|
 |
dc8c34 |
From 71de966051a018faf3b552451c80438f8b2b764b Mon Sep 17 00:00:00 2001
|
|
|
dc8c34 |
From: Rich Megginson <rmeggins@redhat.com>
|
|
|
dc8c34 |
Date: Tue, 23 Jul 2013 17:05:32 -0600
|
|
|
dc8c34 |
Subject: [PATCH 136/225] Ticket #47501 logconv.pl uses /var/tmp for BDB temp
|
|
|
dc8c34 |
files
|
|
|
dc8c34 |
|
|
|
dc8c34 |
https://fedorahosted.org/389/ticket/47501
|
|
|
dc8c34 |
Reviewed by: mreynolds (Thanks!)
|
|
|
dc8c34 |
Branch: master
|
|
|
dc8c34 |
Fix Description: Tied arrays with DB_RECNO require a backing text file. By
|
|
|
dc8c34 |
default this goes in /var/tmp. This can be controlled with RECNOINFO bfname.
|
|
|
dc8c34 |
However, the use of arrays was killing performance. This patch replaces
|
|
|
dc8c34 |
all arrays with tied hashes. In addition, this patch fixes the notes=U
|
|
|
dc8c34 |
handling to also handle notes=U,P and notes=A,P
|
|
|
dc8c34 |
Platforms tested: RHEL6 x86_64
|
|
|
dc8c34 |
Flag Day: no
|
|
|
dc8c34 |
Doc impact: no
|
|
|
dc8c34 |
(cherry picked from commit 4d20922423c9e22c858e0be7dd317591631cf357)
|
|
|
dc8c34 |
(cherry picked from commit d890e65b4ab15d0a836dbb248da8606867938630)
|
|
|
dc8c34 |
(cherry picked from commit 223c0535e09b46b3024dc9977eee048f824f2b24)
|
|
|
dc8c34 |
(cherry picked from commit e53b8ea1db80241c1b15541bfed05dbc8fdabb25)
|
|
|
dc8c34 |
---
|
|
|
dc8c34 |
ldap/admin/src/logconv.pl | 775 ++++++++++++++++++++--------------------------
|
|
|
dc8c34 |
1 file changed, 333 insertions(+), 442 deletions(-)
|
|
|
dc8c34 |
|
|
|
dc8c34 |
diff --git a/ldap/admin/src/logconv.pl b/ldap/admin/src/logconv.pl
|
|
|
dc8c34 |
index 3a6fa01..ca07a3a 100755
|
|
|
dc8c34 |
--- a/ldap/admin/src/logconv.pl
|
|
|
dc8c34 |
+++ b/ldap/admin/src/logconv.pl
|
|
|
dc8c34 |
@@ -67,7 +67,7 @@ if ($#ARGV < 0){;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
my $file_count = 0;
|
|
|
dc8c34 |
my $arg_count = 0;
|
|
|
dc8c34 |
-my $logversion = "7.0";
|
|
|
dc8c34 |
+my $logversion = "8.0";
|
|
|
dc8c34 |
my $sizeCount = "20";
|
|
|
dc8c34 |
my $startFlag = 0;
|
|
|
dc8c34 |
my $startTime = 0;
|
|
|
dc8c34 |
@@ -76,6 +76,8 @@ my $endTime = 0;
|
|
|
dc8c34 |
my $reportStats = "";
|
|
|
dc8c34 |
my $dataLocation = "/tmp";
|
|
|
dc8c34 |
my $startTLSoid = "1.3.6.1.4.1.1466.20037";
|
|
|
dc8c34 |
+my @statnames=qw(last last_str results srch add mod modrdn moddn cmp del abandon
|
|
|
dc8c34 |
+ conns sslconns bind anonbind unbind notesA notesU etime);
|
|
|
dc8c34 |
my $s_stats = new_stats_block( );
|
|
|
dc8c34 |
my $m_stats = new_stats_block( );
|
|
|
dc8c34 |
my $verb = "no";
|
|
|
dc8c34 |
@@ -95,8 +97,6 @@ my %connList;
|
|
|
dc8c34 |
my %bindReport;
|
|
|
dc8c34 |
my @vlvconn;
|
|
|
dc8c34 |
my @vlvop;
|
|
|
dc8c34 |
-my @start_time_of_connection;
|
|
|
dc8c34 |
-my @end_time_of_connection;
|
|
|
dc8c34 |
my @fds;
|
|
|
dc8c34 |
my $fdds = 0;
|
|
|
dc8c34 |
my $reportBinds = "no";
|
|
|
dc8c34 |
@@ -179,7 +179,7 @@ if ($sizeCount eq "all"){$sizeCount = "100000";}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
#######################################
|
|
|
dc8c34 |
# #
|
|
|
dc8c34 |
-# Initialize Arrays and variables #
|
|
|
dc8c34 |
+# Initialize Hashes and variables #
|
|
|
dc8c34 |
# #
|
|
|
dc8c34 |
#######################################
|
|
|
dc8c34 |
|
|
|
dc8c34 |
@@ -255,21 +255,17 @@ map {$conn{$_} = $_} @conncodes;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
# hash db-backed hashes
|
|
|
dc8c34 |
my @hashnames = qw(attr rc src rsrc excount conn_hash ip_hash conncount nentries
|
|
|
dc8c34 |
- filter base ds6xbadpwd saslmech bindlist etime oid);
|
|
|
dc8c34 |
+ filter base ds6xbadpwd saslmech bindlist etime oid
|
|
|
dc8c34 |
+ start_time_of_connection end_time_of_connection
|
|
|
dc8c34 |
+ notesa_conn_op notesu_conn_op etime_conn_op nentries_conn_op
|
|
|
dc8c34 |
+ optype_conn_op time_conn_op srch_conn_op del_conn_op mod_conn_op
|
|
|
dc8c34 |
+ mdn_conn_op cmp_conn_op bind_conn_op unbind_conn_op ext_conn_op
|
|
|
dc8c34 |
+ abandon_conn_op badpwd_conn_op);
|
|
|
dc8c34 |
# need per connection code ip address counts - so use a hash table
|
|
|
dc8c34 |
# for each connection code - key is ip, val is count
|
|
|
dc8c34 |
push @hashnames, @conncodes;
|
|
|
dc8c34 |
my $hashes = openHashFiles($dataLocation, @hashnames);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
-# recno db-backed arrays/lists
|
|
|
dc8c34 |
-my @arraynames = qw(srchconn srchop delconn delop modconn modop addconn addop modrdnconn modrdnop
|
|
|
dc8c34 |
- cmpconn cmpop targetconn targetop msgid bindconn bindop binddn unbindconn unbindop
|
|
|
dc8c34 |
- extconn extop notesAetime notesAconn notesAop notesAtime notesAnentries
|
|
|
dc8c34 |
- notesUetime notesUconn notesUop notesUtime notesUnentries badpwdconn
|
|
|
dc8c34 |
- badpwdop badpwdip baseval baseconn baseop scopeval scopeconn scopeop
|
|
|
dc8c34 |
- filterval filterconn filterop);
|
|
|
dc8c34 |
-my $arrays = openArrayFiles($dataLocation, @arraynames);
|
|
|
dc8c34 |
-
|
|
|
dc8c34 |
$needCleanup = 1;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
my @err;
|
|
|
dc8c34 |
@@ -636,6 +632,12 @@ Binds: @<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
|
|
|
dc8c34 |
.
|
|
|
dc8c34 |
write STDOUT;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
+# format/write messes up emacs autoformatting - inserting this dummy function
|
|
|
dc8c34 |
+# fixes that
|
|
|
dc8c34 |
+sub dummy {
|
|
|
dc8c34 |
+ my $bar = shift;
|
|
|
dc8c34 |
+}
|
|
|
dc8c34 |
+
|
|
|
dc8c34 |
print "\n";
|
|
|
dc8c34 |
print "Proxied Auth Operations: $proxiedAuthCount\n";
|
|
|
dc8c34 |
print "Persistent Searches: $persistentSrchCount\n";
|
|
|
dc8c34 |
@@ -658,115 +660,75 @@ print "Unindexed Components: $unindexedSrchCountNotesU\n";
|
|
|
dc8c34 |
if ($verb eq "yes" || $usage =~ /u/){
|
|
|
dc8c34 |
if ($unindexedSrchCountNotesA > 0){
|
|
|
dc8c34 |
my $conn_hash = $hashes->{conn_hash};
|
|
|
dc8c34 |
- my $notesConn = $arrays->{notesAconn};
|
|
|
dc8c34 |
- my $notesOp = $arrays->{notesAop};
|
|
|
dc8c34 |
- my $notesEtime = $arrays->{notesAetime};
|
|
|
dc8c34 |
- my $notesTime = $arrays->{notesAtime};
|
|
|
dc8c34 |
- my $notesNentries = $arrays->{notesAnentries};
|
|
|
dc8c34 |
- my $base_val = $arrays->{baseval};
|
|
|
dc8c34 |
- my $base_conn = $arrays->{baseconn};
|
|
|
dc8c34 |
- my $base_op = $arrays->{baseop};
|
|
|
dc8c34 |
- my $scope_val = $arrays->{scopeval};
|
|
|
dc8c34 |
- my $scope_conn = $arrays->{scopeconn};
|
|
|
dc8c34 |
- my $scope_op = $arrays->{scopeop};
|
|
|
dc8c34 |
- my $filter_val = $arrays->{filterval};
|
|
|
dc8c34 |
- my $filter_conn = $arrays->{filterconn};
|
|
|
dc8c34 |
- my $filter_op = $arrays->{filterop};
|
|
|
dc8c34 |
- my $notesCount = "1";
|
|
|
dc8c34 |
+ my $notesa_conn_op = $hashes->{notesa_conn_op};
|
|
|
dc8c34 |
+ my $time_conn_op = $hashes->{time_conn_op};
|
|
|
dc8c34 |
+ my $etime_conn_op = $hashes->{etime_conn_op};
|
|
|
dc8c34 |
+ my $nentries_conn_op = $hashes->{nentries_conn_op};
|
|
|
dc8c34 |
+ my $base_conn_op = $hashes->{base_conn_op};
|
|
|
dc8c34 |
+ my $scope_conn_op = $hashes->{scope_conn_op};
|
|
|
dc8c34 |
+ my $filter_conn_op = $hashes->{filter_conn_op};
|
|
|
dc8c34 |
+
|
|
|
dc8c34 |
+ my $notesCount = 1;
|
|
|
dc8c34 |
my $unindexedIp;
|
|
|
dc8c34 |
-
|
|
|
dc8c34 |
- for (my $n = 0; $n < scalar(@{$notesEtime}); $n++){
|
|
|
dc8c34 |
- if(!$notesConn->[$n] || $notesConn->[$n] eq "" ||
|
|
|
dc8c34 |
- !$conn_hash->{$notesConn->[$n]} || $conn_hash->{$notesConn->[$n]} eq ""){
|
|
|
dc8c34 |
- $unindexedIp = "?";
|
|
|
dc8c34 |
+ while (my ($conn_op, $count) = each %{$notesa_conn_op}) {
|
|
|
dc8c34 |
+ my ($conn, $op) = split(",", $conn_op);
|
|
|
dc8c34 |
+ if (exists($conn_hash->{$conn}) && defined($conn_hash->{$conn})) {
|
|
|
dc8c34 |
+ $unindexedIp = $conn_hash->{$conn};
|
|
|
dc8c34 |
} else {
|
|
|
dc8c34 |
- $unindexedIp = $conn_hash->{$notesConn->[$n]};
|
|
|
dc8c34 |
+ $unindexedIp = "?";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- print "\n Unindexed Search #".$notesCount."\n"; $notesCount++;
|
|
|
dc8c34 |
- print " - Date/Time: $notesTime->[$n]\n";
|
|
|
dc8c34 |
- print " - Connection Number: $notesConn->[$n]\n";
|
|
|
dc8c34 |
- print " - Operation Number: $notesOp->[$n]\n";
|
|
|
dc8c34 |
- print " - Etime: $notesEtime->[$n]\n";
|
|
|
dc8c34 |
- print " - Nentries: $notesNentries->[$n]\n";
|
|
|
dc8c34 |
+ print "\n Unindexed Components #".$notesCount."\n"; $notesCount++;
|
|
|
dc8c34 |
+ print " - Date/Time: $time_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
+ print " - Connection Number: $conn\n";
|
|
|
dc8c34 |
+ print " - Operation Number: $op\n";
|
|
|
dc8c34 |
+ print " - Etime: $etime_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
+ print " - Nentries: $nentries_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
print " - IP Address: $unindexedIp\n";
|
|
|
dc8c34 |
-
|
|
|
dc8c34 |
- for (my $nnn = 0; $nnn < $baseCount; $nnn++){
|
|
|
dc8c34 |
- if(!$base_conn->[$nnn] || !$base_op->[$nnn]){ next; }
|
