Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hi, I would like to convert log files (binary format) and parse the information with SQL requests. Log files are obtained by different security tools such as tcpdump, snort... and I would like to make a precise analysis of them with my own requests. Does-it already exist any PERL script/doc that should help me to parse these files and send them to mySQL ? I would appreciate any help thanks a lot Fabien

Replies are listed 'Best First'.
Re: Parsing log files...
by Aragorn (Curate) on Jan 29, 2003 at 11:44 UTC
    If you have a database model to store the information from the various logfiles in, then populating it wouldn't be too hard.

    If not, you should first think about how to store the information in the database and create a database in MySQL. After that, DBI is your friend.

    Arjen

[reply]
Re: Parsing log files...
by hotshot (Prior) on Jan 29, 2003 at 13:33 UTC
    if you need to insert logfiles from syslog to mysql you should use syslog-ng instead of syslogd. In the last version of syslog-ng you can configure it to send the new logs directly to mysql database, see this for further details.

    Hotshot
[reply]

Back to Seekers of Perl Wisdom