# # $Id: HotSaNIClogparse.pm,v 1.3 2004/03/07 23:29:40 bernisys Exp $ # package HotSaNIClogparse; use Time::Local; ($VERSION = '$Revision: 1.3 $') =~ s/.*(\d+\.\d+).*/$1/; my %datehash=(Jan=>0,Feb=>1,Mar=>2,Apr=>3,May=>4,Jun=>5,Jul=>6,Aug=>7,Sep=>8,Oct=>9,Nov=>10,Dec=>11); ###################################################################### # # finds logfiles that are not already parsed. # # USAGE: ($position,@files)=findlogs($dir,$names,$infofile); # # $dir the directory that contains the desired logfiles # # $names a regex that matches all desired logs # # $infofile is the path to a file where some information about # the last parsing process has been stored. # # # $position will be the position where the last parsing process stopped # # @files is an array containing all "newer" (i.e. unparsed) logs # in hopefully the right order. This list can be parsed # within a "foreach (@files) {...}" construct. # sub findlogs { my $logdir = shift; my $logfile = shift; my $lastinfo = shift; my @files; use File::Find; File::Find::find( {wanted => sub { /^$logfile\z/s && push @files,$File::Find::name; } }, $logdir); my @sfiles = sort @files; my $firstline="*** no lastfile found ***"; my $position=0; if (-e $lastinfo) { open FILE,$lastinfo; $firstline= || "*** empty lastfile ***"; $position= || 0; close FILE; } undef @files; my $found=0; while ($found==0) { if (@sfiles) { my $file=shift @sfiles; open FILE,"$file"; my $line=; close FILE; unshift @files,$file; if ($line eq $firstline) { $found=1; } } else { $found=-1 } } if ($found < 0) { $position=0; } return ($position,@files); } ###################################################################### # # parse a line of an apache logfile and return it splitted in a hash # sub parseline_apache { my $line=shift || ""; my %info; $line =~ /^(.*?) (.*?) (.*?) \[(.*?) (.*?)\] \"(.*?)\" ([0-9]+) ([0-9-]+) \"(.*?)\" \"(.*?)\"$/, $info{IP_DN}=$1 || "", $info{REQuser}=$2 || "", $info{REQauthuser}=$3 || "", $info{TS}=$4 || "", $info{TSzone}=$5 || "", $info{REQwhat}=$6 || "", $info{RETcode}=$7 || "", $info{RETsize}=$8 || "", $info{REQreferer}=$9 || "", $info{REQagent}=$10 || ""; $info{TS} =~ /([0-9]+)\/(\w+)\/([0-9]+)\:([0-9]+)\:([0-9]+)\:([0-9]+)/, $info{TSday}=$1 || 1, $info{TSmname}=$2 || "", $info{TSyear}=$3 || 1900, $info{TShour}=$4 || 0, $info{TSminute}=$5 || 0, $info{TSsecond}=$6 || 0; $info{TSmonth}=$datehash{$info{TSmname}} || 1; $info{TSzone} =~ /^([-+][0-9][0-9])/,$info{TSzdiff}=$1 || 0; $info{TSzdiff}*=1; $info{TSyear}*=1; $info{TSday}*=1; $info{TShour}*=1; $info{TSminute}*=1; $info{TSsecond}*=1; $info{TStime} = Time::Local::timelocal($info{TSsecond},$info{TSminute},$info{TShour},$info{TSday},$info{TSmonth}-1,$info{TSyear}); return %info; } ###################################################################### # # parse a line of an amavisd-new logfile and return it splitted in a hash # # returns all elements as a hash. # the "result" key contains one of these keywords: # BANNED # INFECTED # mail_via_smtp # Not-Delivered # NOTICE # Passed # sub parseline_amavis { my $line=shift || ""; my %info; #Mar 5 11:11:03 some.host.org amavisd-new[30127]: (30127-09) Passed, -> , Message-ID: , Hits: - $line =~ /^(\w+)\s+(\d+) (\d+):(\d+):(\d+) (.*?) (.*\[\d+\]): \((\d+-\d+)\) (\w+)[,:]* (.*)$/, $info{TSmname}=$1 || "", $info{TSday}=$2 || 1, $info{TShour}=$3 || 0, $info{TSminute}=$4 || 0, $info{TSsecond}=$5 || 0, $info{host}=$6 || "", $info{process}=$7 || "", $info{ID}=$8 || "", $info{result}=$9 || "", $info{info}=$10 || ""; ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); $info{TSmonth}=$datehash{$info{TSmname}} || 1; $info{TSyear}=$year+1900; $info{TSyear}-- if ($mon+1 < $info{TSmonth}); $info{TSday}*=1; $info{TShour}*=1; $info{TSminute}*=1; $info{TSsecond}*=1; $info{TStime} = Time::Local::timelocal($info{TSsecond},$info{TSminute},$info{TShour},$info{TSday},$info{TSmonth}-1,$info{TSyear}); return %info; } ###################################################################### # # converts year, month, mday, hour, minute and second # into a timestamp such as time() produces. # # How? heh, heh. Binary search. :) # Try setting/unsetting bits starting from the high end until # localtime($result) matches the input time. # sub time_to_seconds { my $a = sprintf "%04d%02d%02d%02d%02d%02d",@_; my ($l_sec,$l_min,$l_hour,$l_mday,$l_mon,$l_year,$l_wday,$l_yday,$l_isdst); my ($result, $bit, $i); $result = 0; # For each bit in the value, starting with the highest bit... # $bit=1024*1024*1024; for (my $n=30;$n>=0; $n--) { $bit=1<<$n; $result += $bit; # Try setting it... # Get the time info for that time... ($l_sec,$l_min,$l_hour,$l_mday,$l_mon,$l_year,$l_wday,$l_yday,$l_isdst) = localtime($result); $l_year+=1900; $l_mon+=1; my $b = sprintf "%04d%02d%02d%02d%02d%02d",$l_year,$l_mon,$l_mday,$l_hour,$l_min,$l_sec; $result -= $bit if ($a lt $b); } return($result); } 1; WebSVN - hotsanic - Blame - Rev 29 - /branches/HotSaNIC-0.5.0-pre6/lib/HotSaNIClogparse.pm
  jablonka.czprosek.czf

hotsanic

Subversion Repositories:
[/] [branches/] [HotSaNIC-0.5.0-pre6/] [lib/] [HotSaNIClogparse.pm] - Blame information for rev 29

 

Line No. Rev Author Line

Powered by WebSVN 2.2.1