Snort mailing list archives

Added Statistics Patch

From: dogbert () netnevada net
Date: Thu, 17 Feb 2005 14:34:50 -0800
Hello everyone,

   I have made some patch files which give snort some real-time statistics 
information by use of calls to LogMessage and a hourly call via the alarm() 
function.  The tarball is a attachment to this email, btw.  This patch also 
produces a end total when snort exits out of daemon mode.

This tarball will modify three files in the Snort 2.3.0 Source Tree (snort.h, 
snort.c, and util.c) and produces output which looks like this in 
my /var/log/messages file:

Feb 17 10:29:12 nermal snort: Hourly Statistics Report 
Feb 17 10:29:12 nermal snort:  
Feb 17 10:29:12 nermal snort: Packet analysis time averages: 
Feb 17 10:29:12 nermal snort:  
Feb 17 10:29:12 nermal snort: Packets Received per hour is:      1270446 
Feb 17 10:29:12 nermal snort: Packets Received per minute is:      21174 
Feb 17 10:29:12 nermal snort: Packets Received per second is:        352 
Feb 17 10:29:12 nermal snort:  
Feb 17 11:00:31 nermal snort: [119:4:1] (http_inspect) BARE BYTE UNICODE 
ENCODING {TCP} 12.169.250.2:2918 -> 172.21.2.175:80
Feb 17 11:29:12 nermal snort:  
Feb 17 11:29:12 nermal snort: Hourly Statistics Report 
Feb 17 11:29:12 nermal snort:  
Feb 17 11:29:12 nermal snort: Packet analysis time averages: 
Feb 17 11:29:12 nermal snort:  
Feb 17 11:29:12 nermal snort: Packets Received per hour is:       750001 
Feb 17 11:29:12 nermal snort: Packets Received per minute is:      12500 
Feb 17 11:29:12 nermal snort: Packets Received per second is:        208 
Feb 17 11:29:12 nermal snort:  
Feb 17 12:29:12 nermal snort:  
Feb 17 12:29:12 nermal snort: Hourly Statistics Report 
Feb 17 12:29:12 nermal snort:  
Feb 17 12:29:12 nermal snort: Packet analysis time averages: 
Feb 17 12:29:12 nermal snort:  
Feb 17 12:29:12 nermal snort: Packets Received per hour is:       758315 
Feb 17 12:29:12 nermal snort: Packets Received per minute is:      12638 
Feb 17 12:29:12 nermal snort: Packets Received per second is:        210 
Feb 17 12:29:12 nermal snort:  
Feb 17 13:29:12 nermal snort:  
Feb 17 13:29:12 nermal snort: Hourly Statistics Report 
Feb 17 13:29:12 nermal snort:  
Feb 17 13:29:12 nermal snort: Packet analysis time averages: 
Feb 17 13:29:12 nermal snort:  
Feb 17 13:29:12 nermal snort: Packets Received per hour is:       761306 
Feb 17 13:29:12 nermal snort: Packets Received per minute is:      12688 
Feb 17 13:29:12 nermal snort: Packets Received per second is:        211 
Feb 17 13:29:12 nermal snort:  
Feb 17 14:29:12 nermal snort:  
Feb 17 14:29:12 nermal snort: Hourly Statistics Report 
Feb 17 14:29:12 nermal snort:  
Feb 17 14:29:12 nermal snort: Packet analysis time averages: 
Feb 17 14:29:12 nermal snort:  
Feb 17 14:29:12 nermal snort: Packets Received per hour is:       817858 
Feb 17 14:29:12 nermal snort: Packets Received per minute is:      13630 
Feb 17 14:29:12 nermal snort: Packets Received per second is:        227 
Feb 17 14:29:12 nermal snort: 

If anyone has ideas for improvement, send me an email, or post the idea on the 
mailing list(s).

Bill
Attachment: newstats.tar.gz
Description:
Current thread:

Added Statistics Patch dogbert (Feb 17)