perl anyevent socket監控web日誌client

此腳本爲client端的code,主要實現讀取日誌中的一些關鍵詞進行過濾,如下介紹幾個模塊的用途:
File::Tail  用於讀取日誌,功能相似於linux中tail ,只讀取最新的日誌
AnyEvent  處理異步事件
AnyEvent::Socket  創建socket鏈接
AnyEvent::Handle  處理Socket中的句柄
Config::Tiny  讀取ini配置文件
#!/usr/bin/perl
#use warnings;
#use strict;
use File::Tail;
use AnyEvent;
use AnyEvent::Socket;
use AnyEvent::Handle;
use Config::Tiny;
use FindBin;
use lib "$FindBin::Bin/../module";
use log_grep;
main();
sub main {
    my $client_config_file = "$FindBin::Bin/../etc/config.ini";
    my $config             = Config::Tiny->new;
    my $client_config      = $config->read($client_config_file);
    my $client_log_info    = $client_config->{'client_config_info'};
    my $log_type           = $client_log_info->{'log_type'};
    my $user               = $client_log_info->{'user'};
    my $port               = $client_log_info->{'port'};
    my $log_path           = $client_log_info->{'log_path'};
    my $remove_ip          = $client_log_info->{'remove_ip'};
    my $local_ip           = $client_log_info->{'local_ip'};
    my $apache_reglar =
qr/^((?:\d{1,3}\.){3}\d{1,3})[^[]+\[([^]]+)\]\s+\"([^"]+)\"\s+(\d+).*\"([^"]+)\"$/;
    my $nginx_reglar =
qr/^((?:\d{1,3}\.){3}\d{1,3})[^[]+\[([^]]+)\]\s+\"([^"]+)\"\s+(\d+).*\"([^"]+)\"$/;#這塊根據具體狀況來編寫,
    my $log_grep = log_grep->new();
    my $cv       = AnyEvent->condvar;
              
    {
        tcp_connect $remove_ip, $port, sub {
            my ($fh) = @_
              or die "tcp_connect: $!";
            my $hdl = new AnyEvent::Handle fh => $fh;
                       
            my $file = File::Tail->new(
                name        => $log_path,
                maxinterval => 1,
                adjustafter => 3
            );
            while ( defined( my $log_line = $file->read ) ) {
                if ( $log_line =~ $apache_reglar ) {
                    my $date    = $log_grep->date_grep($2);
                    my @actions = $log_grep->default_grep($3);
                    my @clients = $log_grep->default_grep($5);
                    my $base =
"t:$log_type|me:$actions[1]|so:$1|lo:$local_ip|date:$date|opt:$actions[0]|of:$4|u:$user\n";
                    $hdl->push_write($base);
                }
            }
                      
                        
          }
    }
    $cv->recv;
}

如下是log_grep.pm模塊linux

package log_grep;
use strict;
use warnings;
sub new {
    my $self  = {};
    my $class = shift;
    bless $self;
    return $self;
}
#date format
sub date_grep {
    my $self  = shift;
    my $str   = shift;
    my %month = (
        "Jan" => 1,
        "Feb" => 2,
        "Mar" => 3,
        "Apr" => 4,
        "May" => 5,
        "Jun" => 6,
        "Jul" => 7,
        "Aug" => 8,
        "Sep" => 9,
        "Oct" => 10,
        "Nov" => 11,
        "Dec" => 12
    );
    my ( $day, $mon, $year, $hour, $minute, $sec ) =
      ( split /\/|:|\s+/, $str )[ 0, 1, 2, 3, 4, 5 ];
    my $format_date = "$year-$month{$mon}-$day $hour:$minute:$sec";
    return $format_date;
}
#default format
sub default_grep{
    my $self =shift;
    my $str = shift;
    return  split" ",$str;
           
}
1;

配置文件以下:nginx

[client_config_info]
remove_ip=192.168.6.2
port=9981
local_ip=192.168.6.2
log_path=/var/log/httpd/access_log
log_type=Apache
user=客戶端01
[server_config_info]
username=root
password=*******
host=localhost
database=w3a_system
server_ip=192.168.6.2
server_port=9981
相關文章
相關標籤/搜索