|
|
dc8c34 |
- if ($notesConn->[$n] eq $base_conn->[$nnn] && $notesOp->[$n] eq $base_op->[$nnn]){
|
|
|
dc8c34 |
- print " - Search Base: $base_val->[$nnn]\n";
|
|
|
dc8c34 |
- last;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ if (exists($base_conn_op->{$conn_op}) && defined($base_conn_op->{$conn_op})) {
|
|
|
dc8c34 |
+ print " - Search Base: $base_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- for (my $nnn = 0; $nnn < $scopeCount; $nnn++){
|
|
|
dc8c34 |
- if(!$scope_conn->[$nnn] || !$scope_op->[$nnn]){ next; }
|
|
|
dc8c34 |
- if ($notesConn->[$n] eq $scope_conn->[$nnn] && $notesOp->[$n] eq $scope_op->[$nnn]){
|
|
|
dc8c34 |
- print " - Search Scope: $scope_val->[$nnn]\n";
|
|
|
dc8c34 |
- last;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ if (exists($scope_conn_op->{$conn_op}) && defined($scope_conn_op->{$conn_op})) {
|
|
|
dc8c34 |
+ print " - Search Scope: $scope_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- for (my $nnn = 0; $nnn < $filterCount; $nnn++){
|
|
|
dc8c34 |
- if(!$filter_conn->[$nnn] || !$filter_op->[$nnn]){ next; }
|
|
|
dc8c34 |
- if ($notesConn->[$n] eq $filter_conn->[$nnn] && $notesOp->[$n] eq $filter_op->[$nnn]){
|
|
|
dc8c34 |
- print " - Search Filter: $filter_val->[$nnn]\n";
|
|
|
dc8c34 |
- last;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ if (exists($filter_conn_op->{$conn_op}) && defined($filter_conn_op->{$conn_op})) {
|
|
|
dc8c34 |
+ print " - Search Filter: $filter_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($unindexedSrchCountNotesU > 0){
|
|
|
dc8c34 |
my $conn_hash = $hashes->{conn_hash};
|
|
|
dc8c34 |
- my $notesConn = $arrays->{notesUconn};
|
|
|
dc8c34 |
- my $notesOp = $arrays->{notesUop};
|
|
|
dc8c34 |
- my $notesEtime = $arrays->{notesUetime};
|
|
|
dc8c34 |
- my $notesTime = $arrays->{notesUtime};
|
|
|
dc8c34 |
- my $notesNentries = $arrays->{notesUnentries};
|
|
|
dc8c34 |
- my $base_val = $arrays->{baseval};
|
|
|
dc8c34 |
- my $base_conn = $arrays->{baseconn};
|
|
|
dc8c34 |
- my $base_op = $arrays->{baseop};
|
|
|
dc8c34 |
- my $scope_val = $arrays->{scopeval};
|
|
|
dc8c34 |
- my $scope_conn = $arrays->{scopeconn};
|
|
|
dc8c34 |
- my $scope_op = $arrays->{scopeop};
|
|
|
dc8c34 |
- my $filter_val = $arrays->{filterval};
|
|
|
dc8c34 |
- my $filter_conn = $arrays->{filterconn};
|
|
|
dc8c34 |
- my $filter_op = $arrays->{filterop};
|
|
|
dc8c34 |
-
|
|
|
dc8c34 |
- my $notesCount = "1";
|
|
|
dc8c34 |
+ my $notesu_conn_op = $hashes->{notesu_conn_op};
|
|
|
dc8c34 |
+ my $time_conn_op = $hashes->{time_conn_op};
|
|
|
dc8c34 |
+ my $etime_conn_op = $hashes->{etime_conn_op};
|
|
|
dc8c34 |
+ my $nentries_conn_op = $hashes->{nentries_conn_op};
|
|
|
dc8c34 |
+ my $base_conn_op = $hashes->{base_conn_op};
|
|
|
dc8c34 |
+ my $scope_conn_op = $hashes->{scope_conn_op};
|
|
|
dc8c34 |
+ my $filter_conn_op = $hashes->{filter_conn_op};
|
|
|
dc8c34 |
+
|
|
|
dc8c34 |
+ my $notesCount = 1;
|
|
|
dc8c34 |
my $unindexedIp;
|
|
|
dc8c34 |
- for (my $n = 0; $n < scalar(@{$notesEtime}); $n++){
|
|
|
dc8c34 |
- if(!$notesConn->[$n] || $notesConn->[$n] eq "" ||
|
|
|
dc8c34 |
- !$conn_hash->{$notesConn->[$n]} || $conn_hash->{$notesConn->[$n]} eq ""){
|
|
|
dc8c34 |
- $unindexedIp = "?";
|
|
|
dc8c34 |
+ while (my ($conn_op, $count) = each %{$notesu_conn_op}) {
|
|
|
dc8c34 |
+ my ($conn, $op) = split(",", $conn_op);
|
|
|
dc8c34 |
+ if (exists($conn_hash->{$conn}) && defined($conn_hash->{$conn})) {
|
|
|
dc8c34 |
+ $unindexedIp = $conn_hash->{$conn};
|
|
|
dc8c34 |
} else {
|
|
|
dc8c34 |
- $unindexedIp = $conn_hash->{$notesConn->[$n]};
|
|
|
dc8c34 |
+ $unindexedIp = "?";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
print "\n Unindexed Components #".$notesCount."\n"; $notesCount++;
|
|
|
dc8c34 |
- print " - Date/Time: $notesTime->[$n]\n";
|
|
|
dc8c34 |
- print " - Connection Number: $notesConn->[$n]\n";
|
|
|
dc8c34 |
- print " - Operation Number: $notesOp->[$n]\n";
|
|
|
dc8c34 |
- print " - Etime: $notesEtime->[$n]\n";
|
|
|
dc8c34 |
- print " - Nentries: $notesNentries->[$n]\n";
|
|
|
dc8c34 |
+ print " - Date/Time: $time_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
+ print " - Connection Number: $conn\n";
|
|
|
dc8c34 |
+ print " - Operation Number: $op\n";
|
|
|
dc8c34 |
+ print " - Etime: $etime_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
+ print " - Nentries: $nentries_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
print " - IP Address: $unindexedIp\n";
|
|
|
dc8c34 |
-
|
|
|
dc8c34 |
- for (my $nnn = 0; $nnn < $baseCount; $nnn++){
|
|
|
dc8c34 |
- if(!$base_conn->[$nnn] || !$base_op->[$nnn]){ next; }
|
|
|
dc8c34 |
- if ($notesConn->[$n] eq $base_conn->[$nnn] && $notesOp->[$n] eq $base_op->[$nnn]){
|
|
|
dc8c34 |
- print " - Search Base: $base_val->[$nnn]\n";
|
|
|
dc8c34 |
- last;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ if (exists($base_conn_op->{$conn_op}) && defined($base_conn_op->{$conn_op})) {
|
|
|
dc8c34 |
+ print " - Search Base: $base_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- for (my $nnn = 0; $nnn < $scopeCount; $nnn++){
|
|
|
dc8c34 |
- if(!$scope_conn->[$nnn] || !$scope_op->[$nnn]){ next; }
|
|
|
dc8c34 |
- if ($notesConn->[$n] eq $scope_conn->[$nnn] && $notesOp->[$n] eq $scope_op->[$nnn]){
|
|
|
dc8c34 |
- print " - Search Scope: $scope_val->[$nnn]\n";
|
|
|
dc8c34 |
- last;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ if (exists($scope_conn_op->{$conn_op}) && defined($scope_conn_op->{$conn_op})) {
|
|
|
dc8c34 |
+ print " - Search Scope: $scope_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- for (my $nnn = 0; $nnn < $filterCount; $nnn++){
|
|
|
dc8c34 |
- if(!$filter_conn->[$nnn] || !$filter_op->[$nnn]){ next; }
|
|
|
dc8c34 |
- if ($notesConn->[$n] eq $filter_conn->[$nnn] && $notesOp->[$n] eq $filter_op->[$nnn]){
|
|
|
dc8c34 |
- print " - Search Filter: $filter_val->[$nnn]\n";
|
|
|
dc8c34 |
- last;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ if (exists($filter_conn_op->{$conn_op}) && defined($filter_conn_op->{$conn_op})) {
|
|
|
dc8c34 |
+ print " - Search Filter: $filter_conn_op->{$conn_op}\n";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -800,7 +762,7 @@ if ($connResetByPeerCount > 0){
|
|
|
dc8c34 |
push @retext, sprintf " - %-4s (%2s) %-40s\n",$src->{$key},$conn{$key},$connmsg{$key};
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- print @retext;
|
|
|
dc8c34 |
+ print @retext;
|
|
|
dc8c34 |
print "\n";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
@@ -813,8 +775,8 @@ if ($resourceUnavailCount > 0){
|
|
|
dc8c34 |
if ($conn{$key} eq ""){$conn{$key} = "**Resource Issue**";}
|
|
|
dc8c34 |
push @rtext, sprintf " - %-4s (%2s) %-40s\n",$rsrc->{$key},$conn{$key},$connmsg{$key};
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- print @rtext;
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
+ print @rtext;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
print "Max BER Size Exceeded: $maxBerSizeCount\n";
|
|
|
dc8c34 |
print "\n";
|
|
|
dc8c34 |
@@ -829,7 +791,7 @@ print " - SASL Binds: $saslBindCount\n";
|
|
|
dc8c34 |
if ($saslBindCount > 0){
|
|
|
dc8c34 |
my $saslmech = $hashes->{saslmech};
|
|
|
dc8c34 |
foreach my $saslb ( sort {$saslmech->{$b} <=> $saslmech->{$a} } (keys %{$saslmech}) ){
|
|
|
dc8c34 |
- printf " %-4s %-12s\n",$saslmech->{$saslb}, $saslb;
|
|
|
dc8c34 |
+ printf " %-4s %-12s\n",$saslmech->{$saslb}, $saslb;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
@@ -914,13 +876,13 @@ if ($usage =~ /e/i || $verb eq "yes"){
|
|
|
dc8c34 |
for (my $i = 0; $i <= $#errtext; $i++){
|
|
|
dc8c34 |
$errtext[$i] =~ s/\n//g;
|
|
|
dc8c34 |
print "\n" . $errtext[$i];
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
####################################
|
|
|
dc8c34 |
-# #
|
|
|
dc8c34 |
+# #
|
|
|
dc8c34 |
# Print Failed Logins #
|
|
|
dc8c34 |
-# #
|
|
|
dc8c34 |
+# #
|
|
|
dc8c34 |
####################################
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if ($verb eq "yes" || $usage =~ /f/ ){
|
|
|
dc8c34 |
@@ -936,19 +898,20 @@ if ($verb eq "yes" || $usage =~ /f/ ){
|
|
|
dc8c34 |
$ds6loop++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
} else {
|
|
|
dc8c34 |
- my $bindVal = $arrays->{binddn};
|
|
|
dc8c34 |
- my $bindConn = $arrays->{bindconn};
|
|
|
dc8c34 |
- my $bindOp = $arrays->{bindop};
|
|
|
dc8c34 |
- my $badPasswordConn = $arrays->{badpwdconn};
|
|
|
dc8c34 |
- my $badPasswordOp = $arrays->{badpwdop};
|
|
|
dc8c34 |
- my $badPasswordIp = $arrays->{badpwdip};
|
|
|
dc8c34 |
+ # key is conn,op - val is binddn
|
|
|
dc8c34 |
+ my $bind_conn_op = $hashes->{bind_conn_op};
|
|
|
dc8c34 |
+ # key is conn,op - val is count
|
|
|
dc8c34 |
+ my $badpwd_conn_op = $hashes->{badpwd_conn_op};
|
|
|
dc8c34 |
+ # key is binddn - val is count
|
|
|
dc8c34 |
my %badPassword = ();
|
|
|
dc8c34 |
- for (my $ii =0 ; $ii < $badPwdCount; $ii++){
|
|
|
dc8c34 |
- for (my $i = 0; $i < $bindCount; $i++){
|
|
|
dc8c34 |
