Re: Re: Tricky Syslog Parsing

Much appreciated Monks. You still haven't let me down yet.

This might not be the best method/code, but here's how I got it working. Any improvements welcome (I don't know why I have to use open twice, if I never close FILE, but it doesn't work otherwise):

my $file = 'd:\PROGRA~1\Syslogd\Logs\syslog22Dec2003.txt';

open (FILE, $file) or die "Can't open $file: $!\n";
my %messages;  

while(<FILE>) {
    /(FW\-\d+\-\d+)/;              # extract MSG ID
    next if exists($messages{$1});   # ignore it if we've
    $messages{$1} = $1;             # already seen it.
}


my $count;

open (FILE, $file) or die "Can't open $file: $!\n";

for my $i (keys %messages){
  print "\n$i:\n\n";
  $count = 0;
   while(<FILE>){
     if (/$i/){
    print "$_\n";
    $count++;
     }
    last if $count == 1;
   }
}

close FILE;
[download]

Comment on Re: Re: Tricky Syslog Parsing Download Code

Replies are listed 'Best First'.
Re: Re: Re: Tricky Syslog Parsing by elwarren (Priest) on Jan 13, 2004 at 21:39 UTC
Your first loop will scan through the entire file. You start from the top again the second time you open it. If your logfile consistently contains three line entries, you could loop on the date regex and then `readline()` in the next two lines, parse all three at the same time, then loop back up again. The pointer will follow your place in the file and you'll be right at the next timestamp entry. `open file; while(<file>) { my $line1 = $_; my $line2 = readline(<file>); my $line3 = readline(<file>); #handle $line1, $line2, $line3 all at once then #loop up for the next entry }` [download]	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re: Re: Re: Tricky Syslog Parsing
by elwarren (Priest) on Jan 13, 2004 at 21:39 UTC

readline()

open file;
while(<file>) {
  my $line1 = $_;
  my $line2 = readline(<file>);
  my $line3 = readline(<file>);
  #handle $line1, $line2, $line3 all at once then
  #loop up for the next entry
}
[download]

[reply]
[d/l]
[select]