Ok so i made a perl code that reads info from a pcap file using tcpdumplog and it puts it into a table in mysql. The code worked awesome and gave me the information i needed. My problem is i hard coded the name of a single pcap file into it and we used to only have to read 1 every month or so. I would just delete old one and rename new 1 to that file.

We now have multiple pcap files that need to be quiered so my issue is using the read() command with a loop to read file extensions with .pcap

Original Working code---------------- 
#!/usr/bin/perl


 use DBI;
 use Net::TcpDumpLog;
 use NetPacket::Ethernet;
 use NetPacket::IP;
 use NetPacket::TCP;
 use Net::Pcap;
 use strict;
 use warnings;

 #Login to mysql
 my $dbh = DBI->connect('DBI:mysql:test', 'root', 'nstar'
               ) || die "Could not connect to +database: $DBI::errstr"
+;


 #Pcap file to log
 my $log = Net::TcpDumpLog->new();
   $log->read("C:\\Documents and Settings\\jordant\\Desktop\\Dump\\m1.
+pcap");

 #INFO from PCAP file
foreach my $index ($log->indexes) {
 my ($length_orig, $length_incl, $drops, $secs, $msecs) = $log->header
+($index);
 my $data = $log->data($index);



 my $eth_obj = NetPacket::Ethernet->decode($data);
   next unless $eth_obj->{type} == NetPacket::Ethernet::ETH_TYPE_IP;


 my $ip_obj = NetPacket::IP->decode($eth_obj->{data});
   next unless $ip_obj->{proto} == NetPacket::IP::IP_PROTO_TCP;

 my $tcp_obj = NetPacket::TCP->decode($ip_obj->{data});





      #get date time stamp of packet
 my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(
+$secs + $msecs/1000);
    $mon+=1;
 my $time = sprintf("%02d-%02d %02d:%02d:%02d",
    $mon, $mday, $hour, $min, $sec);





  #Info in Table

        $dbh->do( "INSERT INTO  test2 (Date,Source,Destination,Packets
+,Port)
                        values (
                        '$time',
                        '$ip_obj->{src_ip}',
                        '$ip_obj->{dest_ip}',
                        '$ip_obj->{len}',
                        '$tcp_obj->{dest_port}')");

[download]
This code does work i just need the hard coded $log->read to be just the directory like so... (C:\\Documents and Settings\\jordant\\Desktop\\Dump) and read all files with extension .pcap within the directory.

Any help would be great! Thanks

In reply to Read() -Multiple Files- by jboy4

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.