On Wed, Dec 28, 2005 at 01:28:00PM -0300, myself wrote:
> I use qmLogsort[1] for such issues, it "links" message+delivery numbers for
> easy tracking and supports --grep patterns, eg:
> qmLogsort --grep [EMAIL PROTECTED] /var/log/qmail/*
>
> Very handy...
>
> Saludos!
>
> [1] v0.23: http://www.pangora.org/qmail.org/qmLogsort
> v0.24: (tai64 support) seems to have vanished, still in google's cache
> from 18/12/2005:
>
> http://64.233.179.104/search?q=cache:JI-n_E3jwxkJ:www.gonefishing.org/techstuff/qmLogsort+qmlogsort+0.24
'found my copy v0.24 copy, attached.
Regards
--
--Juanjo
# Juan Jose Ciarlante (JuanJo) jjo ;at; mendoza.gov.ar #
# GnuPG Public Key: gpg --keyserver wwwkeys.eu.pgp.net --recv-key 66727177 #
# Key fingerprint: 0D2F 3E5D 8B5C 729E 0560 F453 A3F7 E249 6672 7177 #
#!/usr/bin/perl
# -*- perl -*-
# v0.24 -- 2004.07.01 added support for tai64n timestamps
# v0.23 -- 1999.09.30 added --tell and --seek to speed up searches
# v0.22 -- 1999.04.11 added support for delivery sorting within messages
# v0.21 -- 1999.03.29 added //s to match . to newlines in the paragraph ???
# Author: Monte Mitzelfelt <[EMAIL PROTECTED]>
$version = '0.24' ;
use Getopt::Long ;
BEGIN { eval "require IO::Page" ; }
%uncompress = (
'.Z' => 'uncompress -c',
'.gz' => 'gunzip -c',
'.bz2' => 'bzip2 -dc',
) ;
$res = GetOptions(
"grep=s", \$grep,
"nogrep=s", \$nogrep,
"follow", \$follow,
"help", \$help,
"tell", \$tell,
"seek=i", \$seek,
) ;
if ( $res == 0 || $help == 1 ) {
print STDERR "\n" if $res == 0 ;
( $0 ) = $0 =~ m!([^/]+)$! ;
die <<"USAGE" ;
usage: $0
[--grep pattern] emit records that do contain pattern
[--nogrep pattern] emit records that don't contain pattern
[--follow] follow last log file in list as it grows
[--tell] adds a file position for each record
[--seek n] where n is an integer from tell: line
[--help] this message
[file1 ...] list of files to search
automatically uncompresses @{[ sort keys %uncompress ]} if systems supports it
version: $version
USAGE
}
# set autoflush
$| = 1 ;
@ARGV = ( "/var/log/maillog" )
unless @ARGV ;
$zipexts = join "|", map { quotemeta } keys %uncompress ;
@ARGV = map { /($zipexts)$/o ? "$uncompress{$1} $_ |" : $_ } @ARGV ;
# process the tai64n timestamps
open TAI64N, "|-", "/bin/tai64nlocal" or die $!;
FOLLOW:
while (1) {
if ( @ARGV > 0 ) {
$FILE = shift @ARGV ;
open FILE
or die "open $FILE: $!\n" ;
}
if ( defined $seek ) {
seek FILE, $seek, 0 ;
$lasttell = $seek ;
} else {
$lasttell = 0 ;
}
while (<FILE>) {
# for syslog maillog => next unless / qmail:/ ;
if ( ( $type, $msgnum ) = /(\w+) msg (\d+)/ ) {
if ( $type eq 'new' ) {
$hash{$msgnum}{MSG} = $_ ;
$hash{$msgnum}{TELL} = $tellbefore ;
} elsif ( $type eq 'end' ) {
printmsg( $msgnum, $_ ) ;
} else {
$hash{$msgnum}{MSG} .= $_ ;
}
} elsif ( ($delivery, $msgnum ) = /delivery (\d+): msg (\d+)/ ) {
$d2m{$delivery} = $msgnum ;
$hash{$msgnum}{$delivery} .= $_ ;
push @{ $hash{$msgnum}{DELI} }, $delivery ;
} elsif ( ( $delivery ) = /delivery (\d+)/ ) {
$hash{$d2m{$delivery}}{$delivery} .= $_ ;
}
# don't do syscall unless needed
$tellbefore = $lasttell ;
$lasttell = tell FILE if $tell ;
}
if ( $follow && @ARGV == 0 ) {
# wait three seconds
sleep 3 ;
# and reset eof!
seek FILE, 0, 1 or die "bad seek on FILE: $!\n" ;
} else {
close FILE ;
while ( ($key,$_) = each %hash ) {
printmsg( $key ) ;
}
undef %hash ;
last FOLLOW if @ARGV == 0 ;
}
} # while(1)
close TAI64N ;
sub printmsg {
my( $msgnum, $txt, ) = @_ ;
my( $delivery, $tellpos, ) ;
$txt = "$hash{$msgnum}{MSG}$txt" ;
foreach $delivery ( @{ $hash{$msgnum}{DELI} } ) {
$txt .= $hash{$msgnum}{$delivery} ;
}
$tellpos = $hash{$msgnum}{TELL} ;
delete $hash{$msgnum} ;
next if $grep && $txt !~ /$grep/sio ;
next if $nogrep && $txt =~ /$nogrep/sio ;
print TAI64N ( ( $tell ? "tell: $tellpos\n" : ""), "$txt\n" );
}
