New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

netsniff-ng: log and print statistics #363

Closed
GoogleCodeExporter opened this Issue Mar 24, 2015 · 6 comments

Comments

Projects
None yet
1 participant
@GoogleCodeExporter

GoogleCodeExporter commented Mar 24, 2015

I think it would nice to have netsniff-ng stats logged to 
/var/log/nsm/$netsniff-file and also viewable from the sostat script. 

By stats I mean the number of packets that passed and failed to pass the filter 
(dropped by kernel).

If interested, I can handle this and send the patches. Let me know.

P.S. Who adds the enhancement type? I don't see an option to do that when I 
create a new issue. 


Original issue reported on code.google.com by jonsch...@gmail.com on 10 Jul 2013 at 4:38

@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Hi Jon,

If you'd like this integrated, please send patches.

I disabled enhancements in the Issue Tracker because I was receiving more 
enhancement requests than I could ever implement.

Thanks,
Doug

Original comment by doug.bu...@gmail.com on 10 Jul 2013 at 4:42

  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Hi Jon,

If you'd like this integrated, please send patches.

I disabled enhancements in the Issue Tracker because I was receiving more 
enhancement requests than I could ever implement.

Thanks,
Doug

Original comment by doug.bu...@gmail.com on 10 Jul 2013 at 4:42

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Done. Patches attached.

Tasks:
a.) Netsniff-NG requires --verbose to print interval statistics - Added
b.) awk script in sostat to interpret the netsniff-ng stat format i.e. 
.(+processed/-loss). - Added

Sostat now prints packet loss statistics if and only if there is in fact loss 
i.e. loss > 0. 

Thanks
Jon

Original comment by jonsch...@gmail.com on 24 Jul 2013 at 10:29

  • Added labels: ****
  • Removed labels: ****

Attachments:

GoogleCodeExporter commented Mar 24, 2015

Done. Patches attached.

Tasks:
a.) Netsniff-NG requires --verbose to print interval statistics - Added
b.) awk script in sostat to interpret the netsniff-ng stat format i.e. 
.(+processed/-loss). - Added

Sostat now prints packet loss statistics if and only if there is in fact loss 
i.e. loss > 0. 

Thanks
Jon

Original comment by jonsch...@gmail.com on 24 Jul 2013 at 10:29

  • Added labels: ****
  • Removed labels: ****

Attachments:

@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

[deleted comment]

GoogleCodeExporter commented Mar 24, 2015

[deleted comment]
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

sostat Patch Results:

Screenshots:
1.) Single interface with netsniff-ng loss
2.) Multiple interfaces with netsniff-ng loss
3.) Multiple interfaces with no netsniff-ng loss

Original comment by jonsch...@gmail.com on 25 Jul 2013 at 5:18

  • Added labels: ****
  • Removed labels: ****

Attachments:

GoogleCodeExporter commented Mar 24, 2015

sostat Patch Results:

Screenshots:
1.) Single interface with netsniff-ng loss
2.) Multiple interfaces with netsniff-ng loss
3.) Multiple interfaces with no netsniff-ng loss

Original comment by jonsch...@gmail.com on 25 Jul 2013 at 5:18

  • Added labels: ****
  • Removed labels: ****

Attachments:

@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Looks good, thanks!  Will be a few weeks before I have time to update our 
packages.

Original comment by doug.bu...@gmail.com on 25 Jul 2013 at 9:56

  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Looks good, thanks!  Will be a few weeks before I have time to update our 
packages.

Original comment by doug.bu...@gmail.com on 25 Jul 2013 at 9:56

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Published:
http://securityonion.blogspot.com/2013/08/new-securityonion-packages.html

Original comment by doug.bu...@gmail.com on 14 Aug 2013 at 11:36

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Published:
http://securityonion.blogspot.com/2013/08/new-securityonion-packages.html

Original comment by doug.bu...@gmail.com on 14 Aug 2013 at 11:36

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment