|
hotsanic |
Subversion Repositories: |
Compare with Previous - Blame - Download
## $Id: HotSaNIClogparse.pm,v 1.1 2004/02/08 20:42:05 bernisys Exp $#package HotSaNIClogparse;($VERSION = '$Revision: 1.1 $') =~ s/.*(\d+\.\d+).*/$1/;my %datehash=(Jan=>0,Feb=>1,Mar=>2,Apr=>3,May=>4,Jun=>5,Jul=>6,Aug=>7,Sep=>8,Oct=>9,Nov=>10,Dec=>11);######################################################################## finds logfiles that are not already parsed.## USAGE: ($position,@files)=findlogs($dir,$names,$infofile);## $dir the directory that contains the desired logfiles## $names a regex that matches all desired logs## $infofile is the path to a file where some information about# the last parsing process has been stored.### $position will be the position where the last parsing process stopped## @files is an array containing all "newer" (i.e. unparsed) logs# in hopefully the right order. This list can be parsed# within a "foreach (@files) {...}" construct.#sub findlogs {my $logdir = shift;my $logfile = shift;my $lastinfo = shift;my @files;use File::Find;File::Find::find( {wanted => sub { /^$logfile\z/s && push @files,$File::Find::name; } }, $logdir);my @sfiles = sort @files;my $firstline="*** no lastfile found ***";my $position=0;if (-e $lastinfo) {open FILE,$lastinfo;$firstline=<FILE> || "*** empty lastfile ***";$position=<FILE> || 0;close FILE;}undef @files;my $found=0;while ($found==0) {if (@sfiles) {my $file=shift @sfiles;open FILE,"$file";my $line=<FILE>;close FILE;unshift @files,$file;if ($line eq $firstline) { $found=1; }}else { $found=-1 }}if ($found < 0) { $position=0; }return ($position,@files);}######################################################################## parse a line of an apache logfile and return it splitted in a hash#sub parseline_apache {my $line=shift || "";my %info;$line =~ /^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+) (.*?) (.*?) \[(.*?) (.*?)\] \"(\w+) (.*?) (.*?)\" ([0-9]+) ([0-9]+) \"(.*?)\" \"(.*?)\"$/, $info{IP}=$1,$info{REQuser}=$2,$info{REQauthuser}=$3,$info{TS}=$4,$info{TSzone}=$5,$info{REQtype}=$6,$info{REQwhat}=$7,$info{REQformat}=$8,$info{RETcode}=$9,$info{RETsize}=$10,$info{REQreferer}=$11,$info{REQagent}=$12;$info{TS} =~ /([0-9]+)\/(\w+)\/([0-9]+)\:([0-9]+)\:([0-9]+)\:([0-9]+)/,$info{TSday}=$1*1,$info{TSmname}=$2,$info{TSyear}=$3,$info{TShour}=$4*1,$info{TSminute}=$5*1,$info{TSsecond}=$6*1;$info{TSmonth}=$datehash{$info{TSmname}};$info{TSzone} =~ /^(.)([0-9][0-9])/,$info{TSzdiff}=$1.$2*1;$info{TStime} = time_to_seconds($info{TSyear},$info{TSmonth},$info{TSday},$info{TShour},$info{TSminute},$info{TSsecond});return %info;}######################################################################## converts year, month, mday, hour, minute and second# into a timestamp such as time() produces.## How? heh, heh. Binary search. :)# Try setting/unsetting bits starting from the high end until# localtime($result) matches the input time.#sub time_to_seconds {my $a = sprintf "%04d%02d%02d%02d%02d%02d",@_;my ($l_sec,$l_min,$l_hour,$l_mday,$l_mon,$l_year,$l_wday,$l_yday,$l_isdst);my ($result, $bit, $i);$result = 0;# For each bit in the value, starting with the highest bit...#$bit=1024*1024*1024;for (my $n=30;$n>=0; $n--) {$bit=1<<$n;$result += $bit; # Try setting it...# Get the time info for that time...($l_sec,$l_min,$l_hour,$l_mday,$l_mon,$l_year,$l_wday,$l_yday,$l_isdst) = localtime($result);$l_year+=1900;$l_mon+=1;my $b = sprintf "%04d%02d%02d%02d%02d%02d",$l_year,$l_mon,$l_mday,$l_hour,$l_min,$l_sec;$result -= $bit if ($a lt $b);}return($result);}1;