James Marcinek wrote:
Here is one line from the log:
<165>Oct 01 2004 19:57:52: %PIX-5-111008: User 'enable_15' executed the 'logging
trap 5' command.
James,
you actually have very good field seperators!
Look at this:
#!/usr/bin/perl
$str = "<165>Oct 01 2004 19:57:52: %PIX-5-111008: User 'enable_15' executed the 'logging trap 5' command.";
$str =~ /^<(\d+)>(.*?): (.*?): User '(.*?)' executed the '(.*?)' command./i;
print $1." - ".$2." - ".$3." - ".$4." - ".$5."\n";
Needs further testing, but it works with your example of the log-file line.
Cheers,
Hannes.
