Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked
 
PerlMonks  

While I'm away...

by Poetic Justice (Monk)
on Jul 10, 2001 at 22:39 UTC ( [id://95412]=CUFP: print w/replies, xml ) Need Help??

While I'm away from my network on the weekend, I like to know what's going on. I downloaded the program Snort and it keeps a log of the different goings on. I could VPN to the network, and just look around, but it's more convenient if I let perl send me the the last 25 lines of my log file to my email account at home. Here is how I did it.
use strict;
use Net::SMTP;
print"monitoring snort log \n";
print " hit q then enter to exit:  ";
open (fh, "< e:\\snort\\log\\alert.ids") or die "Can't open File";
my @lines = <fh>;
my $hours = 0;
while (<STDIN> != 'q') {
   while ($hours < 72) {     # hours of updates you want
      my $timer = 0;
      while ($timer < 1) {  # minutes between the update
         #Mail Data
         my $smtp = Net::SMTP -> new('mailserver.mail.com'); #Connect 
+to a mail server
         $smtp -> mail( 'sending\@mail.com'); #Sender's name
         $smtp -> to('receiving\@mail.com'); #Receivers name
         $smtp -> data();
         # Send the header
         $smtp -> datasend("To:  'receiving\@mail.com\n");
         $smtp -> datasend("From:  sending\@mail..com\n");
         # Send the Body
         my $x = 0;
         while ($x < 25 ) { #lines to print
            my $lines = pop @lines;
            $x++;
            print $lines."\n";
            $smtp -> datasend($lines);
         }
         $smtp -> dataend();
         $smtp -> quit;
         $timer++;
         $hours++;
         sleep 3600;
      }
   }
}
close (fh);

[download]

I would appreciate a review of this code, I want to make it better. BTW This is a Win32 version, I'm working on a linux version as well.
Many thanks,
Poetic Justice

Replies are listed 'Best First'.
Re: While I'm away...
by bschmer (Friar) on Jul 11, 2001 at 03:30 UTC
    OK, so your script will slurp in all of the lines from the file that your monitoring...once. You need to move the open and reading of the data into the while ($hours < 72) loop. In addition, you probably don't want to hold the file open for the whole hour that you're sleeping, so you'd likely want to close it after the data is read.

    I'm not real sure why the while ($timer < 1) loop is there since it will always be incremented up to 1 the first time through the loop.

    Since you're on Windows, tail -25 probably isn't a good option (Code reuse can be a good thing, performance isn't really an issue since it only runs once an hour), but the sending/printing of the lines could be cleaned up a bunch: 

    map {print; smtp->datasend($_)} reverse splice(@lines, -25);

    [download]
    will do the same thing (almost, you didn't chomp the data in @lines, so there were double newlines on the copy of the data that went to STDOUT). And if you want the data in the same order it was in the file, remove the 'reverse'.

    However, I kind of doubt that you would really want to see the same 25 lines every hour if there has been no change to the file. What you probably want to do is do a select() on fh to see if it has any new data available to be read. Warning: I have done most, if not all of my Perl hacking on a Unix-like version of Perl (Linux, Solaris, AIX, Cygwin, etc), so I don't know if select() is even supported under (I assume) ActiveState on Windows.

    If you can use select() or better yet IO::Select, you would do something like this: 

    Open the file;
Create an IO::Select object that watches fh;
while ($hours < 72){
    if (IO::Select object->can_read(short_timeout){
        read all available data
        ship off the last 25 lines in a mail
    }
    sleep;
}

    [download]
    You should also use IO::Select to check to see if the user entered q. This could be done in the same IO::Select object that watches fh if you only want to check it every hour. More than likely, you'll want a new IO::Select object that you can do a can_read(3600) call on to do your sleep for you.

    I'd likely go into more detail, but I'd like to make sure that you can use these calls in your environment before I do.

[reply]
[d/l]
[select]
      That's why I post on Perl Monks. I'll try these mods and repost the code. Thanks for the input!
[reply]

Back to Cool Uses for Perl

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: CUFP [id://95412]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others goofing around in the Monastery: (5)
As of 2024-04-18 22:31 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found