NAME
Regexp::Log::Monster - A regexp parser for the Extended Log Format + vhost
SYNOPSIS
my $foo = Regexp::Log::Monster->new(
format => ':logmonster';
capture => [qw( ts request )],
);
# the format() and capture() methods can be used to set or get
$foo->format('custom %date %request %status %bytes');
$foo->capture(qw( ts req ));
# this is necessary to know in which order
# we will receive the captured fields from the regexp
my @fields = $foo->capture;
# the all-powerful capturing regexp :-)
my $re = $foo->regexp;
while (<>) {
my %data;
@data{@fields} = /$re/; # no need for /o, it's a compiled regexp
# now munge the fields
...
}DESCRIPTION
Regexp::Log::Monster uses Regexp::Log as a base class, to generate regular expressions for performing the usual data munging tasks on log files that cannot be simply split().
This specific module enables the computation of regular expressions for parsing the log files created using the Monster Log Format. An example of this format are the logs generated by the httpd web server using the keyword 'common'.
The module also allows for the use of the Extended Monster Log Format.
For more information on how to use this module, please see Regexp::Log.
ABSTRACT
Regexp::Log::Monster enables simple parsing of log files created using the Extended Log Format, such as the logs generated by the httpd web server using the keyword 'common'.
LOG FORMATS
Common Log Format
my $foo = Regexp::Log::Common->new( format => ':common' );The Common Log Format is made up of several fields, each delimited by a single space.
Fields:
remotehost rfc931 authuser [date] "request" status bytesExample:
127.0.0.1 - - [19/Jan/2005:21:47:11 +0000] "GET /brum.css HTTP/1.1" 304 0 For the above example: remotehost: 127.0.0.1 rfc931: - authuser: - [date]: [19/Jan/2005:21:47:11 +0000] "request": "GET /brum.css HTTP/1.1" status: 304 bytes: 0Available Capture Fields
* host * rfc * authuser * date ** ts (date without the []) * request ** req (request without the quotes) * status * bytes
Extended Common Log Format
my $foo = Regexp::Log::Common->new( format => ':extended' );The Extended Common Log Format is made up of several fields, each delimited by a single space.
Fields:
remotehost rfc931 authuser [date] "request" status bytes "referer" "user_agent"Example:
127.0.0.1 - - [19/Jan/2005:21:47:11 +0000] "GET /brum.css HTTP/1.1" 304 0 "http://birmingham.pm.org/" "Mozilla/2.0GoldB1 (Win95; I)" For the above example: remotehost: 127.0.0.1 rfc931: - authuser: - [date]: [19/Jan/2005:21:47:11 +0000] "request": "GET /brum.css HTTP/1.1" status: 304 bytes: 0 "referer": "http://birmingham.pm.org/" "user_agent": "Mozilla/2.0GoldB1 (Win95; I)"Available Capture Fields
* host * rfc * authuser * date ** ts (date without the []) * request ** req (request without the quotes) * status * bytes * referer ** ref (referer without the quotes) * useragent ** ua (useragent without the quotes)
BUGS, PATCHES & FIXES
There are no known bugs at the time of this release. However, if you spot a bug or are experiencing difficulties that are not explained within the POD documentation, please send an email to barbie@cpan.org. However, it would help greatly if you are able to pinpoint problems or even supply a patch.
Fixes are dependant upon their severity and my availablity. Should a fix not be forthcoming, please feel free to (politely) remind me.
SEE ALSO
Regexp::LogCREDITS
BooK for initially putting the idea into my head, and the thread on a perl message board, that wanted the help that was solved with this exact module.
DSLIP
b - beta
d - Developer
p - Perl only
O - Object oriented
p - Standard PerlAUTHOR
Barbie <barbie@cpan.org> for Miss Barbell Productions, http://www.missbarbell.co.uk
COPYRIGHT AND LICENSE
Copyright 2005 by Barbie for Miss Barbell Productions.
All rights reserved.
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself.