mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-14 21:22:48 +01:00
8 lines
383 B
Bash
8 lines
383 B
Bash
#!/bin/bash
|
|
{% set WORKERS = salt['pillar.get']('sensor:zeek_lbprocs', salt['pillar.get']('sensor:zeek_pins') | length) %}
|
|
ZEEKLOG=/host/nsm/zeek/logs/current/capture_loss.log
|
|
if [ -f "$ZEEKLOG" ]; then
|
|
LOSS=$(tail -{{WORKERS}} $ZEEKLOG | awk -F, '{print $NF}' | sed 's/}//' | awk -F: '{LOSS += $2 / {{WORKERS}}} END { print "loss: " LOSS}')
|
|
echo "zeekcaptureloss loss=$LOSS"
|
|
fi
|