Difference between revisions of "firewall log accept and drop rate calculation"
From cpwiki.net
| (2 intermediate revisions by one user not shown) | |||
| Line 1: | Line 1: | ||
'''baseline /count accepts & drops for the last minute from firewall 192.168.1.1''' | '''baseline /count accepts & drops for the last minute from firewall 192.168.1.1''' | ||
| + | |||
accept commmand | accept commmand | ||
# fw log -n -c accept -h 192.168.1.1 -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l | # fw log -n -c accept -h 192.168.1.1 -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l | ||
| Line 10: | Line 11: | ||
This command will give you the accept and drop rate for the last minute for the IP specified. | This command will give you the accept and drop rate for the last minute for the IP specified. | ||
| − | [Expert@cplogger]# IP="192.168.1.1"; for i in accept drop; do printf "$i "; fw log -n -c $i -h $IP -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l; done | + | [Expert@cplogger]# '''IP="192.168.1.1"; for i in accept drop; do printf "$i "; fw log -n -c $i -h $IP -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l; done''' |
accept 699 | accept 699 | ||
drop 301 | drop 301 | ||
[[category:logs]] | [[category:logs]] | ||
Latest revision as of 18:55, 23 June 2014
baseline /count accepts & drops for the last minute from firewall 192.168.1.1
accept commmand
# fw log -n -c accept -h 192.168.1.1 -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l 9013
drop command
# fw log -n -c drop -h 192.168.1.1 -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l 761
script (one liner)
This command will give you the accept and drop rate for the last minute for the IP specified.
[Expert@cplogger]# IP="192.168.1.1"; for i in accept drop; do printf "$i "; fw log -n -c $i -h $IP -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l; done accept 699 drop 301
