parseLog.pl
Example 8-9 contains the full source for the parseLog.pl script.
Example 8-9. Code for parseLog.pl
#!/usr/bin/perl use strict; if ($#ARGV < 0) { die "Usage: $0 LogFile\n"; } open(IN, "< $ARGV[0]") or die"ERROR: Can't open file $ARGV[0].\n"; # Change the input record separator to select entire log entries $/ = "=" x 54; my @logData = <IN>; # Loop through each request and parse it my ($request,$logEntry, @requests); foreach $logEntry (@logData) { # Create an array containing each line of the raw request my @logEntryLines = split(/\n/, $logEntry); # Create an array containing each element of the first request line my @requestElements = split(/ /, $logEntryLines[1]); # Only parse GET and POST requests if ($requestElements[0] eq "GET" || $requestElements[0] eq "POST" ) { if ($requestElements[0] eq "GET" ) { print $requestElements[0]." ".$requestElements[1]."\n"; } # POST request data is appended after the question mark if ($requestElements[0] eq "POST" ) { print $requestElements[0]." ".$requestElements[1]."?".$logEntryLines[-2]."\n"; } } # End check for GET or POST } # End loop for input file entries
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.