mike@peregrine.UUCP (Mike Wexler) (09/30/85)
Here is a modification of the LOGFILE analyzer that
was recently posted. It works on System V now. I am also
included an awk script that gives some useful statistics on the SYSLOG file
and a shell script that will run both of them.
------------------------------Cut here-----------------------------------------
#! /bin/sh
# This is a shell archive, meaning:
# 1. Remove everything above the #! /bin/sh line.
# 2. Save the resulting text in a file.
# 3. Execute the file with /bin/sh (not csh) to create the files:
# stats
# logfile.awk
# syslog.awk
# This archive created: Mon Sep 30 13:27:21 1985
export PATH; PATH=/bin:$PATH
if test -f 'stats'
then
echo shar: will not over-write existing file "'stats'"
else
cat << \SHAR_EOF > 'stats'
#!/bin/sh
# stats - driver for logfile.awk and syslog.awk
#
# USAGE
# stats
#
#
# Somehow, compress waits until nobody is using the file before it
# compresses it. This is nice and convenient.
#
#
# AUTHOR
# David Herron (NPR lover)
# cbosgd!ukma!david
# University of Kentucky, Computer Science
#
# Changes:
# 1. Took out ignore capability(if you want it put it back in)
# 2. Made compatible with System V release I
#
# EDITOR
# Michael Wexler
# trwrb!felix!peregrine!mike
# Peregrine Systems, Inc
#
tag=$$
cd /usr/spool/uucp
cp LOGFILE /tmp/LOGFILE.$tag
awk -f logfile.awk /tmp/LOGFILE.$tag
cp SYSLOG /tmp/SYSLOG.$tag
awk -f syslog.awk /tmp/SYSLOG.$tag
rm /tmp/LOGFILE.$tag
rm /tmp/SYSLOG.$tag
SHAR_EOF
chmod +x 'stats'
fi # end of overwriting check
if test -f 'logfile.awk'
then
echo shar: will not over-write existing file "'logfile.awk'"
else
cat << \SHAR_EOF > 'logfile.awk'
# logfile.awk -- read a uucp LOGFILE and find out how long
# we spent talking to particular places. (Also, remembers if
# the time spent was our call or their call).
#
# This is nice for: 1) Knowing when you made long distance
# calls and where to, 2) knowing how much of the load between
# you and some sites you're carrying.
#
#
# This works with the UUCP log file format produced by the
# uucp delivered with BRL Release 3. (i.e. 4.2BSD, i.e. that
# *extremely* hacked up conglomeration of uucp's that prompted
# the writing of honey-danber).
#
#
# USAGE
# awk -f logfile.awk /usr/spool/uucp/LOGFILE
#
# Actually -- I would suggest saving LOGFILE somewhere and make
# sure uucico is no longer writing to it. This way you're sure
# that the data generated is valid. What I do here is:
#
# set `date`
# tag=$2.$7
# cd /usr/spool/uucp
# mv LOGFILE OLD/LOGFILE.${tag}
# compress OLD/LOGFILE.${tag}
# uncompress OLD/LOGFILE.${tag}
# awk -f /usr/lib/uucp/logfile.awk OLD/LOGFILE.${tag}
#
# Somehow, compress waits until nobody is using the file before it
# compresses it. This is nice and convenient.
#
#
# AUTHOR
# David Herron (NPR lover)
# cbosgd!ukma!david
# University of Kentucky, Computer Science
#
# Changes:
# 1. Took out ignore capability(if you want it put it back in)
# 2. Made compatible with System V release I
#
# EDITOR
# Michael Wexler
# trwrb!felix!peregrine!mike
# Peregrine Systems, Inc
#
BEGIN {
# states
idle = 0; calling = 1; uscall = 2; themcall = 3;
