/[sysplogd]/sysplogd
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Contents of /sysplogd

Parent Directory Parent Directory | Revision Log Revision Log


Revision 21 - (show annotations)
Sat May 2 21:07:32 2009 UTC (10 years, 3 months ago) by dpavlin
File size: 2755 byte(s)
fix parsing of timestamp which Tomato WRT54 firmware adds

1 #!/usr/bin/perl
2
3 use warnings;
4 use strict;
5
6 use IO::Socket;
7 use Data::Dump qw/dump/;
8 use DBI;
9 use Getopt::Long;
10
11 our $port = 514;
12 our $MAXLEN = 1524;
13
14 our $dsn = 'DBI:Pg:dbname=syslog';
15 our $user = 'dpavlin';
16 our $log = '/tmp/sysplog.log';
17
18 my $config = $0;
19 $config =~ s{/[^/]+$}{/conf.pl};
20 if ( -e $config ) {
21 require $config;
22 warn "# using $config ", -s $config, $/;
23 }
24
25 my $debug = 0;
26 my $schema = 0;
27
28 GetOptions(
29 'debug+' => \$debug,
30 'schema!' => \$schema,
31 'log=s' => \$log,
32 'port=i' => \$port,
33 ) || die "usage: $0 --debug --schema\n";
34
35 our $VERSION = '0.00';
36
37 my $sql_schema = q{
38
39 CREATE TABLE facilities (
40 id serial,
41 name text,
42
43 PRIMARY KEY(name)
44 );
45
46 CREATE TABLE log (
47 id serial,
48 timestamp timestamp default now(),
49 ip inet not null,
50 message text,
51 level int,
52 facility int,
53 program text,
54 pid int,
55
56 PRIMARY KEY (id)
57 );
58
59 };
60
61
62 my $dbh = DBI->connect( $dsn, $user, '', { RaiseError => 1 } ) || die $DBI::errstr;
63
64 if ( $schema ) {
65 $dbh->begin_work;
66
67 $dbh->do( $_ ) foreach split(/;/, $sql_schema);
68
69 my $sth = $dbh->prepare( q{
70 insert into facilities (name) values (?)
71 });
72
73 $sth->execute( $_ ) foreach ( qw/
74 kernel user mail system security internal
75 printer news uucp clock
76 security2
77 ftp ntp
78 audit alert
79 clock2
80 local0 local1 local2 local3 local4 local5 local6 local7
81 / );
82
83 warn "# created sql schema\n";
84
85 $dbh->commit;
86 }
87
88 my $sth_log_full = $dbh->prepare(qq{
89 insert into log
90 (ip,message,level,facility,program,pid)
91 values (?,?,?,?,?,?)
92 });
93
94 my $sth_log_unparsed = $dbh->prepare(qq{
95 insert into log (ip,message) values (?,?)
96 });
97
98
99 my $sock = IO::Socket::INET->new(
100 LocalPort => $port,
101 Proto => 'udp'
102 # ReuseAddr => 1,
103 ) || die "can't listen to $port: $!";
104
105 open(my $log_fh, '>>', $log) || die "can't open log $log: $!";
106 $log_fh->autoflush(1);
107 sub _log {
108 warn 'LOG ',dump( @_ ), $/ if $debug;
109 print $log_fh time() . '|' . join('|', @_), $/;
110 }
111
112 _log "INFO: listen on $port";
113
114 my $buf;
115 while(1) {
116 $sock->recv($buf, $MAXLEN);
117 my ($port, $ipaddr) = sockaddr_in($sock->peername);
118 # my $hostname = gethostbyaddr($ipaddr, AF_INET);
119 my $ip = join('.', unpack('C4',$ipaddr));
120 my @values = ( $ip, $buf );
121
122 if ( $buf =~ s/<(\d+)>// ) {
123 my $level = $1 % 8;
124 my $facility = ( $1-$level ) / 8;
125
126 $buf =~ s/^\w\w\w\s+\d+\s+\d\d:\d\d:\d\d//; # strip timestamp which some syslog servers insert here
127
128 my ( $program, $pid );
129
130 if ( $buf =~ s/^\s*([^:]+)\s*:\s*// ) {
131 $program = $1;
132 if ( $program =~ s/\[(\d+)\]$// ) {
133 $pid = $1;
134 } elsif ( $buf =~ s/^(\d+):\s*// ) {
135 $pid = $1;
136 }
137 }
138
139 $values[1] = $buf;
140 push @values, ( $level, $facility, $program, $pid );
141 $sth_log_full->execute( @values );
142 } else {
143 $sth_log_unparsed->execute( @values );
144 }
145 _log( @values );
146 }

Properties

Name Value
svn:executable

  ViewVC Help
Powered by ViewVC 1.1.26