| 8 |
use DBI; |
use DBI; |
| 9 |
use Getopt::Long; |
use Getopt::Long; |
| 10 |
|
|
| 11 |
my $port = 514; |
our $port = 514; |
| 12 |
|
our $MAXLEN = 1524; |
| 13 |
|
|
| 14 |
my $MAXLEN = 1524; |
our $dsn = 'DBI:Pg:dbname=syslog'; |
| 15 |
|
our $user = 'dpavlin'; |
| 16 |
|
our $log = '/tmp/sysplog.log'; |
| 17 |
|
|
| 18 |
|
my $config = $0; |
| 19 |
|
$config =~ s{/[^/]+$}{/conf.pl}; |
| 20 |
|
if ( -e $config ) { |
| 21 |
|
require $config; |
| 22 |
|
warn "# using $config ", -s $config, $/; |
| 23 |
|
} |
| 24 |
|
|
|
my $dsn = 'DBI:Pg:dbname=syslog;host=llin.lan'; |
|
|
my $user = 'dpavlin'; |
|
| 25 |
my $debug = 0; |
my $debug = 0; |
| 26 |
my $schema = 0; |
my $schema = 0; |
|
my $log = '/tmp/sysplog.log'; |
|
| 27 |
|
|
| 28 |
GetOptions( |
GetOptions( |
| 29 |
'debug+' => \$debug, |
'debug+' => \$debug, |
| 30 |
'schema!' => \$schema, |
'schema!' => \$schema, |
| 31 |
'log=s' => \$log, |
'log=s' => \$log, |
| 32 |
|
'port=i' => \$port, |
| 33 |
) || die "usage: $0 --debug --schema\n"; |
) || die "usage: $0 --debug --schema\n"; |
| 34 |
|
|
| 35 |
my @facilities = ( qw/ |
our $VERSION = '0.00'; |
|
/ ); |
|
| 36 |
|
|
| 37 |
my $sql_schema = q{ |
my $sql_schema = q{ |
| 38 |
|
|
| 47 |
id serial, |
id serial, |
| 48 |
timestamp timestamp default now(), |
timestamp timestamp default now(), |
| 49 |
ip inet not null, |
ip inet not null, |
|
hostname text not null, |
|
| 50 |
message text, |
message text, |
| 51 |
level int, |
level int, |
| 52 |
facility int, |
facility int, |
| 87 |
|
|
| 88 |
my $sth_log_full = $dbh->prepare(qq{ |
my $sth_log_full = $dbh->prepare(qq{ |
| 89 |
insert into log |
insert into log |
| 90 |
(ip,hostname,message,level,facility,program,pid) |
(ip,message,level,facility,program,pid) |
| 91 |
values (?,?,?,?,?,?,?) |
values (?,?,?,?,?,?) |
| 92 |
}); |
}); |
| 93 |
|
|
| 94 |
my $sth_log_unparsed = $dbh->prepare(qq{ |
my $sth_log_unparsed = $dbh->prepare(qq{ |
| 95 |
insert into log (ip,hostname,messsage) values (?,?,?) |
insert into log (ip,message) values (?,?) |
| 96 |
}); |
}); |
| 97 |
|
|
| 98 |
|
|
| 111 |
|
|
| 112 |
_log "INFO: listen on $port"; |
_log "INFO: listen on $port"; |
| 113 |
|
|
|
my $rin = ''; |
|
| 114 |
my $buf; |
my $buf; |
| 115 |
while(1) { |
while(1) { |
| 116 |
$sock->recv($buf, $MAXLEN); |
$sock->recv($buf, $MAXLEN); |
| 117 |
my ($port, $ipaddr) = sockaddr_in($sock->peername); |
my ($port, $ipaddr) = sockaddr_in($sock->peername); |
| 118 |
my $hostname = gethostbyaddr($ipaddr, AF_INET); |
# my $hostname = gethostbyaddr($ipaddr, AF_INET); |
| 119 |
my $ip = join('.', unpack('C4',$ipaddr)); |
my $ip = join('.', unpack('C4',$ipaddr)); |
| 120 |
my @values = ( $ip, $hostname, $buf ); |
my @values = ( $ip, $buf ); |
| 121 |
|
|
| 122 |
if ( $buf =~ /<(\d+)>\s*(\S*)\s*:\s*(.*)/ ) { |
if ( $buf =~ s/<(\d+)>// ) { |
|
$values[2] = $3; |
|
| 123 |
my $level = $1 % 8; |
my $level = $1 % 8; |
| 124 |
my $facility = ( $1-$level ) / 8; |
my $facility = ( $1-$level ) / 8; |
| 125 |
my $program = $2; |
|
| 126 |
my $pid = $1 if $program =~ s/\[(\d+)\]$//; |
$buf =~ s/^\w\w\w \d+ \d\d:\d\d:\d\d//; # strip timestamp which some syslog servers insert here |
| 127 |
|
|
| 128 |
|
my ( $program, $pid ); |
| 129 |
|
|
| 130 |
|
if ( $buf =~ s/^\s*([^:]+)\s*:\s*// ) { |
| 131 |
|
$program = $1; |
| 132 |
|
if ( $program =~ s/\[(\d+)\]$// ) { |
| 133 |
|
$pid = $1; |
| 134 |
|
} elsif ( $buf =~ s/^(\d+):\s*// ) { |
| 135 |
|
$pid = $1; |
| 136 |
|
} |
| 137 |
|
} |
| 138 |
|
|
| 139 |
|
$values[1] = $buf; |
| 140 |
push @values, ( $level, $facility, $program, $pid ); |
push @values, ( $level, $facility, $program, $pid ); |
| 141 |
$sth_log_full->execute( @values ); |
$sth_log_full->execute( @values ); |
| 142 |
} else { |
} else { |
Parent Directory
| 
Revision Log
| 
Patch