perl anyevent socket监控web日志client

此脚本为client端的code,主要实现读取日志中的一些关键词进行过滤,以下介绍几个模块的用途:
File::Tail  用于读取日志,功能类似于linux中tail ,只读取最新的日志
AnyEvent  处理异步事件
AnyEvent::Socket  建立socket连接
AnyEvent::Handle  处理Socket中的句柄
Config::Tiny  读取ini配置文件
#!/usr/bin/perl
#use warnings;
#use strict;
use File::Tail;
use AnyEvent;
use AnyEvent::Socket;
use AnyEvent::Handle;
use Config::Tiny;
use FindBin;
use lib "$FindBin::Bin/../module";
use log_grep;
main();
sub main {
    my $client_config_file = "$FindBin::Bin/../etc/config.ini";
    my $config             = Config::Tiny->new;
    my $client_config      = $config->read($client_config_file);
    my $client_log_info    = $client_config->{‘client_config_info‘};
    my $log_type           = $client_log_info->{‘log_type‘};
    my $user               = $client_log_info->{‘user‘};
    my $port               = $client_log_info->{‘port‘};
    my $log_path           = $client_log_info->{‘log_path‘};
    my $remove_ip          = $client_log_info->{‘remove_ip‘};
    my $local_ip           = $client_log_info->{‘local_ip‘};
    my $apache_reglar =
qr/^((?:\d{1,3}\.){3}\d{1,3})[^[]+\[([^]]+)\]\s+\"([^"]+)\"\s+(\d+).*\"([^"]+)\"$/;
    my $nginx_reglar =
qr/^((?:\d{1,3}\.){3}\d{1,3})[^[]+\[([^]]+)\]\s+\"([^"]+)\"\s+(\d+).*\"([^"]+)\"$/;#这块根据具体情况来编写,
    my $log_grep = log_grep->new();
    my $cv       = AnyEvent->condvar;
              
    {
        tcp_connect $remove_ip, $port, sub {
            my ($fh) = @_
              or die "tcp_connect: $!";
            my $hdl = new AnyEvent::Handle fh => $fh;
                       
            my $file = File::Tail->new(
                name        => $log_path,
                maxinterval => 1,
                adjustafter => 3
            );
            while ( defined( my $log_line = $file->read ) ) {
                if ( $log_line =~ $apache_reglar ) {
                    my $date    = $log_grep->date_grep($2);
                    my @actions = $log_grep->default_grep($3);
                    my @clients = $log_grep->default_grep($5);
                    my $base =
"t:$log_type|me:$actions[1]|so:$1|lo:$local_ip|date:$date|opt:$actions[0]|of:$4|u:$user\n";
                    $hdl->push_write($base);
                }
            }
                      
                        
          }
    }
    $cv->recv;
}

以下是log_grep.pm模块

package log_grep;
use strict;
use warnings;
sub new {
    my $self  = {};
    my $class = shift;
    bless $self;
    return $self;
}
#date format
sub date_grep {
    my $self  = shift;
    my $str   = shift;
    my %month = (
        "Jan" => 1,
        "Feb" => 2,
        "Mar" => 3,
        "Apr" => 4,
        "May" => 5,
        "Jun" => 6,
        "Jul" => 7,
        "Aug" => 8,
        "Sep" => 9,
        "Oct" => 10,
        "Nov" => 11,
        "Dec" => 12
    );
    my ( $day, $mon, $year, $hour, $minute, $sec ) =
      ( split /\/|:|\s+/, $str )[ 0, 1, 2, 3, 4, 5 ];
    my $format_date = "$year-$month{$mon}-$day $hour:$minute:$sec";
    return $format_date;
}
#default format
sub default_grep{
    my $self =shift;
    my $str = shift;
    return  split" ",$str;
           
}
1;

配置文件如下:

[client_config_info]
remove_ip=192.168.6.2
port=9981
local_ip=192.168.6.2
log_path=/var/log/httpd/access_log
log_type=Apache
user=客户端01
[server_config_info]
username=root
password=*******
host=localhost
database=w3a_system
server_ip=192.168.6.2
server_port=9981


本文出自 “mcshell学习博客” 博客,请务必保留此出处http://mcshell.blog.51cto.com/803455/1362679

perl anyevent socket监控web日志client

上一篇:Domino9下webmail功能定制--登陆信息提醒


下一篇:perl anyevent socket监控web日志server