note Rhose How about collecting the information, then printing the record when you get to one of the '-----' lines? (This assumes all records -- even the last one -- end with a '-----' line.) <p> The following code reads from __DATA__ and writes its (tab delimited) records to the screen; you would probably want to open your log file for processing (open(LF,"$logFile")), and write to a results file (open(OF,">$outputFile")). <p> <p> <code> #!/usr/bin/perl -w use strict; my $gCurRec; foreach(qw(name to file action virus)) { $gCurRec->{$_}=''; } while(<DATA>) { $gCurRec->{name}=$1 if (/^From:\s*(.+?)\s*$/); $gCurRec->{to}=$1 if (/^To:\s*(.+?)\s*$/); $gCurRec->{file}=$1 if (/^File:\s*(.+?)\s*$/); $gCurRec->{action}=$1 if (/^Action:\s*(.+?)\s*$/); $gCurRec->{virus}=$1 if (/^Virus:\s*(.+?)\s*$/); if (/^-----/) { print $gCurRec->{name},"\t", $gCurRec->{to},"\t", $gCurRec->{file},"\t", $gCurRec->{action},"\t", $gCurRec->{virus},"\n"; foreach(qw(name to file action virus)) { $gCurRec->{$_}=''; } } } __DATA__ From: pminich@foo.com To: esquared@foofoo.com File: value.scr Action: The uncleanable file is deleted. Virus: WORM_KLEZ.H ---------------------------------- Date: 06/30/2002 00:01:21 From: mef@mememe.com To: inet@microsoft.com File: Nr.pif Action: The uncleanable file is deleted. Virus: WORM_KLEZ.H ---------------------------------- </code> <p> <p> <b>Comment:</b> One other thing I found I like is opening files with three parameters. For example, instead of: <p> open(OF,">$outputFile") || die; <p> I use: <p> open(OF,'>',$outputFile) || die; <p> I hope this helps! *Smiles* <p> <b>Update:</b><p> Now that I have re-read my code, I should have made <p>qw(name to file action virus)<p> a constant so it was defined but one place, and should have made the field separator a constant as well. This would simplify changes to the code. (Not that it is critical on such a small program, but it is a good practice... well, for me at least.) 178983 178983