they were failed
  • Version 1.0
  • Author: Kapoeira

$filePath = ‘./Server.log’;

/* -------------------------------------------------------------------------- /
-------------------------------------------------------------------------- */

define(‘REGEX’, ‘#(.+) ERROR: WARDEN: Player (.+) (guid: (.+), account: (.+)) failed Warden check (.+). Action:(.+)#’);

if ($handle = file_get_contents($filePath))
$lines = array_map(‘trim’, explode(chr(10), $handle));

$outputMap = array();
$temp = array();

foreach ($lines as $k => $v)
	if (preg_match(REGEX, $v))
		preg_match_all(REGEX, $v, $output);
		// Special case where the name can be <none>
		if ($output[2][0] == '<none>')
			$remapped = false;
			foreach ($outputMap as $k => $map)
				if ($k == $output[3][0] && $map['name'] != '<none>')
					$output[2][0] = $map['name'];
					$remapped = true;
			if (!$remapped)
				// If it could not be remapped, save it to a buffer :/
				$temp[] = $output;

		if (!isset($outputMap[$output[3][0]]))
			$outputMap[$output[3][0]] = array('name' => $output[2][0],
											'accountId' => $output[4][0],
											'time' => $output[1][0],
											'fails' => array($output[5][0] => 1));
			if (isset($outputMap[$output[3][0]]['fails'][$output[5][0]]))
				$outputMap[$output[3][0]]['fails'][$output[5][0]] = 1;

// Add everything that could not be remapped - any <none> record
foreach ($temp as $k => $v)
	if (isset($outputMap[$v[3][0]]))
		if (isset($outputMap[$v[3][0]]['fails'][$v[5][0]]))
			$outputMap[$v[3][0]]['fails'][$v[5][0]] = 1;


table { border-collapse: collapse; } td { border: 1px solid black; text-align: center; } td.fail { text-align: right; } td.qty { text-align: left; } tr#head td { background-color: #898989; width: 150px; } <?php
$failList = array();
// Get every fail checked anywhere
foreach ($outputMap as $guid => $data)
	foreach ($data['fails'] as $failId => $qty)
		if (!in_array($failId, $failList))
			$failList[] = $failId;

// Go through all the players
foreach ($outputMap as $guid => $data)
	echo chr(10) . '	  <tr><td colspan="2">Player <b>' . $data['name'] . '</b><br />GUID ' . $guid . '; AccountId ' . $data['accountId'] . '</td></tr>';

	// Loop through all the checsk that were found
	foreach ($failList as $i => $failId)
		if (isset($data['fails'][$failId]))
			echo chr(10) . '	  <tr><td class="fail">' . $failId . '</td><td class="qty">' . $data['fails'][$failId] . '</td></tr>';



Check ID Quantity

<?php } else echo 'The Server.log file could not be found.';

// strtotime() seems to be working too, I’m just a little paranoiac
function dateToTime($time)
$a = explode(’ ‘, $time);
$d = explode(’-‘, $a[0]);
$t = explode(’:', $a[1]);

return mktime($t[0], $t[1], $t[2], $d[1], $d[2], $d[0]);



  1. Put the Server.log file into the folder where you have placed the script.

  2. (OPTIONAL) This will avoid execution time limit from being eventually reached, this can occur:

grep -i "failed Warden check" Server.log > Server.log

This is basically removing any line that does NOT contain Warden checks failure

If by any mean you can’t do that, you can

a ) Add this line at the very beginning of the file, INSIDE the <?php ?> tags

b ) Find another way to remove all the unwanted lines.

  1. Run the script

  2. Enjoy your data in a clean format.

Example output:


might be nice to explain what the check is and what the failiure means (or could mean)

Zx: I don’t know what their meaning is, and the SQLs leak uses are not that much talkative, but that’s something i had planned to do. Until then, I can’t do much =/

Sugestion:maybe add the time of the last detection and order the output based on time?

WishToDie: yeah, fairly doable. Will look onto it when I get spare time …

Major update!

Paste2 - Viewing Paste 2074028


  1. In the first few lines, define WORLD_DB, USER_DB and PASS_DB.

  2. Set the file to be able to write in its directory.

  3. Make sure you have PHP 5.3 or above (php -v)

  4. ???

  5. Profit!

Can you update this for the new log system?

Yes, I just don’t have a running core atm. Give me a week or so, I have plenty of stuff to do /emoticons/default_wink.png