File::Tail::select mean?

Question

This is great it is work, but has one part I not understand :

print $_->{"input"}." (".localtime(time).") ".$_-> read;

What does it print? If I modify it to:

print "$_";

There are some error. Why?

#!/usr/local/bin/perl

use File::Tail;
chdir( "/var/log/snort");
foreach my $fol(glob "*.*.*.*")
{
        print "Opening $fol\n";
        chdir("/var/log/snort/$fol");
        foreach my $subfile(glob "*:*")
        {
                print "opening $subfile\n";
                push(@files,File::Tail->new(name=>"$subfile",debug=>$debug));
        }
        while (1)
        {
                ($nfound,$timeleft,@pending)= File::Tail::select(undef,undef,undef,$timeout,@files);
                unless ($nfound)
                {
                   # timeout - do something else here, if you need to
                }
                else
                {
                        foreach (@pending)
                        {
                                print $_->{"input"}." (".localtime(time).") ".$_-> read;
                        }
                }
        }
}

example result:

TCP:34628-80 (Wed Mar 30 01:49:57 2011) 03/30-01:49:50.607858 119.40.116.196:80 -> 192.168.242.133:34628
TCP:34628-80 (Wed Mar 30 01:49:57 2011) TCP TTL:128 TOS:0x0 ID:34869 IpLen:20 DgmLen:40
TCP:34629-80 (Wed Mar 30 01:49:57 2011) 03/30-01:49:51.309716 119.40.116.196:80 -> 192.168.242.133:34629
UDP:41415-53 (Wed Mar 30 01:49:57 2011) 03/30-01:49:47.220999 192.168.242.2:53 -> 192.168.242.133:41415
UDP:44705-53 (Wed Mar 30 01:49:57 2011) 03/30-01:49:47.427011 192.168.242.2:53 -> 192.168.242.133:44705
UDP:50539-53 (Wed Mar 30 01:49:57 2011) 03/30-01:49:47.213455 192.168.242.2:53 -> 192.168.242.133:50539
TCP:34628-80 (Wed Mar 30 01:49:57 2011) ***AP**F Seq: 0x2F3E700A  Ack: 0x2359814F  Win: 0xFAF0  TcpLen: 20
TCP:34629-80 (Wed Mar 30 01:49:57 2011) TCP TTL:128 TOS:0x0 ID:34871 IpLen:20 DgmLen:40
UDP:41415-53 (Wed Mar 30 01:49:57 2011) UDP TTL:128 TOS:0x0 ID:34859 IpLen:20 DgmLen:65
UDP:44705-53 (Wed Mar 30 01:49:57 2011) UDP TTL:128 TOS:0x0 ID:34861 IpLen:20 DgmLen:153
UDP:50539-53 (Wed Mar 30 01:49:57 2011) UDP TTL:128 TOS:0x0 ID:34857 IpLen:20 DgmLen:179
TCP:34628-80 (Wed Mar 30 01:49:57 2011) =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
TCP:34629-80 (Wed Mar 30 01:49:57 2011) ***AP**F Seq: 0x9D70418  Ack: 0x248089DB  Win: 0xFAF0  TcpLen: 20
UDP:41415-53 (Wed Mar 30 01:49:57 2011) Len: 37
UDP:44705-53 (Wed Mar 30 01:49:57 2011) Len: 125
UDP:50539-53 (Wed Mar 30 01:49:57 2011) Len: 151
TCP:34628-80 (Wed Mar 30 01:49:57 2011) 
TCP:34629-80 (Wed Mar 30 01:49:57 2011) =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

Answer 1

File::Tail::select returns the number of filehandles found, some manner of timeout, and a list of File::Tail objects. These are in @pending in your code. When you go to print things out, you loop through each member in @pending without explicitly creating a new variable, so each element of @pending gets put into the special $_ variable automatically.

You first print $_->{"input"} , which is some manner of "input" (the docs are unclear as to what this is), the current time in your timezone, and the string read from the file ( $_->read ).

If you just try to print out $_ you're trying to print out an object, which won't give you expected results (unless said object overloads stringification, which File::Tail doesn't).

I suggest reading through the File::Tail documentation , along with perldoc perlvar .

Edit : I looked through the File::Tail source and the $_->{"input"} is egregious abuse of object-oriented Perl. This is actually the object's internal representation of the name parameter to the object creator. You should properly access it by changing $_->{"input"} to $_->name . I note that it's not your fault that your code is written this way, as the File::Tail documentation uses exactly this syntax, but it's incorrect and should be changed.