User Tools

Site Tools


linux:programaanalizadordelogs
#
# parser_log.awk - identifica los ficheros de log de apache
#
#
 
 
BEGIN {
      IGNORECASE = 1;
      pattern="\"#ip#\";\"#user#\";\"#pass#\";\"#date_raw#\";\"#date#\";";
      pattern=pattern "\"#time#\";\"#timezone#\";\"#request#\";\"#code1#\";";
      pattern=pattern "\"#code2#\";\"#referer#\";\"#agent#\"";
      print pattern;
      }
 
/.*/  {
        line = $0;
 
        if( match( line, /([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+) (.*)/, a ) != 0 )
        {
          ip = a[1];
          line = a[2]
        }
        else if( match( line, /([0-9]*:[0-9]*:[0-9]*) (.*)/, a ) != 0 )
        {
          ip = a[1];
          line = a[2];
        }
 
        if( match( line, /([[:alnum:]]*|-) (.*)/, a ) != 0 )
        {
          user = a[1];
          line = a[2];
        }
 
        if( match( line, /([[:alnum:]]*|-) (.*)/, a ) != 0 )
        {
          pass = a[1];
          line = a[2];
        }
 
        # parse date and time
        if( match( line, /\[(.*)\] (.*)/, a ) != 0 )
        {
          date_raw = a[1];
          line = a[2];
          # parse date_raw into date, time and timezone
          rest = date_raw;
          if( match( rest, /([[:digit:]]+\/[[:alnum:]]+\/[[:digit:]]+)(.*)/, a
          {
            date = a[1];
            rest = a[2];
            if( match( rest, /:([[:digit:]]+:[[:digit:]]+:[[:digit:]]+)(.*)/, a
            {
              time = a[1];
              rest = a[2];
              if( match( rest, /([+-]?[[:digit:]]+)/, a ) != 0 )
              {
                timezone = a[1];
              }
            }
          }
 
        }
 
        # parse request
        if( match( line, /"([^"]*)" (.*)/, a ) != 0 )
        {
          request = a[1];
          line = a[2];
        }
 
        # parse response codes (200, 400, etc)
        if( match( line, /([[:digit:]]+) (.*)/, a ) != 0 )
        {
          code1 = a[1];
          line = a[2];
        }
        # parse response codes (200, 400, etc)
        if( match( line, /([[:digit:]]+) (.*)/, a ) != 0 )
        {
          code2 = a[1];
          line = a[2];
        }
 
        # parse referer
        if( match( line, /"([^"]*)" (.*)/, a ) != 0 )
        {
          referer = a[1];
          line = a[2];
        }
 
        # parse agent
        if( match( line, /"([^"]*)"/, a ) != 0 )
        {
          agent = a[1];
          line = a[2];
        }
 
        out = pattern;
        out = gensub( "#ip#", ip, "g", out );
        out = gensub( "#user#", user, "g", out );
        out = gensub( "#pass#", pass, "g", out );
        out = gensub( "#date_raw#", date_raw, "g", out );
        out = gensub( "#date#", date, "g", out );
        out = gensub( "#time#", time, "g", out );
        out = gensub( "#timezone#", timezone, "g", out );
        out = gensub( "#request#", request, "g", out );
        out = gensub( "#code1#", code1, "g", out );
        out = gensub( "#code2#", code2, "g", out );
        out = gensub( "#referer#", referer, "g", out );
        out = gensub( "#agent#", agent, "g", out );
 
        print out;
      }
linux/programaanalizadordelogs.txt · Last modified: 2014/12/24 10:42 (external edit)