[Snort-users] perfmonitor and pmgraph

Bamm Visscher bamm.visscher at ...11827...
Tue Sep 26 13:49:40 EDT 2006


What version of libpcap do you have installed?

Bammkkkk


On 9/20/06, Paul Melson <pmelson at ...11827...> wrote:
> I'm trying to use pmgraph to analyze Snort 2.4 perfmonitor statistics.
> Specifically, I am trying to troubleshoot dropped packets on a moderately
> busy sensor.
>
> The problem I am having with the perfmonitor file is that there seem to be
> some crazy values in the field that, as I understand it, is the % of dropped
> packets:
>
> (from pmgraph.pl):
>
>     while (chomp(my @fields = split(/,/, <PERF>))) {
>
>         my $time      = $fields[0];
>         my $drops     = $fields[1];
>         my $alerts    = $fields[3];
>         my $kpackets  = $fields[4];
>         my $avg_bytes = $fields[5];
>
>
> (from my perfmonitor file via `tail -10 perfmon.out |cut -d, -f1-2`):
> 1158767893,7436141.591
> 1158767958,0.000
> 1158768193,0.000
> 1158768258,55.712
> 1158768495,3.262
> 1158768564,0.000
> 1158768795,0.000
> 1158768865,0.000
> 1158769096,45999421.902
> 1158769165,100.000
>
> What's with the impossibly large values in the 2nd field?  How can any of
> those values be larger than 100.000?
>
> Thanks,
> PaulM
>
>
>
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys -- and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>


-- 
sguil - The Analyst Console for NSM
http://sguil.sf.net




More information about the Snort-users mailing list