From 11e6126c25ec0f5eefca478943bd7be66e43f381 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Thu, 29 Nov 2018 19:33:06 -0500 Subject: [PATCH] Bro - Add cron for checking PL --- salt/bro/cron/packetloss.sh | 2 +- salt/bro/init.sls | 4 ++-- salt/common/telegraf/scripts/broloss.sh | 6 ++++++ 3 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 salt/common/telegraf/scripts/broloss.sh diff --git a/salt/bro/cron/packetloss.sh b/salt/bro/cron/packetloss.sh index 5d95583e5..56dc7b771 100644 --- a/salt/bro/cron/packetloss.sh +++ b/salt/bro/cron/packetloss.sh @@ -1,2 +1,2 @@ #!/bin/bash -/usr/bin/docker exec -it so-bro /opt/bro/bin/broctl netstats | awk -F '[ =]' '{RCVD += $5;DRP += $7;TTL += $9} END { print "rcvd: " RCVD, "dropped: " DRP, "total: " TTL}' >> /nsm/bro/logs/packetloss.log +/usr/bin/docker exec so-bro /opt/bro/bin/broctl netstats | awk -F '[ =]' '{RCVD += $5;DRP += $7;TTL += $9} END { print "rcvd: " RCVD, "dropped: " DRP, "total: " TTL}' >> /nsm/bro/logs/packetloss.log diff --git a/salt/bro/init.sls b/salt/bro/init.sls index b5ef69058..286cc1898 100644 --- a/salt/bro/init.sls +++ b/salt/bro/init.sls @@ -70,11 +70,11 @@ plcronscript: - name: /usr/local/bin/packetloss.sh - source: salt://bro/cron/packetloss.sh - mode: 755 - + /usr/local/bin/packetloss.sh: cron.present: - user: root - - minute: '*/10' + - minute: '*/2' - hour: '*' - daymonth: '*' - month: '*' diff --git a/salt/common/telegraf/scripts/broloss.sh b/salt/common/telegraf/scripts/broloss.sh new file mode 100644 index 000000000..1b60f0517 --- /dev/null +++ b/salt/common/telegraf/scripts/broloss.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +# Get the data +DROP=$(tac /var/log/stenographer/stenographer.log | grep -m1 drop | awk '{print $14}' | awk -F "=" '{print $2}') + +echo "stenodrop drop=$DROP"