perl anyevent socket监控web日志client
发布时间:2020-12-16 00:01:00 所属栏目:大数据 来源:网络整理
导读:此脚本为client端的code,主要实现读取日志中的一些关键词进行过滤,以下介绍几个模块的用途: File::Tail ?用于读取日志,功能类似于linux中tail,只读取最新的日志 AnyEvent ?处理异步事件 AnyEvent::Socket ?建立socket连接 AnyEvent::Handle ?处理Socket中的
此脚本为client端的code,主要实现读取日志中的一些关键词进行过滤,以下介绍几个模块的用途:
File::Tail ?用于读取日志,功能类似于linux中tail,只读取最新的日志
AnyEvent ?处理异步事件
AnyEvent::Socket ?建立socket连接
AnyEvent::Handle ?处理Socket中的句柄
Config::Tiny ?读取ini配置文件
#!/usr/bin/perl #use warnings; #use strict; use File::Tail; use AnyEvent; use AnyEvent::Socket; use AnyEvent::Handle; use Config::Tiny; use FindBin; use lib "$FindBin::Bin/../module"; use log_grep; main(); sub main { my $client_config_file = "$FindBin::Bin/../etc/config.ini"; my $config = Config::Tiny->new; my $client_config = $config->read($client_config_file); my $client_log_info = $client_config->{'client_config_info'}; my $log_type = $client_log_info->{'log_type'}; my $user = $client_log_info->{'user'}; my $port = $client_log_info->{'port'}; my $log_path = $client_log_info->{'log_path'}; my $remove_ip = $client_log_info->{'remove_ip'}; my $local_ip = $client_log_info->{'local_ip'}; my $apache_reglar = qr/^((?:d{1,3}.){3}d{1,3})[^[]+[([^]]+)]s+"([^"]+)"s+(d+).*"([^"]+)"$/; my $nginx_reglar = qr/^((?:d{1,3})[^[]+[([^]]+)]s+"([^"]+)"s+(d+).*"([^"]+)"$/;#这块根据具体情况来编写,my $log_grep = log_grep->new(); my $cv = AnyEvent->condvar; { tcp_connect $remove_ip,$port,sub { my ($fh) = @_ or die "tcp_connect: $!"; my $hdl = new AnyEvent::Handle fh => $fh; my $file = File::Tail->new( name => $log_path,maxinterval => 1,adjustafter => 3 ); while ( defined( my $log_line = $file->read ) ) { if ( $log_line =~ $apache_reglar ) { my $date = $log_grep->date_grep($2); my @actions = $log_grep->default_grep($3); my @clients = $log_grep->default_grep($5); my $base = "t:$log_type|me:$actions[1]|so:$1|lo:$local_ip|date:$date|opt:$actions[0]|of:$4|u:$usern"; $hdl->push_write($base); } } } } $cv->recv; } 以下是log_grep.pm模块
package log_grep; use strict; use warnings; sub new { my $self = {}; my $class = shift; bless $self; return $self; } #date format sub date_grep { my $self = shift; my $str = shift; my %month = ( "Jan" => 1,"Feb" => 2,"Mar" => 3,"Apr" => 4,"May" => 5,"Jun" => 6,"Jul" => 7,"Aug" => 8,"Sep" => 9,"Oct" => 10,"Nov" => 11,"Dec" => 12 ); my ( $day,$mon,$year,$hour,$minute,$sec ) = ( split //|:|s+/,$str )[ 0,1,2,3,4,5 ]; my $format_date = "$year-$month{$mon}-$day $hour:$minute:$sec"; return $format_date; } #default format sub default_grep{ my $self =shift; my $str = shift; return split" ",$str; } 1; 配置文件如下:
[client_config_info] remove_ip=192.168.6.2 port=9981 local_ip=192.168.6.2 log_path=/var/log/httpd/access_log log_type=Apache user=客户端01 [server_config_info] username=root password=******* host=localhost database=w3a_system server_ip=192.168.6.2 server_port=9981 (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |