此脚本为client端的code,主要实现读取日志中的一些关键词进行过滤,以下介绍几个模块的用途:
File::Tail 用于读取日志,功能类似于linux中tail ,只读取最新的日志
AnyEvent 处理异步事件
AnyEvent::Socket 建立socket连接
AnyEvent::Handle 处理Socket中的句柄
Config::Tiny 读取ini配置文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
#!/usr/bin/perl
#use warnings;
#use strict;
use
File::Tail;
use
AnyEvent;
use
AnyEvent::Socket;
use
AnyEvent::Handle;
use
Config::Tiny;
use
FindBin;
use
lib
"$FindBin::Bin/../module"
;
use
log_grep;
main();
sub
main {
my
$client_config_file
=
"$FindBin::Bin/../etc/config.ini"
;
my
$config
= Config::Tiny->new;
my
$client_config
=
$config
->
read
(
$client_config_file
);
my
$client_log_info
=
$client_config
->{
'client_config_info'
};
my
$log_type
=
$client_log_info
->{
'log_type'
};
my
$user
=
$client_log_info
->{
'user'
};
my
$port
=
$client_log_info
->{
'port'
};
my
$log_path
=
$client_log_info
->{
'log_path'
};
my
$remove_ip
=
$client_log_info
->{
'remove_ip'
};
my
$local_ip
=
$client_log_info
->{
'local_ip'
};
my
$apache_reglar
=
qr/^((?:\d{1,3}\.){3}\d{1,3})[^[]+\[([^]]+)\]\s+\"([^"]+)\"\s+(\d+).*\"([^"]+)\"$/
;
my
$nginx_reglar
=
qr/^((?:\d{1,3}\.){3}\d{1,3})[^[]+\[([^]]+)\]\s+\"([^"]+)\"\s+(\d+).*\"([^"]+)\"$/
;
#这块根据具体情况来编写,
my
$log_grep
= log_grep->new();
my
$cv
= AnyEvent->condvar;
{
tcp_connect
$remove_ip
,
$port
,
sub
{
my
(
$fh
) =
@_
or
die
"tcp_connect: $!"
;
my
$hdl
= new AnyEvent::Handle
fh
=>
$fh
;
my
$file
= File::Tail->new(
name
=>
$log_path
,
maxinterval
=> 1,
adjustafter
=> 3
);
while
(
defined
(
my
$log_line
=
$file
->
read
) ) {
if
(
$log_line
=~
$apache_reglar
) {
my
$date
=
$log_grep
->date_grep($2);
my
@actions
=
$log_grep
->default_grep($3);
my
@clients
=
$log_grep
->default_grep($5);
my
$base
=
"t:$log_type|me:$actions[1]|so:$1|lo:$local_ip|date:$date|opt:$actions[0]|of:$4|u:$user\n"
;
$hdl
->push_write(
$base
);
}
}
}
}
$cv
->
recv
;
}
|
以下是log_grep.pm模块
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
package
log_grep;
use
strict;
use
warnings;
sub
new {
my
$self
= {};
my
$class
=
shift
;
bless
$self
;
return
$self
;
}
#date format
sub
date_grep {
my
$self
=
shift
;
my
$str
=
shift
;
my
%month
= (
"Jan"
=> 1,
"Feb"
=> 2,
"Mar"
=> 3,
"Apr"
=> 4,
"May"
=> 5,
"Jun"
=> 6,
"Jul"
=> 7,
"Aug"
=> 8,
"Sep"
=> 9,
"Oct"
=> 10,
"Nov"
=> 11,
"Dec"
=> 12
);
my
(
$day
,
$mon
,
$year
,
$hour
,
$minute
,
$sec
) =
(
split
/\/|:|\s+/,
$str
)[ 0, 1, 2, 3, 4, 5 ];
my
$format_date
=
"$year-$month{$mon}-$day $hour:$minute:$sec"
;
return
$format_date
;
}
#default format
sub
default_grep{
my
$self
=
shift
;
my
$str
=
shift
;
return
split
" "
,
$str
;
}
1;
|
配置文件如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[client_config_info]
remove_ip=192.168.6.2
port=9981
local_ip=192.168.6.2
log_path=/var/log/httpd/access_log
log_type=Apache
user=客户端01
[server_config_info]
username=root
password=*******
host=localhost
database=w3a_system
server_ip=192.168.6.2
server_port=9981
|
本文转自 mcshell 51CTO博客,原文链接:http://blog.51cto.com/mcshell/1362679,如需转载请自行联系原作者