CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2609 from Security-Onion-Solutions/issue/2590

Browse Source 
Issue/2590
This commit is contained in:
Josh Patterson
2021-01-12 16:43:45 -05:00
committed by GitHub
parent aa8a14d74a 225ed1c14a
commit 02d4813ef7
2 changed files with 17 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
salt/telegraf/scripts/suriloss.sh
View File

@@ -33,16 +33,16 @@ if [ $CHECKIT == 2 ]; then
CURRENTDROP=${RESULT[4]}
PASTDROP=${RESULT[14]}
DROPPED=$(($CURRENTDROP - $PASTDROP))
DROPPED=$((CURRENTDROP - PASTDROP))
if [ $DROPPED == 0 ]; then
LOSS=0
echo "suridrop drop=0"
else
CURRENTPACKETS=${RESULT[9]}
PASTPACKETS=${RESULT[19]}
TOTALCURRENT=$(($CURRENTPACKETS + $CURRENTDROP))
TOTALPAST=$(($PASTPACKETS + $PASTDROP))
TOTAL=$(($TOTALCURRENT - $TOTALPAST))
TOTALCURRENT=$((CURRENTPACKETS + CURRENTDROP))
TOTALPAST=$((PASTPACKETS + PASTDROP))
TOTAL=$((TOTALCURRENT - TOTALPAST))
LOSS=$(echo 4 k $DROPPED $TOTAL / p | dc)
echo "suridrop drop=$LOSS"

11
salt/telegraf/scripts/zeekloss.sh
View File

@@ -29,15 +29,22 @@ echo $$ > $lf
ZEEKLOG=$(tac /host/nsm/zeek/logs/packetloss.log | head -2)
declare RESULT=($ZEEKLOG)
CURRENTDROP=${RESULT[3]}
# zeek likely not running if this is true
if [[ $CURRENTDROP == "rcvd:" ]]; then
CURRENTDROP=0
PASTDROP=0
DROPPED=0
else
PASTDROP=${RESULT[9]}
DROPPED=$((CURRENTDROP - PASTDROP))
if [ $DROPPED == 0 ]; then
fi
if [[ "$DROPPED" -le 0 ]]; then
LOSS=0
echo "zeekdrop drop=0"
else
CURRENTPACKETS=${RESULT[5]}
PASTPACKETS=${RESULT[11]}
TOTAL=$((CURRENTPACKETS - PASTPACKETS))
LOSS=$(echo $DROPPED $TOTAL / p | dc)
LOSS=$(echo 4 k $DROPPED $TOTAL / p | dc)
echo "zeekdrop drop=$LOSS"
fi