Here goes the awk script for that.
If the traffic is higher than WARN level, it will print it with blue color and higher than ERR lever, it will print it with red color.
BEGIN {
RESOL=1;
# LIMIT_WARN=500; # in Kbytes
# LIMIT_CRIT=1000; # in Kbytes
found_switches=0;
old_time = 0;
for( i=0; i<100; i++ ){
found_switch_list[i]=0;
sent_cnt[i]=0;
sent_bytes[i]=0;
}
switch_names[0]="NAME-1"
switch_ip_list[0]="192.168.1.1"
switch_name[1]="NAME-2"
switch_ip_list[1]="192.168.1.2"
switch_name[2]="NAME-3"
switch_ip_list[2]="192.168.1.3"
total_registered_switches=3
count_=0;
}
{
# parse switch ip and length
time=$1;
IP1=$3;
IP2=$5;
len = substr($9, 0, length($9)-1);
switch_ip=substr($10, 0, length($10)-6);
# resolve switch name
for( i = 0; i
# every 10 seconds, we print the heading
if( count_ % 10 == 0 ) {
printf("#-------------------------------------------------------------------------------------------------------------------------------------------------------#\n");
for( i=0; i
printf("\033[1;31m%12d KB/s\033[0m", sent_bytes[i]/1000);
}
else if( sent_bytes[i]/1000 > LIMIT_WARN ) {
printf("\033[1;34m%12d KB/s\033[0m", sent_bytes[i]/1000);
} else {
printf("%12d KB/s", sent_bytes[i]/1000);
}
sent_bytes[i]=0;
sent_cnt[i]=0;
}
printf("\n");
old_time = time;
}
}
save the above awk script with 'ip.awk' and make a shell script as the following
usage() {
echo "usage: $0
echo ""
echo "Example:"
echo " $0 eth0 100 1000"
echo ""
exit 1;
}
[ x = x$3 ] && usage
sudo tcpdump -i eth0 -ne port 6633 -tt | awk -v LIMIT_WARN=$2 -v LIMIT_CRIT=$3 -f awk-extract-ip.awk
and save the above shell script with the name 'traffic-meter.sh"
No comments:
Post a Comment