60 |
|
|
61 |
void analyseLine(string line) { |
void analyseLine(string line) { |
62 |
vector<string> words = getTokens(line); |
vector<string> words = getTokens(line); |
63 |
|
|
64 |
|
if (words.size() < 7) { |
65 |
|
cout << "Illegal line format " << line << endl; |
66 |
|
return; |
67 |
|
} |
68 |
|
|
69 |
//print date and time |
//print date and time |
70 |
cout << words[0] << " " << words[1] << " " << words[2] << " "; |
cout << words[0] << " "; //month |
71 |
|
cout << setw(2) << words[1] << " " ; //day min width 2 |
72 |
|
cout << words[2] << " "; //timestamp |
73 |
for (unsigned i=3; i<words.size(); i++) { |
for (unsigned i=3; i<words.size(); i++) { |
74 |
analyseWord(words[i]); |
analyseWord(words[i]); |
75 |
} |
} |
80 |
|
|
81 |
|
|
82 |
void printUsage() { |
void printUsage() { |
83 |
cout << "Usage: analyser [-l] <logfile>" << endl; |
cout << "Usage: analyser [-l] <logfile>|-" << endl; |
84 |
|
cout << "Use '-' for reading logdata from std input" << endl; |
85 |
cout << "Options:" << endl; |
cout << "Options:" << endl; |
86 |
cout << " -l : geoip lookup on source IP adresses" << endl; |
cout << " -l : geoip lookup on source IP adresses" << endl; |
87 |
} |
} |
107 |
file = argv[1]; |
file = argv[1]; |
108 |
} |
} |
109 |
|
|
110 |
|
istream* in; |
111 |
|
ifstream infile; |
112 |
|
|
113 |
ifstream in(file.c_str()); |
if ( file == "-") { |
114 |
|
in = &cin; |
115 |
|
} else { |
116 |
|
infile.open(file.c_str()); |
117 |
|
|
118 |
if (!in) { |
if (!infile) { |
119 |
cout << "Could not open " << file << endl; |
cout << "Could not open " << file << endl; |
120 |
return 1; |
return 1; |
121 |
|
} |
122 |
|
|
123 |
|
in = &infile; |
124 |
} |
} |
125 |
|
|
126 |
|
|
127 |
|
|
128 |
if (lookup){ |
if (lookup){ |
129 |
gi = GeoIP_new(GEOIP_STANDARD); |
gi = GeoIP_new(GEOIP_STANDARD); |
130 |
} |
} |
131 |
|
|
132 |
while (!in.eof()) { |
char buffer[1024]; |
133 |
char buffer[1024]; |
|
134 |
in.getline(buffer,1024); |
while (!in->eof()) { |
135 |
|
in->getline(buffer,1024); |
136 |
if (buffer[0] == 0) |
if (buffer[0] == 0) |
137 |
continue; //empty line |
continue; //empty line |
138 |
analyseLine(buffer); |
analyseLine(buffer); |
139 |
} |
} |
140 |
|
|
141 |
if (lookup) { |
if (lookup) { |
142 |
|
GeoIP_delete(gi); |
143 |
} |
} |
144 |
|
|
145 |
return 0; |
return 0; |