/[sysplogd]/sysplogd
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Contents of /sysplogd

Parent Directory Parent Directory | Revision Log Revision Log


Revision 11 - (show annotations)
Sat Apr 11 11:42:04 2009 UTC (12 years, 5 months ago) by dpavlin
File size: 2480 byte(s)
added --port

1 #!/usr/bin/perl
2
3 use warnings;
4 use strict;
5
6 use IO::Socket;
7 use Data::Dump qw/dump/;
8 use DBI;
9 use Getopt::Long;
10
11 my $port = 514;
12
13 my $MAXLEN = 1524;
14
15 my $dsn = 'DBI:Pg:dbname=syslog;host=llin.lan';
16 my $user = 'dpavlin';
17 my $debug = 0;
18 my $schema = 0;
19 my $log = '/tmp/sysplog.log';
20
21 GetOptions(
22 'debug+' => \$debug,
23 'schema!' => \$schema,
24 'log=s' => \$log,
25 'port=i' => \$port,
26 ) || die "usage: $0 --debug --schema\n";
27
28 our $VERSION = '0.00';
29
30 my $sql_schema = q{
31
32 CREATE TABLE facilities (
33 id serial,
34 name text,
35
36 PRIMARY KEY(name)
37 );
38
39 CREATE TABLE log (
40 id serial,
41 timestamp timestamp default now(),
42 ip inet not null,
43 hostname text not null,
44 message text,
45 level int,
46 facility int,
47 program text,
48 pid int,
49
50 PRIMARY KEY (id)
51 );
52
53 };
54
55
56 my $dbh = DBI->connect( $dsn, $user, '', { RaiseError => 1 } ) || die $DBI::errstr;
57
58 if ( $schema ) {
59 $dbh->begin_work;
60
61 $dbh->do( $_ ) foreach split(/;/, $sql_schema);
62
63 my $sth = $dbh->prepare( q{
64 insert into facilities (name) values (?)
65 });
66
67 $sth->execute( $_ ) foreach ( qw/
68 kernel user mail system security internal
69 printer news uucp clock
70 security2
71 ftp ntp
72 audit alert
73 clock2
74 local0 local1 local2 local3 local4 local5 local6 local7
75 / );
76
77 warn "# created sql schema\n";
78
79 $dbh->commit;
80 }
81
82 my $sth_log_full = $dbh->prepare(qq{
83 insert into log
84 (ip,hostname,message,level,facility,program,pid)
85 values (?,?,?,?,?,?,?)
86 });
87
88 my $sth_log_unparsed = $dbh->prepare(qq{
89 insert into log (ip,hostname,messsage) values (?,?,?)
90 });
91
92
93 my $sock = IO::Socket::INET->new(
94 LocalPort => $port,
95 Proto => 'udp'
96 # ReuseAddr => 1,
97 ) || die "can't listen to $port: $!";
98
99 open(my $log_fh, '>>', $log) || die "can't open log $log: $!";
100 $log_fh->autoflush(1);
101 sub _log {
102 warn 'LOG ',dump( @_ ), $/ if $debug;
103 print $log_fh time() . '|' . join('|', @_), $/;
104 }
105
106 _log "INFO: listen on $port";
107
108 my $rin = '';
109 my $buf;
110 while(1) {
111 $sock->recv($buf, $MAXLEN);
112 my ($port, $ipaddr) = sockaddr_in($sock->peername);
113 my $hostname = gethostbyaddr($ipaddr, AF_INET);
114 my $ip = join('.', unpack('C4',$ipaddr));
115 my @values = ( $ip, $hostname, $buf );
116
117 if ( $buf =~ /<(\d+)>\s*(\S*)\s*:\s*(.*)/ ) {
118 $values[2] = $3;
119 my $level = $1 % 8;
120 my $facility = ( $1-$level ) / 8;
121 my $program = $2;
122 my $pid = $1 if $program =~ s/\[(\d+)\]$//;
123 push @values, ( $level, $facility, $program, $pid );
124 $sth_log_full->execute( @values );
125 } else {
126 $sth_log_unparsed->execute( @values );
127 }
128 _log( @values );
129 }

Properties

Name Value
svn:executable

  ViewVC Help
Powered by ViewVC 1.1.26