Hi Gaurav,
Try following code and change as per your requirement (I used it to
capture uniqued IP address)
Create empty file "/tmp/out_log" before starting, so that values will be
stored and can be used even after log rotation.
#!/usr/bin/perl
use File::Copy qw(copy);
#Search unique IP address for DNS queries from query log.
my @val;
my $i=0;
#Read previously read IPs from file.
open (iplog, "/tmp/out_log") or die "File doesn't exists";
while (my $ips = <iplog>)
{
push (@ip_addr, $ips);
}
close(iplog);
while ($i <20)
{
open (OUT_LOG, '>/tmp/out_log');
#Copy all the logs to a separate location
copy("/var/named/chroot/var/log/named.log.$i","/tmp/named.log.$i");
#Read them one by one and capture values
open(logs, "/tmp/Non-anycast/logs/named.log.$i") or die "File:
named.log.$i doesnot exist";
while (my $line = <logs>)
{
chomp;
($dt,$tm,$clt, $ip_port,$query, $tt ) = split(/\ /,$line);
($ip,$port) = split(/\#/, $ip_port);
push (@ip_addr, $ip);
}
close (logs);
$i=$i+1;
}
#Get unique IPs from the array (previous logs and current logs)
my @unique_ip = do { my %seen; grep { !$seen{$_}++ } @ip_addr };
@val = sort (@unique_ip);
print " " . $#val . " \n" ;
#Write it to the file again for next time.
print OUT_LOG "@val ";
#end of script
Regards,
Naveen
From: bind-users-bounces+naveen.kumar=cw....@lists.isc.org
[mailto:bind-users-bounces+naveen.kumar=cw....@lists.isc.org] On Behalf
Of Mike Hale
Sent: Saturday, December 29, 2012 10:37 PM
To: Gaurav Kansal
Cc: bind-users@lists.isc.org
Subject: Re: open-source tool for filter out stats from dns logs
I looked for one a while back and couldn't find any good ones. All the
ones I saw simply used the named.stats file, which wasn't enough.
I ended up exporting all query logs to a backend server and coding a
script that imported the queries into MySQL, which I then accessed with
a php app (which, after having 7 million queries in the db, takes a good
three minutes to load :/ ).
On Sat, Dec 29, 2012 at 8:56 AM, Gaurav Kansal <gaurav.kan...@nic.in>
wrote:
Dear Team,
I want to collect some stats (such as most which zone has queried most,
which DNS Server queries us most and so on) based on my DNS Logs.
Is there any open-source tool available to filter out these statistics
using my dns logs.
Thanks and Regards,
Gaurav Kansal
Mob - 9910118448
Happy New Year 2013.
IPv4 is Over,
Are your ready for new Network.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
This e-mail has been scanned for viruses by the Cable&Wireless Worldwide e-mail
security system. For more information on a proactive
managed e-mail secure service, visit http://www.cw.com/managed-exchange
The information contained in this e-mail is confidential and may also be
subject to legal privilege. It is intended only for the recipient(s) named
above.
If you are not named above as a recipient, you must not read, copy, disclose,
forward or otherwise use the information contained in this email. If you
have received this e-mail in error, please notify the sender (whose contact
details are above) immediately by reply e-mail and delete the message and any
attachments without retaining any copies.
Cable & Wireless Worldwide plc
Registered in England and Wales. Company Number 07029206
Registered office: Waterside House, Longshot Lane, Bracknell, Berkshire, RG12
1XL, England_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