true = 1; false = 0
}
# We're calling some place, and the call part has actually worked.
# 1) Record their name in the master list.
# 2) Remember that we're placing the call.
$1 ~ /.*!.*/ {
n = split($1,a,"!");
user=a[2];
sys=substr(a[1],1,6);
time=$2
status=$4
event=$5
}
$1 !~ /.*!.*/ {
user=$1
sys=substr($2,1,6)
time=$3
status=$4
event=$5
}
status == "SUCCEEDED" && event == "(call" {
state[sys] = calling
}
# A call succeeded. Either they called us or we called them.
# state[sys] tells us who is doing the calling.
# Have to remember the time.
status == "OK" && event == "(startup)" {
startime[sys] = time
if (state[sys] == calling) {
printf("call\tout\t%s\t%s\n", sys, time)
state[sys] = uscall
}
else {
printf("call\tin\t%s\t%s\n", sys, time)
state[sys] = themcall
}
}
# Our outgoing call failed. Throw away our information about the call.
status == "TIMEOUT" {
state[sys] = idle
}
# A call finished either successfully or unsuccessfully.
# Have to add in the time to the appropriate sum.
#
# It would be "hard" to calculate the time correctly. So, I'm using
# a heuristic here to make it easy. I assume that no phone call is
# going to last for longer than 1 day. I calculate the time
# for the ending and beginning of the call, and if it's negative
# I add 24 hours to it.
#
# I know ... groady to the max, buuut...
(status == "OK" || status == "FAILED") && event == "(conversation" {
printf("done\t(%s)\t%s\t%s\n", status, sys, time)
interval = 0
# get time spent into "interval"
# Time format is: "(mon/day-hr:min-pid)"
n = split(time, nn, "-")
n = split(nn[2], hrmin, ":")
tend = (hrmin[1]*60) + hrmin[2]
n = split(startime[sys], nn, "-")
n = split(nn[2], hrmin, ":")
tbeg = (hrmin[1]*60) + hrmin[2]
interval = tend - tbeg
if (interval < 0)
interval += (24*60)
if (state[sys] == uscall)
ourtime[sys] += interval
else
theirtime[sys] += interval
}
# All that's left to do now is to feed the chickens and go home
END {
for (i in ourtime)
printf("%s -- ourtime = %d\ttheirtime = %d\n", \
i, ourtime[i], theirtime[i])
}
SHAR_EOF
fi # end of overwriting check
if test -f 'syslog.awk'
then
echo shar: will not over-write existing file "'syslog.awk'"
else
cat << \SHAR_EOF > 'syslog.awk'
# syslog.awk -- read a uucp SYSLOG and find out how much
# stuff is transferred and how long it took
#
# This works With System V release I and 4.2BSD
#
# USAGE
# awk -f syslog.awk /usr/spool/uucp/LOGFILE
#
# AUTHOR
# Michael Wexler
# trwrb!felix!peregrine!mike
# Peregrine Systems, Inc
#
$1 ~ /.*!.*/ {
n=split($1,a,"!");
sys=a[1]
}
$1 !~ /.*!.*/ {
sys=$2
}
{
bytes[substr(sys,1,6)] += $7;
time[substr(sys,1,6)] += $9;
}
END {
for (sys in bytes)
{
print sys, " Transferred ",bytes[sys]," bytes in ",time[sys]," seconds"
print " For an average speed of ",bytes[sys]/time[sys]," bytes/sec"
}
}
SHAR_EOF
fi # end of overwriting check
# End of shell archive
exit 0
--
Mike(always a dreamer) Wexler
15530 Rockfield, Building C
Irvine, Ca 92718
(714)855-3923
(trwrb|scgvaxd)!felix!peregrine!mikemike@peregrine.UUCP (Mike Wexler) (10/01/85)
The logfile analyzer that I posted(and the original that I modified) have a slight bug. They don't list the amount of time used by systems that you didn't call. If you want to list the totals information for all systems that either you called or that called you change the line at the end that looks like for (i in ourtime) to look like this for (i in state) -- Mike(always a dreamer) Wexler 15530 Rockfield, Building C Irvine, Ca 92718 (714)855-3923 (trwrb|scgvaxd)!felix!peregrine!mike