[comp.dcom.modems] uucp logfile analysis aids

grr@cbmvax.UUCP (George Robbins) (07/12/89)

A couple of people have asked for copies of the logfile analysis scripts
I mentioned a couple of postings ago.  Against my better judgement, I
am posting them in hopes that the might serve someone else as a starting
point for something better.

These are cruddy, slimey, disgusting awk scripts worked up interactivly
to extract a few intersting numbers.  They will probably *not* work without
modification on your system.  I did them over a year ago and could do them
much more pretty now.

1) the format of the SYSLOG file varies from system to system.  You will
   will have to modify the front ends of the program to extract the key
   parameters from your SYSLOG format and possibly discard unwanted
   records.  These are set up for Ultrix 1.2 formats.

2) the scripts were written for 'awk' but currently invoke 'nawk' the
   "new" awk described by the "awk book".  If you don't have access to
   nawk, they should still work with awk, however you'll have to cope
   with awk's fine error reporting.  They didn't work with an early
   release of gnu-awk, but might now.  You could probably do a better
   job with perl, but I've come to think perl is bad idea done well...

Enough squawking and excuses...

mwatch - this gives a running log of tranfer rates - sort of a tail -f SYSLOG
uutime - this gives a report of the amount of time and data to different sites
uuspeed - this gives a thruput report broken down by month

================================= cut here =====================================
#! /bin/sh
# This is a shell archive, meaning:
# 1. Remove everything above the #! /bin/sh line.
# 2. Save the resulting text in a file.
# 3. Execute the file with /bin/sh (not csh) to create the files:
#	mwatch
#	uuspeed
#	uutime
# This archive created: Wed Jul 12 02:30:30 1989
export PATH; PATH=/bin:$PATH
echo shar: extracting "'mwatch'" '(1319 characters)'
if test -f 'mwatch'
then
	echo shar: will not over-write existing file "'mwatch'"
else
sed 's/^	X//' << \SHAR_EOF > 'mwatch'
	X#! /bin/sh
	X# mwatch [[[lines] minimum] logfile]
	Xtail -${1-100}f ${3-/usr/spool/uucp/SYSLOG} |
	Xnawk '
	X{
	X  name=$2;
	X  date=$3;
	X  dir=substr($5,1,1);
	X  if ($6 == "data") {
	X    bytes=$7+0;
	X    seconds=$9+0;
	X    packets=$12;
	X    retrys=$14+0;
	X  } else if ($6 == "failed") {
	X    bytes=$8+0;
	X    seconds=$10+0;
	X    packets=$13;
	X    retrys=$15+0;
	X  } else {
	X    bytes=$6+0;
	X    seconds=$8+0;
	X    packets=$11;
	X    retrys=$13+0;
	X  }
	X  if (substr(packets,length(packets)) == ",") 
	X    packets=substr(packets,1,length(packets)-1)+0; # trailing comma...
	X  if (seconds == 0)	# avoid div/0
	X    speed=10*bytes;
	X  else
	X    speed=((10*bytes)/seconds)+0.5;
	X  if (seconds < '${2-3}')	# parameter substitution
	X    next;
	X  if ($5 == "sent") {
	X    printf "%-14s %-9s %s %6d %4d %5d bps",date,name,dir,bytes,seconds,speed;
	X    if (retrys > 0 && packets > 0) {
	X      error=((100*retrys)/packets)+0.05;
	X      printf " %3.1f%% retrys\n",error;
	X    } else
	X      printf "\n";
	X  }
	X  else if ($5 == "received")
	X    printf "%-14s %-9s %s %6d %4d %5d bps\n",date,name,dir,bytes,seconds,speed;
	X  else if ($5 == "send" && $6 == "failed")
	X    printf "%-14s %-9s %s %6d %4d failed!\n",date,name,dir,bytes,seconds;
	X  else if ($5 == "receive" && $6 == "failed")
	X    printf "%-14s %-9s %s %6d %4d failed!\n",date,name,dir,bytes,seconds;
	X  else
	X    print;
	X}
	X'
SHAR_EOF
if test 1319 -ne "`wc -c < 'mwatch'`"
then
	echo shar: error transmitting "'mwatch'" '(should have been 1319 characters)'
fi
chmod +x 'mwatch'
fi # end of overwriting check
echo shar: extracting "'uuspeed'" '(4144 characters)'
if test -f 'uuspeed'
then
	echo shar: will not over-write existing file "'uuspeed'"
else
sed 's/^	X//' << \SHAR_EOF > 'uuspeed'
	X#! /bin/sh
	X# uuspeed [logfile]
	Xecho "me eof ()" | \
	Xnawk '
	X{
	X#print;
	X  name=$2;
	X  date=$3;
	X  dir=substr($5,1,1);
	X# some records are funny
	X# receive 13 b 12 secs...
	X# receive data 13 bytes 12 secs...
	X# recieve failed after 13 bytes 12 secs...
	X  if ($6 == "failed") {
	X#print "failed";
	X    failed=1;
	X    bytes=$8+0;
	X    seconds=$10+0;
	X    packets=$13;
	X    retrys=$15+0;
	X  } else if ($6 == "data") {
	X#print "data";
	X    failed=0;
	X    bytes=$7+0;
	X    seconds=$9+0;
	X    packets=$12;
	X    retrys=$14+0;
	X  } else {
	X#print "normal";
	X    failed=0;
	X    bytes=$6+0;
	X    seconds=$8+0;
	X    packets=$11;
	X    retrys=$13+0;
	X  }
	X# trailing comma...
	X  if (substr(packets,length(packets)) == ",") 
	X    packets=substr(packets,1,length(packets)-1)+0;
	X# avoid div/0 kludge...
	X  if (seconds == 0)
	X    speed=0;
	X  else
	X    speed=int(((10*bytes)/seconds)+0.5);
	X  dir=substr($5,1,1);
	X
	X# drop command files - un-statistical
	X  if (seconds == 0 || bytes < 256) {
	X    bin="z";
	X    dir="c";
	X  } else {
	X    if (speed > 2500)
	X      bin="f";
	X    else
	X      bin="s";
	X  }
	X
	X  key=name " " bin " " dir;
	X# if (NR == 2000) date = "";
	X# print key,name,date,dir,failed,bytes,seconds,packets,retrys,speed;
	X
	X  month = substr(date,2,index(date,"/")-2);
	X#  month = substr(date,index(date,"/")+1);
	X#  month = substr(month,1,index(month,"-")-1);
	X  if (month != last) {
	X    if (last != "") {
	X      for (sys in keys) {
	X        if (tfiles[sys])
	X          print last, keys[sys],tfiles[sys],tfailed[sys],\
	X              tbytes[sys],tseconds[sys],tpackets[sys],tretrys[sys],tpeak[sys];
	X        tfiles[sys] = 0;
	X        tfailed[sys] = 0;
	X        tbytes[sys] = 0;
	X        tseconds[sys] = 0;
	X        tpackets[sys] = 0;
	X        tretrys[sys] = 0;
	X        tpeak[sys] = 0;
	X      }
	X      if (month == "")
	X        exit;
	X    }
	X    last = month;
	X  }
	X   
	X  if (key != last)
	X    if ((sys=used[key]) == 0) {
	X      sys = used[key] = ++sofar;
	X      keys[sys] = key;
	X    }
	X
	X  tfiles[sys]++;
	X  tfailed[sys] += failed;
	X  tbytes[sys] += bytes;
	X  tseconds[sys] += seconds;
	X  tpackets[sys] += packets;
	X  tretrys[sys] += retrys;
	X
	X  if (seconds > 7 && bytes > 2048) {
	X    speed=int((10*bytes)/seconds);
	X    if (speed >= tpeak[sys])
	X	tpeak[sys] = speed;
	X  }
	X
	X}
	X' ${1-/usr/spool/uucp/SYSLOG} - | \
	Xsort +0 -1 +1 -2 +2 -3 +3 -4 | \
	Xnawk '
	XBEGIN {
	X  split("January February March April May June July August September October November December",months);
	X  rdate="'"`date`"'";
	X  split(rdate,date);
