mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-26 19:03:35 +01:00
8 lines
379 B
Bash
8 lines
379 B
Bash
#!/bin/bash
|
|
{% set WORKERS = salt['pillar.get']('sensor:zeekprocs', salt['pillar.get']('sensor:zeekpins') | length) %}
|
|
ZEEKLOG=/host/nsm/zeek/logs/current/capture_loss.log
|
|
if [ -f "$ZEEKLOG" ]; then
|
|
LOSS=$(tail -{{WORKERS}} $ZEEKLOG | awk -F, '{print $NF}' | sed 's/}//' | awk -F: '{LOSS += $2 / {{WORKERS}}} END { print "loss: " LOSS}')
|
|
echo "zeekcaptureloss loss=$LOSS"
|
|
fi
|