- if ($badPasswordConn->[$ii] eq $bindConn->[$i] && $badPasswordOp->[$ii] eq $bindOp->[$i] ){
|
|
|
dc8c34 |
- $badPassword{ $bindVal->[$i] }++;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ my @badPasswordIp = ();
|
|
|
dc8c34 |
+ while (my ($conn_op, $count) = each %{$badpwd_conn_op}) {
|
|
|
dc8c34 |
+ my ($conn, $op) = split(",", $conn_op);
|
|
|
dc8c34 |
+ if (exists($bind_conn_op->{$conn_op}) && defined($bind_conn_op->{$conn_op})) {
|
|
|
dc8c34 |
+ my $binddn = $bind_conn_op->{$conn_op};
|
|
|
dc8c34 |
+ $badPassword{$binddn}++;
|
|
|
dc8c34 |
+ push @badPasswordIp, getIPfromConn($conn);
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
# sort the new hash of $badPassword{}
|
|
|
dc8c34 |
my $bpTotal = 0;
|
|
|
dc8c34 |
@@ -961,7 +924,7 @@ if ($verb eq "yes" || $usage =~ /f/ ){
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
print "\nFrom the IP address(s) :\n\n";
|
|
|
dc8c34 |
for (my $i=0; $i<$badPwdCount; $i++) {
|
|
|
dc8c34 |
- print "\t\t$badPasswordIp->[$i]\n";
|
|
|
dc8c34 |
+ print "\t\t$badPasswordIp[$i]\n";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($bpTotal > $badPwdCount){
|
|
|
dc8c34 |
print "\n** Warning : Wrongly reported failed login attempts : ". ($bpTotal - $badPwdCount) . "\n";
|
|
|
dc8c34 |
@@ -982,11 +945,11 @@ if ($connCodeCount > 0){
|
|
|
dc8c34 |
print "\n\n----- Total Connection Codes -----\n\n";
|
|
|
dc8c34 |
my $conncount = $hashes->{conncount};
|
|
|
dc8c34 |
my @conntext;
|
|
|
dc8c34 |
- foreach my $key (sort { $conncount->{$b} <=> $conncount->{$a} } keys %{$conncount}) {
|
|
|
dc8c34 |
- if ($conncount->{$key} > 0){
|
|
|
dc8c34 |
+ foreach my $key (sort { $conncount->{$b} <=> $conncount->{$a} } keys %{$conncount}) {
|
|
|
dc8c34 |
+ if ($conncount->{$key} > 0){
|
|
|
dc8c34 |
push @conntext, sprintf "%-4s %6s %-40s\n",$key,$conncount->{$key},$connmsg{ $key };
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
print @conntext;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -1005,8 +968,8 @@ if ($usage =~ /i/i || $verb eq "yes"){
|
|
|
dc8c34 |
my $ip_count = ($#ipkeys + 1)-($#exxCount + 1);
|
|
|
dc8c34 |
my $ccount = 0;
|
|
|
dc8c34 |
if ($ip_count > 0){
|
|
|
dc8c34 |
- print "\n\n----- Top $sizeCount Clients -----\n\n";
|
|
|
dc8c34 |
- print "Number of Clients: $ip_count\n\n";
|
|
|
dc8c34 |
+ print "\n\n----- Top $sizeCount Clients -----\n\n";
|
|
|
dc8c34 |
+ print "Number of Clients: $ip_count\n\n";
|
|
|
dc8c34 |
foreach my $key (sort { $ip_hash->{$b} <=> $ip_hash->{$a} } @ipkeys) {
|
|
|
dc8c34 |
my $exc = "no";
|
|
|
dc8c34 |
if ($ccount > $sizeCount){ last;}
|
|
|
dc8c34 |
@@ -1021,7 +984,7 @@ if ($usage =~ /i/i || $verb eq "yes"){
|
|
|
dc8c34 |
my %counts;
|
|
|
dc8c34 |
map { $counts{$_} = $hashes->{$_}->{$key} if (defined($hashes->{$_}->{$key})) } @conncodes;
|
|
|
dc8c34 |
foreach my $code (sort { $counts{$b} <=> $counts{$a} } keys %counts) {
|
|
|
dc8c34 |
- if ($code eq 'count' ) { next; }
|
|
|
dc8c34 |
+ if ($code eq 'count' ) { next; }
|
|
|
dc8c34 |
printf "%10s - %s (%s)\n", $counts{ $code }, $code, $connmsg{ $code };
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
print "\n";
|
|
|
dc8c34 |
@@ -1042,14 +1005,14 @@ if ($usage =~ /b/i || $verb eq "yes"){
|
|
|
dc8c34 |
my $bind_count = $#bindkeys + 1;
|
|
|
dc8c34 |
if ($bind_count > 0){
|
|
|
dc8c34 |
print "\n\n----- Top $sizeCount Bind DN's -----\n\n";
|
|
|
dc8c34 |
- print "Number of Unique Bind DN's: $bind_count\n\n";
|
|
|
dc8c34 |
+ print "Number of Unique Bind DN's: $bind_count\n\n";
|
|
|
dc8c34 |
my $bindcount = 0;
|
|
|
dc8c34 |
foreach my $dn (sort { $bindlist->{$b} <=> $bindlist->{$a} } @bindkeys) {
|
|
|
dc8c34 |
- if ($bindcount < $sizeCount){
|
|
|
dc8c34 |
+ if ($bindcount < $sizeCount){
|
|
|
dc8c34 |
printf "%-8s %-40s\n", $bindlist->{ $dn },$dn;
|
|
|
dc8c34 |
} else {
|
|
|
dc8c34 |
- last;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ last;
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
$bindcount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -1070,16 +1033,16 @@ if ($usage =~ /a/i || $verb eq "yes"){
|
|
|
dc8c34 |
print "Number of Unique Search Bases: $base_count\n\n";
|
|
|
dc8c34 |
my $basecount = 0;
|
|
|
dc8c34 |
foreach my $bas (sort { $base->{$b} <=> $base->{$a} } @basekeys) {
|
|
|
dc8c34 |
- if ($basecount < $sizeCount){
|
|
|
dc8c34 |
- printf "%-8s %-40s\n", $base->{ $bas },$bas;
|
|
|
dc8c34 |
- } else {
|
|
|
dc8c34 |
- last;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- $basecount++;
|
|
|
dc8c34 |
+ if ($basecount < $sizeCount){
|
|
|
dc8c34 |
+ printf "%-8s %-40s\n", $base->{ $bas },$bas;
|
|
|
dc8c34 |
+ } else {
|
|
|
dc8c34 |
+ last;
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
+ $basecount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
-
|
|
|
dc8c34 |
+
|
|
|
dc8c34 |
#########################################
|
|
|
dc8c34 |
# #
|
|
|
dc8c34 |
# Gather and process search filters #
|
|
|
dc8c34 |
@@ -1091,15 +1054,15 @@ if ($usage =~ /l/ || $verb eq "yes"){
|
|
|
dc8c34 |
my @filterkeys = keys %{$filter};
|
|
|
dc8c34 |
my $filter_count = $#filterkeys + 1;
|
|
|
dc8c34 |
if ($filter_count > 0){
|
|
|
dc8c34 |
- print "\n\n----- Top $sizeCount Search Filters -----\n";
|
|
|
dc8c34 |
+ print "\n\n----- Top $sizeCount Search Filters -----\n";
|
|
|
dc8c34 |
print "\nNumber of Unique Search Filters: $filter_count\n\n";
|
|
|
dc8c34 |
my $filtercount = 0;
|
|
|
dc8c34 |
foreach my $filt (sort { $filter->{$b} <=> $filter->{$a} } @filterkeys){
|
|
|
dc8c34 |
if ($filtercount < $sizeCount){
|
|
|
dc8c34 |
printf "%-8s %-40s\n", $filter->{$filt}, $filt;
|
|
|
dc8c34 |
} else {
|
|
|
dc8c34 |
- last;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ last;
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
$filtercount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -1108,7 +1071,7 @@ if ($usage =~ /l/ || $verb eq "yes"){
|
|
|
dc8c34 |
#########################################
|
|
|
dc8c34 |
# #
|
|
|
dc8c34 |
# Gather and Process the unique etimes #
|
|
|
dc8c34 |
-# #
|
|
|
dc8c34 |
+# #
|
|
|
dc8c34 |
#########################################
|
|
|
dc8c34 |
|
|
|
dc8c34 |
my $first;
|
|
|
dc8c34 |
@@ -1139,7 +1102,7 @@ if ($usage =~ /t/i || $verb eq "yes"){
|
|
|
dc8c34 |
if ($eloop == $sizeCount) { last; }
|
|
|
dc8c34 |
printf "%-12s %-10s\n","etime=$et",$etime->{ $et };
|
|
|
dc8c34 |
$eloop++;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
#######################################
|
|
|
dc8c34 |
@@ -1156,7 +1119,7 @@ if ($usage =~ /n/i || $verb eq "yes"){
|
|
|
dc8c34 |
my $eloop = 0;
|
|
|
dc8c34 |
foreach my $nentry (sort { $b <=> $a } @nkeys){
|
|
|
dc8c34 |
if ($eloop == $sizeCount) { last; }
|
|
|
dc8c34 |
- printf "%-18s %12s\n","nentries=$nentry", $nentries->{ $nentry };
|
|
|
dc8c34 |
+ printf "%-18s %12s\n","nentries=$nentry", $nentries->{ $nentry };
|
|
|
dc8c34 |
$eloop++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
print "\n\n----- Top $sizeCount Most returned nentries -----\n\n";
|
|
|
dc8c34 |
@@ -1216,7 +1179,7 @@ if ($usage =~ /x/i || $verb eq "yes"){
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
############################################
|
|
|
dc8c34 |
-# #
|
|
|
dc8c34 |
+# #
|
|
|
dc8c34 |
# Print most commonly requested attributes #
|
|
|
dc8c34 |
# #
|
|
|
dc8c34 |
############################################
|
|
|
dc8c34 |
@@ -1235,7 +1198,7 @@ if ($usage =~ /r/i || $verb eq "yes"){
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
#############################
|
|
|
dc8c34 |
-# #
|
|
|
dc8c34 |
+# #
|
|
|
dc8c34 |
# abandoned operation stats #
|
|
|
dc8c34 |
# #
|
|
|
dc8c34 |
#############################
|
|
|
dc8c34 |
@@ -1244,66 +1207,49 @@ if ($usage =~ /g/i || $verb eq "yes"){
|
|
|
dc8c34 |
my $abandonTotal = $srchCount + $delCount + $modCount + $addCount + $modrdnCount + $bindCount + $extopCount + $cmpCount;
|
|
|
dc8c34 |
if ($verb eq "yes" && $abandonCount > 0 && $abandonTotal > 0){
|
|
|
dc8c34 |
my $conn_hash = $hashes->{conn_hash};
|
|
|
dc8c34 |
+ my $abandon_conn_op = $hashes->{abandon_conn_op};
|
|
|
dc8c34 |
+ my $srch_conn_op = $hashes->{srch_conn_op};
|
|
|
dc8c34 |
+ my $del_conn_op = $hashes->{del_conn_op};
|
|
|
dc8c34 |
+ my $add_conn_op = $hashes->{add_conn_op};
|
|
|
dc8c34 |
+ my $mod_conn_op = $hashes->{mod_conn_op};
|
|
|
dc8c34 |
+ my $cmp_conn_op = $hashes->{cmp_conn_op};
|
|
|
dc8c34 |
+ my $mdn_conn_op = $hashes->{mdn_conn_op};
|
|
|
dc8c34 |
+ my $bind_conn_op = $hashes->{bind_conn_op};
|
|
|
dc8c34 |
+ my $unbind_conn_op = $hashes->{unbind_conn_op};
|
|
|
dc8c34 |
+ my $ext_conn_op = $hashes->{ext_conn_op};
|
|
|
dc8c34 |
|
|
|
dc8c34 |
print "\n\n----- Abandon Request Stats -----\n\n";
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- for (my $g = 0; $g < $abandonCount; $g++){
|
|
|
dc8c34 |
- my $conn = $arrays->{targetconn}->[$g];
|
|
|
dc8c34 |
- my $op = $arrays->{targetop}->[$g];
|
|
|
dc8c34 |
- my $msgid = $arrays->{msgid}->[$g];
|
|
|
dc8c34 |
- for (my $sc = 0; $sc < $srchCount; $sc++){
|
|
|
dc8c34 |
