[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I have a working log analysis prog




Hi Bob,

It would be nice to see that script :)  I'm no perl guy though :)

As for the multiple instances on a per-interface basis, that is something
to think about.  I'll see what I can do.

On Mon, 18 Dec 2000, Robert D. Currier wrote:

> Greetings,
> 
> I've been hacking over the weekend and have a
> functional (tho not pretty) Perl script that does
> a nice job of log analysis. 
> 
> Right now I'm just looking at the top 4 services
> on our outbound link (Napster, http, ftp-data and www)
> and these are hardwired in place.
> 
> I'm working on code that automagically pulls the top
> N services (you pick N) and graphs them, and more
> code that does trend analysis.
> 
> My scripts require Perl 5, the DateManip module
> from CPAN and gnuplot.  If you're interested in
> seeing the output take a look at 
> http://www.netcom.duke.edu/~rdc/ta.gif
> 
> If anyone is interested I'll post my perl script
> and the gnuplot .gnp file I'm using. Please don't laugh
> at my poor Perl code -- this was a "GOTTA make this work
> over the weekend" project, and I'm by no means a Perl
> expert, so there is room for a LOT of improvement.
> 
> But, hey, it works, it's fast and that's what's
> important to me. Get it working first; make it pretty
> later.
> 
> One comment -- it would be REALLY, REALLY nice if
> the command line version of IPtraf had a log file
> location flag, and the ability to run multiple instances
> when the log flag was set.  Why so?
> 
> Well, my traffic analysis box sits on a gigabit Ethernet
> link and has two NetGear NICS. One for inbound traffic
> and one for outbound traffic.  I need to be able to 
> provide traffic analysis on both links; but with IPtraf
> confined to a single instance I can't. :-(
> 
> A log file named ethN_tcp_udp_services_log where N is
> the interface number would be really spiffy. And I have
> a trade for this besides my logging code -- I've had
> a student working on providing an IPv6 decode module
> and he has it pretty well functional.
> 
> Cheers,
> 
> Bob
> 
> [-------------------------------------------------]
> |Bob Currier                                      |           
> |Director, Data Communications                    |
> |Duke University Office of Information Technology | 
> |(919) 419-5310                                   |
> [-------------------------------------------------]
> 
>  
> 
> 
>