Hi Risto,
I have some sec doubts about sec log processing.
First doubt:
I need to detect which file is reading at this moment sec, detect when it
starts and it finish reading the file, which is the next file is going to
be read. I also need to mesure the time of reading a log file between
various. I want to generate a file with this data.
I have read about SEC_LOGROTATE in your manual but i still dont understand
well.
Is it like using SEC_STARTUP, etc... you can use it like that?For example:
type=Single
ptype=RegExp
pattern=^(?:SEC_LOGROTATE)$
context=SEC_INTERNAL_EVENT
desc=something
action=eval %o -> (print "Hello World!";)
Output file Example:
startfile timestamp "PATH"
nextfile "PATH_NEXT_FILE"
First Log: Read:"log line read"
endfile 17:55 "PATH"
Last Log:"Last log line read"
Example:
startfile 17:42 "c:\log1.log"
nextfile "c:\log2.log"
First Log: Read:"log line read"
endfile 17:55 "c.\log1.log"
Last Log:"Last log line read"
startfile 17:42 "c:\log2.log"
nextfile "c:\log3.log"
First Log: Read:"log line read"
endfile 17:55 "c.\log2.log"
Last Log:"Last log line read"
Second doubt:
In the case that i have a big log file with 2000000 lines. Is it possible
to split the same file in 2 perl process without moving the data? First
process read the first million(0-1000000) and the other process read the
second million(1000000-2000000).
I´m using sec 2.6.2.
Thank you Risto. Regards.
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Simple-evcorr-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users
