#!/usr/bin/perl -w $AUTHOR_MAIL = "scoile\@patriot.net"; $AUTHOR_NAME = "Steve Coile"; $COPYRIGHT_DATE = "1997"; $COPYRIGHT_NAME = "Patriot Computer Group"; $LICENSE = "Distributed under the GNU General Public License"; $VERSION_DATE = "November 4, 1997"; $VERSION_NUMBER = "1.0"; sub convert_time { my($key,$pattern,$today,@seq) = @_; return undef if ($key !~ /$pattern/); my(@time) = ($1,$2,$3,$4,$5,$6); my($year) = int(($seq[0] > -1) ? $time[$seq[0]] : ${$today}[0]); my($month) = (($seq[1] > -1) ? $time[$seq[1]] : ${$today}[1]); my($day) = (($seq[2] > -1) ? $time[$seq[2]] : ${$today}[2]); my($hour) = (($seq[3] > -1) ? $time[$seq[3]] : ${$today}[3]); my($minute) = (($seq[4] > -1) ? $time[$seq[4]] : ${$today}[4]); my($second) = (($seq[5] > -1) ? $time[$seq[5]] : ${$today}[5]); $year += 1900 if ($year < 100); $month = $month2num{uc(substr($month,0,3))} if (length($month) > 2); return( sprintf( "%04d%02d%02d%02d%02d%02d", $year, $month, $day, $hour, $minute, $second ) ); }; $after_time = undef; $before_time = undef; $earliest_time = undef; $earliest_time_text = undef; $latest_time = undef; $latest_time_text = undef; %logaliases = ( "annex" => "acp_logfile", "messages" => "syslog", "radius" => "radlast", "radlast" => "last" ); %logformat = ( "access_log" => join( $;, '^[^\[]*\[([^\]]*)\]', '^(\d\d)/(...)/(\d{4}):(\d\d):(\d\d):(\d\d)', "2,1,0,3,4,5" ), "acp_logfile" => join( $;, '^[^:]*:[^:]*:[^:]*:(\d{6}:\d{6}):', '^(..)(..)(..):(..)(..)(..)$', "0,1,2,3,4,5" ), "last" => join( $;, '^\S+\s+\S+\s+\S+\s+(.{16})', '(...) (\d\d) (\d\d):(\d\d)$', "-1,0,1,2,3,-1" ), "lastcomm" => join( $;, '(\w{3}\s+\d+\s+\d\d:\d\d)$', '(...)\s+(\d+)\s+(\d\d):(\d\d)$', "-1,0,1,2,3,-1" ), "syslog" => join( $;, '^(.{15})', '^(...) (\d\d) (\d\d):(\d\d):(\d\d)$', "-1,0,1,2,3,4" ) ); $log_format = "access_log"; %month2num = ( "JAN" => 0, "FEB" => 1, "MAR" => 2, "APR" => 3, "MAY" => 4, "JUN" => 5, "JUL" => 6, "AUG" => 7, "SEP" => 8, "OCT" => 9, "NOV" => 10, "DEC" => 11 ); $record_file = undef; $usage = sprintf( "Usage:\n" . "\n" . "\t%s [opt]...\n" . "\n" . "Where opt is:\n" . "\n" . "-A after-time\n" . "\tafter-time identifies a time only after which log entries\n" . "\tshould be displayed. Indicates that entries before the\n" . "\tgiven time should be omitted from the output listing.\n" . "\tThe after-time specification should be in the time format\n" . "\tused by the log file.\n" . "-B before-time\n" . "\tbefore-time identifies a time only before which log entries\n" . "\tshould be displayed. Indicates that entries after the\n" . "\tgiven time should be omitted from the output listing.\n" . "\tThe before-time specification should be in the time format\n" . "\tused by the log file.\n" . "-f log-file-format\n" . "\tlog-file-format is an identifier indicating what format\n" . "\tthe input stream is in. The format identifier is used to\n" . "\tdermine where to look for the separating key (the log time)\n" . "\tin each input line.\n" . "-h\n" . "\tDisplay this help message and exit.