Difference between revisions of "firewall log accept and drop rate calculation"
From cpwiki.net
| Line 10: | Line 10: | ||
This command will give you the accept and drop rate for the last minute for the IP specified. | This command will give you the accept and drop rate for the last minute for the IP specified. | ||
| − | [Expert@cplogger]# IP="192.168.1.1"; for i in accept drop; do printf "$i "; fw log -n -c $i -h $IP -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l; done | + | [Expert@cplogger]# '''IP="192.168.1.1"; for i in accept drop; do printf "$i "; fw log -n -c $i -h $IP -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l; done''' |
accept 699 | accept 699 | ||
drop 301 | drop 301 | ||
[[category:logs]] | [[category:logs]] | ||
Revision as of 17:13, 23 June 2014
baseline /count accepts & drops for the last minute from firewall 192.168.1.1 accept commmand
# fw log -n -c accept -h 192.168.1.1 -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l 9013
drop command
# fw log -n -c drop -h 192.168.1.1 -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l 761
script (one liner)
This command will give you the accept and drop rate for the last minute for the IP specified.
[Expert@cplogger]# IP="192.168.1.1"; for i in accept drop; do printf "$i "; fw log -n -c $i -h $IP -s `/bin/date --date="1 minutes ago" +%T` -e `/bin/date +%T` |wc -l; done accept 699 drop 301