- if (($arrays->{srchconn}->[$sc] && $arrays->{srchop}->[$sc]) &&
|
|
|
dc8c34 |
- ($arrays->{srchconn}->[$sc] eq $conn && $arrays->{srchop}->[$sc] eq $op )){
|
|
|
dc8c34 |
- print " - SRCH conn=$conn op=$op msgid=$msgid client=$conn_hash->{$conn}\n";
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- for (my $dc = 0; $dc < $delCount; $dc++){
|
|
|
dc8c34 |
- if (($arrays->{delconn}->[$dc] && $arrays->{delop}->[$dc]) &&
|
|
|
dc8c34 |
- ($arrays->{delconn}->[$dc] eq $conn && $arrays->{delop}->[$dc] eq $op)){
|
|
|
dc8c34 |
- print " - DEL conn=$conn op=$op msgid=$msgid client=$conn_hash->{$conn}\n";
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- for (my $adc = 0; $adc < $addCount; $adc++){
|
|
|
dc8c34 |
- if (($arrays->{addconn}->[$adc] && $arrays->{addop}->[$adc]) &&
|
|
|
dc8c34 |
- ($arrays->{addconn}->[$adc] eq $conn && $arrays->{addop}->[$adc] eq $op)){
|
|
|
dc8c34 |
- print " - ADD conn=$conn op=$op msgid=$msgid client=$conn_hash->{$conn}\n";
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- for (my $mc = 0; $mc < $modCount; $mc++){
|
|
|
dc8c34 |
- if (($arrays->{modconn}->[$mc] && $arrays->{modop}->[$mc]) &&
|
|
|
dc8c34 |
- ($arrays->{modconn}->[$mc] eq $conn && $arrays->{modop}->[$mc] eq $op)){
|
|
|
dc8c34 |
- print " - MOD conn=$conn op=$op msgid=$msgid client=$conn_hash->{$conn}\n";
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- for (my $cc = 0; $cc < $cmpCount; $cc++){
|
|
|
dc8c34 |
- if (($arrays->{cmpconn}->[$cc] && $arrays->{cmpop}->[$cc]) &&
|
|
|
dc8c34 |
- ($arrays->{cmpconn}->[$cc] eq $conn && $arrays->{cmpop}->[$cc] eq $op)){
|
|
|
dc8c34 |
- print " - CMP conn=$conn op=$op msgid=$msgid client=$conn_hash->{$conn}\n";
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- for (my $mdc = 0; $mdc < $modrdnCount; $mdc++){
|
|
|
dc8c34 |
- if (($arrays->{modrdnconn}->[$mdc] && $arrays->{modrdnop}->[$mdc]) &&
|
|
|
dc8c34 |
- ($arrays->{modrdnconn}->[$mdc] eq $conn && $arrays->{modrdnop}->[$mdc] eq $op)){
|
|
|
dc8c34 |
- print " - MODRDN conn=$conn op=$op msgid=$msgid client=$conn_hash->{$conn}\n";
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- for (my $bcb = 0; $bcb < $bindCount; $bcb++){
|
|
|
dc8c34 |
- if (($arrays->{bindconn}->[$bcb] && $arrays->{bindop}->[$bcb]) &&
|
|
|
dc8c34 |
- ($arrays->{bindconn}->[$bcb] eq $conn && $arrays->{bindop}->[$bcb] eq $op)){
|
|
|
dc8c34 |
- print " - BIND conn=$conn op=$op msgid=$msgid client=$conn_hash->{$conn}\n";
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- for (my $ubc = 0; $ubc < $unbindCount; $ubc++){
|
|
|
dc8c34 |
- if (($arrays->{unbindconn}->[$ubc] && $arrays->{unbindop}->[$ubc]) &&
|
|
|
dc8c34 |
- ($arrays->{unbindconn}->[$ubc] eq $conn && $arrays->{unbindop}->[$ubc] eq $op)){
|
|
|
dc8c34 |
- print " - UNBIND conn=$conn op=$op msgid=$msgid client=$conn_hash->{$conn}\n";
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ while (my ($conn_op, $targ_msgid) = each %{$abandon_conn_op}) {
|
|
|
dc8c34 |
+ my ($conn, $op) = split(",", $conn_op);
|
|
|
dc8c34 |
+ my ($targetop, $msgid) = split(",", $targ_msgid);
|
|
|
dc8c34 |
+ my $conn_targ = "$conn,$targetop";
|
|
|
dc8c34 |
+ my $clientIP;
|
|
|
dc8c34 |
+ if (exists($conn_hash->{$conn}) && defined($conn_hash->{$conn})) {
|
|
|
dc8c34 |
+ $clientIP = $conn_hash->{$conn};
|
|
|
dc8c34 |
+ } else {
|
|
|
dc8c34 |
+ $clientIP = "Unknown";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- for (my $ec = 0; $ec < $extopCount; $ec++){
|
|
|
dc8c34 |
- if (($arrays->{extconn}->[$ec] && $arrays->{extop}->[$ec]) &&
|
|
|
dc8c34 |
- ($arrays->{extconn}->[$ec] eq $conn && $arrays->{extop}->[$ec] eq $op)){
|
|
|
dc8c34 |
- print " - EXT conn=$conn op=$op msgid=$msgid client=$conn_hash->{$conn}\n";
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ if (exists($srch_conn_op->{$conn_targ}) && defined($srch_conn_op->{$conn_targ})) {
|
|
|
dc8c34 |
+ print " - SRCH conn=$conn op=$targetop msgid=$msgid client=$clientIP\n";
|
|
|
dc8c34 |
+ } elsif (exists($del_conn_op->{$conn_targ}) && defined($del_conn_op->{$conn_targ})) {
|
|
|
dc8c34 |
+ print " - DEL conn=$conn op=$targetop msgid=$msgid client=$clientIP\n";
|
|
|
dc8c34 |
+ } elsif (exists($add_conn_op->{$conn_targ}) && defined($add_conn_op->{$conn_targ})) {
|
|
|
dc8c34 |
+ print " - ADD conn=$conn op=$targetop msgid=$msgid client=$clientIP\n";
|
|
|
dc8c34 |
+ } elsif (exists($mod_conn_op->{$conn_targ}) && defined($mod_conn_op->{$conn_targ})) {
|
|
|
dc8c34 |
+ print " - MOD conn=$conn op=$targetop msgid=$msgid client=$clientIP\n";
|
|
|
dc8c34 |
+ } elsif (exists($cmp_conn_op->{$conn_targ}) && defined($cmp_conn_op->{$conn_targ})) {
|
|
|
dc8c34 |
+ print " - CMP conn=$conn op=$targetop msgid=$msgid client=$clientIP\n";
|
|
|
dc8c34 |
+ } elsif (exists($mdn_conn_op->{$conn_targ}) && defined($mdn_conn_op->{$conn_targ})) {
|
|
|
dc8c34 |
+ print " - MODRDN conn=$conn op=$targetop msgid=$msgid client=$clientIP\n";
|
|
|
dc8c34 |
+ } elsif (exists($bind_conn_op->{$conn_targ}) && defined($bind_conn_op->{$conn_targ})) {
|
|
|
dc8c34 |
+ print " - BIND conn=$conn op=$targetop msgid=$msgid client=$clientIP\n";
|
|
|
dc8c34 |
+ } elsif (exists($unbind_conn_op->{$conn_targ}) && defined($unbind_conn_op->{$conn_targ})) {
|
|
|
dc8c34 |
+ print " - UNBIND conn=$conn op=$targetop msgid=$msgid client=$clientIP\n";
|
|
|
dc8c34 |
+ } elsif (exists($ext_conn_op->{$conn_targ}) && defined($ext_conn_op->{$conn_targ})) {
|
|
|
dc8c34 |
+ print " - EXT conn=$conn op=$targetop msgid=$msgid client=$clientIP\n";
|
|
|
dc8c34 |
+ } else {
|
|
|
dc8c34 |
+ print " - UNKNOWN conn=$conn op=$targetop msgid=$msgid client=$clientIP\n";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -1390,8 +1336,8 @@ sub displayUsage {
|
|
|
dc8c34 |
print "Usage:\n\n";
|
|
|
dc8c34 |
|
|
|
dc8c34 |
print " ./logconv.pl [-h] [-d|--rootdn <rootDN>] [-s|--sizeLimit <size limit>] [-v|verison] [-Vi|verbose]\n";
|
|
|
dc8c34 |
- print " [-S|--startTime <start time>] [-E|--endTime <end time>] \n";
|
|
|
dc8c34 |
- print " [-efcibaltnxrgjuyp] [ access log ... ... ]\n\n";
|
|
|
dc8c34 |
+ print " [-S|--startTime <start time>] [-E|--endTime <end time>] \n";
|
|
|
dc8c34 |
+ print " [-efcibaltnxrgjuyp] [ access log ... ... ]\n\n";
|
|
|
dc8c34 |
|
|
|
dc8c34 |
print "- Commandline Switches:\n\n";
|
|
|
dc8c34 |
|
|
|
dc8c34 |
@@ -1400,7 +1346,7 @@ sub displayUsage {
|
|
|
dc8c34 |
print " -D, --data <Location for temporary data files> default is \"/tmp\"\n";
|
|
|
dc8c34 |
print " -s, --sizeLimit <Number of results to return per catagory> default is 20\n";
|
|
|
dc8c34 |
print " -X, --excludeIP <IP address to exclude from connection stats> E.g. Load balancers\n";
|
|
|
dc8c34 |
- print " -v, --version show version of tool\n";
|
|
|
dc8c34 |
+ print " -v, --version show version of tool\n";
|
|
|
dc8c34 |
print " -S, --startTime <time to begin analyzing logfile from>\n";
|
|
|
dc8c34 |
print " E.g. \"[28/Mar/2002:13:14:22 -0800]\"\n";
|
|
|
dc8c34 |
print " -E, --endTime <time to stop analyzing logfile>\n";
|
|
|
dc8c34 |
@@ -1450,7 +1396,7 @@ sub displayUsage {
|
|
|
dc8c34 |
sub
|
|
|
dc8c34 |
parseLine {
|
|
|
dc8c34 |
if($reportBinds eq "yes"){
|
|
|
dc8c34 |
- &parseLineBind();
|
|
|
dc8c34 |
+ &parseLineBind();
|
|
|
dc8c34 |
} else {
|
|
|
dc8c34 |
&parseLineNormal();
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -1469,26 +1415,26 @@ parseLineBind {
|
|
|
dc8c34 |
return if $_ =~ /^\s/;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if($firstFile == 1 && $_ =~ /^\[/){
|
|
|
dc8c34 |
- $start = $_;
|
|
|
dc8c34 |
- if ($start =~ / *([0-9a-z:\/]+)/i){$start=$1;}
|
|
|
dc8c34 |
- $firstFile = 0;
|
|
|
dc8c34 |
+ $start = $_;
|
|
|
dc8c34 |
+ if ($start =~ / *([0-9a-z:\/]+)/i){$start=$1;}
|
|
|
dc8c34 |
+ $firstFile = 0;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($endFlag != 1 && $_ =~ /^\[/ && $_ =~ / *([0-9a-z:\/]+)/i){
|
|
|
dc8c34 |
$end =$1;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($startTime && !$startFlag) {
|
|
|
dc8c34 |
- if (index($_, $startTime) == 0) {
|
|
|
dc8c34 |
- $startFlag = 1;
|
|
|
dc8c34 |
- ($start) = $startTime =~ /\D*(\S*)/;
|
|
|
dc8c34 |
- } else {
|
|
|
dc8c34 |
- return;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ if (index($_, $startTime) == 0) {
|
|
|
dc8c34 |
+ $startFlag = 1;
|
|
|
dc8c34 |
+ ($start) = $startTime =~ /\D*(\S*)/;
|
|
|
dc8c34 |
+ } else {
|
|
|
dc8c34 |
+ return;
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($endTime && !$endFlag) {
|
|
|
dc8c34 |
- if (index($_, $endTime) == 0) {
|
|
|
dc8c34 |
- $endFlag = 1;
|
|
|
dc8c34 |
- ($end) = $endTime =~ /\D*(\S*)/;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ if (index($_, $endTime) == 0) {
|
|
|
dc8c34 |
+ $endFlag = 1;
|
|
|
dc8c34 |
+ ($end) = $endTime =~ /\D*(\S*)/;
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($_ =~ /connection from *([0-9A-Fa-f\.\:]+)/i ) {
|
|
|
dc8c34 |
my $skip = "yes";
|
|
|
dc8c34 |
@@ -1497,8 +1443,8 @@ parseLineBind {
|
|
|
dc8c34 |
$skip = "yes";
|
|
|
dc8c34 |
