Hey guys, just had a quick question about my program. I ran a batch file with the file path of my perl script to parse some Snort logs overnight but the batch file closed and the parsing ended with the last log at 1:59, however, there were still logs all the way up until I got to work this morning.
my $file= File::Tail -> new ("C:\\Snort\\log\\test3\\8_8.log"); my @alert; my $line; my @localTime=localtime; my $localDate = sprintf "%02d%02d%04d", $localTime[4]+1, $localTime[3] +, $localTime[5] +1900; while (defined ($line = $file->read)){ if($line =~ /^\=\+\=/){ my @local = localtime; my $date = sprintf "%02d%02d%04d", @local[4]+1, @local[3], + @local[5] +1900; if ($localDate !~ m/$date/){ $localDate = $date; process(@alert); @alert = (); my $snortFile = "C:\\Snort\\log\\test3\\8_8.log"; open WRITESNORT, ">", $snortFile or die "Could not ope +n write file."; print WRITESNORT ""; close (WRITESNORT); }else{ process(@alert); @alert = (); }#end else }else{ push @alert, $line; }#end else }#end while
What I am basically doing here is 1st, saving a variable for the date of when I start the script, ex: "08122011" for today. Then while there is a new entry in the log (each entry ends in a row of =+=+=..., I check the date of that entry. If the date of this entry is not the same as the day I started the script (say an entry at 1am tomorrow, so 08122011=/=08132011, it will update the date parameter, process the log, and clear the Snort log DAILY. Essentially, this is logging the Snort entries into files like 08122011.log, 08132011.log etc. with this line:
my $writeFile = "C:\\Snort\\log\\test3\\$localDate.log";
in my sub process. I was wondering if you guys knew why my script would all of a sudden end. Is it because of the "defined"? When I clear the log, is it seeing that it is the end of the file so it stops? I have no idea where to look. Thanks in advance.
In reply to File::Tail Timeout? by ahuang14
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |