Beefy Boxes and Bandwidth Generously Provided by pair Networks Cowboy Neal with Hat
There's more than one way to do things
 
PerlMonks  

Re: Counting keys in a hash

by NetWallah (Monsignor)
on Nov 16, 2012 at 06:01 UTC ( #1004136=note: print w/ replies, xml ) Need Help??


in reply to Counting keys in a hash

This is probably closer to what you are looking for.
It can handle multiple devices, and multiple occurrences of different errors for each device.

#!/usr/bin/perl use warnings; use strict; my %devinfo; while (<DATA>) { next unless my ($date,$time, $device, $err) = /(\w+ \d+) ([\d:]+)\s( +\S+) \[[^\]]+\]([^\(]+)\s?\(\d+/; $devinfo{$device}{$err}{COUNT}++; $devinfo{$device}{$err}{FIRST_TIME} ||= [$date, $time]; } for my $dev (sort keys %devinfo) { print "DEVICE\t--> $dev ==============\n"; for my $err (keys %{ $devinfo{$dev} }) { my $errinfo = $devinfo{$dev}{$err}; print "DATE\t--> $errinfo->{FIRST_TIME}[0]\n"; print "TIME\t--> $errinfo->{FIRST_TIME}[1]\n"; print "ERROR\t--> $err\n"; print "\nThe above error occurred $errinfo->{COUNT} times\n\n"; } } __DATA__ <put data here>
Output, with your data:
DEVICE --> esw001tff2 ============== DATE --> Oct 17 TIME --> 10:35:43 ERROR --> Server reset. Occurred 1 time. The above error occurred 2 times DATE --> Oct 17 TIME --> 10:35:39 ERROR --> IP Spoofing from 255.255.255.255 to 255.255.255.255! Occu +rred 1 time. The above error occurred 7 times DATE --> Oct 17 TIME --> 10:35:47 ERROR --> Root login failure! Occurred 1 time. The above error occurred 3 times

             "By three methods we may learn wisdom: First, by reflection, which is noblest; Second, by imitation, which is easiest; and third by experience, which is the bitterest."           -Confucius


Comment on Re: Counting keys in a hash
Select or Download Code
Re^2: Counting keys in a hash
by cspctec (Sexton) on Nov 19, 2012 at 19:51 UTC

    Thank you NetWallah, that is what I was looking for

    I have put your code in but I'm not getting a match with the regular expression (it's saying uninitialized value in pattern match m//)... it's probably because the data I had for you to look at is not exact. I am at work right now, so let me post the exact data below...

    ----DATA---- Oct 17 10:35:35 esw110tf222 ssg5-serial: NetScreen device id=000123456 +78 [Root]system-alert-000008: IP Spoofing! From 255.255.255.255 to 0. +0.0.0, proto 1 (zone Untrust int ethernet0/4). Occurred 1 times. (201 +2-1017 10:35:35) Oct 17 10:35:35 esw110tf222 ssg5-serial: NetScreen device id=000123456 +78 [Root]system-alert-000008: IP Spoofing! From 255.255.255.255 to 0. +0.0.0, proto 1 (zone Untrust int ethernet0/4). Occurred 1 times. (201 +2-1017 10:35:35)

    I tried my own regex:

    m/\](.*)\(20/;
    But it still throws the same error...

    I think this is really close now... can you help fix it for that data?

      Change the line to :
      next unless my ($date,$time, $device, $err) = /(\w+ \d+) ([\d:]+)\s +(\S+).+\[[^\]]+\]([^\(]+)/;
      This is a LOT more forgiving than the original, and allows your new data to pass through, producing:
      DEVICE --> esw110tf222 ============== DATE --> Oct 17 TIME --> 10:35:35 ERROR --> system-alert-000008:IP Spoofing! From 255.255.255.255 to 0 +.0.0.0, proto 1 The above error occurred 2 times

                   "By three methods we may learn wisdom: First, by reflection, which is noblest; Second, by imitation, which is easiest; and third by experience, which is the bitterest."           -Confucius

        I'm sorry to keep bugging you NetWallah, but I'm still getting the uninitialized value error.

        I can't figure out why its still giving me the error. I have my original text file with all of the data dumped into an array and my code looks like this:

        while (@log) { <code here> }

        The array @log contains my data. The loop will still work if the data is in an array, won't it? When the code is run, it continually throws the uninitialized value error until I Ctrl^C to stop it. It never leaves the loop.

        I'm going to continue to work on it because your output looks exactly how I need it to look... If you have anymore suggestions let me know.

        UPDATE: Its working now... I had to change the while to a foreach because it is an array and not a filehandle... I may be able to figure this out by myself, but is there a way to make it display the device on every output instead of just the first one?

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1004136]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others browsing the Monastery: (16)
As of 2014-04-16 14:59 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (431 votes), past polls