I need your expert advice on how to get the epoch times into a script from multiple syslog files.
Here's what I have so far
#!/usr/bin/perl use Time::Local; $x = &getTime; sub getTime { ($sec,$min,$hour,$mday,$month,$year,$wday, $yday,$isdst)=localtime(tim +e); $epoch = timelocal($sec, $min, $hour, $mday, $month, $year); return $epoch; } @fileTotal = `ls /var/log/syslog*`; #foreach loop opens each log file foreach $file (@fileTotal) { chomp($file); open(FILEREAD, "< $file"); while ($linebuf = <FILEREAD>) { chomp($linebuf); # remove <CR> at the end @data = split(/[ ]+/, $linebuf); if( $data[6] eq "session" && $data[7] eq "opened") { $d1 = index($linebuf, "[", 0); $d2 = index($linebuf, "]", ($d1+1)); $ID = substr($linebuf, ($d1+1), ($d2-$d1-1)); $openTime{$ID} = $epoch; $account{$ID} = $data[10]; } elsif( $data[6] eq "session" && $data[7] eq "closed" +) { # user SSH logoff session $d1 = index($linebuf, "[", 0); $d2 = index($linebuf, "]", ($d1+1)); $ID = substr($linebuf, ($d1+1), ($d2-$d1-1)); $closeTime = $epoch; if( defined $account{$ID}) { $userAccount = $account{$ID}; $duration = $closeTime - $openTime{$ID}; #interval $totalSession{$userAccount}++; $dSession{$userAccount} += $duration; } } } close FILEREAD; + } foreach $x (sort(keys %totalSession)) { $averageSession = $dSession{$x}/$totalSession{$x}; printf "%-10s %10s %10s \t %.2f\n", $x, $totalSession{$x}, $ +dSession{$x}, $averageSession; }
My output gives me continuous 0s though like shown below.
Any guidance you guru's can give will be appreciated. ThanksAccount Count TotalTime Average 86 0 0.00 root 2 0 0.00 user01 37 0 0.00 user02 4 0 0.00 user03 86 0 0.00 user04 57 0 0.00 user05 945 0 0.00 user06 11 0 0.00 user07 46 0 0.00 user08 17 0 0.00 user09 2 0 0.00 user10 81 0 0.00
In reply to Passing epoch time to function to compare open session time and close session time by Anonymous Monk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |