Re: [squid-users] Real-Time Monitor from Denis Vlasenko on 2004-06-04 (squid-users)

From: Denis Vlasenko <vda@dont-contact.us>
Date: Fri, 4 Jun 2004 14:23:22 +0300

On Friday 04 June 2004 06:53, Muhammad Ali wrote:
> Hi,
>
> I want to monitor all activities on Squid in Real-Time. Who is doing =
> what? Who is downloading? Who is very aggressive? but in real-time. Like
> "squidtaild" is a real-time monitor but that works on a pre-defined filters
> files.

I run squid so that it sends access log thru the fifo:
        ...
        cache_access_log access.fifo
        ...
to the multilog process (google for "daemontools"), and multilog saves
log into directory, with log rotation etc. Last log file is always
called 'current'.

I can run a script:

#!/bin/sh
cd access_logdir
watch -n5 'w=`ttysize w`; h=`ttysize h`; tail -$((h-3)) current 2>&1 | ../convert_dt | cut -b0-$((w-2))'

and see my squid working in real time. Typical output ("screenshot"):

Every 5s: w=`ttysize w`; h=`ttysize h`; tail -$((h-3)) current 2>&1 | ../convert_dt | cut -b0-$((w-2)) Fri Jun 4 14:20:30 2004

2004-06-04 14:19:53.274 11878 172.16.42.48 TCP_MISS/200 1199 GET http://www.book.ru/images/off/b_news.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:19:54.885 11435 172.16.42.48 TCP_MISS/200 1184 GET http://www.book.ru/images/off/b_knorus.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:19:55.811 32041 172.16.42.62 TCP_MISS/200 3637 GET http://hardpics4you.com/cam04.jpg - DIRECT/205.177.28.150 image/jpeg
2004-06-04 14:19:55.849 10472 172.16.42.96 TCP_REFRESH_HIT/200 1633 GET http://www3.hotbox.ru/templates/css/all.css - DIRECT/80.68.244.6 te
2004-06-04 14:19:55.878 10500 172.16.42.96 TCP_REFRESH_HIT/200 813 GET http://www3.hotbox.ru/templates/css/hotbox.css - DIRECT/80.68.244.6
2004-06-04 14:19:56.935 35 172.16.42.96 TCP_DENIED/403 1041 GET http://count.rbc.ru/p12.gif? - NONE/- text/html
2004-06-04 14:19:57.003 66 172.16.42.96 TCP_HIT/200 1855 GET http://pics.rbc.ru/rbcmill/img/cddvnpahs/fbaigjqmebbx/new_160x60.gif - NONE
2004-06-04 14:19:57.003 66 172.16.42.96 TCP_HIT/200 445 GET http://pics.rbc.ru/rbcmill/img/cddvnpahs/fbaihajxefqr/metal_bg.gif - NONE/-
2004-06-04 14:19:57.773 8 172.16.42.62 TCP_NEGATIVE_HIT/503 646 GET http://videodvdmp3.gowork.ru/mult/lovbam/lovbam.avi - NONE/- text/h
2004-06-04 14:19:58.189 22991 172.16.42.62 TCP_MISS/200 10904 GET http://www.animator.ru/db/index.phtml? - DIRECT/213.184.129.28 text/html
2004-06-04 14:19:59.142 31067 172.16.42.62 TCP_MISS/200 8750 GET http://hardpics4you.com/pics/new/teensex.jpg - DIRECT/205.177.28.150 image
2004-06-04 14:20:00.781 24770 172.16.42.48 TCP_MISS/200 1060 GET http://www.book.ru/images/bookru.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:20:02.872 10544 172.16.42.48 TCP_REFRESH_MISS/200 541 GET http://student.militarist.ru/index.php? - DIRECT/62.118.251.33 text
2004-06-04 14:20:03.610 37020 172.16.42.48 TCP_MISS/200 22627 GET http://www.r69.ru/i/rec.gif - DIRECT/64.191.63.21 image/gif
2004-06-04 14:20:04.663 8 172.16.42.62 TCP_NEGATIVE_HIT/404 509 GET http://www.monchegorsk.murman.ru/ssa/6-1.jpg - NONE/- text/html
2004-06-04 14:20:05.171 10281 172.16.42.48 TCP_MISS/200 1104 GET http://www.book.ru/images/off/b_books.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:20:07.473 14197 172.16.42.48 TCP_MISS/200 1550 GET http://www.book.ru/images/off/b_kupit.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:20:08.602 17158 172.16.42.48 TCP_MISS/200 1442 GET http://www.book.ru/images/off/b_shop.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:20:10.175 9391 172.16.42.48 TCP_MISS/200 1166 GET http://www.book.ru/images/off/b_np.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:20:10.474 775738 172.16.42.96 TCP_MISS/200 5822 GET http://www3.ukr.net/cgi-bin/readmsg? - DIRECT/212.42.65.70 text/html
2004-06-04 14:20:15.645 10469 172.16.42.48 TCP_MISS/200 1402 GET http://www.book.ru/images/off/b_price.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:20:17.244 79864 172.17.2.121 TCP_MISS/200 9059 GET http://aif.yadro.ru/cgi-bin/show? - DIRECT/217.16.19.219 image/gif
2004-06-04 14:20:17.547 87648 172.17.2.121 TCP_MISS/200 9066 POST http://games.rax.ru/cgi-bin/hang2.fpl - DIRECT/217.16.19.220 text/html
2004-06-04 14:20:17.587 19815 172.16.42.62 TCP_MISS/200 9151 GET http://hardpics4you.com/pics/new/hardcore.jpg - DIRECT/205.177.28.150 imag
2004-06-04 14:20:17.859 10382 172.16.42.48 TCP_MISS/200 1275 GET http://www.book.ru/images/off/b_reit.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:20:18.363 15197 172.16.42.62 TCP_MISS/200 5688 GET http://hardpics4you.com/pics/new/movies.jpg - DIRECT/205.177.28.150 image/
2004-06-04 14:20:18.793 45 172.16.42.96 TCP_DENIED/403 1135 GET http://pics.rbc.ru/rbcmill/img/cddvnpahs/fbaihajxefqr/cafe02_600_60_v6.s
2004-06-04 14:20:18.859 65 172.16.42.96 TCP_HIT/200 390 GET http://www3.hotbox.ru/templates/img/0.gif - NONE/- image/gif
2004-06-04 14:20:20.354 10177 172.16.42.48 TCP_MISS/200 1283 GET http://www.book.ru/images/off/b_rass.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:20:20.367 7 172.16.42.48 TCP_DENIED/403 1061 GET http://www.book.ru/cgi-bin/counter.pl? - NONE/- text/html
2004-06-04 14:20:21.813 20428 172.16.42.62 TCP_MISS/200 10474 GET http://hardpics4you.com/pics/new/babe.jpg - DIRECT/205.177.28.150 image/j
2004-06-04 14:20:22.097 9113 172.16.42.62 TCP_MISS/503 637 GET http://videodvdmp3.gowork.ru/mult/lovbam/lovbam.avi - DIRECT/195.149.87.69
2004-06-04 14:20:22.191 59172 172.16.42.62 TCP_MISS/206 5790 GET http://videodvdmp3.gowork.ru/mult/kololar/kololar.avi - DIRECT/195.149.87.
2004-06-04 14:20:22.753 8 172.16.42.62 TCP_NEGATIVE_HIT/503 636 GET http://videodvdmp3.gowork.ru/mult/lovbam/lovbam.avi - NONE/- text/h
2004-06-04 14:20:23.417 74 172.16.42.96 TCP_DENIED/403 1061 GET http://ad.adriver.ru/cgi-bin/erle.cgi? - NONE/- text/html
2004-06-04 14:20:23.751 231 172.16.42.96 TCP_HIT/200 480 GET http://www3.hotbox.ru/templates/img/imap/inbox.gif - NONE/- image/gif
2004-06-04 14:20:24.038 287 172.16.42.96 TCP_HIT/200 477 GET http://www3.hotbox.ru/templates/img/imap/trash.gif - NONE/- image/gif
2004-06-04 14:20:25.207 9559 172.16.42.48 TCP_MISS/200 1318 GET http://www.book.ru/images/off/b_kont.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:20:25.311 16705 172.16.42.48 TCP_MISS/200 1126 GET http://www.book.ru/images/off/b_files.gif - DIRECT/195.2.91.104 image/gif
2004-06-04 14:20:26.500 12755 172.16.42.62 TCP_MISS/503 637 GET http://videodvdmp3.gowork.ru/mult/lovbam/lovbam.avi - DIRECT/195.149.87.69
2004-06-04 14:20:26.962 5 172.17.2.121 TCP_DENIED/403 1041 GET http://counter.yadro.ru/hit? - NONE/- text/html
2004-06-04 14:20:26.968 3 172.17.2.121 TCP_DENIED/403 1059 GET http://www.lbe.ru/cgi-bin/banner/rrj? - NONE/- text/html
2004-06-04 14:20:27.295 10210 172.16.42.62 TCP_MISS/503 637 GET http://videodvdmp3.gowork.ru/mult/kololar/kololar.avi - DIRECT/195.149.87.6
2004-06-04 14:20:30.397 10027 172.16.42.48 TCP_MISS/200 1069 GET http://www.book.ru/images/txt_reit.gif - DIRECT/195.2.91.104 image/gif

P.S. convert_dt converts 1086341764.650 into human readable time,
ttysize is an utility which reports screen size (hor/vert).
I can post source of both if anyone is interested.

-- 
vda

Received on Fri Jun 04 2004 - 09:27:29 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:02 MDT