andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone
Source Code
GIT

Blame 0292-Ticket-47949-logconv.pl-support-parsing-showing-repo.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-armhfp c7-beta c8-beta-stream-1.4 c8-stream-1.4 c8s-stream-1.4 c8s-stream-ds c9 c9-beta
  1.   c6
  2.   0292-Ticket-47949-logconv.pl-support-parsing-showing-repo.patch
Blob History Raw
dc8c34 
From 3a330375429539ef0f85472e4d1ba5bc886a1fe3 Mon Sep 17 00:00:00 2001
dc8c34 
From: Mark Reynolds <mreynolds@redhat.com>
dc8c34 
Date: Fri, 5 Dec 2014 15:42:45 -0500
dc8c34 
Subject: [PATCH 292/305] Ticket 47949 - logconv.pl -- support
dc8c34 
 parsing/showing/reporting different protocol versions
dc8c34
dc8c34 
Description:  Update script to report on the secure protocol versions that are now available
dc8c34 
              in the access log.
dc8c34
dc8c34 
              Also, revised the connection section output, cleaned up the SASL bind report,
dc8c34 
              and handled issue with log(s) that only span 1 second(0 elapsed time)
dc8c34
dc8c34 
https://fedorahosted.org/389/ticket/47949
dc8c34
dc8c34 
Reviewed by: nhosoi & rmeggins(Thanks!!)
dc8c34
dc8c34 
(cherry picked from commit 7aeeb7c968a03f4a75c8338ffbd7cbbaa73e102d)
dc8c34 
(cherry picked from commit 8b7ae6d930927171c7976fe9093f2f765714c8ac)
dc8c34 
(cherry picked from commit 099d1ce8c8e230bc41e5d77cb042c65b99f60d60)
dc8c34 
---
dc8c34 
 ldap/admin/src/logconv.pl | 69 ++++++++++++++++++++++++++++++++++++-----------
dc8c34 
 1 file changed, 53 insertions(+), 16 deletions(-)
dc8c34
dc8c34 
diff --git a/ldap/admin/src/logconv.pl b/ldap/admin/src/logconv.pl
dc8c34 
index cd45a8b..11dc335 100755
dc8c34 
--- a/ldap/admin/src/logconv.pl
dc8c34 
+++ b/ldap/admin/src/logconv.pl
dc8c34 
@@ -67,7 +67,7 @@ if ($#ARGV < 0){;
dc8c34
dc8c34 
 my $file_count = 0;
dc8c34 
 my $arg_count = 0;
dc8c34 
-my $logversion = "8.0";
dc8c34 
+my $logversion = "8.1";
dc8c34 
 my $sizeCount = "20";
dc8c34 
 my $startFlag = 0;
dc8c34 
 my $startTime = 0;
dc8c34 
@@ -258,7 +258,14 @@ my $startTLSCount = 0;
dc8c34 
 my $ldapiCount = 0;
dc8c34 
 my $autobindCount = 0;
dc8c34 
 my $limit = 25000; # number of lines processed to trigger output
dc8c34 
-
dc8c34 
+my $searchStat;
dc8c34 
+my $modStat;
dc8c34 
+my $addStat;
dc8c34 
+my $deleteStat;
dc8c34 
+my $modrdnStat;
dc8c34 
+my $compareStat;
dc8c34 
+my $bindCountStat;
dc8c34 
+my %cipher = ();
dc8c34 
 my @removefiles = ();
dc8c34
dc8c34 
 my @conncodes = qw(A1 B1 B4 T1 T2 B2 B3 R1 P1 P2 U1);
dc8c34 
@@ -623,27 +630,45 @@ if($reportStats ne ""){
dc8c34
dc8c34 
 print "Restarts:                     $serverRestartCount\n";
dc8c34 
 print "Total Connections:            $connectionCount\n";
dc8c34 
-print " - StartTLS Connections:      $startTLSCount\n";
dc8c34 
-print " - LDAPS Connections:         $sslCount\n";
dc8c34 
+print " - LDAP Connections:          " . ($connectionCount - $sslCount - $ldapiCount) . "\n";
dc8c34 
 print " - LDAPI Connections:         $ldapiCount\n";
dc8c34 
+print " - LDAPS Connections:         $sslCount\n";
dc8c34 
+print " - StartTLS Extended Ops:     $startTLSCount\n";
dc8c34 
+if(%cipher){
dc8c34 
+	print " Secure Protocol Versions:\n";
dc8c34 
+	foreach my $key (sort { $b cmp $a } keys %cipher) {
dc8c34 
+		print "  - $key - $cipher{$key}\n";
dc8c34 
+	}
dc8c34 
+	print "\n";
dc8c34 
+}
dc8c34 
+
dc8c34 
 print "Peak Concurrent Connections:  $maxsimConnection\n";
dc8c34 
 print "Total Operations:             $allOps\n";
dc8c34 
 print "Total Results:                $allResults\n";
dc8c34 
 my ($perf, $tmp);
dc8c34 
 if ($allOps ne "0"){
dc8c34 
- print sprintf "Overall Performance:          %.1f%%\n\n" , ($perf = ($tmp = ($allResults / $allOps)*100) > 100 ? 100.0 : $tmp) ;
dc8c34 
- }
dc8c34 
-else {
dc8c34 
- print "Overall Performance:          No Operations to evaluate\n\n";
dc8c34 
+	print sprintf "Overall Performance:          %.1f%%\n\n" , ($perf = ($tmp = ($allResults / $allOps)*100) > 100 ? 100.0 : $tmp) ;
