[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Log analysis requirements
I suppose I could help out in the database part... I did it for AirTraf
already, but as before, there needs to be some internal restructuring of
iptraf code-base to simplify all of the above requirements.
If you do the database approach, it can effectively eliminate the need
for doing the summarization scripts, since you could do the
summarization as you grab the data off of the database at later time.
And having it in database generates a nice abstraction for higher layer
interface, leaving open possibility of data viewing to many different
venues (i.e. web, application, file, etc.)
Are all users of iptraf using linux? (i.e. do I need to stick to POSIX
on this?)
-Peter
On Thu, 2002-05-16 at 11:35, Greg Fenton wrote:
> My current iptraf log analysis requirement:
>
> - Summarize the bandwidth usage of each IP interface on the current
> machine
>
> I envision running iptraf in daemon mode and simply parsing the IP
> Traffic
> Monitor log file, spitting out totals per IP per protocol.
>
> I've currently written a Perl script that, at this time, summarizes UDP
> and TCP byte counts. Other protocols will be added shortly, though I
> really only plan on adding ICMP at this time (I'd need some sample log
> file of other protocols, as I currently only have these three and don't
> plan on going after others).
>
> Longer term hope:
> - analysis engine (script, whatever) can be run in daemon mode
> - analysis engine causes iptraf to rotate logs, analyses and then
> deletes "old" logs
> - analysis engine can send summary data to:
> - file
> - database
> - URL
>
>
> greg_fenton.
>
> =====
> Greg Fenton
> greg_fenton@yahoo.com
>
> __________________________________________________
> Do You Yahoo!?
> LAUNCH - Your Yahoo! Music Experience
> http://launch.yahoo.com
>
>