	X  year=date[6];
	X  host="'"`hostname`"'";
	X}
	X{
	X#print
	X  month = $1;
	X  name = $2;
	X  bin = $3;
	X  dir = $4;
	X  files = $5;
	X  failed = $6;
	X  bytes = $7;
	X  seconds = $8;
	X  packets = $9;
	X  retrys = $10;
	X  peak = $11;
	X
	X  if (seconds != 0)
	X    speed = int((bytes*10)/seconds);
	X  else {
	X    speed = 0;
	X#    print "no time!";
	X#    print name, dir,bin,files,failed,bytes,seconds,packets,retrys,speed;
	X  }
	X
	X  if (month != last) {
	X    print "";
	X    print months[month] " " year ":	uucp usage report for " host " on " rdate;
	X    print "";
	X    print  "system   transfer     files  fail M-bytes  hours  speed     peak      error";
	X    print  "=======  ============ ====== ==== ======== ====== =====     =====     =====";
	X    last = month;
	X    lastsys = "";
	X  }
	X
	X  if (dir == "s")
	X    dir = "send";
	X  else if (dir == "r")
	X    dir = "receive";
	X  else if (dir == "c")
	X    dir = "control";
	X  else
	X    dir = "xxx";
	X
	X  if (bin == "s")
	X    bin = "slow";
	X  else if (bin == "f")
	X    bin = "fast";
	X  else if (bin == "z")
	X    bin = "misc";
	X  else
	X    bin = "lost";
	X
	X  if (packets != 0)
	X    error=(100*retrys)/packets;
	X  else {
	X     error = 0;
	X#    print "no packets!";
	X#    print name, dir,bin,files,failed,bytes,seconds,packets,retrys,speed;
	X  }
	X
	X  if (name != lastsys) {
	X    print "";
	X    tmpname = name;
	X    lastsys = name;
	X  } else
	X    tmpname = "";
	X
	X  if (retrys > 0)
	X    cent = sprintf("%6.1f%%",error+.05);
	X  else
	X    cent = "";
	X
	X  if (bin != "misc" && speed > 0) {
	X    whizz = sprintf("%6d bps",speed);
	X    if (peak > 0)
	X      whizz = whizz sprintf("%6d bps",peak)
	X  } else
	X    whizz = "";
	X
	X  printf "%-9s%-4s %-7s%7d%5d%9.3f%4d:%02d%-20s%-6s\n",\
	X		tmpname, bin, dir,\
	X		files, failed, bytes/1000000,\
	X		(work=(seconds/60))/60, work%60,\
	X		whizz, cent;
	X}
SHAR_EOF
if test 4144 -ne "`wc -c < 'uuspeed'`"
then
	echo shar: error transmitting "'uuspeed'" '(should have been 4144 characters)'
fi
chmod +x 'uuspeed'
fi # end of overwriting check
echo shar: extracting "'uutime'" '(2135 characters)'
if test -f 'uutime'
then
	echo shar: will not over-write existing file "'uutime'"
else
sed 's/^	X//' << \SHAR_EOF > 'uutime'
	X#! /bin/sh
	X# uutime [logfile]
	Xnawk '
	X{
	X	name=$2;
	X	stamp=$3;
	X	dir=$5;
	X	if ($6 == "failed" || $6 == "data") {
	X		bytes=$7;
	X		time=$9;
	X	} else {
	X		bytes=$6;
	X		time=$8;
	X	}
	X
	X	last=stamp;
	X	if (first == "")
	X		first=last;
	X
	X	if (name!=last)
	X		if ((sys=used[name]) == 0) {
	X			sys = used[name] = ++sofar;
	X			names[sys] = name;
	X		}
	X
	X	if (dir=="sent") 
	X		sbytes[sys] += bytes;
	X	else if (dir=="received")
	X		rbytes[sys] += bytes;
	X	stime[sys] += time;
	X	files[sys]++;
	X} 
	X# NR == 1000 {exit}
	XEND {
	X	split("'"`date`"'",date);
	X	year=date[6]+0;
	X	split("31 28 31 30 31 30 31 31 30 31 30 31",dim)
	X	if ((year % 4) == 0)
	X		dim[2]++;
	X	diy[0]=0;
	X	for(month=1; month <= 12; month++)
	X		diy[month+1]=dim[month]+diy[month];
	X	work=first last;
	X	for (i=1; i <= length(work); i++)
	X		if (substr(work,i,1) !~ /[0-9]/)
	X			work=substr(work,1,i-1) " " substr(work,i+1);
	X	split(work,fields);
	X	days=(diy[fields[5]]+fields[6])-(diy[fields[1]]+fields[2])+1;
	X		
	X	print "";
	X	print "cbmvax uucp usage by system from " first " to " last " in " year " (" days " days)";
	X	print "";
	X	print "                    time     sent      recd     total     M-byte/  hours/";
	X	print " system     files   hours   M-byte    M-byte    M-byte      day     day  ";
	X	print "======== ========  ======  ========  ========  ========  ========  ======";
	X	for (sys in names) {
	X		printf "%-8s%9d%5d:%02d%10.3f%10.3f%10.3f%10.3f%5d:%02d\n",\
	X				names[sys],\
	X				files[sys],\
	X				(temp=stime[sys]/60)/60, temp%60,\
	X				sbytes[sys]/1000000,\
	X				rbytes[sys]/1000000,\
	X				(sbytes[sys]+rbytes[sys])/1000000,\
	X				((sbytes[sys]+rbytes[sys])/days)/1000000,\
	X				(temp=(stime[sys]/days)/60)/60, temp%60;
	X				
	X		tfiles += files[sys];
	X		tsbytes += sbytes[sys];
	X		trbytes += rbytes[sys];
	X		tstime += stime[sys];
	X	}			
	X	print "======== ========  ======  ========  ========  ========  ========  ======";
	X		printf "%-8s%9d%5d:%02d%10.3f%10.3f%10.3f%10.3f%5d:%02d\n",\
	X				"********",\
	X				tfiles,\
	X				(temp=tstime/60)/60, temp%60,\
	X				tsbytes/1000000,\
	X				trbytes/1000000,\
	X				(tsbytes+trbytes)/1000000,\
	X				((tsbytes+trbytes)/days)/1000000,\
	X				(temp=(tstime/days)/60)/60, temp%60;
	X}' ${1-/usr/spool/uucp/SYSLOG}
SHAR_EOF
if test 2135 -ne "`wc -c < 'uutime'`"
then
	echo shar: error transmitting "'uutime'" '(should have been 2135 characters)'
fi
chmod +x 'uutime'
fi # end of overwriting check
#	End of shell archive
exit 0
-- 
George Robbins - now working for,	uucp: {uunet|pyramid|rutgers}!cbmvax!grr
but no way officially representing	arpa: cbmvax!grr@uunet.uu.net
Commodore, Engineering Department	fone: 215-431-9255 (only by moonlite)