CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

only send loss if timestamp on data has changed

Browse Source
This commit is contained in:
m0duspwnens
2020-10-07 11:15:10 -04:00
parent d09f0f841e
commit 1106b2bf96
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/telegraf/scripts/zeekcaptureloss.sh
View File

@@ -2,7 +2,7 @@
# This script returns the average of all the workers average capture loss to telegraf / influxdb in influx format include nanosecond precision timestamp
{%- set WORKERS = salt['pillar.get']('sensor:zeek_lbprocs', salt['pillar.get']('sensor:zeek_pins') | length) %}
ZEEKLOG=/host/nsm/zeek/spool/logger/capture_loss.log
LASTCAPTURELOSSLOG=/host/nsm/zeek/logs/telegraf_lastcaptureloss.txt
LASTCAPTURELOSSLOG=/host/opt/so/log/telegraf_lastcaptureloss.txt
if [ -f "$ZEEKLOG" ]; then
CURRENTTS=$(tail -1 $ZEEKLOG | jq .ts | sed 's/"//g')
if [ -f "$LASTCAPTURELOSSLOG" ]; then