I had a problem with our log analyzing software.
The vendor said the problem was due to the fact that logs were not sequentially logged.
I bulled my way through this, and it works, but it takes forever.
What would be the best way to tweak it without deviating from the standard perl distribution?
!/usr/local/bin/perl -w
use strict;
$| = 1;
use diagnostics;
######################################################################
## This file is designed to reorder the log files for the corporate
## web server. These log files will be sequentially ordered for fast
+er
## parsing.
######################################################################
my $existingLogFile; #the current file
+ that we will parse
my $newLogFile = "$existingLogFile"."_sorted"; #the log file tha
+t will be written
my $logdirs = "/data/sortlogs/";
my @unique;
my $counter = 0;
my @timestamps;
opendir (LOGDIR, $logdirs) or die "no $logdirs: $!";
while ($_ = readdir(LOGDIR))
{
if ($_ =~ /^access/)
{
$existingLogFile = $_;
}
}
open (EXFILE, "$existingLogFile") or die "Could not open $existingLogF
+ile $!";
while (<EXFILE>)
{
if (/^\d/)
{
chomp;
my $timeString;
my $begOfLog;
my $endOfString;
($begOfLog, $timeString, $endOfString)
+ = split /
[\[\]]/,$_;
push (@timestamps, $timeString);
}
}
close (EXFILE);
@timestamps = sort (@timestamps);
$unique[0] = $timestamps[0];
foreach my $stamp(@timestamps)
{
unless ($stamp eq $unique[$counter])
{
push (@unique, $stamp);
$counter++;
}
}
foreach my $ts (@unique)
{
open (SORTEDFILE, ">>$newLogFile") or
+die "Could
not open $newLogFile $!\n";
open (EXFILE, "+< $existingLogFile") o
+r die "Cou
ld not open $existingLogFile $!";
while (<EXFILE>)
{
my $entryStamp;
my $before;
my $after;
($before, $entryStamp,
+ $after) =
split /[\[\]]/,$_;
my $strippedEntry = te
+ll(EXFILE)
opendir (LOGDIR, $logdirs) or die "no $logdirs: $!";
while ($_ = readdir(LOGDIR))
{
if ($_ =~ /^access/)
{
$existingLogFile = $_;
}
}
open (EXFILE, "$existingLogFile") or die "Could not open $existingLogF
+ile $!";
$newLogFile = "$existingLogFile"."_sorted";
while (<EXFILE>)
{
if (/^\d/)
{
chomp;
my $timeString;
my $begOfLog;
my $endOfString;
($begOfLog, $timeString, $endOfString)
+ = split /
[\[\]]/,$_;
push (@timestamps, $timeString);
}
}
close (EXFILE);
@timestamps = sort (@timestamps);
$unique[0] = $timestamps[0];
foreach my $stamp(@timestamps)
{
unless ($stamp eq $unique[$counter])
{
push (@unique, $stamp);
$counter++;
}
}
foreach my $ts (@unique)
{
open (SORTEDFILE, ">>$newLogFile") or
+die "Could not open $newLogFile $!\n";
open (EXFILE, "+< $existingLogFile") o
+r die "Could not open $existingLogFile $!";
while (<EXFILE>)
{
my $entryStamp;
my $before;
my $after;
($before, $entryStamp,
+ $after) = split /[\[\]]/,$_;
my $strippedEntry = te
+ll(EXFILE);
if ($ts eq $entryStamp
+)
{
print
+SORTEDFILE "$_";
}
else
{
open (
+TEMPFILE, ">>/data/temp") or die "Couldn't open temp fil
e $!\n";
print
+TEMPFILE "$_";
}
}
close (EXFILE);
close (SORTEDFILE);
close (TEMPFILE);
rename ("/data/temp",$
+existingLogFile);
}
"The social dynamics of the net are a direct consequence of the fact that nobody has yet developed a Remote Strangulation Protocol." -- Larry
Wall