On Wed, May 27, 2009 at 6:27 PM, Stephen Reese wrote:
> List,
>
> I've been working on a method to parse a PDF or TXT document and
> output the results to XML over at Experts Exchange.
> http://www.experts-exchange.com/Programming/Languages/Scripting/Perl/Q_24439630.html
List,
I've been working on a method to parse a PDF or TXT document and
output the results to XML over at Experts Exchange.
http://www.experts-exchange.com/Programming/Languages/Scripting/Perl/Q_24439630.html
You may view the attached document or if the mailing list doesn't
allow here is a copy of
> I don't understand why you're /adding/ the match count $x to the hash value
> each
> time. Is that why you're getting values that you don't expect?
>
> If the first column of your output is supposed to be a count (for that source
> address, connection, or port) then you should be adding one each
> I don't see where you're printing $x to check.
Jay, I probably was not and do not know how to :-).
> Assuming you have actually checked $x, though, the important question
> isn't whether $x == `grep -c regex /your/log/file`.
>
> The important question is whether $x == scalar keys %srca.
>
> If
> Have a look at the sample data you posted and you will see where.
>
>
> John
I believe I found where the ']' needs to go but didn't see any extra ' '
space.
The $x count seems off. As I see it every time a regex match is made then $x
will increase one. The match numbers results are about 5x g
> printf() (as seen three lines down) has a format string and a list of
> values corresponding to the % escapes in that string. Because you are
> using a string literal you should use print() instead.
>
> > foreach my $i (sort { $quad{$b} <=> $quad{$a} } keys %quad) {
> >if ($n++ >= $ntop) {
> It appears that there is a space (' ') character at the end of the
> pattern where there should be a ']' character.
John, I'm missing where the closing bracket should go.
while () {
next unless
/Sig:\s*(\d+)\s+Subsig:\s*(\d+)\s+Sev:\s*(\d+)([^\[]+)\[([\d\.]+):(\d+)\s*->
\s*([\d\.]+):(\d
> I just copied over your code and noticed that the end of
> your regular expression (the "/" character) runs across a
> newline. Once I moved that back up to this:
>
> next unless
> /Sig:\s*(\d+)\s+Subsig:\s*(\d+)\s+Sev:\s*(\d+)([^\[]+)\[([\d\.]+):(\d+)
> \s*->\s*([\d\.]+):(\d+)/;
>
> $x is incr
> Hello Stephen,
>
> I think the problem might be with your regular expression and not $x.
>
> If your regular expression does not match the current line then every line
> will be skipped.
>
> What does the line that is being processed look like?
>
> Dave
Here are two lines from the log file.
Sep
I'm looking to increase the count $x every time a match is made for
the regex. Though I'm not having any luck nor am I receiving any
errors. I'm missing something, it seems $x++ would increase $x since
it starts at 0 by default?
http://www.doulos.com/knowhow/perl/quick_start/
my ( %srca );
my $x;
> In your original post you presented *two* *separate* scripts and I
> commented on both scripts, and now you are combining parts of both
> scripts which is why you seem to be confused.
>
> Hint: The "next unless //;" was a replacement for the "if (//) {}"
> block.
John, originally I was trying t
[snip]
>
> #next unless /IPACCESSLOGP: list $acl denied ([tcpud]+)
> ([0-9.]+)\([0-9]+\)\s*->\s*([0-9.]+)\(([0-9]+)\), ([0-9]+) \;
>
next unless /IPACCESSLOGP: list $acl denied ([tcpud]+) ([0-9.]+)\
([0-9]+\)\s*->\s*([0-9.]+)\(([0-9]+)\), ([0-9]+) /;
Thanks Ron that worked. What is the 'next' stat
John,
I made many of the changes but what is the addition of the 'next' statement
for? I tried to add the additional code but the script dies mentioning that
it is not terminated correctly. If I comment out the next statement the
script runs fine.
#!/usr/bin/perl
#
use warnings;
use strict;
# S
y" first before you use them. With respect to your reply below, it
> doesn't matter whether you gave it a value of 0 or some other value...there
> is no rule on what an initial value should be...whatever fits your
> situation. But, you need to declare it.
>
> Ray
>
>
> John is right.
> You should always 'use strict' at the begin of the scripts.
> Here you didn't declare the variables, so you got the errors.
> You could declare them with:
> my $x = ...;
> my $foo = ...;
>
> For Perl's variable scope, see this:
> http://perl.plover.com/FAQs/Namespaces.html
>
Jef
ast };
printf ("%6s:%s\n", $quad{$i},$i);
}
$n=0;
printf "\nDestination Port Summary:\n";
foreach my $i ( sort { $port{$b} <=> $port{$a} } keys %port) {
if ($n++ >= $ntop) { last };
printf ("%6s: %s\n", $port{$i},$i);
}
$n=0;
printf "\nSource Ad
I am working on modifying a script that previously parsed Cisco ACL's
and changing it to parse IPS information.
Here is an example of the two log formats.
Sep 19 15:44:29 172.16.2.1 59800: 3725router: Sep 19 19:44:39: %SEC-6-
IPACCESSLOGP: list 104 denied udp 93.144.187.255(13157) ->
68.156.63.11
I found a Perl script that parses Cisco ACL logging format and I would
like to modify it to parse the IPS format that Cisco uses. I have made
changes to the expression that picks up the Rule and the script still
runs but there isn't any useful output. Any recommendations would be
great.
Here's wha
18 matches
Mail list logo
