/[sysplogd]/sysplogd
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Diff of /sysplogd

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 6 by dpavlin, Sat Apr 11 09:29:22 2009 UTC revision 18 by dpavlin, Tue Apr 14 14:19:59 2009 UTC
# Line 8  use Data::Dump qw/dump/; Line 8  use Data::Dump qw/dump/;
8  use DBI;  use DBI;
9  use Getopt::Long;  use Getopt::Long;
10    
11  my $port = 514;  our $port = 514;
12    our $MAXLEN = 1524;
13    
14  my $MAXLEN = 1524;  our $dsn    = 'DBI:Pg:dbname=syslog';
15    our $user   = 'dpavlin';
16    our $log    = '/tmp/sysplog.log';
17    
18    my $config = $0;
19    $config =~ s{/[^/]+$}{/conf.pl};
20    if ( -e $config ) {
21            require $config;
22            warn "# using $config ", -s $config, $/;
23    }
24    
 my $dsn    = 'DBI:Pg:dbname=syslog;host=llin.lan';  
 my $user   = 'dpavlin';  
25  my $debug  = 0;  my $debug  = 0;
26  my $schema = 0;  my $schema = 0;
 my $log    = '/tmp/sysplog.log';  
27    
28  GetOptions(  GetOptions(
29          'debug+'  => \$debug,          'debug+'  => \$debug,
30          'schema!' => \$schema,          'schema!' => \$schema,
31          'log=s'   => \$log,          'log=s'   => \$log,
32            'port=i'  => \$port,
33  ) || die "usage: $0 --debug --schema\n";  ) || die "usage: $0 --debug --schema\n";
34    
35  my @facilities = ( qw/  our $VERSION = '0.00';
 / );  
36    
37  my $sql_schema = q{  my $sql_schema = q{
38    
# Line 40  CREATE TABLE log ( Line 47  CREATE TABLE log (
47          id              serial,          id              serial,
48          timestamp       timestamp default now(),          timestamp       timestamp default now(),
49          ip              inet not null,          ip              inet not null,
50          hostname        text not null,          hostname        text,
51          message         text,          message         text,
52          level           int,          level           int,
53          facility        int,          facility        int,
# Line 86  my $sth_log_full = $dbh->prepare(qq{ Line 93  my $sth_log_full = $dbh->prepare(qq{
93  });  });
94    
95  my $sth_log_unparsed = $dbh->prepare(qq{  my $sth_log_unparsed = $dbh->prepare(qq{
96          insert into log (ip,hostname,messsage) values (?,?,?)          insert into log (ip,hostname,message) values (?,?,?)
97  });  });
98    
99    
# Line 96  my $sock = IO::Socket::INET->new( Line 103  my $sock = IO::Socket::INET->new(
103  #       ReuseAddr => 1,  #       ReuseAddr => 1,
104  ) || die "can't listen to $port: $!";  ) || die "can't listen to $port: $!";
105    
 print "INFO: listen on $port",$/;  
   
106  open(my $log_fh, '>>', $log) || die "can't open log $log: $!";  open(my $log_fh, '>>', $log) || die "can't open log $log: $!";
107  $log_fh->autoflush(1);  $log_fh->autoflush(1);
108  sub _log {  sub _log {
# Line 105  sub _log { Line 110  sub _log {
110          print $log_fh time() . '|' . join('|', @_), $/;          print $log_fh time() . '|' . join('|', @_), $/;
111  }  }
112    
113  my $rin = '';  _log "INFO: listen on $port";
114    
115  my $buf;  my $buf;
116  while(1) {  while(1) {
117          $sock->recv($buf, $MAXLEN);          $sock->recv($buf, $MAXLEN);
# Line 114  while(1) { Line 120  while(1) {
120          my $ip = join('.', unpack('C4',$ipaddr));          my $ip = join('.', unpack('C4',$ipaddr));
121          my @values = ( $ip, $hostname, $buf );          my @values = ( $ip, $hostname, $buf );
122    
123          if ( $buf =~ /<(\d+)>\s*(\S*)\s*:\s*(.*)/ ) {          if ( $buf =~ s/<(\d+)>// ) {
                 $values[2] = $3;  
124                  my $level    = $1 % 8;                  my $level    = $1 % 8;
125                  my $facility = ( $1-$level ) / 8;                  my $facility = ( $1-$level ) / 8;
126                  my $program  = $2;          
127                  my $pid      = $1 if $program =~ s/\[(\d+)\]$//;                  $buf =~ s/^\w\w\w \d+ \d\d:\d\d:\d\d//; # strip timestamp which some syslog servers insert here
128    
129                    my ( $program, $pid );
130    
131                    if ( $buf =~ s/^\s*([^:]+)\s*:\s*// ) {
132                            $program  = $1;
133                            $pid      = $1 if $program =~ s/\[(\d+)\]$//;
134                    }
135    
136                    $values[2] = $buf;
137                  push @values, ( $level, $facility, $program, $pid );                  push @values, ( $level, $facility, $program, $pid );
138                  $sth_log_full->execute( @values );                  $sth_log_full->execute( @values );
139          } else {          } else {
Legend:
Removed from v.6  
changed lines
  Added in v.18
  ViewVC Help
Powered by ViewVC 1.1.26