last;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- if ($skip eq "yes"){
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
+ if ($skip eq "yes"){
|
|
|
dc8c34 |
return ;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
$ip = $1;
|
|
|
dc8c34 |
@@ -1507,9 +1453,9 @@ parseLineBind {
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
return;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- if (/ BIND/ && $_ =~ /dn=\"(.*)\" method/i ){
|
|
|
dc8c34 |
+ if (/ BIND/ && $_ =~ /dn=\"(.*)\" method/i ){
|
|
|
dc8c34 |
my $dn;
|
|
|
dc8c34 |
- if ($1 eq ""){
|
|
|
dc8c34 |
+ if ($1 eq ""){
|
|
|
dc8c34 |
$dn = "Anonymous";
|
|
|
dc8c34 |
} else {
|
|
|
dc8c34 |
$dn = $1;
|
|
|
dc8c34 |
@@ -1522,7 +1468,7 @@ parseLineBind {
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
$bindReport{$dn}{"binds"}++;
|
|
|
dc8c34 |
- if ($bindReport{$dn}{"binds"} == 1){
|
|
|
dc8c34 |
+ if ($bindReport{$dn}{"binds"} == 1){
|
|
|
dc8c34 |
# For hashes we need to init the counters
|
|
|
dc8c34 |
$bindReport{$dn}{"srch"} = 0;
|
|
|
dc8c34 |
$bindReport{$dn}{"add"} = 0;
|
|
|
dc8c34 |
@@ -1537,7 +1483,7 @@ parseLineBind {
|
|
|
dc8c34 |
$bindReport{$dn}{"conn"} = $bindReport{$dn}{"conn"} . " $1 ";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
return;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
if (/ RESULT err=49 /){
|
|
|
dc8c34 |
processOpForBindReport("failedBind",$logline);
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -1547,7 +1493,7 @@ parseLineBind {
|
|
|
dc8c34 |
processOpForBindReport("add",$logline);
|
|
|
dc8c34 |
} elsif (/ MOD dn=/){
|
|
|
dc8c34 |
processOpForBindReport("mod",$logline);
|
|
|
dc8c34 |
- } elsif (/ DEL dn=/){
|
|
|
dc8c34 |
+ } elsif (/ DEL dn=/){
|
|
|
dc8c34 |
processOpForBindReport("del",$logline);
|
|
|
dc8c34 |
} elsif (/ MODRDN dn=/){
|
|
|
dc8c34 |
processOpForBindReport("modrdn",$logline);
|
|
|
dc8c34 |
@@ -1555,7 +1501,7 @@ parseLineBind {
|
|
|
dc8c34 |
processOpForBindReport("cmp",$logline);
|
|
|
dc8c34 |
} elsif (/ EXT oid=/){
|
|
|
dc8c34 |
processOpForBindReport("ext",$logline);
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
sub
|
|
|
dc8c34 |
@@ -1625,13 +1571,13 @@ sub parseLineNormal
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if(!defined($lastzone) or $tzone ne $lastzone)
|
|
|
dc8c34 |
{
|
|
|
dc8c34 |
- # tz offset change
|
|
|
dc8c34 |
- $lastzone=$tzone;
|
|
|
dc8c34 |
- my ($sign,$hr,$min) = $tzone =~ m/(.)(\d\d)(\d\d)/;
|
|
|
dc8c34 |
- $tzoff = $hr*3600 + $min*60;
|
|
|
dc8c34 |
- $tzoff *= -1
|
|
|
dc8c34 |
- if $sign eq '-';
|
|
|
dc8c34 |
- # to be subtracted from converted values.
|
|
|
dc8c34 |
+ # tz offset change
|
|
|
dc8c34 |
+ $lastzone=$tzone;
|
|
|
dc8c34 |
+ my ($sign,$hr,$min) = $tzone =~ m/(.)(\d\d)(\d\d)/;
|
|
|
dc8c34 |
+ $tzoff = $hr*3600 + $min*60;
|
|
|
dc8c34 |
+ $tzoff *= -1
|
|
|
dc8c34 |
+ if $sign eq '-';
|
|
|
dc8c34 |
+ # to be subtracted from converted values.
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
my ($date, $hr, $min, $sec) = split (':', $time);
|
|
|
dc8c34 |
my ($day, $mon, $yr) = split ('/', $date);
|
|
|
dc8c34 |
@@ -1641,15 +1587,15 @@ sub parseLineNormal
|
|
|
dc8c34 |
reset_stats_block( $s_stats, $gmtime, $time.' '.$tzone );
|
|
|
dc8c34 |
if (!defined($last_min) or $newmin != $last_min)
|
|
|
dc8c34 |
{
|
|
|
dc8c34 |
- print_stats_block( $m_stats );
|
|
|
dc8c34 |
- $time =~ s/\d\d$/00/;
|
|
|
dc8c34 |
- reset_stats_block( $m_stats, $newmin, $time.' '.$tzone );
|
|
|
dc8c34 |
- $last_min = $newmin;
|
|
|
dc8c34 |
+ print_stats_block( $m_stats );
|
|
|
dc8c34 |
+ $time =~ s/\d\d$/00/;
|
|
|
dc8c34 |
+ reset_stats_block( $m_stats, $newmin, $time.' '.$tzone );
|
|
|
dc8c34 |
+ $last_min = $newmin;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- if (m/ RESULT err/){
|
|
|
dc8c34 |
- $allResults++;
|
|
|
dc8c34 |
+ if (m/ RESULT err/){
|
|
|
dc8c34 |
+ $allResults++;
|
|
|
dc8c34 |
if($reportStats){ inc_stats('results',$s_stats,$m_stats); }
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ SRCH/){
|
|
|
dc8c34 |
@@ -1666,58 +1612,57 @@ sub parseLineNormal
|
|
|
dc8c34 |
$anyAttrs++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($verb eq "yes"){
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i){ push @{$arrays->{srchconn}}, $1;}
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ push @{$arrays->{srchop}}, $1;}
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){ $hashes->{srch_conn_op}->{"$1,$2"}++;}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ DEL/){
|
|
|
dc8c34 |
$delCount++;
|
|
|
dc8c34 |
if($reportStats){ inc_stats('del',$s_stats,$m_stats); }
|
|
|
dc8c34 |
if ($verb eq "yes"){
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i){ push @{$arrays->{delconn}}, $1;}
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ push @{$arrays->{delop}}, $1;}
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){ $hashes->{del_conn_op}->{"$1,$2"}++;}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ MOD dn=/){
|
|
|
dc8c34 |
$modCount++;
|
|
|
dc8c34 |
if($reportStats){ inc_stats('mod',$s_stats,$m_stats); }
|
|
|
dc8c34 |
if ($verb eq "yes"){
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i){ push @{$arrays->{modconn}}, $1;}
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ push @{$arrays->{modop}}, $1; }
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){ $hashes->{mod_conn_op}->{"$1,$2"}++;}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ ADD/){
|
|
|
dc8c34 |
$addCount++;
|
|
|
dc8c34 |
if($reportStats){ inc_stats('add',$s_stats,$m_stats); }
|
|
|
dc8c34 |
if ($verb eq "yes"){
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i){ push @{$arrays->{addconn}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ push @{$arrays->{addop}}, $1; }
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){ $hashes->{add_conn_op}->{"$1,$2"}++;}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ MODRDN/){
|
|
|
dc8c34 |
$modrdnCount++;
|
|
|
dc8c34 |
if($reportStats){ inc_stats('modrdn',$s_stats,$m_stats); }
|
|
|
dc8c34 |
if ($verb eq "yes"){
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i){ push @{$arrays->{modrdnconn}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ push @{$arrays->{modrdnop}}, $1; }
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){ $hashes->{mdn_conn_op}->{"$1,$2"}++;}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ CMP dn=/){
|
|
|
dc8c34 |
$cmpCount++;
|
|
|
dc8c34 |
if($reportStats){ inc_stats('cmp',$s_stats,$m_stats); }
|
|
|
dc8c34 |
if ($verb eq "yes" || $usage =~ /g/i){
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i){ push @{$arrays->{cmpconn}}, $1;}
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ push @{$arrays->{cmpop}}, $1;}
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){ $hashes->{cmp_conn_op}->{"$1,$2"}++;}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ ABANDON /){
|
|
|
dc8c34 |
+ # there are two cases for abandon
|
|
|
dc8c34 |
+ # [17/Sep/2013:01:52:11 -0400] conn=1482074 op=4 ABANDON targetop=3 msgid=4
|
|
|
dc8c34 |
+ # [17/Sep/2013:01:52:11 -0400] conn=1482074 op=4 ABANDON targetop=NOTFOUND msgid=4
|
|
|
dc8c34 |
+ # if the op to be abandoned completes before the abandon request can be processed
|
|
|
dc8c34 |
+ # the server will use NOTFOUND as the op number
|
|
|
dc8c34 |
$abandonCount++;
|
|
|
dc8c34 |
if($reportStats){ inc_stats('abandon',$s_stats,$m_stats); }
|
|
|
dc8c34 |
$allResults++;
|
|
|
dc8c34 |
- if ($_ =~ /targetop= *([0-9a-zA-Z]+)/i ){
|
|
|
dc8c34 |
- push @{$arrays->{targetop}}, $1;
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i){ push @{$arrays->{targetconn}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ /msgid= *([0-9\-]+)/i){ push @{$arrays->{msgid}}, $1; }
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+) +ABANDON +targetop= *([0-9a-zA-Z]+) +msgid= *([0-9\-]+)/i ){
|
|
|
dc8c34 |
+ # abandon_conn_op - key is the conn,op of the ABANDON request
|
|
|
dc8c34 |
+ # the value is the targetop,msgid of the ABANDON request
|
|
|
dc8c34 |
+ $hashes->{abandon_conn_op}->{"$1,$2"} = "$3,$4"; # targetop,msgid
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ VLV /){
|
|
|
dc8c34 |
@@ -1738,11 +1683,11 @@ sub parseLineNormal
|
|
|
dc8c34 |
$autobindCount++;
|
|
|
dc8c34 |
$bindCount++;
|
|
|
dc8c34 |
if($reportStats){ inc_stats('bind',$s_stats,$m_stats); }
|
|
|
dc8c34 |
- if ($1 ne ""){
|
|
|
dc8c34 |
+ if ($1 ne ""){
|
|
|
dc8c34 |
$tmpp = $1;
|
|
|
dc8c34 |
$tmpp =~ tr/A-Z/a-z/;
|
|
|
dc8c34 |
$hashes->{bindlist}->{$tmpp}++;
|
|
|
dc8c34 |
- if($1 eq $rootDN){
|
|
|
dc8c34 |
+ if($1 eq $rootDN){
|
|
|
dc8c34 |
$rootDNBindCount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
} else {
|
|
|
dc8c34 |
@@ -1752,7 +1697,7 @@ sub parseLineNormal
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ connection from/){
|
|
|
dc8c34 |
- if ($_ =~ /connection from *([0-9A-Fa-f\.\:]+)/i ){
|
|
|
dc8c34 |
+ if ($_ =~ /connection from *([0-9A-Fa-f\.\:]+)/i ){
|
|
|
dc8c34 |
