NAME
Net::Connection::Sniffer::Report -- network profiling reports
SYNOPSIS
read_stfby_cidr24by_namereportpresyncsyncchkcacheget_lockchk_wconfrem_wchkrqst_dumpweb_reportmy_timedyn_bindxhandlerem_dumprem_updatechk_lockrem_report};
DESCRIPTION
Net::Connection::Sniffer::Report consolidates the dump file produced by Net::Connection::Sniffer.
($stats,$head) = read_stf($filepathname);($byc24,$rate,$bw) = by_cidr24($stats);($byname,$rate,$bw) = by_name($stats,$byc24);$rv= report(*HANDLE,$file,$type);$rv= presync($filepathname);$rv= sync($filepathname,$oldtime,$timeout);$rv= chkcache($filepathname,$age);($lock,$file) = get_lock($filepathname,$timeout,$umask);$rv= chk_wconf($conf);$rv= rem_wchk($conf);$rv= rqst_dump($sin,$file,$age,$updto);web_report($wconf);$timestring= my_time($epoch_seconds);$port= dyn_bind($sock,$netaddr);$handle= xhandle($program_string);$rv= rem_dump($conf);$rv= rem_update($config);rem_report($wconf);
($stats,$head) = read_stf($filepathname);
Read the Net::Connection::Sniffer status file and return a reference to its contents.
input: file pathreturns:undefor empty array on failure[$@ is setwitherror]orscalarreference to status hashor array(statusref,$header)Where the $header content is extracted from the Net::Connection::Sniffer status file.
($byc24,$rate,$bw) = by_cidr24($stats);
Return a reference to the composite of the status hash with usage grouped by cidr/24
input: reference to$statsreturns:$composite,# reference to composite hash$rate,# calculated queries per hour$bw# calculated bytes per hour$composite= {number=> {# number is for administrative use onlyR=> 12345,# composite queries / hourW=> 45678,# composite bytes / hourA=> ['ip1','ip2','...'],# ip addr's in cidr/24E=> 12345,# last update timestamp},anothernumber=> { and so on...($byname,$rate,$bw) = by_name($stats,$byc24);
Further groups the composite statistics by primary sub domains.
input: reference to statistics hash,reference to cidr24 groupingreturns:$byname,# reference to composite hash$rate,# calculated queries per hour$bw# calculated bytes per hour$byname= {rev_subdomain=> {# text for administrative useR=> 12345,# composite queries / hourW=> 45678,# composite bytes / hourA=> ['ip1','ip2','...# and so on...E=> 12345,# last update timestamp},another revsubdomain=> { and so on...$rv = report(*HANDLE,$file,$type);
Generate a statistics usage report ordered from highest to lowest bandwidth usage.
Two types of reports are created:
1) grouped by cidr24 [default],$type= false2) grouped bysubdomain,$type= trueinput:*HANDLE,# file or *STDOUT$file# path/to/statistics_file$type,# true/falsereturns: returns false on successor the errorprints: to the file handle$rv = presync($filepathname);
Wait up to one second for the file to be older than now.
input:$fpn,# path to filereturns:$ctime# file ctimeor 0ifthe file does not yet existorundefon error (ctime in future)$rv = sync($filepathname,$oldtime,$timeout);
Wait for file ctime to update, fail on timeout.
input:$fpn,# path to file$old,# original ctime or# 0 if the file will be created$to,# timeout in seconds# [default 30 seconds]returns:$ctime# file ctimeorundefon failureSets $@ on timeout;Sets $@ on timeout. If the file is not initially found, sync will wait for the timeout period if the directory is present and readable.
$rv = chkcache($filepathname,$age);
Check if a file is older than 'age'
input: file# path to fileage# maximum age in seconds# [default = 300 seconds]return: ctimeifnot too oldundefiftoo old or missing($lock,$file)=get_lock($filepathname,$timeout,$umask);
Return an exclusive file handle.
input:$file,# path to file$to,# timeout in seconds# [default 15 seconds]$umask# [default 0117]returns: ($lock,$file)# handlesor () on errorSets $@ on error.NOTE: the file path must be prechecked!Remember to close both the FILE and the LOCKFILE.
