Hi,

Ok, here's my code:


my $logfile='firewalllog';
my $devicefile='deviceid';

our %log;

open DEVICES, '<', $devicefile or die "Can't open $devicefile $!";

while (my $device <DEVICES>){
  ($device) = $device =~ /(\S+)$/;
  open (my $fh, '>', $device.".log") or die "Can't write to $device.".log": $!";
  $log{device} = $fh;
}
close DEVICES;

So I should be able to print to at least {$log{any_device_id}} right??

But using this:

print {$log{FWF60A1234566}} "testing";


gives me:

Use of uninitialized value in ref-to-glob cast at extractdevice.pl line 20.
Can't use string ("") as a symbol ref while "strict refs" in use at 
extractdevice.pl line 20.

Any idea what does the above means? 




----- Original Message ----
From: Mumia W. <[EMAIL PROTECTED]>
To: Beginners List <beginners@perl.org>
Sent: Tuesday, January 16, 2007 3:13:38 PM
Subject: Re: Storing filehandles(for writing) in hashes doesn't work (Re: 
whilereach my $variable (<FILEHANDLE>) )

On 01/15/2007 11:21 PM, Michael Alipio wrote:
> Hi,
> 
> Ok, seems like a "pet logs" is not a good example.:-)
> 
> Let me revise my story:
> 
> I have a logfile which contains different clients firewall's logs.
> 
> Let's say the log file is: "firewall.log"
> 
> Now each line in the logfile has a $deviceid string that identifies where or 
> which client it came from. 
> What I did was to list down all of these clients in a file named 
> "deviceid.conf". 
> Let's say it  contains: ('client_name'  dash  'device_id')
> 
> client1 - 293u0sdfj
> client2 - 8325kjsdf
> client3 - kjldas8282
> .....
> clientn - sdkfj28350
> 
> 
> Having said that, my goals are:
> 
> 1. read the firewall.log line by line.
>     if it see a particular device_id in $_, and it knows that that deviceid 
> is for this particular client (using the information found at 
> "deviceid.conf") it will write that line into /client1/$date.log or 
> /client2/$date.log etc.
> 
> By the way, our logs are being rotated  such that it contains logs from 6:26 
> yesterday, to 6:25 today, so $date on the above was obtained by let's say 
> getting the /date=(\S+)/ on the first line entry of the log, let's say it 
> reads 2007-01-10, so our $date will be "2007-01-10_11", so the logfile for a 
> particular client will be "/client1/2007-01-10_11.log"
> 
> 
> Here is an example of a line in the logfile:
> 
> Jan 10 06:26:17 210.23.194.86 date=2007-01-10 
> time=06:30:14,devname=sccp_firewall,device_id=FWF60A1234566,log_id=00210100
> 01,type=traffic,subtype=allowed,pri=notice,vd=root;SN=14435461,duration=139,user=N/A,group=N/A,policyid=11,proto=6,service=7
> 500/tcp,status=accept,src=192.169.1.70,srcname=192.168.1.3,dst=192.169.1.17,dstname=192.169.1.17,src_int=internal,dst_int
> =wan2,sent=144,rcvd=0,sent_pkt=3,rcvd_pkt=0,src_port=2354,dst_port=7500,vpn=N/A,tran_ip=0.0.0.0,tran_port=0,dir_disp=org,tra
> n_disp=noop
> 

The device_id in this log entry does not appear in the device id file 
you showed above.


> 
> So far, I've been trying to use the code that was given to me but I'm still 
> far from my goal:
> 
> 
> #!/usr/bin/perl
> use warnings;
> use strict;
> 
> my $logfile='firewall.log';
> my $devices='deviceid.conf';
> our %log;
> 
> 
> ##########
> # 1ST PART
> open DEVICES, '<', $devices or die "Can't open $devices $!";
> 
> while ( my $device = <DEVICES>){
>   chomp $device;
>   ($device) = $device =~ /(\S+)$/;
>   open( my $fh, '>', "$device.log") or die "Can't open $device.log: $!";
>   $log{$device} = $fh;
> }
> close DEVICES;
> #############
> 
> So far I can understand that in the first part, the code will read the 
> deviceid.conf and create a file handle for writing for each device id, and 
> store these filehandles inside %log. But that is what I wanted to do, I want 
> to, as I wanted to write my logs into /clientN/date.log instead of 
> client's_deviceid.log. So I'm still trying to figure out this one.

/(\S+)$/ only matches the device-id; the client-id is thrown away. Don't 
throw it away. Create a regular expression that captures the client id 
and use the client-id to create the log file name.


> 
> Next:
> 
> 
> ################
> # 2nd PART
> 
> my $re = '^\S+\s+(' . join( '|', keys %log ). ')';
> 
> open( IN, '<', $logfile ) or die "Can't open $logfile: $!";
> 
> while( my $line = <IN> ){
>   if( $line =~ m/$re/ ){
>     print $log{$1} $line;
>   }
> }
> 
> 
> ###############
> 
> 
> The second part is what confuses me, especially the line with "my $re", and 
> also the "if($line =~ m/$re/)"
> 
> As far as I can understand, the $re will contain a regexp with ('device_id1 | 
> device_id2 | device_id3 | device_idN'), so that whenever it sees any pattern 
> that match either of those device_ids, it will print it to say 
> $log{device_idN} which points to the file handle that writes to 
> device_idN.log.
> 
> But this is not the case.
> The line "print $log{$1} $line;" doesn't even work as if it cannot decode the 
> $log{$1}
> 

You are correct, "my $re" creates a regular expression with all of the 
device ids, and you are also correct that "print $log{$1} $line" does 
not work. You must use "print { $log{$1} } $line".


> Useless use of a constant in void context at extractdevice.pl line 30.
> Scalar found where operator expected at extractdevice.pl line 35, near "} 
> $line"
>         (Missing operator before  $line?)
> syntax error at extractdevice.pl line 35, near "} $line"
> 
> If I comment those codes inside the while in that second part, the program 
> will successfully create emtpy "device_id1.log, device_id2.log, etc. etc.)
> 
> Any idea what's wrong with this one?
> 
> 

My comments are above.

I wrote the program a completely different way. I think you should read 
'deviceid.conf' and place the device-ids and client-ids into a hash 
($clientids). Then open and start reading the logfile. Whenever you are 
able to capture a device-id that is in the %clientids hash, construct a 
filename to the desired output log file and append the input logfile 
line to that output log file.



-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/









 
____________________________________________________________________________________
Do you Yahoo!?
Everyone is raving about the all-new Yahoo! Mail beta.
http://new.mail.yahoo.com

Reply via email to