for (my $xxx =0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
if ($excludeIP[$xxx] eq $1){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -1763,7 +1708,7 @@ sub parseLineNormal
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
$simConnection++;
|
|
|
dc8c34 |
if ($simConnection > $maxsimConnection) {
|
|
|
dc8c34 |
- $maxsimConnection = $simConnection;
|
|
|
dc8c34 |
+ $maxsimConnection = $simConnection;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
($connID) = $_ =~ /conn=(\d*)\s/;
|
|
|
dc8c34 |
$openConnection[$connID]++;
|
|
|
dc8c34 |
@@ -1772,7 +1717,7 @@ sub parseLineNormal
|
|
|
dc8c34 |
my ($date, $hr, $min, $sec) = split (':', $time);
|
|
|
dc8c34 |
my ($day, $mon, $yr) = split ('/', $date);
|
|
|
dc8c34 |
$day =~ s/\[//;
|
|
|
dc8c34 |
- $start_time_of_connection[$connID] = timegm($sec, $min, $hr, $day, $monthname{$mon}, $yr);
|
|
|
dc8c34 |
+ $hashes->{start_time_of_connection}->{$connID} = timegm($sec, $min, $hr, $day, $monthname{$mon}, $yr);
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ SSL client bound as /){$sslClientBindCount++;}
|
|
|
dc8c34 |
@@ -1788,10 +1733,10 @@ sub parseLineNormal
|
|
|
dc8c34 |
# if we didn't see the start time of this connection
|
|
|
dc8c34 |
# i.e. due to truncation or log rotation
|
|
|
dc8c34 |
# then just set to 0
|
|
|
dc8c34 |
- my $stoc = $start_time_of_connection[$connID] || 0;
|
|
|
dc8c34 |
- $end_time_of_connection[$connID] = $gmtime || 0;
|
|
|
dc8c34 |
- my $diff = $end_time_of_connection[$connID] - $stoc;
|
|
|
dc8c34 |
- $start_time_of_connection[$connID] = $end_time_of_connection[$connID] = 0;
|
|
|
dc8c34 |
+ my $stoc = $hashes->{start_time_of_connection}->{$connID} || 0;
|
|
|
dc8c34 |
+ $hashes->{end_time_of_connection}->{$connID} = $gmtime || 0;
|
|
|
dc8c34 |
+ my $diff = $hashes->{end_time_of_connection}->{$connID} - $stoc;
|
|
|
dc8c34 |
+ $hashes->{start_time_of_connection}->{$connID} = $hashes->{end_time_of_connection}->{$connID} = 0;
|
|
|
dc8c34 |
if ($diff <= 1) { $latency[0]++;}
|
|
|
dc8c34 |
if ($diff == 2) { $latency[1]++;}
|
|
|
dc8c34 |
if ($diff == 3) { $latency[2]++;}
|
|
|
dc8c34 |
@@ -1802,85 +1747,82 @@ sub parseLineNormal
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ BIND/ && $_ =~ /dn=\"(.*)\" method/i ){
|
|
|
dc8c34 |
+ my $binddn = $1;
|
|
|
dc8c34 |
if($reportStats){ inc_stats('bind',$s_stats,$m_stats); }
|
|
|
dc8c34 |
$bindCount++;
|
|
|
dc8c34 |
- if ($1 ne ""){
|
|
|
dc8c34 |
- if($1 eq $rootDN){$rootDNBindCount++;}
|
|
|
dc8c34 |
- $tmpp = $1;
|
|
|
dc8c34 |
+ my ($conn, $op);
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){
|
|
|
dc8c34 |
+ $conn = $1;
|
|
|
dc8c34 |
+ $op = $2;
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
+ if ($binddn ne ""){
|
|
|
dc8c34 |
+ if($binddn eq $rootDN){$rootDNBindCount++;}
|
|
|
dc8c34 |
+ $tmpp = $binddn;
|
|
|
dc8c34 |
$tmpp =~ tr/A-Z/a-z/;
|
|
|
dc8c34 |
$hashes->{bindlist}->{$tmpp}++;
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i) { push @{$arrays->{bindconn}}, $1;}
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i) { push @{$arrays->{bindop}}, $1;}
|
|
|
dc8c34 |
if($usage =~ /f/ || $verb eq "yes"){
|
|
|
dc8c34 |
- push @{$arrays->{binddn}}, $tmpp;
|
|
|
dc8c34 |
+ $hashes->{bind_conn_op}->{"$conn,$op"} = $tmpp;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
} else {
|
|
|
dc8c34 |
$anonymousBindCount++;
|
|
|
dc8c34 |
$hashes->{bindlist}->{"Anonymous Binds"}++;
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i) { push @{$arrays->{bindconn}}, $1;}
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i) { push @{$arrays->{bindop}}, $1;}
|
|
|
dc8c34 |
- push @{$arrays->{binddn}}, "";
|
|
|
dc8c34 |
+ if($usage =~ /f/ || $verb eq "yes"){
|
|
|
dc8c34 |
+ $hashes->{bind_conn_op}->{"$conn,$op"} = "";
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
inc_stats('anonbind',$s_stats,$m_stats);
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/ UNBIND/){
|
|
|
dc8c34 |
$unbindCount++;
|
|
|
dc8c34 |
if ($verb eq "yes"){
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i){ push @{$arrays->{unbindconn}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ push @{$arrays->{unbindop}}, $1; }
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){ $hashes->{unbind_conn_op}->{"$1,$2"}++;}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- if (m/ RESULT err=/ && m/ notes=P/){
|
|
|
dc8c34 |
+ if (m/ RESULT err=/ && m/ notes=[A-Z,]*P/){
|
|
|
dc8c34 |
$pagedSearchCount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- if (m/ notes=A/){
|
|
|
dc8c34 |
+ if (m/ notes=[A-Z,]*A/){
|
|
|
dc8c34 |
$con = "";
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i){
|
|
|
dc8c34 |
- $con = $1;
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ $op = $1;}
|
|
|
dc8c34 |
+ $con = $1;
|
|
|
dc8c34 |
+ if ($_ =~ /op= *([0-9\-]+)/i){ $op = $1;}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
for (my $i=0; $i < $vlvCount;$i++){
|
|
|
dc8c34 |
- if ($vlvconn[$i] eq $con && $vlvop[$i] eq $op){ $vlvNotesACount++; $isVlvNotes="1";}
|
|
|
dc8c34 |
+ if ($vlvconn[$i] eq $con && $vlvop[$i] eq $op){ $vlvNotesACount++; $isVlvNotes="1";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if($isVlvNotes == 0){
|
|
|
dc8c34 |
# We don't want to record vlv unindexed searches for our regular "bad"
|
|
|
dc8c34 |
# unindexed search stat, as VLV unindexed searches aren't that bad
|
|
|
dc8c34 |
$unindexedSrchCountNotesA++;
|
|
|
dc8c34 |
if($reportStats){ inc_stats('notesA',$s_stats,$m_stats); }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- if ($usage =~ /u/ || $verb eq "yes"){
|
|
|
dc8c34 |
- if ($isVlvNotes == 0 ){
|
|
|
dc8c34 |
- if ($_ =~ /etime= *([0-9.]+)/i ){ push @{$arrays->{notesAetime}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i){ push @{$arrays->{notesAconn}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ push @{$arrays->{notesAop}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ / *([0-9a-z:\/]+)/i){ push @{$arrays->{notesAtime}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ /nentries= *([0-9]+)/i ){ push @{$arrays->{notesAnentries}}, $1; }
|
|
|
dc8c34 |
+ if ($usage =~ /u/ || $verb eq "yes"){
|
|
|
dc8c34 |
+ $hashes->{notesa_conn_op}->{"$con,$op"}++;
|
|
|
dc8c34 |
+ if ($_ =~ /etime= *([0-9.]+)/i ){ $hashes->{etime_conn_op}->{"$con,$op"} = $1; }
|
|
|
dc8c34 |
+ if ($_ =~ / *([0-9a-z:\/]+)/i){ $hashes->{time_conn_op}->{"$con,$op"} = $1; }
|
|
|
dc8c34 |
+ if ($_ =~ /nentries= *([0-9]+)/i ){ $hashes->{nentries_conn_op}->{"$con,$op"} = $1; }
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
$isVlvNotes = 0;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- if (m/ notes=U/){
|
|
|
dc8c34 |
+ if (m/ notes=[A-Z,]*U/){
|
|
|
dc8c34 |
$con = "";
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i){
|
|
|
dc8c34 |
- $con = $1;
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ $op = $1;}
|
|
|
dc8c34 |
+ $con = $1;
|
|
|
dc8c34 |
+ if ($_ =~ /op= *([0-9\-]+)/i){ $op = $1;}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
for (my $i=0; $i < $vlvCount;$i++){
|
|
|
dc8c34 |
- if ($vlvconn[$i] eq $con && $vlvop[$i] eq $op){ $vlvNotesUCount++; $isVlvNotes="1";}
|
|
|
dc8c34 |
+ if ($vlvconn[$i] eq $con && $vlvop[$i] eq $op){ $vlvNotesUCount++; $isVlvNotes="1";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if($isVlvNotes == 0){
|
|
|
dc8c34 |
# We don't want to record vlv unindexed searches for our regular "bad"
|
|
|
dc8c34 |
# unindexed search stat, as VLV unindexed searches aren't that bad
|
|
|
dc8c34 |
$unindexedSrchCountNotesU++;
|
|
|
dc8c34 |
if($reportStats){ inc_stats('notesU',$s_stats,$m_stats); }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- if ($usage =~ /u/ || $verb eq "yes"){
|
|
|
dc8c34 |
- if ($isVlvNotes == 0 ){
|
|
|
dc8c34 |
- if ($_ =~ /etime= *([0-9.]+)/i ){ push @{$arrays->{notesUetime}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i){ push @{$arrays->{notesUconn}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ push @{$arrays->{notesUop}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ / *([0-9a-z:\/]+)/i){ push @{$arrays->{notesUtime}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ /nentries= *([0-9]+)/i ){ push @{$arrays->{notesUnentries}}, $1; }
|
|
|
dc8c34 |
+ if ($usage =~ /u/ || $verb eq "yes"){
|
|
|
dc8c34 |
+ $hashes->{notesu_conn_op}->{"$con,$op"}++;
|
|
|
dc8c34 |
+ if ($_ =~ /etime= *([0-9.]+)/i ){ $hashes->{etime_conn_op}->{"$con,$op"} = $1; }
|
|
|
dc8c34 |
+ if ($_ =~ / *([0-9a-z:\/]+)/i){ $hashes->{time_conn_op}->{"$con,$op"} = $1; }
|
|
|
dc8c34 |
+ if ($_ =~ /nentries= *([0-9]+)/i ){ $hashes->{nentries_conn_op}->{"$con,$op"} = $1; }
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
$isVlvNotes = 0;
|
|
|
dc8c34 |
@@ -1941,8 +1883,8 @@ sub parseLineNormal
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
$ip = $1;
|
|
|
dc8c34 |
$hashes->{ip_hash}->{$ip}++;
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i ){
|
|
|
dc8c34 |
- if ($exc ne "yes"){
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+)/i ){
|
|
