zemon (04/20/83)
What with all the discussion about UUCP lately, I humbly
submit the following two awk scripts. They will produce
some simple analyses of your UUCP traffic.
The first examines LOGFILE and produces a report by system
indicating the number of attempted calls that succeeded,
the number that failed, and the number that were "locked".
The locked calls were attempted when a conversation was
already in progress with the call-ed machine. It also
reports on every attempt to call a system when the phone
line was not available (perhaps tied up by CU or another
incarnation of UUCP).
The second examines SYSLOG and produces a report of the
volume of UUCP traffic by both system and by user. The
report consists of a number of sections. The first gives
the total number of bytes received and sent. Second gives
the number of bytes received by system. Third gives the
number of bytes sent to each system. Fourth gives what I
call the "balance of bytes" for each system. This is
simply
bytes received - bytes sent
and gives some indication of which way the bulk of the
messages are flowing. Finally, a count of the number of
messages (not bytes) for each user is given. This can be
somewhat misleading 'cuz uucico does funny things with the
user name column in SYSLOG.
Well, enough intro. Here they are (each followed by an
example of its output):
============================================================
LOGFILE analyzer:
BEGIN {
no_dev = 0;
}
$4 ~ /NO/ {
if ( $6 == "DEVICE)" ) {
temp = sprintf("%s\t%s", $2, $3);
if ( nose[no_dev - 1] != temp )
nose[no_dev++] = temp;
}
}
$5 ~ /\(call/ {
if ( $4 == "SUCCEEDED" )
++succeed[$7];
else if ( $4 == "FAILED" )
++fail[$7];
else if ( $4 == "LOCKED" )
++locked[$7];
else
print $0
}
END {
printf("UUCP success/failure summary\n\n");
for ( i in succeed ) {
printf("%s\t%d successes\n\t%d failures\n", i, succeed[i], fail[i]);
if ( locked[i] > 0 )
printf("\t%d locked\n", locked[i]);
printf("\n");
}
printf("\nNO AVAILABLE DEVICE\n");
for(i=0; i<no_dev; i++)
print nose[i];
}
============================================================
sample output from the LOGFILE analyzer:
UUCP success/failure summary
uscvax 16 successes
11 failures
trw-uni 89 successes
84 failures
5 locked
trwspf 21 successes
27 failures
2 locked
vortex 2 successes
12 failures
ucla-va 24 successes
15 failures
1 locked
NO AVAILABLE DEVICE
trwspf (4/11-8:13-18401)
trwspf (4/11-11:12-19782)
trw-uni (4/11-12:20-20615)
trw-uni (4/11-13:40-21243)
trw-uni (4/11-15:1-22182)
ucla-va (4/11-16:10-23147)
trw-uni (4/11-16:11-23197)
trw-uni (4/11-17:12-23823)
trwspf (4/11-17:12-23825)
ucla-va (4/11-17:12-23829)
trwspf (4/12-10:12-29590)
ucla-va (4/12-10:12-29605)
trw-uni (4/12-13:12-3211)
trwspf (4/12-13:12-3213)
trw-uni (4/12-14:12-3996)
trwspf (4/12-14:12-3999)
ucla-va (4/12-15:24-5345)
trw-uni (4/12-15:33-5552)
trw-uni (4/13-10:12-15151)
trw-uni (4/14-9:12-24943)
trw-uni (4/14-12:13-26864)
trw-uni (4/14-14:12-27925)
trw-uni (4/14-15:12-29126)
trwspf (4/14-15:29-29399)
trw-uni (4/14-16:12-29937)
trwspf (4/14-17:26-1116)
trw-uni (4/15-9:12-11085)
trwspf (4/15-13:28-14076)
trw-uni (4/15-14:12-14547)
trw-uni (4/15-16:12-16029)
trw-uni (4/15-17:12-16590)
============================================================
SYSLOG analyzer:
$4 ~ /received/ {
from[$2] += $6;
total_from += $6;
see_saw[$2] += $6
++users[$1];
}
$4 ~ /sent/ {
to[$2] += $6;
total_to += $6;
see_saw[$2] -= $6;
++users[$1];
}
END {
printf("Total received: %d\t\tTotal sent: %d\n\n", total_from, total_to);
print "Bytes received (by system):"
for ( i in from )
printf("\t%s: %d\n", i, from[i]);
print
print "Bytes sent (by system):"
for ( i in to )
printf("\t%s: %d\n", i, to[i]);
print
print "Balance of bytes ( < 0 means more sent than received):"
for ( i in see_saw )
printf("\t%s: %d\n", i, see_saw[i]);
print
print "Messages (by user):"
for ( i in users )
printf("\t%s: %d\n", i, users[i]);
}
============================================================
sample output from SYSLOG analyzer:
Total received: 3360398 Total sent: 1621546
Bytes received (by system):
x1: 256 *
x2: 12310 *
x3: 1800942 *
trw-uni: 1493527
trwspf: 3868
vortex: 748
ucla-va: 48747
Bytes sent (by system):
x1: 276 *
x2: 7867 *
x3: 1466218 *
trw-uni: 129329
trwspf: 10388
ucla-va: 7468
Balance of bytes ( < 0 means more sent than received):
x1: -20 *
x2: 4443 *
x3: 334724 *
trw-uni: 1364198
trwspf: -6520
vortex: 748
ucla-va: 41279
Messages (by user):
irmler: 2
haag: 20
barnett: 10
root: 86
richter: 16
zemon: 268
painter: 8
gf: 22
utrwspp: 238
waldhart: 10
wizard: 8
wartik: 96
milton: 32
stuckle: 14
idm: 7
rogson: 2
usdcvax: 16
gkang: 4
bamberg: 18
aoki: 82
greg: 10
heath: 10
urandvax: 184
rabin: 2
hill: 10
fms: 2
oneal: 6
daemon: 100
pyster: 30
pwb: 32
belz: 44
bitar: 2
config: 10
aoyama: 52
brill: 12
warech: 8
dalven: 8
gflood: 6
penedo: 20
urban: 32
sasaki: 50
wu: 15
ingold: 10
fisher: 2
griffin: 14
ryan: 4
hawker: 11
uprivate: 804 *
enslen: 2
news: 62
uucp: 2596
usdcrdcf: 128
gorlick: 14
lauren: 2
colbert: 58
butcher: 6
* Sorry, but three of the system names cannot be published.
============================================================
Well, no claims that they are anything terrifically tough
or original, but have fun with them!
-- Art Zemon
TRW, Software Productivity Project