HEX

File: //ibin/apalog.old
#!/usr/bin/perl
#
# Written 9/27/2001 - Jack Sasportas -  Jack@innovativeinternet.com
#########################################################################################################


# This provides CPU benchmark stuff
#use Benchmark;
#$start_time = new Benchmark;
# -----------------------------


# This provides Date & Time Stamp
#use Date::Format;
#@lt = localtime(time);
# -----------------------------

$file = "apache_log";
$lines = "60";

#$file      = @ARGV[0];
#$lines      = @ARGV[1];
#print @ARGV[2];

$virus=0;
$formm=0;
$hit=0;
$percent=0;

open(APALOG,"tail -f -n".$lines." /var/log/httpd/".$file." |") or die;

while($line = <APALOG>) {

 ($domain, $host, $month, $year) = $line =~ m|^(.*?) (.*?) .*? \[.*?/(.*?)/(.*?)\:|;

  if ($line =~ /default.ida/) {$domain  = "V-ida - ".$domain;  $virus++ ;$on="y"; }
  if ($line =~ /root.exe/)    {$domain  = "V-root- ".$domain; $virus++ ;$on="y"; }
  if ($line =~ /cmd.exe/)     {$domain  = "V-cmd - ".$domain;  $virus++ ;$on="y"; }
  if ($line =~ /formmail/)     {$domain = "FormM - ".$domain;  $fromm++ ;$on="y"; }
  if ($line =~ /FormMail/)     {$domain = "FormM - ".$domain;  $formm++ ;$on="y"; }

  if ($on ne "y") { $hit++ };
  if ($on ne "y") { $domain = "      - ".$domain; };

if ( $hit > 1 ) {
   if ( $virus => 1 ) { $percent = round((100*((($hit+$virus+$formm)-$hit -$formm)/$hit)),2); }
   if ( $formm => 1 ) { $percent2 = round((100*((($hit+$virus+$formm)-$hit -$virus)/$hit)),2); }
}

# This provides CPU benchmark stuff
#  $current_time = new Benchmark;
#  $amount_of_time = timestr(timediff($current_time, $start_time));
# -----------------------------


# Standard Output
#  print $domain . pad($domain,38) . "Hits-$hit" . pad($hit,7) . "Virus-$virus" . pad($virus,5) . "$percent%\n";
# -----------------------------

# Prints Date & Time Stamp
#  print $domain . pad($domain,38) . "Hits-$hit" . pad($hit,7) .  "FormM-$formm" . pad($formm,5) . "$percent2% " . "Virus-$virus" . pad($virus,5) . "$percent% ". time2str('%C',time) . "\n";

if ( $domain ne $old_domain ) {
  print $domain . pad($domain,38) . " HT: $hit" . pad($hit,6) .  " FM: $formm" . pad($formm,3) . "$percent2% " . "V: $virus" . pad($virus,3) . "$percent% ". "H: $host" . pad($host,30) . "\n";
  $old_domain = $domain;
}

#   print $domain . pad($domain,38) . "Hits-$hit" . pad($hit,7) .  "FormM-$formm" . pad($formm,5) . "$percent2% " . "Virus-$virus" . pad($virus,5) . "$percent% ". "\n";
# -----------------------------

# This prints CPU time
#  print $domain . pad($domain,38) . "Hits-$hit" . pad($hit,7) . "Virus-$virus" . pad($virus,5) . "$percent% ". $amount_of_time ."\n";
# -----------------------------

  $on="n"

}

sub pad {

  my $text   = $_[0];
  my $length = length($text);
  my $spaces = $_[1] - $length;
  my $blank  = "";

  for($i = 1; $i <= $spaces; $i++) {
    $blank .= " ";
  }
   
  return("$blank");
}

 sub round{

               $float = shift; # the number to round
               $intgr = int($float + 0.5);
               return $intgr;
  
             }

close(APALOG);
exit;