Perlers,
I'm working on a script that iterates over a log file looking for known
hosts so that their messages can be grouped in a summary report.
However, when I run the script, the array I create includes entries for
previous hosts that were found. I thought that I could empty the array
at the beginning of the loop but this did not work. Any ideas would be
appreciated; see code below:
--begin code--
#!/usr/bin/perl -w
use strict;
# declare and init some vars, arrays, and hashes... (oh my?)
my @logfile;
my $line;
my @lines;
my $word;
my @keywords;
my $host;
my @hosts;
my %line_count;
# grab the logfile name from user input
@logfile = <>;
# hosts to look for
@hosts = qw/luminx squid logjam/;
# keywords to look for
@keywords = qw/session fail login sshd unreadable/;
# for each host, run through the entries
foreach $host (@hosts) {
@lines = ();
foreach $line (@logfile) {
# convert digits to '#' signs to decrease uniqueness
$line =~ s/\d+/#/g;
# strip out the beginning of the line to the last ':'
#$line =~ s/^.*:\ //;
# push into an array if we match the host
push(@lines, $line) if $line =~ m/$host/i;
}
# chomp the array
chomp @lines;
# count the number of lines
foreach $line (@lines) {
if (exists $line_count{$line}) {
# increment the count
$line_count{$line}++;
} else {
$line_count{$line} = "1";
}
}
open(TMP, ">>sleuth.txt");
print TMP "\n<---- $host ---->\n";
foreach $line (sort keys %line_count) {
print TMP "$line: $line_count{$line}\n";
}
close TMP;
}
--end code--
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
