my code stock.com

log parser for ASG packet filter logs.

Snippet options

Download: Download snippet as asg_log_parsepl.pl.
Copy snippet: For this you need a free my code stock.com account.
Embed code : You will find the embed code for this snippet at the end of the page, if you want to embed it into a website or a blog!

#!/usr/bin/env perl

use strict;
use warnings;
use Getopt::Long;
use Text::ASCIITable;
use utf8;

my $DETAIL = 0;

GetOptions(
    "v"   => \$DETAIL,
    "vv"  => sub { $DETAIL = 2 },
);

my %protocol_num = (
      1 => 'ICMP',
      2 => 'IGMP',
      4 => 'IP',
      6 => 'TCP',
      7 => 'CBT',
      8 => 'EGP',
      9 => 'IGP',
     17 => 'UDP',
     41 => 'IPv6',
     43 => 'IPv6-Route',
     44 => 'IPv6-Frag',
     45 => 'IDRP',
     46 => 'RSVP',
     47 => 'GRE',
     50 => 'ESP',
     51 => 'AH',
     55 => 'MOBILE',
     58 => 'IPv6-ICMP',
     59 => 'IPv6-NoNxt',
     60 => 'IPv6-Opts',
     88 => 'EIGRP',
     89 => 'OSPF',
     94 => 'IPIP',
    103 => 'PIM',
    112 => 'VRRP',
    113 => 'PGM',
    115 => 'L2TP',
);

my @rows;
while ( my $line = <> ) {
    next unless $line =~ m/^\d/;
    chomp $line;
    my @items = split( '\s+', $line );

    my $log;
    $log->{date} = $items[0];
    $log->{host} = $items[1];

    for my $item ( @items ) {
        my ( $key, $val ) = split /=/, $item;
        next unless defined $val;
        $val =~ s/\"//g;
        $log->{$key} = $val;
    }

    my $arrow = "-->";
    $log->{$arrow} = $arrow;
    $log->{proto} = $protocol_num{$log->{proto}};
    push @rows, $log;
}

my @keys;

if ( $DETAIL == 0 ) {
    @keys = qw( date action proto srcip srcport --> dstip dstport );
}
elsif ($DETAIL == 1 ) {
    @keys = qw( date action proto initf srcmac srcip srcport --> dstip dstport dstmac outitf );
}
else {
    @keys = qw( date host severity fwrule seq action proto tcpflags initf srcmac srcip srcport --> dstip dstport dstmac outitf );
}

my $t = Text::ASCIITable->new();
$t->setCols( @keys );
$t->addRow( @$_{@keys} ) for @rows;
print $t;

Create a free my code stock.com account now.

my code stok.com is a free service, which allows you to save and manage code snippes of any kind and programming language. We provide many advantages for your daily work with code-snippets, also for your teamwork. Give it a try!

Find out more and register now

You can customize the height of iFrame-Codes as needed! You can find more infos in our API Reference for iframe Embeds.