dc8c34 
+} else {
dc8c34 
+	print "Overall Performance:          No Operations to evaluate\n\n";
dc8c34 
 }
dc8c34
dc8c34 
-my $searchStat = sprintf "(%.2f/sec)  (%.2f/min)\n",($srchCount / $totalTimeInSecs), $srchCount / ($totalTimeInSecs/60);
dc8c34 
-my $modStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$modCount / $totalTimeInSecs, $modCount/($totalTimeInSecs/60);
dc8c34 
-my $addStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$addCount/$totalTimeInSecs, $addCount/($totalTimeInSecs/60);
dc8c34 
-my $deleteStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$delCount/$totalTimeInSecs, $delCount/($totalTimeInSecs/60);
dc8c34 
-my $modrdnStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$modrdnCount/$totalTimeInSecs, $modrdnCount/($totalTimeInSecs/60);
dc8c34 
-my $compareStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$cmpCount/$totalTimeInSecs, $cmpCount/($totalTimeInSecs/60);
dc8c34 
-my $bindCountStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$bindCount/$totalTimeInSecs, $bindCount/($totalTimeInSecs/60);
dc8c34 
+if ($totalTimeInSecs == 0){
dc8c34 
+	$searchStat = sprintf "(%.2f/sec)  (%.2f/min)\n","0", "0";
dc8c34 
+	$modStat = sprintf "(%.2f/sec)  (%.2f/min)\n","0", "0";
dc8c34 
+	$addStat = sprintf "(%.2f/sec)  (%.2f/min)\n","0", "0";
dc8c34 
+	$deleteStat = sprintf "(%.2f/sec)  (%.2f/min)\n","0", "0";
dc8c34 
+	$modrdnStat = sprintf "(%.2f/sec)  (%.2f/min)\n","0", "0";
dc8c34 
+	$compareStat = sprintf "(%.2f/sec)  (%.2f/min)\n","0", "0";
dc8c34 
+	$bindCountStat = sprintf "(%.2f/sec)  (%.2f/min)\n","0", "0";
dc8c34 
+} else {
dc8c34 
+	$searchStat = sprintf "(%.2f/sec)  (%.2f/min)\n",($srchCount / $totalTimeInSecs), $srchCount / ($totalTimeInSecs/60);
dc8c34 
+	$modStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$modCount / $totalTimeInSecs, $modCount/($totalTimeInSecs/60);
dc8c34 
+	$addStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$addCount/$totalTimeInSecs, $addCount/($totalTimeInSecs/60);
dc8c34 
+	$deleteStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$delCount/$totalTimeInSecs, $delCount/($totalTimeInSecs/60);
dc8c34 
+	$modrdnStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$modrdnCount/$totalTimeInSecs, $modrdnCount/($totalTimeInSecs/60);
dc8c34 
+	$compareStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$cmpCount/$totalTimeInSecs, $cmpCount/($totalTimeInSecs/60);
dc8c34 
+	$bindCountStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$bindCount/$totalTimeInSecs, $bindCount/($totalTimeInSecs/60);
dc8c34 
+}
dc8c34
dc8c34 
 format STDOUT =
dc8c34 
 Searches:                     @<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
dc8c34 
@@ -844,7 +869,7 @@ print " - SASL Binds:                $saslBindCount\n";
dc8c34 
 if ($saslBindCount > 0){
dc8c34 
 	my $saslmech = $hashes->{saslmech};
dc8c34 
 	foreach my $saslb ( sort {$saslmech->{$b} <=> $saslmech->{$a} } (keys %{$saslmech}) ){
dc8c34 
-		printf "    %-4s  %-12s\n",$saslmech->{$saslb}, $saslb;
dc8c34 
+		printf "    %-4s - %s\n",$saslb, $saslmech->{$saslb};
dc8c34 
 	}
dc8c34 
 }
dc8c34
dc8c34 
@@ -1776,6 +1801,18 @@ sub parseLineNormal
dc8c34 
 		handleRestart();
dc8c34 
 	}
dc8c34 
 	if (m/ SSL connection from/){$sslCount++; if($reportStats){ inc_stats('sslconns',$s_stats,$m_stats); }}
dc8c34 
+	# Gather TLS and SSL version info
dc8c34 
+	if ($_ =~ /conn= *([0-9A-Z]+) TLS *(.*)/){
dc8c34 
+		$cipher{"TLS" . $2}++;
dc8c34 
+	}
dc8c34 
+	if ($_ =~ /conn= *([0-9A-Z]+) SSL *(.*)/){
dc8c34 
+		my $sslversion = $2;
dc8c34 
+		if(/SSL /){
dc8c34 
+			$cipher{"SSL " . $sslversion}++;
dc8c34 
+		} else {
dc8c34 
+			$cipher{"SSL" . $sslversion}++;
dc8c34 
+		}
dc8c34 
+	}
dc8c34 
 	if (m/ connection from local to /){$ldapiCount++;}
dc8c34 
 	if($_ =~ /AUTOBIND dn=\"(.*)\"/){
dc8c34 
 		$autobindCount++;
dc8c34 
--
dc8c34 
1.9.3
dc8c34

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation