/[sysplogd]/sysplogd
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Contents of /sysplogd

Parent Directory Parent Directory | Revision Log Revision Log


Revision 9 - (show annotations)
Sat Apr 11 10:03:04 2009 UTC (12 years, 3 months ago) by dpavlin
File size: 2458 byte(s)
cleanup, insert version
1 #!/usr/bin/perl
2
3 use warnings;
4 use strict;
5
6 use IO::Socket;
7 use Data::Dump qw/dump/;
8 use DBI;
9 use Getopt::Long;
10
11 my $port = 514;
12
13 my $MAXLEN = 1524;
14
15 my $dsn = 'DBI:Pg:dbname=syslog;host=llin.lan';
16 my $user = 'dpavlin';
17 my $debug = 0;
18 my $schema = 0;
19 my $log = '/tmp/sysplog.log';
20
21 GetOptions(
22 'debug+' => \$debug,
23 'schema!' => \$schema,
24 'log=s' => \$log,
25 ) || die "usage: $0 --debug --schema\n";
26
27 our $VERSION = '0.00';
28
29 my $sql_schema = q{
30
31 CREATE TABLE facilities (
32 id serial,
33 name text,
34
35 PRIMARY KEY(name)
36 );
37
38 CREATE TABLE log (
39 id serial,
40 timestamp timestamp default now(),
41 ip inet not null,
42 hostname text not null,
43 message text,
44 level int,
45 facility int,
46 program text,
47 pid int,
48
49 PRIMARY KEY (id)
50 );
51
52 };
53
54
55 my $dbh = DBI->connect( $dsn, $user, '', { RaiseError => 1 } ) || die $DBI::errstr;
56
57 if ( $schema ) {
58 $dbh->begin_work;
59
60 $dbh->do( $_ ) foreach split(/;/, $sql_schema);
61
62 my $sth = $dbh->prepare( q{
63 insert into facilities (name) values (?)
64 });
65
66 $sth->execute( $_ ) foreach ( qw/
67 kernel user mail system security internal
68 printer news uucp clock
69 security2
70 ftp ntp
71 audit alert
72 clock2
73 local0 local1 local2 local3 local4 local5 local6 local7
74 / );
75
76 warn "# created sql schema\n";
77
78 $dbh->commit;
79 }
80
81 my $sth_log_full = $dbh->prepare(qq{
82 insert into log
83 (ip,hostname,message,level,facility,program,pid)
84 values (?,?,?,?,?,?,?)
85 });
86
87 my $sth_log_unparsed = $dbh->prepare(qq{
88 insert into log (ip,hostname,messsage) values (?,?,?)
89 });
90
91
92 my $sock = IO::Socket::INET->new(
93 LocalPort => $port,
94 Proto => 'udp'
95 # ReuseAddr => 1,
96 ) || die "can't listen to $port: $!";
97
98 open(my $log_fh, '>>', $log) || die "can't open log $log: $!";
99 $log_fh->autoflush(1);
100 sub _log {
101 warn 'LOG ',dump( @_ ), $/ if $debug;
102 print $log_fh time() . '|' . join('|', @_), $/;
103 }
104
105 _log "INFO: listen on $port";
106
107 my $rin = '';
108 my $buf;
109 while(1) {
110 $sock->recv($buf, $MAXLEN);
111 my ($port, $ipaddr) = sockaddr_in($sock->peername);
112 my $hostname = gethostbyaddr($ipaddr, AF_INET);
113 my $ip = join('.', unpack('C4',$ipaddr));
114 my @values = ( $ip, $hostname, $buf );
115
116 if ( $buf =~ /<(\d+)>\s*(\S*)\s*:\s*(.*)/ ) {
117 $values[2] = $3;
118 my $level = $1 % 8;
119 my $facility = ( $1-$level ) / 8;
120 my $program = $2;
121 my $pid = $1 if $program =~ s/\[(\d+)\]$//;
122 push @values, ( $level, $facility, $program, $pid );
123 $sth_log_full->execute( @values );
124 } else {
125 $sth_log_unparsed->execute( @values );
126 }
127 _log( @values );
128 }

Properties

Name Value
svn:executable

  ViewVC Help
Powered by ViewVC 1.1.26