Difference between revisions of "cpview log"
(→versions) |
|||
| Line 1: | Line 1: | ||
==versions== | ==versions== | ||
| − | + | R77 and above | |
| − | + | The table structure can change dramatically from version to version. For example the number of tables in the cpview database changed from 321 to 83 between r77.20 and r77.30. | |
==opening the database== | ==opening the database== | ||
Revision as of 13:34, 7 June 2016
Contents |
versions
R77 and above
The table structure can change dramatically from version to version. For example the number of tables in the cpview database changed from 321 to 83 between r77.20 and r77.30.
opening the database
We will query it with the sqlite3 utility. We don't use the cpview binary because it is too limited.
[Expert@chkpfw1:0]# sqlite3 /var/log/CPView_history/CPViewDB.dat
example queries
list tables
sqlite> .tables
list columns
sqlite> .schema fw_counters
passing sqlite3 command via CLI
[Expert@chkpfw1:0]# sqlite3 /var/log/CPView_history/CPViewDB.dat '.tables'
query with start end times
sqlite3 /var/log/CPView_history/CPViewDB.dat 'select datetime(Timestamp, "unixepoch") as time,inbound_throughput/1048576/10 as MBS_IN,outbound_throughput/1048576/10 as MBS_OUT,concurrent_conns from fw_counters where time between "2016-01-05 00:00:00" and "2016-01-05 00:10:00"'
