[snip] > > #next unless /IPACCESSLOGP: list $acl denied ([tcpud]+) > ([0-9.]+)\([0-9]+\)\s*->\s*([0-9.]+)\(([0-9]+)\), ([0-9]+) \; > next unless /IPACCESSLOGP: list $acl denied ([tcpud]+) ([0-9.]+)\ ([0-9]+\)\s*->\s*([0-9.]+)\(([0-9]+)\), ([0-9]+) /;
Thanks Ron that worked. What is the 'next' statement actually doing though since the script works with or without it? Is it more efficient? I looked here http://www.perl.com/doc/FMTEYEWTK/style/slide29.html and http://www.perl.com/lpt/a/490. Is the 'next' statement skipping lines that match the 'if' statement? Should the 'if' statement be modified to reflect the 'next' statement (basically modifying the $quad and $port to remove the $foo and $moo)? Thanks Here's the current working version: #!/usr/bin/perl # use warnings; use strict; # Set behaviour my $log='/var/log/cisco.log'; my $ntop=10; #chomp ($acl=$ARGV[0]); #if ($acl eq "") { $acl=".*"}; #chomp ( my $sig = $ARGV[0] || '.*' ); my $acl = $ARGV[ 0 ] || '.*'; open LOG, '<', $log or die "Cannot open '$log' $!"; my ( %srca, %quad, %port, $foo, $moo ); #my ( %srca, %quad, %port ); while (<LOG>) { if (/IPACCESSLOGP: list $acl denied ([tcpud]+) ([0-9.]+)\(([0-9]+)\)\s*->\s*([0-9.]+)\(([0-9]+)\), ([0-9]+) /){ my $x=$6; $srca{$2}+=$x; $foo=sprintf("%16s -> %16s %3s port %-6s",$2,$4,$1,$5); $moo=sprintf("%3s port %-6s",$1,$5); $quad{$foo}+=$x; #should I integrate the previous two lines into this and the next line? $port{$moo}+=$x; #Why do I need this? next unless /IPACCESSLOGP: list $acl denied ([tcpud]+) ([0-9.]+)\([0-9]+\)\s*->\s*([0-9.]+)\(([0-9]+)\), ([0-9]+) /; $srca{ $2 } += $5; $quad{ sprintf '%16s -> %16s %3s port %-6s', $2, $3, $1, $4 } += $5; $port{ sprintf '%3s port %-6s', $1, $4 } += $5; } } #$n=0; my $n; printf "Connection Summary:\n"; foreach my $i (sort { $quad{$b} <=> $quad{$a} } keys %quad) { if ($n++ >= $ntop) { last }; printf ("%6s:%s\n", $quad{$i},$i); } $n=0; printf "\nDestination Port Summary:\n"; foreach my $i ( sort { $port{$b} <=> $port{$a} } keys %port) { if ($n++ >= $ntop) { last }; printf ("%6s: %s\n", $port{$i},$i); } $n=0; printf "\nSource Address Summary:\n"; foreach my $i ( sort { $srca{$b} <=> $srca{$a} } keys %srca) { if ($n++ >= $ntop) { last }; printf ("%6s: %s\n", $srca{$i},$i); } -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/
