Solved

Cherry picking Log File entries

Posted on 2003-10-30
5
181 Views
Last Modified: 2010-03-04
Hi, to begin this is not homework.

I am attempting to delve into a logfiles whose formats are as follows..

xx.xx.153.22 - - [23/Oct/2003:05:42:50 -0700] "GET /img_/misc/ekbh.gif HTTP/1.1" 200 43 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322; MSN 8.0; MSN 8.5; MSNbMSNI; MSNmen-us; MSNcIA)" 0
xx.xx.210.61 - - [23/Oct/2003:05:43:40 -0700] "GET /img_/misc/okil.gif HTTP/1.0" 304 - "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" 0

My wish is to pull from the logs the date, asset name (ekbh.gif), and the number of times that this asset has been called on that day. In my previous efforts at Perl I've been successful in getting browser info and which OS was used but this has stumped me. Can anyone help?

Thanks.

0
Comment
Question by:roodawg
  • 4
5 Comments
 
LVL 28

Accepted Solution

by:
FishMonger earned 125 total points
Comment Utility
I used two regexes to extract the date and file name, but it can also be done with a single (more complex) regex.

#!/usr/bin/perl -w

use Data::Dumper;

while (<DATA>) { # log file passed to the script via command line
   $date = $1 if (/\[([^:]+)/);
   $asset_name = $1 if (/([^\/]+)(?= HTTP)/);
   $assets{$date}{$asset_name}++;
}

print Dumper %assets;  # this was used as a debugging statement

for $key (keys %assets) {
   print "$key: ";
   for $value (keys %{$assets{$key}}) {
      print "$value=$assets{$key}{$value}\n";
   }
}


__DATA__
xx.xx.153.22 - - [23/Oct/2003:05:42:50 -0700] "GET /img_/misc/ekbh.gif HTTP/1.1" 200 43 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322; MSN 8.0;MSN 8.5; MSNbMSNI; MSNmen-us; MSNcIA)" 0
xx.xx.210.61 - - [24/Oct/2003:05:43:40 -0700] "GET /img_/misc/okil.gif HTTP/1.0" 304 - "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" 0
xx.xx.153.22 - - [23/Oct/2003:05:42:50 -0700] "GET /img_/misc/ekbh.gif HTTP/1.1" 200 43 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322; MSN 8.0;MSN 8.5; MSNbMSNI; MSNmen-us; MSNcIA)" 0
xx.xx.210.61 - - [24/Oct/2003:05:43:40 -0700] "GET /img_/misc/okil.gif HTTP/1.0" 304 - "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" 0
xx.xx.153.22 - - [23/Oct/2003:05:42:50 -0700] "GET /img_/misc/ekbh.gif HTTP/1.1" 200 43 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322; MSN 8.0;MSN 8.5; MSNbMSNI; MSNmen-us; MSNcIA)" 0
xx.xx.210.61 - - [24/Oct/2003:05:43:40 -0700] "GET /img_/misc/okil.gif HTTP/1.0" 304 - "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" 0
0
 
LVL 28

Expert Comment

by:FishMonger
Comment Utility
Here is the output from that script.  (the lines prior to the last 2 are from the debugging statement)

$VAR1 = '24/Oct/2003';
$VAR2 = {
          'okil.gif' => 3
        };
$VAR3 = '23/Oct/2003';
$VAR4 = {
          'ekbh.gif' => 3
        };
24/Oct/2003: okil.gif=3
23/Oct/2003: ekbh.gif=3
0
 
LVL 28

Expert Comment

by:FishMonger
Comment Utility
I should have clarified one of those lines.

while (<DATA>) { # log file passed to the script via the __DATA__ section at the end of the script

while (<>) { # log file passed to the script via command line
0
 

Author Comment

by:roodawg
Comment Utility
FM, thanks. This is a thing of beauty.

I should have mentioned that the logfiles are in the format of appserver.log.YYYY-MM-DD and reside in directories called appserv01, appserv02, appserv03, etc. My need is to have this script delve into each of the appservers (excluding any of the webserver directories). Oh and let's not for get formatting to a CSV file. As stated before I'm pretty new to all this and have done this in the past usint perl's opendir() and readdir() statements. I don't need code but by your experience is this the way to go?

Thanks
0
 
LVL 28

Expert Comment

by:FishMonger
Comment Utility
I don't have enough info to say if your approach is the best method but it sounds fine.  One thing you may want to look at using is the File::Find module.

http://search.cpan.org/~jhi/perl-5.8.1/lib/File/Find.pm
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Many time we need to work with multiple files all together. If its windows system then we can use some GUI based editor to accomplish our task. But what if you are on putty or have only CLI(Command Line Interface) as an option to  edit your files. I…
Email validation in proper way is  very important validation required in any web pages. This code is self explainable except that Regular Expression which I used for pattern matching. I originally published as a thread on my website : http://www…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now