|
dc8c34 |
+ if ($exc ne "yes"){
|
|
|
dc8c34 |
$hashes->{conn_hash}->{$1} = $ip;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -1951,7 +1893,6 @@ sub parseLineNormal
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
$exc = "no";
|
|
|
dc8c34 |
$ip = getIPfromConn($1);
|
|
|
dc8c34 |
- if ($ip eq ""){$ip = "Unknown_Host";}
|
|
|
dc8c34 |
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -1966,14 +1907,13 @@ sub parseLineNormal
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
$exc = "no";
|
|
|
dc8c34 |
$ip = getIPfromConn($1);
|
|
|
dc8c34 |
- if ($ip eq ""){$ip = "Unknown_Host";}
|
|
|
dc8c34 |
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
- if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
+ if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($exc ne "yes"){
|
|
|
dc8c34 |
$hashes->{B1}->{$ip}++;
|
|
|
dc8c34 |
$hashes->{conncount}->{"B1"}++;
|
|
|
dc8c34 |
- $connCodeCount++;
|
|
|
dc8c34 |
+ $connCodeCount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -1981,44 +1921,41 @@ sub parseLineNormal
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
$exc = "no";
|
|
|
dc8c34 |
$ip = getIPfromConn($1);
|
|
|
dc8c34 |
- if ($ip eq ""){$ip = "Unknown_Host";}
|
|
|
dc8c34 |
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
- if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
+ if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($exc ne "yes"){
|
|
|
dc8c34 |
$hashes->{B4}->{$ip}++;
|
|
|
dc8c34 |
$hashes->{conncount}->{"B4"}++;
|
|
|
dc8c34 |
$connCodeCount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/- T1/){
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
$exc = "no";
|
|
|
dc8c34 |
- $ip = getIPfromConn($1);
|
|
|
dc8c34 |
- if ($ip eq ""){$ip = "Unknown_Host";}
|
|
|
dc8c34 |
+ $ip = getIPfromConn($1);
|
|
|
dc8c34 |
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
- if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
+ if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($exc ne "yes"){
|
|
|
dc8c34 |
$hashes->{T1}->{$ip}++;
|
|
|
dc8c34 |
$hashes->{conncount}->{"T1"}++;
|
|
|
dc8c34 |
- $connCodeCount++;
|
|
|
dc8c34 |
+ $connCodeCount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (m/- T2/){
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
- $exc = "no";
|
|
|
dc8c34 |
+ $exc = "no";
|
|
|
dc8c34 |
$ip = getIPfromConn($1);
|
|
|
dc8c34 |
- if ($ip eq ""){$ip = "Unknown_Host";}
|
|
|
dc8c34 |
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
- if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
+ if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($exc ne "yes"){
|
|
|
dc8c34 |
$hashes->{T2}->{$ip}++;
|
|
|
dc8c34 |
$hashes->{conncount}->{"T2"}++;
|
|
|
dc8c34 |
- $connCodeCount++;
|
|
|
dc8c34 |
+ $connCodeCount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -2027,14 +1964,13 @@ sub parseLineNormal
|
|
|
dc8c34 |
$exc = "no";
|
|
|
dc8c34 |
$ip = getIPfromConn($1);
|
|
|
dc8c34 |
$maxBerSizeCount++;
|
|
|
dc8c34 |
- if ($ip eq ""){$ip = "Unknown_Host";}
|
|
|
dc8c34 |
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
- if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
+ if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($exc ne "yes"){
|
|
|
dc8c34 |
$hashes->{B2}->{$ip}++;
|
|
|
dc8c34 |
$hashes->{conncount}->{"B2"}++;
|
|
|
dc8c34 |
- $connCodeCount++;
|
|
|
dc8c34 |
+ $connCodeCount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -2042,14 +1978,13 @@ sub parseLineNormal
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
$exc = "no";
|
|
|
dc8c34 |
$ip = getIPfromConn($1);
|
|
|
dc8c34 |
- if ($ip eq ""){$ip = "Unknown_Host";}
|
|
|
dc8c34 |
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
- if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
+ if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($exc ne "yes"){
|
|
|
dc8c34 |
$hashes->{B3}->{$ip}++;
|
|
|
dc8c34 |
$hashes->{conncount}->{"B3"}++;
|
|
|
dc8c34 |
- $connCodeCount++;
|
|
|
dc8c34 |
+ $connCodeCount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -2057,9 +1992,8 @@ sub parseLineNormal
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
$exc = "no";
|
|
|
dc8c34 |
$ip = getIPfromConn($1);
|
|
|
dc8c34 |
- if ($ip eq ""){$ip = "Unknown_Host";}
|
|
|
dc8c34 |
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
- if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
+ if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($exc ne "yes"){
|
|
|
dc8c34 |
$hashes->{R1}->{$ip}++;
|
|
|
dc8c34 |
@@ -2072,14 +2006,13 @@ sub parseLineNormal
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
$exc = "no";
|
|
|
dc8c34 |
$ip = getIPfromConn($1);
|
|
|
dc8c34 |
- if ($ip eq ""){$ip = "Unknown_Host";}
|
|
|
dc8c34 |
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
- if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
+ if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($exc ne "yes"){
|
|
|
dc8c34 |
$hashes->{P1}->{$ip}++;
|
|
|
dc8c34 |
$hashes->{conncount}->{"P1"}++;
|
|
|
dc8c34 |
- $connCodeCount++;
|
|
|
dc8c34 |
+ $connCodeCount++;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -2087,9 +2020,8 @@ sub parseLineNormal
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
$exc = "no";
|
|
|
dc8c34 |
$ip = getIPfromConn($1);
|
|
|
dc8c34 |
- if ($ip eq ""){$ip = "Unknown_Host";}
|
|
|
dc8c34 |
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
- if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
+ if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($exc ne "yes"){
|
|
|
dc8c34 |
$hashes->{P2}->{$ip}++;
|
|
|
dc8c34 |
@@ -2102,9 +2034,8 @@ sub parseLineNormal
|
|
|
dc8c34 |
if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
$exc = "no";
|
|
|
dc8c34 |
$ip = getIPfromConn($1);
|
|
|
dc8c34 |
- if ($ip eq ""){$ip = "Unknown_Host";}
|
|
|
dc8c34 |
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
|
|
|
dc8c34 |
- if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
+ if ($ip eq $excludeIP[$xxx]){$exc = "yes";}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($exc ne "yes"){
|
|
|
dc8c34 |
$hashes->{U1}->{$ip}++;
|
|
|
dc8c34 |
@@ -2131,8 +2062,7 @@ sub parseLineNormal
|
|
|
dc8c34 |
if ($_ =~ /oid=\" *([0-9\.]+)/i ){ $hashes->{oid}->{$1}++; }
|
|
|
dc8c34 |
if ($1 && $1 eq $startTLSoid){$startTLSCount++;}
|
|
|
dc8c34 |
if ($verb eq "yes"){
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i){ push @{$arrays->{extconn}}, $1; }
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i){ push @{$arrays->{extop}}, $1; }
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){ $hashes->{ext_conn_op}->{"$1,$2"}++;}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (($usage =~ /l/ || $verb eq "yes") and / SRCH /){
|
|
|
dc8c34 |
@@ -2155,14 +2085,12 @@ sub parseLineNormal
|
|
|
dc8c34 |
$filterCount++;
|
|
|
dc8c34 |
if($usage =~ /u/ || $verb eq "yes"){
|
|
|
dc8c34 |
# we only need this for the unindexed search report
|
|
|
dc8c34 |
- push @{$arrays->{filterval}}, $tmpp;
|
|
|
dc8c34 |
- push @{$arrays->{filterconn}}, $filterConn;
|
|
|
dc8c34 |
- push @{$arrays->{filterop}}, $filterOp;
|
|
|
dc8c34 |
+ $hashes->{filter_conn_op}->{"$filterConn,$filterOp"} = $tmpp;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ($usage =~ /a/ || $verb eq "yes"){
|
|
|
dc8c34 |
if (/ SRCH / && $_ =~ /base=\"(.*)\" scope/i ){
|
|
|
dc8c34 |
- my ($baseConn, $baseOp, $scopeVal, $scopeConn, $scopeOp);
|
|
|
dc8c34 |
+ my ($conn, $op, $scopeVal);
|
|
|
dc8c34 |
if ($1 eq ""){
|
|
|
dc8c34 |
$tmpp = "Root DSE";
|
|
|
dc8c34 |
} else {
|
|
|
dc8c34 |
@@ -2173,25 +2101,19 @@ sub parseLineNormal
|
|
|
dc8c34 |
#
|
|
|
dc8c34 |
# grab the search bases & scope for potential unindexed searches
|
|
|
dc8c34 |
#
|
|
|
dc8c34 |
- if ($_ =~ /scope= *([0-9]+)/i) {
|
|
|
dc8c34 |
- $scopeVal = $1;
|
|
|
dc8c34 |
+ if ($_ =~ /scope= *([0-9]+)/i) {
|
|
|
dc8c34 |
+ $scopeVal = $1;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
- $baseConn = $1;
|
|
|
dc8c34 |
- $scopeConn = $1;
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+)/i) {
|
|
|
dc8c34 |
+ $conn = $1;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i) {
|
|
|
dc8c34 |
- $baseOp = $1;
|
|
|
dc8c34 |
- $scopeOp = $1;
|
|
|
dc8c34 |
+ if ($_ =~ /op= *([0-9\-]+)/i) {
|
|
|
dc8c34 |
+ $op = $1;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if($usage =~ /u/ || $verb eq "yes"){
|
|
|
dc8c34 |
# we only need this for the unindexed search report
|
|
|
dc8c34 |
- push @{$arrays->{baseval}}, $tmpp;
|
|
|
dc8c34 |
- push @{$arrays->{baseconn}}, $baseConn;
|
|
|
dc8c34 |
- push @{$arrays->{baseop}}, $baseOp;
|
|
|
dc8c34 |
- push @{$arrays->{scopeval}}, $scopeTxt[$scopeVal];
|
|
|
dc8c34 |
- push @{$arrays->{scopeconn}}, $scopeConn;
|
|
|
dc8c34 |
- push @{$arrays->{scopeop}}, $scopeOp;
|
|
|
dc8c34 |
+ $hashes->{base_conn_op}->{"$conn,$op"} = $tmpp;
|
|
|
dc8c34 |
+ $hashes->{scope_conn_op}->{"$conn,$op"} = $scopeTxt[$scopeVal];
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
$baseCount++;
|
|
|
dc8c34 |
$scopeCount++;
