开发者

File::Tail::Select what is the @pending behaviour

问答 作者: 
foreach my $subfile(glob "*:*")

    {
            print "opening $subfile\n";
            push(@files,File::Tail->new(name=>"$subfile",debug=>$debug));
    }
    while (1)
    {
            ($nfound,$timeleft,@pending)= File::Tail::select(undef,undef,undef,$timeout,@files);
            unless ($nfound)
            {
               # t开发者_开发问答imeout - do something else here, if you need to
            }
            else
            {
                    foreach (@pending)
                    {
                            print $_->{"input"}." (".localtime(time).") ".$_-> read;
                    }
            }
    }

what is the @pending behavior?if the result display as below...

TCP:34628-80 (Wed Mar 30 01:49:57 2011) 03/30-01:49:50.607858 119.40.116.196:80 -> 192.168.242.133:34628
TCP:34628-80 (Wed Mar 30 01:49:57 2011) TCP TTL:128 TOS:0x0 ID:34869 IpLen:20 DgmLen:40
TCP:34629-80 (Wed Mar 30 01:49:57 2011) 03/30-01:49:51.309716 119.40.116.196:80 -> 192.168.242.133:34629
UDP:41415-53 (Wed Mar 30 01:49:57 2011) 03/30-01:49:47.220999 192.168.242.2:53 -> 192.168.242.133:41415
UDP:44705-53 (Wed Mar 30 01:49:57 2011) 03/30-01:49:47.427011 192.168.242.2:53 -> 192.168.242.133:44705
UDP:50539-53 (Wed Mar 30 01:49:57 2011) 03/30-01:49:47.213455 192.168.242.2:53 -> 192.168.242.133:50539
TCP:34628-80 (Wed Mar 30 01:49:57 2011) ***AP**F Seq: 0x2F3E700A  Ack: 0x2359814F  Win: 0xFAF0  TcpLen: 20
TCP:34629-80 (Wed Mar 30 01:49:57 2011) TCP TTL:128 TOS:0x0 ID:34871 IpLen:20 DgmLen:40
UDP:41415-53 (Wed Mar 30 01:49:57 2011) UDP TTL:128 TOS:0x0 ID:34859 IpLen:20 DgmLen:65
UDP:44705-53 (Wed Mar 30 01:49:57 2011) UDP TTL:128 TOS:0x0 ID:34861 IpLen:20 DgmLen:153
UDP:50539-53 (Wed Mar 30 01:49:57 2011) UDP TTL:128 TOS:0x0 ID:34857 IpLen:20 DgmLen:179
TCP:34628-80 (Wed Mar 30 01:49:57 2011) =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
TCP:34629-80 (Wed Mar 30 01:49:57 2011) ***AP**F Seq: 0x9D70418  Ack: 0x248089DB  Win: 0xFAF0  TcpLen: 20
UDP:41415-53 (Wed Mar 30 01:49:57 2011) Len: 37
UDP:44705-53 (Wed Mar 30 01:49:57 2011) Len: 125
UDP:50539-53 (Wed Mar 30 01:49:57 2011) Len: 151
TCP:34628-80 (Wed Mar 30 01:49:57 2011) 
TCP:34629-80 (Wed Mar 30 01:49:57 2011) =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

isn't that @pending will store the data line by line?how do i modify the code to only retrieve the IP address?In my opinion i think i can use split() to break the line into word by word..so anyone can give me some example about it

Regular expressions would be the easiest way to get the IP address:

if (/([.\d]+):\d -> ([.\d]+):\d/) {
     # ipaddress 1 will be in $1, and ip address 2 will be in $2
}

!/usr/local/bin/perl

use File::Tail;

chdir( "/var/log/snort");

foreach my $fol(glob "..*.*") {

    print "Opening $fol\n";

    chdir("/var/log/snort/$fol");

    foreach my $subfile(glob "*:*")
    {

            print "opening $subfile\n";

            push(@files,File::Tail->new(name=>"$subfile",debug=>$debug));
    }

    while (1)
    {
            ($nfound,$timeleft,@pending)= File::Tail::select(undef,undef,undef,$timeout,@files);
            unless ($nfound)
            {
                    print "Nothing to print \n";
            }
            else

foreach (@pending) { if (/([.\d]+):\d -> ([.\d]+):\d/) {

                                    print $_->{"input"}." (".localtime(time).") ".$2 -> read;
                                                                  }
                    }
            }
    }

} hey guy i working out like this...isn't this correct?it seem like nothing to print out

继续阅读:filehandleperl

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9