#!/usr/bin/perl -w # # perl script to give /var/log/messages nice colors for readability # # Jules Stuifbergen # (I was bored, rewrote 'logcolorise.pl' from Michael Babcock from scratch) # # Thanks Jeffrey Paul for several improvements # Cristian Ionescu-Idbohrn for better patterns use Term::ANSIColor; use strict; $Term::ANSIColor::AUTORESET++; # reset color after each print $SIG{INT} = sub { print "\n"; exit; }; # reset color after Ctrl-C my ($i,$word,$date,$host,$service,$rest,@mesg); #### Put your own preferences here # # lines get processed in this order: ignore service, ignore line, color line, color word # ignore service (default = ignore nothing) my $service_ignore = ""; # or.. (to ignore syslogd and gdm) # my $service_ignore = "syslogd|gdm"; # ignore line (default = ignore nothing) my $line_ignore = ""; # or.. (to block out portsentry + name server messages and some sendmail msgs): # my $line_ignore = "already blocked Ignoring|XSTATS|USAGE|NSTATS|Lame server|^[A-Z][A-Z][A-Z][0-9][0-9][0-9][0-9][0-9]"; # color line my $line_alert = "SIGHUP|DENY|lost|shutting|dead|DHCP_NAK|failure|inactive|terminat|refus|rejected|down"; my $line_warn = "invalid|bad|attackalert|wrong|Lame|failing|unknown|obsolete"; my $line_good = "DHCP_ACK|[cC]lean[e]?[d]?|alive|found"; # color word my $alert = "LOGIN|login|DHCP_OFFER|[Cc]onnect|fatal|[Ss]uccessful|failed"; my $warn = "dangling|Assum(e|ing)|root|miss(ed|ing)|[Ii]gnore|adminalert|delet(e|ing)"; my $good = "[Ll]isten|[Ss]tart(ed|ing)|[Rr]eady|active|[Rr]eload(ed|ing)"; # 'palette' my $date_color = "cyan"; my $host_color = "magenta"; my $service_color = "blue"; my $alert_color = "red"; my $warn_color = "yellow"; my $good_color = "green"; my $alert_word_color = "bold red"; my $warn_word_color = "yellow"; my $good_word_color = "green"; #### Main loop # NEWLINE: while (<>) { ($date,$host,$service,$rest) = /^(.+?\s.+?\s.+?\s)(.+?\s)(.+?:\s)(.*)/; # Anything interesting to show? next NEWLINE if ! defined($rest) or (length($rest) < 1); # ignore if.. $service_ignore && next NEWLINE if ($service =~ /$service_ignore/); $line_ignore && next NEWLINE if ($rest =~ /$line_ignore/); print colored("$date", $date_color); print colored("$host", $host_color); print colored("$service", $service_color); # color the whole message if.. if ($rest =~ /$line_alert/) { print colored("$rest\n", $alert_color); next NEWLINE; } if ($rest =~ /$line_warn/) { print colored("$rest\n", $warn_color); next NEWLINE; } if ($rest =~ /$line_good/) { print colored("$rest\n", $good_color); next NEWLINE; } # else, color seperate words @mesg = split(/ /,$rest); foreach $word (@mesg) { if ($word =~ /$alert/) { print colored ("$word ", $alert_word_color); next; } elsif ($word =~ /$warn/) { print colored ("$word ", $warn_word_color); next; } elsif ($word =~ /$good/) { print colored ("$word ", $good_word_color); next; } else { # no color print "$word "; } } print "\n"; } =pod =head1 NAME loco - colorize B for easy reading =head1 SYNOPSIS B [I]... =head1 DESCRIPTION Colorize FILES(s), or standard input and print on the standard output. With no FILE, read standard input. To produce colors, loco uses the B module. =head1 EXAMPLES loco /var/log/messages tail -f /var/log/messages | loco =head1 AUTHOR Jules Stuifbergen . Basically, I was bored, and rewrote 'logcolorise.pl' from Michael Babcock from scratch. Feel free to mail me patches, improvements, or fixes. =head1 BUGS The Escape codes used for coloring are characters, too, so lines will be broken off apparently prematurely. If there's no match, the lines will be displayed in the default color. If you default color happens to be red, the effect of red keywords will disappear. =head1 LICENSE This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. =cut