Syslog child on Windows

Thu, 31 Mar 2005 09:09:23 -0800 

I have a perl Syslog server setup on a windows box because it's connected to 
a RAID Array.  I'm using POE as the Syslog server code and I'm storing the 
syslog data into a DB2 database.  Here is what I currently have:

use warnings;
use strict;

use POE;
use POE::Component::Server::Syslog;
use DBI;     # library for performing database functions
use DBD::DB2;
use DBD::DB2::Constants;
# use Mail::SendMail;

POE::Component::Server::Syslog->spawn(
    BindAddress => '129.37.2.201',
    InputState => \&client_input,
    ErrorState => \&client_error,
);

my $debug = 1;

$poe_kernel->run();

######################################

sub client_input {

  # Get the syslog hash
  my $msg = $_[ARG0];
  my $databaseHandle;
  my $connectFailureFlag = 0;
  my $search;
  my $sth;
  my $dbName = "vpn";
  # Parse the data for DB entry
  $msg->{'msg'} =~ /^(.*?) (\d+)\/(\d+)\/(\d+) (\d+):(\d+):(\d+)\.(\d+) 
SEV=. (.*?)$/;

  if ($debug) {
   print "    Host: ".$msg->{'host'}."\n";
   print "Severity: ".$msg->{'severity'}."\n";
   print "     Msg: ".$msg->{'msg'}."\n";
   my $databaseHandle = DBI->connect("DBI:DB2:$dbName","xxxxx","xxxxxx") or 
$connectFailureFlag = 1;
    if ($connectFailureFlag == 1){ warn "Unable to establish with 
DB2:$dbName due to $DBI::errstr\n"; }
    elsif ($connectFailureFlag == 0){     # connected to DB
     $search = "INSERT INTO VPN.SYSLOG_C3K (DATE_TIME, DEVICE, SEV, MSG) 
values('$4-$2-$3-$5.$6.$7.$8', '".$msg->{'host'}."', ".$msg->{'severity'}.", 
'$9')";
      $sth = $databaseHandle->prepare("$search"); # prepare the statement to 
read from the DB
      $sth->execute(); # execute the query
    $sth->finish;
     $databaseHandle->disconnect or warn "Disconnection failed: 
$DBI::errstr\n";
   }
   print "$2.$3.$4.$5.$6.$7.$8 $1 $9\n\n";
  } # if ($debug)
}

sub client_error {
  # Something went wrong with the syslog message
  # Figure out what to do, if anything, in this case later
    warn "BAD MESSAGE: $_[ARG0]";
}


What I'd like to do is collect the syslog data into an array while having 
another process pull the data out of that array and put into the database. 
That way, I'm not creating database connections everytime I get a syslog 
message.  Hopefully I'm clear in what I'm asking for. :-)

Reply via email to