----- Original Message ----
From: Mumia W. <[EMAIL PROTECTED]>
To: Beginners List <beginners@perl.org>
Sent: Tuesday, January 16, 2007 3:13:38 PM
Subject: Re: Storing filehandles(for writing) in hashes doesn't work (Re: whilereach
my $variable (<FILEHANDLE>) )
On 01/15/2007 11:21 PM, Michael Alipio wrote:
Hi,
Ok, seems like a "pet logs" is not a good example.:-)
Let me revise my story:
I have a logfile which contains different clients firewall's logs.
Let's say the log file is: "firewall.log"
Now each line in the logfile has a $deviceid string that identifies where or which client it came from.
What I did was to list down all of these clients in a file named "deviceid.conf".
Let's say it contains: ('client_name' dash 'device_id')
client1 - 293u0sdfj
client2 - 8325kjsdf
client3 - kjldas8282
.....
clientn - sdkfj28350
Having said that, my goals are:
1. read the firewall.log line by line.
if it see a particular device_id in $_, and it knows that that deviceid is for this
particular client (using the information found at "deviceid.conf") it will
write that line into /client1/$date.log or /client2/$date.log etc.
By the way, our logs are being rotated such that it contains logs from 6:26 yesterday, to 6:25
today, so $date on the above was obtained by let's say getting the /date=(\S+)/ on the first line
entry of the log, let's say it reads 2007-01-10, so our $date will be "2007-01-10_11", so
the logfile for a particular client will be "/client1/2007-01-10_11.log"
Here is an example of a line in the logfile:
Jan 10 06:26:17 210.23.194.86 date=2007-01-10
time=06:30:14,devname=sccp_firewall,device_id=FWF60A1234566,log_id=00210100
01,type=traffic,subtype=allowed,pri=notice,vd=root;SN=14435461,duration=139,user=N/A,group=N/A,policyid=11,proto=6,service=7
500/tcp,status=accept,src=192.169.1.70,srcname=192.168.1.3,dst=192.169.1.17,dstname=192.169.1.17,src_int=internal,dst_int
=wan2,sent=144,rcvd=0,sent_pkt=3,rcvd_pkt=0,src_port=2354,dst_port=7500,vpn=N/A,tran_ip=0.0.0.0,tran_port=0,dir_disp=org,tra
n_disp=noop
The device_id in this log entry does not appear in the device id file
you showed above.
So far, I've been trying to use the code that was given to me but I'm still far
from my goal:
#!/usr/bin/perl
use warnings;
use strict;
my $logfile='firewall.log';
my $devices='deviceid.conf';
our %log;
##########
# 1ST PART
open DEVICES, '<', $devices or die "Can't open $devices $!";
while ( my $device = <DEVICES>){
chomp $device;
($device) = $device =~ /(\S+)$/;
open( my $fh, '>', "$device.log") or die "Can't open $device.log: $!";
$log{$device} = $fh;
}
close DEVICES;
#############
So far I can understand that in the first part, the code will read the
deviceid.conf and create a file handle for writing for each device id, and
store these filehandles inside %log. But that is what I wanted to do, I want
to, as I wanted to write my logs into /clientN/date.log instead of
client's_deviceid.log. So I'm still trying to figure out this one.
/(\S+)$/ only matches the device-id; the client-id is thrown away. Don't
throw it away. Create a regular expression that captures the client id
and use the client-id to create the log file name.
Next:
################
# 2nd PART
my $re = '^\S+\s+(' . join( '|', keys %log ). ')';
open( IN, '<', $logfile ) or die "Can't open $logfile: $!";
while( my $line = <IN> ){
if( $line =~ m/$re/ ){
print $log{$1} $line;
}
}
###############
The second part is what confuses me, especially the line with "my $re", and also the
"if($line =~ m/$re/)"
As far as I can understand, the $re will contain a regexp with ('device_id1 |
device_id2 | device_id3 | device_idN'), so that whenever it sees any pattern
that match either of those device_ids, it will print it to say $log{device_idN}
which points to the file handle that writes to device_idN.log.
But this is not the case.
The line "print $log{$1} $line;" doesn't even work as if it cannot decode the
$log{$1}
You are correct, "my $re" creates a regular expression with all of the
device ids, and you are also correct that "print $log{$1} $line" does
not work. You must use "print { $log{$1} } $line".
Useless use of a constant in void context at extractdevice.pl line 30.
Scalar found where operator expected at extractdevice.pl line 35, near "} $line"
(Missing operator before $line?)
syntax error at extractdevice.pl line 35, near "} $line"
If I comment those codes inside the while in that second part, the program will
successfully create emtpy "device_id1.log, device_id2.log, etc. etc.)
Any idea what's wrong with this one?
My comments are above.
I wrote the program a completely different way. I think you should read
'deviceid.conf' and place the device-ids and client-ids into a hash
($clientids). Then open and start reading the logfile. Whenever you are
able to capture a device-id that is in the %clientids hash, construct a
filename to the desired output log file and append the input logfile
line to that output log file.