$rv = chk_wconf($conf);
Check the syntax and content of the web configuration hash.
input: hash referencereturns: false on success or error text$rv = rem_wchk($conf);
Check the remote fetch configuration file.
Note: ignores missing 'update' entry if localhost is not specified for update.
input: hash referencereturns: false on success or error text$rv = rqst_dump($sin,$file,$age,$updto);
Request a stats dump from the daemon
input: sockaddr_in,# address dump rqst hostpath/to/statsfile,age,# in seconds i.e. 300update timeoutreturns: false on success or error textIf $sin is false, not dump is performed
If age if false, dump is requested unconditionally
web_report($wconf);
Print a report to STDOUT. Takes the type of report from the first argument.
usage: <!--#exec cmd="./nc.sniffer.cgi 0" -->or <!--#exec cmd="./nc.sniffer.cgi 1" -->where an argument of "0" produces a report ordered by /24 by usage and an argument of "1" produces a report ordered by subdomain by usage.
input: config pointerreturns: prints to STDOUTwhere $wconf = {
# location of statistics file# [REQUIRED]#stats=>'/var/run/nc.sniffer/nc.sniffer.stats',# location of web cache file, this must exist# and be writable by the web daemon# [RECOMMENDED]#cache=>'./tmp/sniffer.cache',# statstistics update timeout# [OPTIONAL] default 15 seconds#updto=> 15,# cache or stats (if cache not activated above)# refresh every nnn seconds# default is 300 seconds# [OPTIONAL]#refresh=> 300,# update host:port## format:# port# or# host:port# or# ipaddr:port## host defaults to 'localhost', 127.0.0.1# [REQUIRED]#update=>'127.0.0.1:10004',};$timestring = my_time($epoch_seconds);
Convert seconds since the epoch into a formated local time string of the form:
Month-text day hh::mm::ssinput: seconds since the epochreturns:localtimestring$port = dyn_bind($sock,$netaddr);
re-exported from Net::NBsocketAttempt to bind a socket to the IP address and randomly assigned port number, in the range 49152 through 65535. Fails after 100 attempts
input:socketnetaddr as returned by inet_atonreturns: port number orundef$handle = xhandle($program_string);
Open a program string for read and return handle.
input: program stringreturns: handle orundefon failure toopen$rv = rem_dump($conf);
Dump and retrieve stats files from remote hosts and localhost if present.
input: hash pointer to configreturns: true on success$rv = rem_update($config);
Update the composite stats report
input: hash pointer to configreturns: true on success$rv = chk_lock ($lockfile);
input: lockfile namereturn: 0lockreleased1lockexpired, 2 minrem_report($wconf);
Similar to sub 'web_report' above but retrieves and assembles a composite report from multiple hosts running nc.sniffer
HOWTO setup this operation.
1)readthe config section ofnc.sniffer.coalesce.cgi.sample2)readthe config section ofnc.sniffer.dump.pl.sampleOn the remote host, install nc.sniffer.dump.pl in an appropriate sandbox account and install an ssh certificate to permit access to the sandbox ssh executable as well as the directory from which to rsync the stats file on that host.
nc.sniffer.dump.pl should be installed mode 755 or as appropriate to be accessed remotely by the ssh -e function.
On the web host, configure nc.sniffer.coalesce.cgi and place the execution cgi string in your web page to produce the report
usage: <!--#exec cmd="./nc.sniffer.coalesce.cgi" -->
EXPORT_OK
read_stfby_cidr24by_namereportpresyncsyncchkcacheget_lockchk_wconfrem_wchkrqst_dumpweb_reportmy_timedyn_bindxhandlerem_dumprem_updatechk_lockrem_report
COPYRIGHT
Copyright 2006 - 2013, Michael Robinton <michael@bizsystems.com>
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License (except as noted otherwise in individuals sub modules) published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
AUTHOR
Michael Robinton <michael@bizsystems.com>