paul Posted July 12, 2006 Report Share Posted July 12, 2006 ok all you terminal addicts :) here's what I got IPT - INPUT packet died: IN=eth0 OUT= MAC=00:16:3e:0b:fc:c3:00:05:85:f3:b8:9d:08:00 SRC=60.239.11.173 DST=140.211.166.36 LEN=48 TOS=0x00 PREC=0x20 TTL=114 ID=28281 DF PROTO=TCP SPT=3733 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 that is currently sitting in a mysql table (iptables.syslogs.msg) select msg from iptables.syslogs limit 1; gets you that nice chunk of text :) now here's what I want to do with it. I want to create an array (or list of variables). and each key/value pair should correspond KEY=VALUE in the text if KEY has no "=" then KEY=KEY example: IPT=IPT INPUT=INPUT packet=packet died:=died: IN=eth0 OUT= MAC=00:16 (can't be bothered typing the rest) SRC=60.whatever... get the idea? would prefer to do this in php, but bash/grep/sed will work too I guess chocolate fish to the person who can help me :) Quote Link to comment Share on other sites More sharing options...
uralmasha Posted July 12, 2006 Report Share Posted July 12, 2006 Paul, you want to have it as a one-liner? If so, I cant help you. Otherwise, would splitting on whitespace and/or dash, and checking the values before pushing them into array suffice? You can make it a 5-liner, something like this: <?php $the_string='IPT - INPUT packet died: IN=eth0 OUT= MAC=00:16:3e:0b:fc:c3:00:05:85:f3:b8:9d:08:00 SRC=60.239.11.173 DST=140.211.166.36 LEN=48 TOS=0x00 PREC=0x20 TTL=114 ID=28281 DF PROTO=TCP SPT=3733 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0'; $the_array=preg_split('/\s|-/',$the_string,-1,PREG_SPLIT_NO_EMPTY); $the_hash=array(); foreach ($the_array as $val) { list($newkey,$newval) = explode('=',$val); if (isset($newkey)) { $the_hash["$newkey"] = isset($newval)? $newval :$newkey; } } print_r($the_hash); ?> Quote Link to comment Share on other sites More sharing options...
paul Posted July 12, 2006 Author Report Share Posted July 12, 2006 very nice work indeed ... one chocolate fish for you .... I'll run it over a few lines of my logs and see if it fails anywhere. thanks. Quote Link to comment Share on other sites More sharing options...
neddie Posted July 12, 2006 Report Share Posted July 12, 2006 Nice one, uralmasha! Quote Link to comment Share on other sites More sharing options...
uralmasha Posted July 12, 2006 Report Share Posted July 12, 2006 you're welcome :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.