Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-08 01:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Updates for SumStats API to deal with high memory stats.

Browse source 
- The code is a mess and will need to be cleaned up, but the
    tests do pass.
This commit is contained in:
Seth Hall 2013-08-02 12:44:33 -04:00
parent 7db531e162
commit 4f8100774c
16 changed files with 391 additions and 230 deletions
Download patch file Download diff file Expand all files Collapse all files

20
scripts/policy/misc/app-stats/main.bro
View file

@ -45,20 +45,16 @@ event bro_init() &priority=3
SumStats::create([$name="app-metrics",
$epoch=break_interval,
$reducers=set(r1, r2),
$epoch_finished(data: SumStats::ResultTable) =
$epoch_result(ts: time, key: SumStats::Key, result: SumStats::Result) =
{
local l: Info;
l$ts = network_time();
l$ts_delta = break_interval;
for ( key in data )
{
local result = data[key];
l$app = key$str;
l$bytes = double_to_count(floor(result["apps.bytes"]$sum));
l$hits = result["apps.hits"]$num;
l$uniq_hosts = result["apps.hits"]$unique;
Log::write(LOG, l);
}
l$ts = network_time();
l$ts_delta = break_interval;
l$app = key$str;
l$bytes = double_to_count(floor(result["apps.bytes"]$sum));
l$hits = result["apps.hits"]$num;
l$uniq_hosts = result["apps.hits"]$unique;
Log::write(LOG, l);
}]);
}