Regular expression for matching SNMP traps

Question

I have an snmptrapd daemon running in the background and logging all the traps to a file, and I am trying to parse that log in a perl program.

The SNMP v2c traps are being logged as follows:

SNMPv2[**]2013-11-4[**]13:16:49[**]UDP: [127.0.0.1]:57819->[127.0.0.1][**].1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.4.1.8072.2.3.0.1       .1.3.6.1.4.1.8072.2.3.2.1 = INTEGER: 30 .1.3.6.1.4.1.8072.2.3.2.2 = STRING: lol

I have successfully parsed the OID, and the remote IP address using regular expressions, but I am unable to parse all the remaining trap values. Those are:

.1.3.6.1.4.1.8072.2.3.2.1 = INTEGER: 30 .1.3.6.1.4.1.8072.2.3.2.2 = STRING: lol

The syntax seems easy: TRAP_STUFF = TYPE: VALUE repeated 0 or more times.

So the question is which regular expression will allow me to grab all this information?

Answer 1

Basically, for the left part of the log line, you could use while to parse out the information block by block with regex.

my $str = ".1.3.6.1.4.1.8072.2.3.2.1 = INTEGER: 30 .1.3.6.1.4.1.8072.2.3.2.2 = STRING: lol";
while ($str =~ /([\.\d]+)\s=\s([^:]+):\s([\S]+)/g) {
    my ($trap_stuff, $type, $value) = ($1, $2, $3);
    print "trap_stuff: $trap_stuff\ntype: $type\nvalue: $value\n";
}

Output:

trap_stuff: .1.3.6.1.4.1.8072.2.3.2.1
type: INTEGER
value: 30
trap_stuff: .1.3.6.1.4.1.8072.2.3.2.2
type: STRING
value: lol