\n" . "-r record-file\n" . "\trecord-file names a file to receive the latest date\n" . "\tencountered in the log file. If the file exists when the\n" . "\tprogram is invoked and -A is not specified on the command\n" . "\tline, the after-time values will be read from the existing\n" . "\trecord file. The time in the record file should be of the\n" . "\tsame format as those in the log file.\n" . "-v\n" . "\tDisplay version information and exit.\n", $0 ); $version = sprintf( "%s v%s (%s)\n" . "By %s <%s>\n" . "Copyright %d by %s\n" . "%s\n", $0, $VERSION_NUMBER, $VERSION_DATE, $AUTHOR_NAME, $AUTHOR_MAIL, $COPYRIGHT_DATE, $COPYRIGHT_NAME, $LICENSE ); while ($#ARGV > -1) { if (($ARGV[0] eq "-A") && ($#ARGV > 0)) { shift(@ARGV); $after_time = shift(@ARGV); } elsif (($ARGV[0] eq "-B") && ($#ARGV > 0)) { shift(@ARGV); $before_time = shift(@ARGV); } elsif (($ARGV[0] eq "-f") && ($#ARGV > 0)) { shift(@ARGV); $log_format = shift(@ARGV); } elsif ($ARGV[0] eq "-h") { shift(@ARGV); print(STDERR $version,"\n",$usage); exit 0; } elsif (($ARGV[0] eq "-r") && ($#ARGV > 0)) { shift(@ARGV); $record_file = shift(@ARGV); } elsif ($ARGV[0] eq "-v") { shift(@ARGV); print(STDERR $version); exit 0; } else { printf(STDERR "%s: unrecognized option\n", shift(@ARGV) ); print(STDERR $usage); exit 1; }; }; $log_format = $logaliases{$log_format} while (defined($logaliases{$log_format})); if (!defined($logformat{$log_format})) { printf(STDERR "%s: unrecognized log format identifier\n", $log_format ); printf(STDERR "Recognized log file format identifiers are:\n\t%s\n", join("\n\t",sort(keys(%logformat))) ); exit 1; }; ($splitpattern,$timepattern,$seq) = split($;,$logformat{$log_format}); @seq = split(/,/o,$seq,6); @today = (localtime)[5,4,3,2,1,0]; $today[0] += 1900; if (defined($record_file) && !defined($after_time) && (-f $record_file)) { if (!open(RECORDFILE,$record_file)) { printf(STDERR "%s: $!\n", $record_file ); exit 1; }; @_ = ; close(RECORDFILE); if (defined($_[0])) { chomp($_[0]); $after_time = (($_[0] ne "") ? $_[0] : undef); }; }; $after_time = ( defined($after_time) ? &convert_time($after_time,$timepattern,\@today,@seq) : "00000000000000" ); $before_time = ( defined($before_time) ? &convert_time($before_time,$timepattern,\@today,@seq) : "99999999999999" ); $earliest_time = "99999999999999"; $latest_time = "00000000000000"; while ($_ = ) { chomp($_); $_ =~ m($splitpattern)o; my($key) = $1; my($time) = &convert_time($key,$timepattern,\@today,@seq) if (defined($key)); if (defined($time)) { if ($time lt $earliest_time) { $earliest_time = $time; $earliest_time_text = $key; }; if ($time gt $latest_time) { $latest_time = $time; $latest_time_text = $key; }; print($_,"\n") if ( ($time gt $after_time) && ($time lt $before_time) ); } else { print($_,"\n"); }; }; if (defined($record_file)) { if (!open(RECORDFILE,">$record_file")) { printf(STDERR "%s: %!\n", $record_file ); exit 1; }; printf(RECORDFILE "%s\n", (defined($latest_time_text) ? $latest_time_text : "") ); close(RECORDFILE); };