过滤设备日志入库(perl 版)
扫描二维码
随时随地手机看文章
脚本的主要功能就是实现了,对于一个设备的日志文件信息过滤,抓取需要的字段,然后插入数据库,用perl语言实现起来很是方便,配合crontab使用,更是强大!!
文件一条记录:Jun 4 05:08:46 194.168.0.8 61: %SYS-5-CONFIG_I: Configured from console by vty0 (194.168.0.444)
正则:(S+s+d+s+S+)s+(d+.d+.d+.d+)sS+:s+%(S+):s+(.*)
脚本源码
:
#!/usr/bin/perl
use DBI;
my $log_record;
my @log_arry;
my $log_path;
my $date;
my $ip;
my $type;
my $desc;
my $line;
$log_path="/var/log/sourcep.log";
`/etc/init.d/sysklogd stop`;
`mv /var/log/source.log /var/log/sourcep.log&&touch /var/log/source.log`;
`/etc/init.d/sysklogd start`;
my $db="dbi:mysql:dbname=xxxx";
my $dbh= DBI->connect($db,"root","xxxx",{\'RaiseError\'=>1,\'AutoCommit\'=>0}) or die "Can\'t connect to DB:".DBI->errstr;
my $sql=$dbh->prepare(q{INSERT INTO tbl_device(date,ip,type,descon) VALUES (?,?,?,?)});
my ($date,$ip,$type,$desc);
if (open(log_1,"$log_path")){
eval{
while($line=
foreach($line){
/(S+s+d+s+S+)s+(d+.d+.d+.d+)sS+:s+%(S+):s+(.*)/ and do{
$date= $1;
$ip = $2;
$type= $3;
$desc= $4;
};# end do
$sql->execute($date,$ip,$type,$desc);
print ("$datet"."$ipt"."$typet"."$descn");
} # end for
} # end while
$dbh->commit();
} # end eval
} # end if
if($EVAL_ERROR){
print "Transaction aborted: ",$EVAL_ERROR,"n";
$dbh->rollback();
} # end local if
$dbh->disconnect();
`rm /var/log/sourcep.log`;
下载文档
