*** empty log message ***
This commit is contained in:
parent
5b03cacb9d
commit
22e6213acb
|
@ -0,0 +1,19 @@
|
||||||
|
#!/usr/local/bin/perl -w
|
||||||
|
use strict;
|
||||||
|
use TimeSeries;
|
||||||
|
use HTTP::Date qw(parse_date);
|
||||||
|
|
||||||
|
my %hist = ();
|
||||||
|
while (<>) {
|
||||||
|
my ($timestring, $rest) = m/(\w\w\w [ \d]\d \d\d:\d\d:\d\d) (.*)/;
|
||||||
|
my %p = /(\S+)=(\S+)/g;
|
||||||
|
my $bucket = $p{SRC} . " " . $p{DST};
|
||||||
|
if ($p{PROTO} eq "TCP" && $p{DPT} == 25 && ($p{SRC} =~ /^143.130\./)) {
|
||||||
|
$hist{$bucket}++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
for (sort keys %hist) {
|
||||||
|
print "$_ $hist{$_}\n";
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,24 @@
|
||||||
|
#!/usr/local/bin/perl -w
|
||||||
|
use strict;
|
||||||
|
use TimeSeries;
|
||||||
|
use HTTP::Date qw(parse_date);
|
||||||
|
|
||||||
|
my %hist = ();
|
||||||
|
while (<>) {
|
||||||
|
my ($timestring, $rest) = m/(\w\w\w [ \d]\d \d\d:\d\d:\d\d) (.*)/;
|
||||||
|
my %p = /(\S+)=(\S+)/g;
|
||||||
|
if ($p{SRC} && ($p{SRC} =~ /^143.130\./)) {
|
||||||
|
my $bucket;
|
||||||
|
if ($p{PROTO} eq "ICMP") {
|
||||||
|
$bucket = "$p{SRC} $p{DST} $p{PROTO} $p{TYPE}/$p{CODE}";
|
||||||
|
} else {
|
||||||
|
$bucket = "$p{SRC} $p{DST} $p{PROTO} $p{DPT}";
|
||||||
|
}
|
||||||
|
$hist{$bucket}++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
for (sort keys %hist) {
|
||||||
|
print "$_ $hist{$_}\n";
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,25 @@
|
||||||
|
#!/usr/local/bin/perl -w
|
||||||
|
use strict;
|
||||||
|
use TimeSeries;
|
||||||
|
use HTTP::Date qw(parse_date);
|
||||||
|
|
||||||
|
my %hist = ();
|
||||||
|
my $dport = shift;
|
||||||
|
while (<>) {
|
||||||
|
my ($timestring, $rest) = m/(\w\w\w [ \d]\d \d\d:\d\d:\d\d) (.*)/;
|
||||||
|
my ($year, $mon, $day, $hour, $min, $sec, $zone)
|
||||||
|
= parse_date($timestring);
|
||||||
|
my $bucket = sprintf "%04d-%02d-%02dT%02d:00\n", $year, $mon, $day, $hour;
|
||||||
|
my %p = /(\S+)=(\S+)/g;
|
||||||
|
if ($dport == $p{DPT}) {
|
||||||
|
$hist{$bucket}++;
|
||||||
|
} else {
|
||||||
|
$hist{$bucket} += 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
my $ts = TimeSeries->new();
|
||||||
|
$ts->legend("Connects to port $dport");
|
||||||
|
for (sort keys %hist) {
|
||||||
|
$ts->add_timestring($_, $hist{$_});
|
||||||
|
}
|
||||||
|
print $ts->plot();
|
Loading…
Reference in New Issue