|
|
|
dc8c34 |
@@ -2210,15 +2132,8 @@ sub parseLineNormal
|
|
|
dc8c34 |
$ds6x = "true";
|
|
|
dc8c34 |
$badPwdCount++;
|
|
|
dc8c34 |
} elsif (/ err=49 tag=/ ){
|
|
|
dc8c34 |
- if ($_ =~ /conn= *([0-9A-Z]+)/i ){
|
|
|
dc8c34 |
- push @{$arrays->{badpwdconn}}, $1;
|
|
|
dc8c34 |
- $ip = getIPfromConn($1);
|
|
|
dc8c34 |
- $badPwdCount++;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- if ($_ =~ /op= *([0-9\-]+)/i ){
|
|
|
dc8c34 |
- push @{$arrays->{badpwdop}}, $1;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- push @{$arrays->{badpwdip}}, $ip;
|
|
|
dc8c34 |
+ $badPwdCount++;
|
|
|
dc8c34 |
+ if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){ $hashes->{badpwd_conn_op}->{"$1,$2"}++;}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if (/ BIND / && /method=sasl/i){
|
|
|
dc8c34 |
@@ -2259,29 +2174,17 @@ sub parseLineNormal
|
|
|
dc8c34 |
sub
|
|
|
dc8c34 |
reset_stats_block
|
|
|
dc8c34 |
{
|
|
|
dc8c34 |
- my $stats = shift;
|
|
|
dc8c34 |
-
|
|
|
dc8c34 |
- $stats->{'last'} = shift || 0;
|
|
|
dc8c34 |
- $stats->{'last_str'} = shift || '';
|
|
|
dc8c34 |
-
|
|
|
dc8c34 |
- $stats->{'results'}=0;
|
|
|
dc8c34 |
- $stats->{'srch'}=0;
|
|
|
dc8c34 |
- $stats->{'add'}=0;
|
|
|
dc8c34 |
- $stats->{'mod'}=0;
|
|
|
dc8c34 |
- $stats->{'modrdn'}=0;
|
|
|
dc8c34 |
- $stats->{'moddn'}=0;
|
|
|
dc8c34 |
- $stats->{'cmp'}=0;
|
|
|
dc8c34 |
- $stats->{'del'}=0;
|
|
|
dc8c34 |
- $stats->{'abandon'}=0;
|
|
|
dc8c34 |
- $stats->{'conns'}=0;
|
|
|
dc8c34 |
- $stats->{'sslconns'}=0;
|
|
|
dc8c34 |
- $stats->{'bind'}=0;
|
|
|
dc8c34 |
- $stats->{'anonbind'}=0;
|
|
|
dc8c34 |
- $stats->{'unbind'}=0;
|
|
|
dc8c34 |
- $stats->{'notesA'}=0;
|
|
|
dc8c34 |
- $stats->{'notesU'}=0;
|
|
|
dc8c34 |
- $stats->{'etime'}=0;
|
|
|
dc8c34 |
- return;
|
|
|
dc8c34 |
+ my $stats = shift;
|
|
|
dc8c34 |
+
|
|
|
dc8c34 |
+ $stats->{'last'} = shift || 0;
|
|
|
dc8c34 |
+ $stats->{'last_str'} = shift || '';
|
|
|
dc8c34 |
+
|
|
|
dc8c34 |
+ for my $sn (@statnames) {
|
|
|
dc8c34 |
+ next if ($sn eq 'last' or $sn eq 'last_str');
|
|
|
dc8c34 |
+ $stats->{$sn}=0;
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
+
|
|
|
dc8c34 |
+ return;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
sub
|
|
|
dc8c34 |
@@ -2292,6 +2195,7 @@ new_stats_block
|
|
|
dc8c34 |
'active' => 0,
|
|
|
dc8c34 |
};
|
|
|
dc8c34 |
if ($name){
|
|
|
dc8c34 |
+ $stats = openHashFiles($dataLocation, @statnames);
|
|
|
dc8c34 |
$stats->{'filename'} = $name;
|
|
|
dc8c34 |
$stats->{'fh'} = new IO::File;
|
|
|
dc8c34 |
$stats->{'active'} = open($stats->{'fh'},">$name");
|
|
|
dc8c34 |
@@ -2308,32 +2212,32 @@ print_stats_block
|
|
|
dc8c34 |
if ($stats->{'active'}){
|
|
|
dc8c34 |
if ($stats->{'last'}){
|
|
|
dc8c34 |
$stats->{'fh'}->print(
|
|
|
dc8c34 |
- join(',',
|
|
|
dc8c34 |
- $stats->{'last_str'},
|
|
|
dc8c34 |
- $stats->{'last'},
|
|
|
dc8c34 |
- $stats->{'results'},
|
|
|
dc8c34 |
- $stats->{'srch'},
|
|
|
dc8c34 |
- $stats->{'add'},
|
|
|
dc8c34 |
- $stats->{'mod'},
|
|
|
dc8c34 |
- $stats->{'modrdn'},
|
|
|
dc8c34 |
- $stats->{'moddn'},
|
|
|
dc8c34 |
- $stats->{'cmp'},
|
|
|
dc8c34 |
- $stats->{'del'},
|
|
|
dc8c34 |
- $stats->{'abandon'},
|
|
|
dc8c34 |
- $stats->{'conns'},
|
|
|
dc8c34 |
- $stats->{'sslconns'},
|
|
|
dc8c34 |
- $stats->{'bind'},
|
|
|
dc8c34 |
- $stats->{'anonbind'},
|
|
|
dc8c34 |
- $stats->{'unbind'},
|
|
|
dc8c34 |
- $stats->{'notesA'},
|
|
|
dc8c34 |
- $stats->{'notesU'},
|
|
|
dc8c34 |
- $stats->{'etime'}),
|
|
|
dc8c34 |
- "\n" );
|
|
|
dc8c34 |
+ join(',',
|
|
|
dc8c34 |
+ $stats->{'last_str'},
|
|
|
dc8c34 |
+ $stats->{'last'},
|
|
|
dc8c34 |
+ $stats->{'results'},
|
|
|
dc8c34 |
+ $stats->{'srch'},
|
|
|
dc8c34 |
+ $stats->{'add'},
|
|
|
dc8c34 |
+ $stats->{'mod'},
|
|
|
dc8c34 |
+ $stats->{'modrdn'},
|
|
|
dc8c34 |
+ $stats->{'moddn'},
|
|
|
dc8c34 |
+ $stats->{'cmp'},
|
|
|
dc8c34 |
+ $stats->{'del'},
|
|
|
dc8c34 |
+ $stats->{'abandon'},
|
|
|
dc8c34 |
+ $stats->{'conns'},
|
|
|
dc8c34 |
+ $stats->{'sslconns'},
|
|
|
dc8c34 |
+ $stats->{'bind'},
|
|
|
dc8c34 |
+ $stats->{'anonbind'},
|
|
|
dc8c34 |
+ $stats->{'unbind'},
|
|
|
dc8c34 |
+ $stats->{'notesA'},
|
|
|
dc8c34 |
+ $stats->{'notesU'},
|
|
|
dc8c34 |
+ $stats->{'etime'}),
|
|
|
dc8c34 |
+ "\n" );
|
|
|
dc8c34 |
} else {
|
|
|
dc8c34 |
$stats->{'fh'}->print(
|
|
|
dc8c34 |
- "Time,time_t,Results,Search,Add,Mod,Modrdn,Moddn,Compare,Delete,Abandon,".
|
|
|
dc8c34 |
- "Connections,SSL Conns,Bind,Anon Bind,Unbind,Unindexed search,Unindexed component,ElapsedTime\n"
|
|
|
dc8c34 |
- );
|
|
|
dc8c34 |
+ "Time,time_t,Results,Search,Add,Mod,Modrdn,Moddn,Compare,Delete,Abandon,".
|
|
|
dc8c34 |
+ "Connections,SSL Conns,Bind,Anon Bind,Unbind,Unindexed search,Unindexed component,ElapsedTime\n"
|
|
|
dc8c34 |
+ );
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -2346,7 +2250,7 @@ inc_stats
|
|
|
dc8c34 |
my $n = shift;
|
|
|
dc8c34 |
foreach(@_){
|
|
|
dc8c34 |
$_->{$n}++
|
|
|
dc8c34 |
- if exists $_->{$n};
|
|
|
dc8c34 |
+ if exists $_->{$n};
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
return;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -2360,7 +2264,7 @@ inc_stats_val
|
|
|
dc8c34 |
my $val = shift;
|
|
|
dc8c34 |
foreach(@_){
|
|
|
dc8c34 |
$_->{$n} += $val
|
|
|
dc8c34 |
- if exists $_->{$n};
|
|
|
dc8c34 |
+ if exists $_->{$n};
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
return;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
@@ -2383,7 +2287,7 @@ displayBindReport
|
|
|
dc8c34 |
&printClients($bindReport{$bindDN}{"conn"});
|
|
|
dc8c34 |
print("\n Operations Performed:\n\n");
|
|
|
dc8c34 |
&printOpStats($bindDN);
|
|
|
dc8c34 |
- print("\n");
|
|
|
dc8c34 |
+ print("\n");
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
print "Done.\n";
|
|
|
dc8c34 |
exit (0);
|
|
|
dc8c34 |
@@ -2391,13 +2295,13 @@ displayBindReport
|
|
|
dc8c34 |
|
|
|
dc8c34 |
sub
|
|
|
dc8c34 |
printClients
|
|
|
dc8c34 |
-{
|
|
|
dc8c34 |
+{
|
|
|
dc8c34 |
my @bindConns = &cleanConns(split(' ', $_[0]));
|
|
|
dc8c34 |
my $IPcount = "1";
|
|
|
dc8c34 |
|
|
|
dc8c34 |
foreach my $ip ( keys %connList ){ # Loop over all the IP addresses
|
|
|
dc8c34 |
foreach my $bc (@bindConns){ # Loop over each bind conn number and compare it
|
|
|
dc8c34 |
- if($connList{$ip} =~ / $bc /){
|
|
|
dc8c34 |
+ if($connList{$ip} =~ / $bc /){
|
|
|
dc8c34 |
print(" [$IPcount] $ip\n");
|
|
|
dc8c34 |
$IPcount++;
|
|
|
dc8c34 |
last;
|
|
|
dc8c34 |
@@ -2417,7 +2321,7 @@ cleanConns
|
|
|
dc8c34 |
if($dirtyConns[$i] ne ""){
|
|
|
dc8c34 |
$retConns[$c++] = $dirtyConns[$i];
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
return @retConns;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
@@ -2443,7 +2347,7 @@ printOpStats
|
|
|
dc8c34 |
#######################
|
|
|
dc8c34 |
# #
|
|
|
dc8c34 |
# Hash File Functions #
|
|
|
dc8c34 |
-# #
|
|
|
dc8c34 |
+# #
|
|
|
dc8c34 |
#######################
|
|
|
dc8c34 |
|
|
|
dc8c34 |
sub
|
|
|
dc8c34 |
@@ -2471,35 +2375,17 @@ openHashFiles
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
sub
|
|
|
dc8c34 |
-openArrayFiles
|
|
|
dc8c34 |
-{
|
|
|
dc8c34 |
- my $dir = shift;
|
|
|
dc8c34 |
- my %arrays = ();
|
|
|
dc8c34 |
- for my $an (@_) {
|
|
|
dc8c34 |
- my @ary = (); # using my in inner loop will create brand new array every time through for tie
|
|
|
dc8c34 |
- my $fn = "$dir/$an.logconv.db";
|
|
|
dc8c34 |
- push @removefiles, $fn;
|
|
|
dc8c34 |
- tie @ary, "DB_File", $fn, O_CREAT|O_RDWR, 0600, $DB_RECNO or do { openFailed($!, $fn) };
|
|
|
dc8c34 |
- $arrays{$an} = \@ary;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- return \%arrays;
|
|
|
dc8c34 |
-}
|
|
|
dc8c34 |
-
|
|
|
dc8c34 |
-sub
|
|
|
dc8c34 |
removeDataFiles
|
|
|
dc8c34 |
{
|
|
|
dc8c34 |
- if (!$needCleanup) { return ; }
|
|
|
dc8c34 |
+ if (!$needCleanup) { return ; }
|
|
|
dc8c34 |
|
|
|
dc8c34 |
for my $h (keys %{$hashes}) {
|
|
|
dc8c34 |
untie %{$hashes->{$h}};
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- for my $a (keys %{$arrays}) {
|
|
|
dc8c34 |
- untie @{$arrays->{$a}};
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
for my $file (@removefiles) {
|
|
|
dc8c34 |
unlink $file;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
- $needCleanup = 0;
|
|
|
dc8c34 |
+ $needCleanup = 0;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
END { print "Cleaning up temp files . . .\n"; removeDataFiles(); print "Done\n"; }
|
|
|
dc8c34 |
@@ -2508,7 +2394,12 @@ sub
|
|
|
dc8c34 |
getIPfromConn
|
|
|
dc8c34 |
{
|
|
|
dc8c34 |
my $connid = shift;
|
|
|
dc8c34 |
- return $hashes->{conn_hash}->{$connid};
|
|
|
dc8c34 |
+ if (exists($hashes->{conn_hash}->{$connid}) &&
|
|
|
dc8c34 |
+ defined($hashes->{conn_hash}->{$connid})) {
|
|
|
dc8c34 |
+ return $hashes->{conn_hash}->{$connid};
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
+
|
|
|
dc8c34 |
+ return "Unknown_Host";
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
#######################################
|
|
|
dc8c34 |
--
|
|
|
dc8c34 |
1.8.1.4
|
|
|
dc8c34 |
|