/[projects]/uloganalyzer/uloganalyzer.cpp
ViewVC logotype

Annotation of /uloganalyzer/uloganalyzer.cpp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 124 - (hide annotations) (download)
Tue Dec 2 18:16:42 2008 UTC (15 years, 5 months ago) by torben
File size: 2455 byte(s) 
The day of month field should allways fill to characters.
1 torben 116 #include <iostream>
2     #include <fstream>
3     #include <string>
4     #include <sstream>
5     #include <vector>
6     #include <iomanip>
7     #include <GeoIP.h>
8    
9    
10     using namespace std;
11     GeoIP* gi = 0;
12     bool lookup = false;
13    
14     vector<string> getTokens(const string& str){
15     string buf;
16     stringstream ss(str);
17     vector<string> tokens;
18     while (ss >> buf)
19     tokens.push_back(buf);
20     return tokens;
21     }
22    
23     void lookupIP(const string& ip) {
24     if (!lookup)
25     return;
26     const char* cc = GeoIP_country_code_by_addr(gi, ip.c_str());
27    
28     if (cc)
29     cout << setw(3) << cc << " ";
30     else
31     cout << setw(3) << "n/a ";
32    
33     }
34    
35     void analyseWord(const string& word) {
36     int delim = word.find("=");
37    
38     if (delim == -1) //delimiter not found;
39     return;
40     string key = word.substr(0,delim);
41     string val = word.substr(delim+1, 1024); // the rest
42    
43     if (key == "SRC") {
44     cout << setw(15) << left << val << " ";
45     lookupIP(val);
46     }
47    
48     if (key == "DST")
49     cout << setw(15) << left << val << " ";
50    
51     if (key == "PROTO")
52     cout << val << " ";
53    
54     if (key == "SPT")
55     cout << setw(5) << right << val << " ";
56    
57     if (key == "DPT")
58     cout << setw(6) << right << val << " ";
59     }
60    
61     void analyseLine(string line) {
62     vector<string> words = getTokens(line);
63 torben 123
64     if (words.size() < 7) {
65     cout << "Illegal line format " << line << endl;
66     return;
67     }
68 torben 116
69     //print date and time
70 torben 124 cout << words[0] << " "; //month
71     cout << setw(2) << words[1] << " " ; //day min width 2
72     cout << words[2] << " "; //timestamp
73 torben 116 for (unsigned i=3; i<words.size(); i++) {
74     analyseWord(words[i]);
75     }
76    
77    
78     cout << endl;
79     }
80    
81    
82     void printUsage() {
83 torben 123 cout << "Usage: analyser [-l] <logfile>|-" << endl;
84     cout << "Use '-' for reading logdata from std input" << endl;
85 torben 116 cout << "Options:" << endl;
86     cout << " -l : geoip lookup on source IP adresses" << endl;
87     }
88    
89     int main(int argc, char** argv)
90     {
91     if (argc < 2) {
92     printUsage();
93     return 1;
94     }
95    
96     string file = "";
97    
98     if (string(argv[1]) == "-l") {
99     if (argc != 3) {
100     printUsage();
101     return 1;
102     }
103    
104     file = argv[2];
105     lookup = true;
106     } else {
107     file = argv[1];
108     }
109    
110 torben 123 istream* in;
111     ifstream infile;
112 torben 116
113 torben 123 if ( file == "-") {
114     in = &cin;
115     } else {
116     infile.open(file.c_str());
117 torben 116
118 torben 123 if (!infile) {
119     cout << "Could not open " << file << endl;
120     return 1;
121     }
122    
123     in = &infile;
124 torben 116 }
125    
126 torben 123
127 torben 116
128     if (lookup){
129     gi = GeoIP_new(GEOIP_STANDARD);
130     }
131    
132 torben 122 char buffer[1024];
133    
134 torben 123 while (!in->eof()) {
135     in->getline(buffer,1024);
136 torben 116 if (buffer[0] == 0)
137     continue; //empty line
138     analyseLine(buffer);
139     }
140    
141     if (lookup) {
142 torben 122 GeoIP_delete(gi);
143 torben 116 }
144    
145     return 0;
146     }
  ViewVC Help
Powered by ViewVC 1.1.20