Monday, December 8, 2008

Managing Swatch Output With Yet Another Perl Script

Hey There,

Since I'm coming down from a week of getting kicked in the teeth (I mean, being 24x7 primary on call ;) this week's Monday Unix and/or Linux script is veering from the direction they mostly go in. My next idea was to create a CLI book reader to compliment out previous script to find free online books. That's still in the cooker, but requires a bit more than my frazzled brain, and sleep-deprived nervous system, can muster at this moment. Please pardon any lack of "oomph" in my "voice." ;)

The script itself is fairly easy to execute, and assumes you already have swatch setup to run (this script is written more for a single "loghost" - setup to gather information from all systems' syslog/messages), have a .swatchrc file already in place and configured and just aren't allowed to muck with it. We're also assuming, of course, that you have to deal with checking the output every morning and you're sick and/or tired of having to pick it apart by eye.

The script itself just takes two arguments: The hostname you want to search for and the name of the main swatch output file. So if you wanted to grab information from the "dbhost4" machine, you could run the script like this:

host # ./swatchlogger.pl dbhost4 /var/adm/swatch.out <-- or whatever your specific swatch output file is called.

The script should be pretty easy to make work for a single host (just take a big chunk of it away ;). If your host doesn't match one listed in the regular expression of the script it will be put in the default output file. It's all in there somewhere...

Hope you enjoy it and/or it helps you out some. Here's to sleeping. Although, according to the timestamp, it's tomorrow already, isn't it?

Oh, the humanity ;)

Cheers,


Creative Commons License


This work is licensed under a
Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License

#!/usr/bin/perl

#
# Swatchlogger.pl - Sort out all that swatch output!
#
# 2008 - Mike Golvach - eggi@comcast.net
#
# Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License
#

$hostname = $ARGV[0];
shift;
@boink = @ARGV;

if ( $hostname =~ /(webhost(3|6)|dbhost(4|3)|devhost|10.10.2.20)/ ) {
open(SWLOGFILE, ">>/var/adm/dailyswatch.dev.log");
print SWLOGFILE "@boink\n";
close(SWLOGFILE);
chmod(0644, "/var/adm/dailyswatch.dev.log");
} else {
foreach $humper (@boink) {
if ( $humper =~ /password/ ) {
$wanger = 1;
} elsif ( $humper =~ /access-request/ ) {
$boinker =1;
}
}
if ( $wanger ) {
open(SWLOGFILE, ">>/var/adm/dailyswatch.pwd.log");
print SWLOGFILE "@boink\n";
close(SWLOGFILE);
chmod(0644, "/var/adm/dailyswatch.pwd.log");
} elsif ( $boinker ) {
open(SWLOGFILE, ">>/var/adm/dailyswatch.rad.log");
print SWLOGFILE "@boink\n";
close(SWLOGFILE);
chmod(0644, "/var/adm/dailyswatch.rad.log");
} else {
open(SWLOGFILE, ">>/var/adm/dailyswatch.reg.log");
print SWLOGFILE "@boink\n";
close(SWLOGFILE);
chmod(0644, "/var/adm/dailyswatch.reg.log");
}
}


, Mike




Please note that this blog accepts comments via email only. See our Mission And Policy Statement for further details.