时间戳

首页 > 解决方案 > 使用 perl 将日志附加到文件

perl - 使用 perl 将日志附加到文件

问题描述

使用此代码即时从 filelogmsg2.txt 转换日志:

use strict;
use warnings;
use feature 'say';
use JSON;
use utf8;


my $filename = '/tmp/logmsg2.txt';

open(FH, '<', $filename) or die $!;
while(<FH>){


   my %IDs = ( "User awx01 logged in." => 1001 );
   my %levels = ( INFO => 4 );

   # read in all the data, even though it looks
   my $data = do { local $/; $_ };
   my $decoded = decode_json( $data );
   $decoded->{Message} = decode_json( $decoded->{Message} );

   say rec2msg($decoded);

   sub rec2msg {
       my $r = shift;
       $r->{Message}{message} =~ /(\w+) (\w+) (.+)/;

       my($user,$msg) = ($2,"$1 $3");
       my $ID    = $IDs{$r->{Message}{message}};
       my $level = $levels{$r->{Message}{level}};

       my $out = "$r->{Message}{'@timestamp'} host CEF:0|OpenSource|AWX|7.0.0|$ID|$msg|$level|src=127.0.0.1 dst=$r->{MessageSourceAddress} duser=$user"
   }
}

close(FH);

但是在我这样做之后,我希望将转换后的日志移动到这个文件:/tmp/logmsg3.txt。我怎么能这样做?

当我将此代码放在'end open(my $out, '>', $filename2)' 时:

my $out = "$r->{Message}{'@timestamp'} host CEF:0|OpenSource|AWX|7.0.0|$ID|$msg|$level|src=127.0.0.1 dst=$r->{MessageSourceAddress} duser=$user"
open(my $out, '>', $filename2)
   }
}

我收到此错误:

Can't find string terminator '"' anywhere before EOF at /usr/transforming.pl line 33.

标签: perl

解决方案

my %IDs = ( "User awx01 logged in." => 1001 );
my %levels = ( INFO => 4 );

my $filename = '/tmp/logmsg2.txt';
my $filename2 = '/tmp/logmsg3.txt';

open(OUT, '>', $filename2) or die $!;
open(FH, '<', $filename) or die $!;
while(<FH>){


   # read in all the data, even though it looks
   my $data = do { local $/; $_ };
   my $decoded = decode_json( $data );
   $decoded->{Message} = decode_json( $decoded->{Message} );

   say rec2msg($decoded);

   sub rec2msg {
       my $r = shift;
       $r->{Message}{message} =~ /(\w+) (\w+) (.+)/;

       my($user,$msg) = ($2,"$1 $3");
       my $ID    = $IDs{$r->{Message}{message}};
       my $level = $levels{$r->{Message}{level}};

       my $out = "$r->{Message}{'@timestamp'} host CEF:0|OpenSource|AWX|7.0.0|$ID|$msg|$level|src=127.0.0.1 dst=$r->{MessageSourceAddress} duser=$user";
       print OUT $out;
       print OUT "\n";
       return $out;
   }
}

close(FH);
close(OUT);

推荐阅读