File: //ibin/apalog.chad
#!/usr/bin/perl
#
# Written 9/27/2001 - Jack Sasportas - Jack@innovativeinternet.com
#########################################################################################################
use File::Tail;
$file = "apache_log";
$lines = "60";
$lgreen = "\033[1;32m";
$white = "\033[0m";
$live_mode = @ARGV[0];
$virus=0;
$formm=0;
$hit=0;
$percent=0;
$col=0;
my $pv = "";
my %hosts = ();
# CHAD SAMPLE 1
# use File::Tail;
#$file=File::Tail->new("/some/log/file");
#while (defined($line=$file->read)) {
# print "$line";
#}
# CHAD SAMPLE 2
# use File::Tail;
# my $ref=tie *FH,"File::Tail",(name=>$name);
#while (<FH>) {
# jack
# print "$_";
#}
#$APALOG=File::Tail->new("/var/log/httpd/".$file);
#$APALOG=File::Tail->new("/var/log/httpd/apache_log");
# CHAD
$file = "/var/log/httpd/apache_log";
my $ref=tie *APALOG,"File::Tail",(name=>$file);
#open(APALOG,"tail -f -n".$lines." /var/log/httpd/".$file." |") or sleep 30;
open(SERVERLOG,">> /var/log/httpd/server_apache_log") or die "$!\n";
#while($line = <APALOG>) {
#while (defined($line=$APALOG->read)) {
#CHAD
while($line = <APALOG>) {
($domain, $host, $month, $year) = $line =~ m|^(.*?) (.*?) .*? \[.*?/(.*?)/(.*?)\:|;
next if $domain =~ /venus\.innovativeinternet\.net/;
next if $host =~ /208\.244\.164/;
if ($line =~ /default.ida/) {$domain = "V-ida - ".$domain; $virus++ ;$on="y"; }
if ($line =~ /root.exe/) {$domain = "V-root- ".$domain; $virus++ ;$on="y"; }
if ($line =~ /cmd.exe/) {$domain = "V-cmd - ".$domain; $virus++ ;$on="y"; }
if ($line =~ /formmail/) {$domain = "FormM - ".$domain; $fromm++ ;$on="y"; }
if ($line =~ /FormMail/) {$domain = "FormM - ".$domain; $formm++ ;$on="y"; }
if ($on ne "y") { $hit++ };
if ($on ne "y") { $domain = " - ".$domain; };
$hosts{"$domain"}++;
$pv = $hosts{"$domain"};
#if ( $hit > 1 ) {
# if ( $virus => 1 ) { $percent = round((100*((($hit+$virus+$formm)-$hit -$formm)/$hit)),2); }
# if ( $formm => 1 ) { $percent2 = round((100*((($hit+$virus+$formm)-$hit -$virus)/$hit)),2); }
#}
# This provides CPU benchmark stuff
# $current_time = new Benchmark;
# $amount_of_time = timestr(timediff($current_time, $start_time));
# -----------------------------
#----- print "$domain Hits: $hit Hash: $pv\n";
# Standard Output
# print $domain . pad($domain,45) . "Hits-$hit" . pad($hit,7) . "Virus-$virus" . pad($virus,5) . "$percent%\n";
# -----------------------------
if ( $domain ne $old_domain ) {
# print $domain . pad($domain,45) . " SHT: $hit" . pad($hit,6) . " IHT: $pv" . pad($pv,6) . " FM: $formm" . pad($formm,3) . "$percent2% " . "V: $virus" . pad($virus,3) . "$percent% ". "H: $host" . pad($host,30) . "\n";
if ( $hit => 1 ) { $percent = round(($pv/$hit*100),2); }
# -----< Date Stamp >----------------------------------------------------------------------------
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst)=localtime(time);
$el_time = ($mon+1) . "/" . $mday . "/" . ($year+1900) . " " . $hour . ":" . $min;
if ($live_mode eq "y") {
if ($col eq 0) {
$col++;
print $lgreen . $el_time . $domain . pad($domain,37) . " SHT: $hit" . pad($hit,8) . " IHT: $pv" . pad($pv,8) . "$percent% " . " H: $host" . pad($host,20) . "\n";
} else {
print $white . $el_time . $domain . pad($domain,37) . " SHT: $hit" . pad($hit,8) . " IHT: $pv" . pad($pv,8) . "$percent% " . " H: $host" . pad($host,20) . "\n";
$col=0;
}
} else {
if ($col eq 0) {
$col++;
print SERVERLOG $lgreen . $el_time . $domain . pad($domain,37) . " SHT: $hit" . pad($hit,8) . " IHT: $pv" . pad($pv,8) . "$percent% " . " H: $host" . pad($host,20) . "\n";
} else {
print SERVERLOG $white . $el_time . $domain . pad($domain,37) . " SHT: $hit" . pad($hit,8) . " IHT: $pv" . pad($pv,8) . "$percent% " . " H: $host" . pad($host,20) . "\n";
$col=0;
}
}
$old_domain = $domain;
# print $hosts{"$domain"} . "\n";
}
# print $domain . pad($domain,45) . "Hits-$hit" . pad($hit,7) . "FormM-$formm" . pad($formm,5) . "$percent2% " . "Virus-$virus" . pad($virus,5) . "$percent% ". "\n";
# -----------------------------
# This prints CPU time
# print $domain . pad($domain,45) . "Hits-$hit" . pad($hit,7) . "Virus-$virus" . pad($virus,5) . "$percent% ". $amount_of_time ."\n";
# -----------------------------
$on="n"
}
sub pad {
my $text = $_[0];
my $length = length($text);
my $spaces = $_[1] - $length;
my $blank = "";
for($i = 1; $i <= $spaces; $i++) {
$blank .= " ";
}
return("$blank");
}
sub round{
$float = shift; # the number to round
$intgr = int($float + 0.5);
return $intgr;
}
close(SERVER_LOG);
close(APALOG);
exit;