#!/usr/bin/perl -w ################# FreeBSD Log scraper ####################### ############################################################# # Basic usage: # Perl scrape_log.pl -keywords=[KEYWORD,(S)] -log=[LOGNAME] # # -keywords= List of keywords to search for in logs # -log= Name of the log file(s) # -dir= Locations of remote log file(s) ############################################################# use strict; use warnings; #use Switch; use Net::SCP; use IO::Uncompress::Bunzip2 qw(bunzip2 $Bunzip2Error); # set up some global variables for this script. my ($logname, $remoteDir, @files, @keys); # functions # ready to include a log file function... sub prt($) { print shift; } sub scrape_logs { # Pull the logs locally so we can parse them my $file; my $hostname = "coleburt.com"; my $username = "jasin"; # Setup our secure copy connection my $scp = Net::SCP->new( {"host"=>$hostname, "user"=>$username} ); # Do work! for ((my $i = 0) .. 6) { $file = "$logname.$i.bz2"; prt("Receiving $file..."); if ($scp->get("$remoteDir/$file")) { push @files, $file and prt("Done\n"); } else { prt("$scp->{errstr}\n"); } $i++; } } sub parse_logs { for my $file (@files) { my $z = new IO::Uncompress::Bunzip2 $file or print $Bunzip2Error; while (not $z->eof()) { my $x = $z->getline(); # TODO: Need to check each line against the keys in the @keywords array for my $key (@keys) { print $x if ($x =~ /$key/); } } $z->close(); } } sub email_output { # Let someone know that the logs are prepared and ready to be read } sub pgm_exit ($$) { my($exitcode, $msg) = @_; prt($msg); exit($exitcode); } ######################################## # main entry point to the script parse_args(@ARGV); scrape_logs($logname); parse_logs(); pgm_exit(0,""); ######################################## sub need_arg { my ($arg,@av) = @_; pgm_exit(1,"ERROR: [$arg] must have a following argument!\n") if (!@av); } sub parse_args { my @av = @_; my ($arg, $flag, $keywords); while (@av) { $arg = $av[0]; if ($arg =~ /^-keywords/i) { if ($arg =~ /=/) { ($flag,$keywords) = split(/=/,$arg); } else { $flag = $arg; need_arg(@av); shift @av; $keywords = $av[0]; } @keys = split(/,/,$keywords); prt("$flag=$keywords\n"); } elsif ($arg =~ /^-log/i) { if ($arg =~ /=/) { ($flag,$logname) = split(/=/,$arg); } else { $flag = $arg; need_arg(@av); shift @av; $logname = $av[0]; } prt("$flag=$logname\n"); } elsif ($arg =~ /^-dir/i) { if ($arg =~ /=/) { ($flag,$remoteDir) = split(/=/,$arg); } else { $flag = $arg; need_arg(@av); shift @av; $remoteDir = $av[0]; } prt("$flag=$remoteDir\n"); } else { pgm_exit(1, "Unknown arg: $arg\n"); } #switch ($arg[0]) { # case /^-keywords/i { ($flag,$keywords) = split(/=/, $_[0]) and @keys = split(/,/, $keywords); print "$flag=$keywords\n"; } # case /^-log/i { ($flag,$logname) = split(/=/, $_[0]); print "$flag=$logname\n"; } # case /^-dir/i { ($flag,$remoteDir) = split(/=/, $_[0]); print "$flag=$remoteDir\n"; } # else { pgm_exit(1, "Unknown arg: $arg\n"); } #} shift @av; # end switch, get next @ARGV } pgm_exit(1, "Keywords and/or log switches must not be empty\n") if (not length $keywords && length $logname); #cheeky way to test for undef } # eof