[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: I have a working log analysis prog
Hi Bob,
It would be nice to see that script :) I'm no perl guy though :)
As for the multiple instances on a per-interface basis, that is something
to think about. I'll see what I can do.
On Mon, 18 Dec 2000, Robert D. Currier wrote:
> Greetings,
>
> I've been hacking over the weekend and have a
> functional (tho not pretty) Perl script that does
> a nice job of log analysis.
>
> Right now I'm just looking at the top 4 services
> on our outbound link (Napster, http, ftp-data and www)
> and these are hardwired in place.
>
> I'm working on code that automagically pulls the top
> N services (you pick N) and graphs them, and more
> code that does trend analysis.
>
> My scripts require Perl 5, the DateManip module
> from CPAN and gnuplot. If you're interested in
> seeing the output take a look at
> http://www.netcom.duke.edu/~rdc/ta.gif
>
> If anyone is interested I'll post my perl script
> and the gnuplot .gnp file I'm using. Please don't laugh
> at my poor Perl code -- this was a "GOTTA make this work
> over the weekend" project, and I'm by no means a Perl
> expert, so there is room for a LOT of improvement.
>
> But, hey, it works, it's fast and that's what's
> important to me. Get it working first; make it pretty
> later.
>
> One comment -- it would be REALLY, REALLY nice if
> the command line version of IPtraf had a log file
> location flag, and the ability to run multiple instances
> when the log flag was set. Why so?
>
> Well, my traffic analysis box sits on a gigabit Ethernet
> link and has two NetGear NICS. One for inbound traffic
> and one for outbound traffic. I need to be able to
> provide traffic analysis on both links; but with IPtraf
> confined to a single instance I can't. :-(
>
> A log file named ethN_tcp_udp_services_log where N is
> the interface number would be really spiffy. And I have
> a trade for this besides my logging code -- I've had
> a student working on providing an IPv6 decode module
> and he has it pretty well functional.
>
> Cheers,
>
> Bob
>
> [-------------------------------------------------]
> |Bob Currier |
> |Director, Data Communications |
> |Duke University Office of Information Technology |
> |(919) 419-5310 |
> [-------------------------------------------------]
>
>
>
>
>