From a31bd5c2d65a715dc3e03586e86dad665c44e06a Mon Sep 17 00:00:00 2001 From: Mark Reynolds Date: Fri, 5 Dec 2014 15:42:45 -0500 Subject: [PATCH] Ticket 47949 - logconv.pl -- support parsing/showing/reporting different protocol versions Description: Update script to report on the secure protocol versions that are now available in the access log. Also, revised the connection section output, cleaned up the SASL bind report, and handled issue with log(s) that only span 1 second(0 elapsed time) https://fedorahosted.org/389/ticket/47949 Reviewed by: nhosoi & rmeggins(Thanks!!) (cherry picked from commit 7aeeb7c968a03f4a75c8338ffbd7cbbaa73e102d) (cherry picked from commit 8b7ae6d930927171c7976fe9093f2f765714c8ac) --- ldap/admin/src/logconv.pl | 69 ++++++++++++++++++++++++++++++--------- 1 file changed, 53 insertions(+), 16 deletions(-) diff --git a/ldap/admin/src/logconv.pl b/ldap/admin/src/logconv.pl index cd45a8b058..11dc3355bf 100755 --- a/ldap/admin/src/logconv.pl +++ b/ldap/admin/src/logconv.pl @@ -67,7 +67,7 @@ my $file_count = 0; my $arg_count = 0; -my $logversion = "8.0"; +my $logversion = "8.1"; my $sizeCount = "20"; my $startFlag = 0; my $startTime = 0; @@ -258,7 +258,14 @@ my $ldapiCount = 0; my $autobindCount = 0; my $limit = 25000; # number of lines processed to trigger output - +my $searchStat; +my $modStat; +my $addStat; +my $deleteStat; +my $modrdnStat; +my $compareStat; +my $bindCountStat; +my %cipher = (); my @removefiles = (); my @conncodes = qw(A1 B1 B4 T1 T2 B2 B3 R1 P1 P2 U1); @@ -623,27 +630,45 @@ sub statusreport { print "Restarts: $serverRestartCount\n"; print "Total Connections: $connectionCount\n"; -print " - StartTLS Connections: $startTLSCount\n"; -print " - LDAPS Connections: $sslCount\n"; +print " - LDAP Connections: " . ($connectionCount - $sslCount - $ldapiCount) . "\n"; print " - LDAPI Connections: $ldapiCount\n"; +print " - LDAPS Connections: $sslCount\n"; +print " - StartTLS Extended Ops: $startTLSCount\n"; +if(%cipher){ + print " Secure Protocol Versions:\n"; + foreach my $key (sort { $b cmp $a } keys %cipher) { + print " - $key - $cipher{$key}\n"; + } + print "\n"; +} + print "Peak Concurrent Connections: $maxsimConnection\n"; print "Total Operations: $allOps\n"; print "Total Results: $allResults\n"; my ($perf, $tmp); if ($allOps ne "0"){ - print sprintf "Overall Performance: %.1f%%\n\n" , ($perf = ($tmp = ($allResults / $allOps)*100) > 100 ? 100.0 : $tmp) ; - } -else { - print "Overall Performance: No Operations to evaluate\n\n"; + print sprintf "Overall Performance: %.1f%%\n\n" , ($perf = ($tmp = ($allResults / $allOps)*100) > 100 ? 100.0 : $tmp) ; +} else { + print "Overall Performance: No Operations to evaluate\n\n"; } -my $searchStat = sprintf "(%.2f/sec) (%.2f/min)\n",($srchCount / $totalTimeInSecs), $srchCount / ($totalTimeInSecs/60); -my $modStat = sprintf "(%.2f/sec) (%.2f/min)\n",$modCount / $totalTimeInSecs, $modCount/($totalTimeInSecs/60); -my $addStat = sprintf "(%.2f/sec) (%.2f/min)\n",$addCount/$totalTimeInSecs, $addCount/($totalTimeInSecs/60); -my $deleteStat = sprintf "(%.2f/sec) (%.2f/min)\n",$delCount/$totalTimeInSecs, $delCount/($totalTimeInSecs/60); -my $modrdnStat = sprintf "(%.2f/sec) (%.2f/min)\n",$modrdnCount/$totalTimeInSecs, $modrdnCount/($totalTimeInSecs/60); -my $compareStat = sprintf "(%.2f/sec) (%.2f/min)\n",$cmpCount/$totalTimeInSecs, $cmpCount/($totalTimeInSecs/60); -my $bindCountStat = sprintf "(%.2f/sec) (%.2f/min)\n",$bindCount/$totalTimeInSecs, $bindCount/($totalTimeInSecs/60); +if ($totalTimeInSecs == 0){ + $searchStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0"; + $modStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0"; + $addStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0"; + $deleteStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0"; + $modrdnStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0"; + $compareStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0"; + $bindCountStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0"; +} else { + $searchStat = sprintf "(%.2f/sec) (%.2f/min)\n",($srchCount / $totalTimeInSecs), $srchCount / ($totalTimeInSecs/60); + $modStat = sprintf "(%.2f/sec) (%.2f/min)\n",$modCount / $totalTimeInSecs, $modCount/($totalTimeInSecs/60); + $addStat = sprintf "(%.2f/sec) (%.2f/min)\n",$addCount/$totalTimeInSecs, $addCount/($totalTimeInSecs/60); + $deleteStat = sprintf "(%.2f/sec) (%.2f/min)\n",$delCount/$totalTimeInSecs, $delCount/($totalTimeInSecs/60); + $modrdnStat = sprintf "(%.2f/sec) (%.2f/min)\n",$modrdnCount/$totalTimeInSecs, $modrdnCount/($totalTimeInSecs/60); + $compareStat = sprintf "(%.2f/sec) (%.2f/min)\n",$cmpCount/$totalTimeInSecs, $cmpCount/($totalTimeInSecs/60); + $bindCountStat = sprintf "(%.2f/sec) (%.2f/min)\n",$bindCount/$totalTimeInSecs, $bindCount/($totalTimeInSecs/60); +} format STDOUT = Searches: @<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @@ -844,7 +869,7 @@ sub dummy { if ($saslBindCount > 0){ my $saslmech = $hashes->{saslmech}; foreach my $saslb ( sort {$saslmech->{$b} <=> $saslmech->{$a} } (keys %{$saslmech}) ){ - printf " %-4s %-12s\n",$saslmech->{$saslb}, $saslb; + printf " %-4s - %s\n",$saslb, $saslmech->{$saslb}; } } @@ -1776,6 +1801,18 @@ sub parseLineNormal handleRestart(); } if (m/ SSL connection from/){$sslCount++; if($reportStats){ inc_stats('sslconns',$s_stats,$m_stats); }} + # Gather TLS and SSL version info + if ($_ =~ /conn= *([0-9A-Z]+) TLS *(.*)/){ + $cipher{"TLS" . $2}++; + } + if ($_ =~ /conn= *([0-9A-Z]+) SSL *(.*)/){ + my $sslversion = $2; + if(/SSL /){ + $cipher{"SSL " . $sslversion}++; + } else { + $cipher{"SSL" . $sslversion}++; + } + } if (m/ connection from local to /){$ldapiCount++;} if($_ =~ /AUTOBIND dn=\"(.*)\"/){ $autobindCount++;