CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Telegraf - Track Oldest PCAP

Browse Source
This commit is contained in:
Mike Reeves
2018-11-21 20:05:50 -05:00
parent 60962dfe02
commit 50a7bca0ed
2 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/common/telegraf/etc/telegraf.conf
View File

@@ -626,7 +626,8 @@
[[inputs.exec]] [[inputs.exec]]
commands = [ commands = [
"/scripts/redis.sh", "/scripts/redis.sh",
"/scripts/stenoloss.sh" "/scripts/stenoloss.sh",
"/scripts/oldpcap.sh"
] ]
data_format = "influx" data_format = "influx"
{% endif %} {% endif %}

8
salt/common/telegraf/scripts/oldpcap.sh Normal file
View File

@@ -0,0 +1,8 @@
#!/bin/bash
# Get the data
OLDPCAP=$(find /nsm/pcap -type f -printf '%Cs %p\n' | sort | head -n 1 | awk {'print $1'})
DATE=$(date +%s)
AGE=$(expr $DATE - $OLDPCAP)
echo "pcapage seconds=$AGE"