perl anyevent socket监控web日志client
浏览数:29 /
时间:2015年06月09日
此脚本为client端的code,主要实现读取日志中的一些关键词进行过滤,以下介绍几个模块的用途:
File::Tail 用于读取日志,功能类似于linux中tail ,只读取最新的日志
AnyEvent 处理异步事件
AnyEvent::Socket 建立socket连接
AnyEvent::Handle 处理Socket中的句柄
Config::Tiny 读取ini配置文件
#!/usr/bin/perl
#use warnings;
#use strict;
use File::Tail;
use AnyEvent;
use AnyEvent::Socket;
use AnyEvent::Handle;
use Config::Tiny;
use FindBin;
use lib "$FindBin::Bin/../module";
use log_grep;
main();
sub main {
my $client_config_file = "$FindBin::Bin/../etc/config.ini";
my $config = Config::Tiny->new;
my $client_config = $config->read($client_config_file);
my $client_log_info = $client_config->{‘client_config_info‘};
my $log_type = $client_log_info->{‘log_type‘};
my $user = $client_log_info->{‘user‘};
my $port = $client_log_info->{‘port‘};
my $log_path = $client_log_info->{‘log_path‘};
my $remove_ip = $client_log_info->{‘remove_ip‘};
my $local_ip = $client_log_info->{‘local_ip‘};
my $apache_reglar =
qr/^((?:\d{1,3}\.){3}\d{1,3})[^[]+\[([^]]+)\]\s+\"([^"]+)\"\s+(\d+).*\"([^"]+)\"$/;
my $nginx_reglar =
qr/^((?:\d{1,3}\.){3}\d{1,3})[^[]+\[([^]]+)\]\s+\"([^"]+)\"\s+(\d+).*\"([^"]+)\"$/;#这块根据具体情况来编写,
my $log_grep = log_grep->new();
my $cv = AnyEvent->condvar;
{
tcp_connect $remove_ip, $port, sub {
my ($fh) = @_
or die "tcp_connect: $!";
my $hdl = new AnyEvent::Handle fh => $fh;
my $file = File::Tail->new(
name => $log_path,
maxinterval => 1,
adjustafter => 3
);
while ( defined( my $log_line = $file->read ) ) {
if ( $log_line =~ $apache_reglar ) {
my $date = $log_grep->date_grep($2);
my @actions = $log_grep->default_grep($3);
my @clients = $log_grep->default_grep($5);
my $base =
"t:$log_type|me:$actions[1]|so:$1|lo:$local_ip|date:$date|opt:$actions[0]|of:$4|u:$user\n";
$hdl->push_write($base);
}
}
}
}
$cv->recv;
}以下是log_grep.pm模块
package log_grep;
use strict;
use warnings;
sub new {
my $self = {};
my $class = shift;
bless $self;
return $self;
}
#date format
sub date_grep {
my $self = shift;
my $str = shift;
my %month = (
"Jan" => 1,
"Feb" => 2,
"Mar" => 3,
"Apr" => 4,
"May" => 5,
"Jun" => 6,
"Jul" => 7,
"Aug" => 8,
"Sep" => 9,
"Oct" => 10,
"Nov" => 11,
"Dec" => 12
);
my ( $day, $mon, $year, $hour, $minute, $sec ) =
( split /\/|:|\s+/, $str )[ 0, 1, 2, 3, 4, 5 ];
my $format_date = "$year-$month{$mon}-$day $hour:$minute:$sec";
return $format_date;
}
#default format
sub default_grep{
my $self =shift;
my $str = shift;
return split" ",$str;
}
1;配置文件如下:
[client_config_info] remove_ip=192.168.6.2 port=9981 local_ip=192.168.6.2 log_path=/var/log/httpd/access_log log_type=Apache user=客户端01 [server_config_info] username=root password=******* host=localhost database=w3a_system server_ip=192.168.6.2 server_port=9981
本文出自 “mcshell学习博客” 博客,请务必保留此出处http://mcshell.blog.51cto.com/803455/1362679
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。
