On Mon, 2004-05-03 at 13:43, Dennis Skinner wrote:
> --
> On Sat, 2004-05-01 at 09:42, Development - multi.art.studio wrote:
> I have attached the perl script I use for popb4smtp. I originally
> modified it to watch some of our RADIUS logs. I noticed a couple
> problems with it.
Ok, let's try that again, but inline.....watch out for wrapped lines!
###################
#!/usr/bin/perl -w
use strict;
use File::Tail;
use Unix::Syslog qw(:macros :subs);
use DBI;
$SIG{INT} = sub {
syslog(LOG_CRIT, "%s", "exiting on SIGINT\n");
exit 1;
};
$SIG{TERM} = sub {
syslog(LOG_CRIT, "%s", "exiting on SIGTERM\n");
exit 1;
};
my $LOG = '/var/log/maillog';
my $PROGNAME = 'popb4smtp';
my $PIDFILE = '/var/run/popb4smtp.pid';
my $pophost = "Mail1";
my $dbh = DBI->connect( 'DBI:mysql:database=db;host=dbhost',
'dbuser', 'dbpass', {RaiseError=>1} );
my $ins = $dbh->prepare('INSERT INTO db.popb4smtp SET date = NOW(),
date2 = ?, pophost = ?, ip = ?');
sub store_popb4smtp($$$);
sub select_readable(\@);
sub xdie(@);
sub xwarn(@);
my (@readable_tails, @tail_refs);
openlog($PROGNAME, LOG_PERROR | LOG_PID, LOG_MAIL);
open(PID, "> $PIDFILE") or
xdie "$PIDFILE: $!\n";
print PID "$$\n";
close(PID);
my $tail;
$tail = File::Tail->new(
name => $LOG,
maxinterval => 1,
interval => 1,
ignore_nonexistant => 1
);
push(@tail_refs, $tail);
syslog(LOG_CRIT, "%s", "tailing files: $LOG\n");
while (1) {
@readable_tails = select_readable(@tail_refs);
if (not @readable_tails) {
# Give up our time slice so that the kernel treats us
like
# a model citizen with respect to CPU utilization.
#
select(undef, undef, undef, 0.25);
next;
}
foreach my $tail (@readable_tails) {
my ($line, $texdate, $year, @junk, $ip);
$line = $tail->read();
chomp($line);
if ($line =~ /^(\w+\s+\d+\s+\d+:\d+:\d+)\s+\w+
pop3d:\s+LOGIN,\s+.*\s+ip=\[::ffff:(\d+\.\d+\.\d+\.\d+)\]$/ or
$line =~ /^(\w+\s+\d+\s+\d+:\d+:\d+)\s+\w+
imapd:\s+LOGIN,\s+.*\s+ip=\[::ffff:(\d+\.\d+\.\d+\.\d+)\].*$/ ) {
($texdate, $ip) = ($1, $2);
@junk = gmtime(time);
$year = $junk[5]+1900;
$texdate =~
s/^(\w+)\s+(\d+)\s+(\d\d:\d\d:\d\d)/$year:$1:$2:$3/;
$texdate =~ s/Jan/01/;
$texdate =~ s/Feb/02/;
$texdate =~ s/Mar/03/;
$texdate =~ s/Apr/04/;
$texdate =~ s/May/05/;
$texdate =~ s/Jun/06/;
$texdate =~ s/Jul/07/;
$texdate =~ s/Aug/08/;
$texdate =~ s/Sep/09/;
$texdate =~ s/Oct/10/;
$texdate =~ s/Nov/11/;
$texdate =~ s/Dec/12/;
$texdate =~ s/://g;
$ins->execute($texdate, $pophost, $ip);
# print "$texdate : $ip : $pophost \n\n";
}
}
}
# Given a list of File::Tail object references, block until one or more
of
# the objects becomes readable and then return the list of readable
objects.
#
sub select_readable(\@)
{
my ($tails) = @_;
my ($nfound, $timeleft, @pending);
($nfound, $timeleft, @pending) = File::Tail::select(
undef, undef, undef, undef, @{$tails}
);
return @pending;
}
sub xdie(@)
{
my (@msg) = @_;
my ($msgstr, $rv);
$rv = $! or 1;
$msgstr = join(' ', @msg);
chomp($msgstr);
syslog(LOG_CRIT, "%s", $msgstr);
exit $rv;
}
sub xwarn(@)
{
my (@msg) = @_;
my ($msgstr);
$msgstr = join(' ', @msg);
chomp($msgstr);
syslog(LOG_CRIT, "%s", $msgstr);
}
###################
--
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com
