in reply to Parse multiline logfile

How do you identify that a failure corresponds to an identity? It might be possible to have several people logging in at the same time, so many lines with "received", and then a failure. How would you pick the corresponding identity? E.g. is the con1|33 unique?

($q=q:Sq=~/;[c](.)(.)/;chr(-||-|5+lengthSq)`"S|oS2"`map{chr |+ord
}map{substrSq`S_+|`|}3E|-|`7**2-3:)=~y+S|`+$1,++print+eval$q,q,a,

[download]

Replies are listed 'Best First'.
Re^2: Parse multiline logfile
by chris2013 (Initiate) on May 03, 2016 at 16:53 UTC
    Thank you for your replies. I could modify my script with your simpler regex so that it matches now. If the con1|33 is unique, is a good question. The strongswan guys haven't replied yet. At least, this ID appears only for one login at a time. I don't know when it is reset. - Chris
[reply]

In Section Seekers of Perl Wisdom