/[sysplogd]/sysplogd
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /sysplogd

Parent Directory Parent Directory | Revision Log Revision Log


Revision 20 - (hide annotations)
Fri Apr 17 10:04:02 2009 UTC (14 years, 11 months ago) by dpavlin
File size: 2751 byte(s)
support evtsys event id as pid

1 dpavlin 1 #!/usr/bin/perl
2    
3     use warnings;
4     use strict;
5    
6     use IO::Socket;
7     use Data::Dump qw/dump/;
8 dpavlin 3 use DBI;
9 dpavlin 6 use Getopt::Long;
10 dpavlin 1
11 dpavlin 12 our $port = 514;
12     our $MAXLEN = 1524;
13 dpavlin 1
14 dpavlin 12 our $dsn = 'DBI:Pg:dbname=syslog';
15     our $user = 'dpavlin';
16     our $log = '/tmp/sysplog.log';
17 dpavlin 1
18 dpavlin 13 my $config = $0;
19     $config =~ s{/[^/]+$}{/conf.pl};
20     if ( -e $config ) {
21     require $config;
22     warn "# using $config ", -s $config, $/;
23     }
24 dpavlin 12
25 dpavlin 6 my $debug = 0;
26     my $schema = 0;
27 dpavlin 3
28 dpavlin 6 GetOptions(
29     'debug+' => \$debug,
30     'schema!' => \$schema,
31     'log=s' => \$log,
32 dpavlin 11 'port=i' => \$port,
33 dpavlin 6 ) || die "usage: $0 --debug --schema\n";
34    
35 dpavlin 9 our $VERSION = '0.00';
36 dpavlin 1
37 dpavlin 6 my $sql_schema = q{
38    
39     CREATE TABLE facilities (
40     id serial,
41     name text,
42    
43     PRIMARY KEY(name)
44     );
45    
46     CREATE TABLE log (
47     id serial,
48     timestamp timestamp default now(),
49     ip inet not null,
50     message text,
51     level int,
52     facility int,
53     program text,
54     pid int,
55    
56     PRIMARY KEY (id)
57     );
58    
59     };
60    
61    
62     my $dbh = DBI->connect( $dsn, $user, '', { RaiseError => 1 } ) || die $DBI::errstr;
63    
64     if ( $schema ) {
65     $dbh->begin_work;
66    
67     $dbh->do( $_ ) foreach split(/;/, $sql_schema);
68    
69     my $sth = $dbh->prepare( q{
70     insert into facilities (name) values (?)
71     });
72    
73     $sth->execute( $_ ) foreach ( qw/
74     kernel user mail system security internal
75     printer news uucp clock
76     security2
77     ftp ntp
78     audit alert
79     clock2
80     local0 local1 local2 local3 local4 local5 local6 local7
81     / );
82    
83     warn "# created sql schema\n";
84    
85     $dbh->commit;
86     }
87    
88     my $sth_log_full = $dbh->prepare(qq{
89     insert into log
90 dpavlin 19 (ip,message,level,facility,program,pid)
91     values (?,?,?,?,?,?)
92 dpavlin 6 });
93    
94     my $sth_log_unparsed = $dbh->prepare(qq{
95 dpavlin 19 insert into log (ip,message) values (?,?)
96 dpavlin 6 });
97    
98    
99 dpavlin 1 my $sock = IO::Socket::INET->new(
100     LocalPort => $port,
101     Proto => 'udp'
102     # ReuseAddr => 1,
103     ) || die "can't listen to $port: $!";
104    
105 dpavlin 6 open(my $log_fh, '>>', $log) || die "can't open log $log: $!";
106     $log_fh->autoflush(1);
107     sub _log {
108     warn 'LOG ',dump( @_ ), $/ if $debug;
109     print $log_fh time() . '|' . join('|', @_), $/;
110     }
111 dpavlin 3
112 dpavlin 8 _log "INFO: listen on $port";
113    
114 dpavlin 1 my $buf;
115     while(1) {
116     $sock->recv($buf, $MAXLEN);
117     my ($port, $ipaddr) = sockaddr_in($sock->peername);
118 dpavlin 19 # my $hostname = gethostbyaddr($ipaddr, AF_INET);
119 dpavlin 1 my $ip = join('.', unpack('C4',$ipaddr));
120 dpavlin 19 my @values = ( $ip, $buf );
121 dpavlin 2
122 dpavlin 18 if ( $buf =~ s/<(\d+)>// ) {
123 dpavlin 6 my $level = $1 % 8;
124     my $facility = ( $1-$level ) / 8;
125 dpavlin 18
126     $buf =~ s/^\w\w\w \d+ \d\d:\d\d:\d\d//; # strip timestamp which some syslog servers insert here
127    
128     my ( $program, $pid );
129    
130     if ( $buf =~ s/^\s*([^:]+)\s*:\s*// ) {
131 dpavlin 20 $program = $1;
132     if ( $program =~ s/\[(\d+)\]$// ) {
133     $pid = $1;
134     } elsif ( $buf =~ s/^(\d+):\s*// ) {
135     $pid = $1;
136     }
137 dpavlin 18 }
138    
139 dpavlin 19 $values[1] = $buf;
140 dpavlin 6 push @values, ( $level, $facility, $program, $pid );
141     $sth_log_full->execute( @values );
142 dpavlin 5 } else {
143 dpavlin 6 $sth_log_unparsed->execute( @values );
144 dpavlin 1 }
145 dpavlin 6 _log( @values );
146 dpavlin 1 }

Properties

Name Value
svn:executable

  ViewVC Help
Powered by ViewVC 1.1.26