[lug] RRD
jd
lug at taproot.bz
Tue Apr 1 19:49:10 MST 2003
On Tue, 2003-04-01 at 18:30, Sean Reifschneider wrote:
> On Sat, Mar 29, 2003 at 06:11:15PM -0700, jd wrote:
> > I have been trying to make a graph of packets dropped
> >by iptables. I tryed 4 times to make a rrd database. I still
> >dont get it.
>
> I had no problems with building an rrd database by following the
> manpages. See "man rrdtool" for more information, particularly the
> example sections of the various associated man pages.
>
> You probably also want to read:
>
> http://www.catb.org/~esr/faqs/smart-questions.html
>
> your original question didn't tell us what you are doing or how it was
> failing, which limited how we could help you.
>
> Sean
thanks for the reminder :o)
Anyway the problem is this....
I follwed the tutorial here....
http://people.ee.ethz.ch/~oetiker/webtools/rrdtool/tutorial/rrdtutorial.html
and here is the output i get from the rrd table I made....
920804400: nan
920804700: nan
920805000: 4.0000000000e-02
920805300: 2.0000000000e-02
920805600: 0.0000000000e+00
920805900: 0.0000000000e+00
920806200: 3.3333333333e-02
920806500: 3.3333333333e-02
920806800: 3.3333333333e-02
920807100: 2.0000000000e-02
920807400: 2.0000000000e-02
920807700: 2.0000000000e-02
920808000: 1.3333333333e-02
920808300: 1.6666666667e-02
920808600: 6.6666666667e-03
920808900: 3.3333333333e-03
920809200: nan
and heres is what the webpage says i must see, or *something* is wrong..
20804700: NaN
920805000: 0.04
920805300: 0.02
920805600: 0.00
920805900: 0.00
920806200: 0.03
920806500: 0.03
920806800: 0.03
920807100: 0.02
920807400: 0.02
920807700: 0.02
920808000: 0.01
920808300: 0.02
920808600: 0.01
920808900: 0.00
920809200: NaN
What i want to do is parse /var/log/messages for iptable logs
Based on the logs I want to build a rrd data base for each port
that logged something, and how many times that port logged anything...
so I want something like...
d 200 | [80] = red
r | [137] = blue
o | [443] = green
p 100 |
p |
e |
d 0 |_____________________________
12am 1am 2am 3am 4am etc.....
heres my first shot at it....without rrd...
## just a first draft - only graphs one hour
#!/usr/bin/perl -w
#
# this scrip needs 'IPT' for log prefix
use PNGgraph::bars;
use PNGgraph::colour;
print STDERR "Processing My First Graph\n";
$file = '/var/log/messages';
open(FILE, "$file") || die "cant open messages";
@log = <FILE>;
close(FILE);
$in_date = `/bin/date`;
###### Get Day and Hour #######
###### #######
## $date[2] = day
## $hour[0] = hour
@date = split(/ /, $in_date);
@hour = split(/:/, $date[3]);
$my_day = "$date[3]";
$my_hour = "$hour[0]";
#### get only the IPT lines for day and hour from mesages put in @raw
foreach(@log){
if(/IPT/){
@temp = split(/ /, $_);
if($temp[1] =~ /^\d/){
if($temp[1] == $my_day){
($time,$crap) = split(/:/, $temp[1]);
if($time == $my_hour){
print "yes";
push(@raw, $_);
}
}
}
#
# on the first of the month $temp[1] is null so $temp[2] has the var
# need to see what happens at midnight
elsif( $temp[2] =~ /^1$/ && $temp[1] !~ /\s\w\d/){
if($temp[2] == $my_day){
($the_time,$the_crap) = split(/:/, $temp[2]);
if($the_time == $my_hour){
print "yes";
push(@raw, $_);
}
}
}
else{
print "Error getting the date/hour varabiles\n";
}
}
}
# get just Dport
foreach(@raw){
if(/DPT/){
@one_line = split(/ /, "$_");
foreach $one_line(@one_line){
if($one_line =~ /DPT/){
($more_crap,$the_port) = split(/DPT\=/, $one_line);
push(@final_port, $the_port);
}
}
}
}
# make hash
%temp = ();
@zports = grep ++$temp{$_}, @final_port;
foreach $key (keys(%temp)){
push(@graph_key,$key);
push(@graph_value,$temp{$key});
}
$data[0] = \@graph_key;
$data[1] = \@graph_value;
$my_graph = new PNGgraph::bars();
$my_graph->set(
x_label => 'Hour',
y_label => 'Droped Packets',
title => 'A Simple Bar Chart',
y_max_value => 80,
y_tick_number => 8,
y_label_skip => 2,
);
$my_graph->plot_to_png( "test1.png", \@data );
exit
if you made it this far i have a pretty picture for you.....
http://ns2.taproot.bz/graph.html
jd
More information about the LUG
mailing list