#!/usr/bin/perl #### #### a program to break up an SNARE audit logfile into days #### per machine #### #### by Ronald P. Reck SAIC / DCTD Nov 2004 # we need these libs use Getopt::Std; # these commandline args getopts('f:'); $inputfile=($opt_f); $version="1.0"; # directory structure datadir/year/month/day/machine.log $datadir="/var/spool/audit"; if (!defined $inputfile) { $inputfile="/var/log/audit.log"; } open IF, "$inputfile"; @INFILE=; foreach $line (@INFILE) { chomp($line); # lets see whats on the line @parts=split(",",$line); # we need to know which machine its for $machine=$parts[0]; ($machine,@junk)=split(/\s+/,$machine); # get the directory structure components. ($day, $month, $daynumber, $time, $year)=split(/\s+/,$parts[2]); if ($daynumber =~ /\b\d\b/x){ print "\n day $daynumber matches"; $daynumber = "0$daynumber"; } # check or make year directory if (-e "$datadir/$year") { }else { # print "\n datadir $datadir/$year doesnt exist!"; mkdir("$datadir/$year"); } # check or make month directory if (-e "$datadir/$year/$month") { }else { # print "\n datadir $datadir/$year/$month doesnt exist!"; mkdir("$datadir/$year/$month"); } # check or make day directory if (-e "$datadir/$year/$month/$daynumber") { }else { # print "\n datadir $datadir/$year/$month/$day doesnt exist!"; mkdir("$datadir/$year/$month/$daynumber"); } #print "\n directory $datadir/$year/$month/$daynumber/$machine"; # open the output file open OF, "+>>$datadir/$year/$month/$daynumber/$machine.log" ; print OF "$line\n" ; close (OF); #$linecount++; #&print_status($linecount); } # this would happen even if we didnt explicitly state it # but let's be good citizens close (IF); sub print_status{ my $number = shift; $time=`date`; chomp($time); print "\n doing line $time $number"; }