47 |
id serial, |
id serial, |
48 |
timestamp timestamp default now(), |
timestamp timestamp default now(), |
49 |
ip inet not null, |
ip inet not null, |
|
hostname text, |
|
50 |
message text, |
message text, |
51 |
level int, |
level int, |
52 |
facility int, |
facility int, |
87 |
|
|
88 |
my $sth_log_full = $dbh->prepare(qq{ |
my $sth_log_full = $dbh->prepare(qq{ |
89 |
insert into log |
insert into log |
90 |
(ip,hostname,message,level,facility,program,pid) |
(ip,message,level,facility,program,pid) |
91 |
values (?,?,?,?,?,?,?) |
values (?,?,?,?,?,?) |
92 |
}); |
}); |
93 |
|
|
94 |
my $sth_log_unparsed = $dbh->prepare(qq{ |
my $sth_log_unparsed = $dbh->prepare(qq{ |
95 |
insert into log (ip,hostname,message) values (?,?,?) |
insert into log (ip,message) values (?,?) |
96 |
}); |
}); |
97 |
|
|
98 |
|
|
115 |
while(1) { |
while(1) { |
116 |
$sock->recv($buf, $MAXLEN); |
$sock->recv($buf, $MAXLEN); |
117 |
my ($port, $ipaddr) = sockaddr_in($sock->peername); |
my ($port, $ipaddr) = sockaddr_in($sock->peername); |
118 |
my $hostname = gethostbyaddr($ipaddr, AF_INET); |
# my $hostname = gethostbyaddr($ipaddr, AF_INET); |
119 |
my $ip = join('.', unpack('C4',$ipaddr)); |
my $ip = join('.', unpack('C4',$ipaddr)); |
120 |
my @values = ( $ip, $hostname, $buf ); |
my @values = ( $ip, $buf ); |
121 |
|
|
122 |
if ( $buf =~ /<(\d+)>(?:\w\w\w \d+ \d\d:\d\d:\d\d)?\s*(\S*)\s*:\s*(.*)/ ) { |
if ( $buf =~ s/<(\d+)>// ) { |
|
$values[2] = $3; |
|
123 |
my $level = $1 % 8; |
my $level = $1 % 8; |
124 |
my $facility = ( $1-$level ) / 8; |
my $facility = ( $1-$level ) / 8; |
125 |
my $program = $2; |
|
126 |
my $pid = $1 if $program =~ s/\[(\d+)\]$//; |
$buf =~ s/^\w\w\w\s+\d+\s+\d\d:\d\d:\d\d//; # strip timestamp which some syslog servers insert here |
127 |
|
|
128 |
|
my ( $program, $pid ); |
129 |
|
|
130 |
|
if ( $buf =~ s/^\s*([^:]+)\s*:\s*// ) { |
131 |
|
$program = $1; |
132 |
|
if ( $program =~ s/\[(\d+)\]$// ) { |
133 |
|
$pid = $1; |
134 |
|
} elsif ( $buf =~ s/^(\d+):\s*// ) { |
135 |
|
$pid = $1; |
136 |
|
} |
137 |
|
} |
138 |
|
|
139 |
|
$values[1] = $buf; |
140 |
push @values, ( $level, $facility, $program, $pid ); |
push @values, ( $level, $facility, $program, $pid ); |
141 |
$sth_log_full->execute( @values ); |
$sth_log_full->execute( @values ); |
142 |
} else { |
} else { |