Re: Log analysis requirements

[Greg Fenton <greg_fenton@yahoo.com>]

--- John Lange <lists@darkcore.net> wrote:
>
> You install the Meters on as many machines as you like, then you
> upload your rule-sets using an admin tool (NeMaC). Then you pull down
> the  statistics from all your meters at whatever interval you like

John,

Thanks for the information on this tool.  However, I want to ask,
how would one go about handling multiple IPs on a single box?

I may not have made it clear, but I want to use IPTraf to track the
bandwidth usage on a *single* machine with multiple IP addresses.
My script summarizes the logs and dumps out the bandwidth usage.

Also, the way I've written my script, it would be trivial to add
a list of IP addresses that I want to track of traffic that comes
through the box running IPTraf.

I understand that IPTraf was originally written as a real-time
monitor, but I don't see any reason that it cannot also be a
metering tool.

> The primary problem being that iptraf likes to group all its stats by
> pairs of IP addresses (both source and destination) which doesn't
give
> you a good idea of which machine IP on your network is taking the
most
> total traffic in a given time frame (bandwidth per month for
example).

Maybe I'm missing something here, but part of the analysis that my
script does is to pull out data from the log on a per-IP basis.  The
fact that source and dest are combined in the log really isn't that
big an issue, is it?

greg_fenton.



=====
Greg Fenton
greg_fenton@yahoo.com

__________________________________________________
Do You Yahoo!?
LAUNCH - Your Yahoo! Music Experience
http://launch.yahoo.com