From 3a330375429539ef0f85472e4d1ba5bc886a1fe3 Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Fri, 5 Dec 2014 15:42:45 -0500
Subject: [PATCH 292/305] Ticket 47949 - logconv.pl -- support
parsing/showing/reporting different protocol versions
Description: Update script to report on the secure protocol versions that are now available
in the access log.
Also, revised the connection section output, cleaned up the SASL bind report,
and handled issue with log(s) that only span 1 second(0 elapsed time)
https://fedorahosted.org/389/ticket/47949
Reviewed by: nhosoi & rmeggins(Thanks!!)
(cherry picked from commit 7aeeb7c968a03f4a75c8338ffbd7cbbaa73e102d)
(cherry picked from commit 8b7ae6d930927171c7976fe9093f2f765714c8ac)
(cherry picked from commit 099d1ce8c8e230bc41e5d77cb042c65b99f60d60)
---
ldap/admin/src/logconv.pl | 69 ++++++++++++++++++++++++++++++++++++-----------
1 file changed, 53 insertions(+), 16 deletions(-)
diff --git a/ldap/admin/src/logconv.pl b/ldap/admin/src/logconv.pl
index cd45a8b..11dc335 100755
--- a/ldap/admin/src/logconv.pl
+++ b/ldap/admin/src/logconv.pl
@@ -67,7 +67,7 @@ if ($#ARGV < 0){;
my $file_count = 0;
my $arg_count = 0;
-my $logversion = "8.0";
+my $logversion = "8.1";
my $sizeCount = "20";
my $startFlag = 0;
my $startTime = 0;
@@ -258,7 +258,14 @@ my $startTLSCount = 0;
my $ldapiCount = 0;
my $autobindCount = 0;
my $limit = 25000; # number of lines processed to trigger output
-
+my $searchStat;
+my $modStat;
+my $addStat;
+my $deleteStat;
+my $modrdnStat;
+my $compareStat;
+my $bindCountStat;
+my %cipher = ();
my @removefiles = ();
my @conncodes = qw(A1 B1 B4 T1 T2 B2 B3 R1 P1 P2 U1);
@@ -623,27 +630,45 @@ if($reportStats ne ""){
print "Restarts: $serverRestartCount\n";
print "Total Connections: $connectionCount\n";
-print " - StartTLS Connections: $startTLSCount\n";
-print " - LDAPS Connections: $sslCount\n";
+print " - LDAP Connections: " . ($connectionCount - $sslCount - $ldapiCount) . "\n";
print " - LDAPI Connections: $ldapiCount\n";
+print " - LDAPS Connections: $sslCount\n";
+print " - StartTLS Extended Ops: $startTLSCount\n";
+if(%cipher){
+ print " Secure Protocol Versions:\n";
+ foreach my $key (sort { $b cmp $a } keys %cipher) {
+ print " - $key - $cipher{$key}\n";
+ }
+ print "\n";
+}
+
print "Peak Concurrent Connections: $maxsimConnection\n";
print "Total Operations: $allOps\n";
print "Total Results: $allResults\n";
my ($perf, $tmp);
if ($allOps ne "0"){
- print sprintf "Overall Performance: %.1f%%\n\n" , ($perf = ($tmp = ($allResults / $allOps)*100) > 100 ? 100.0 : $tmp) ;
- }
-else {
- print "Overall Performance: No Operations to evaluate\n\n";
+ print sprintf "Overall Performance: %.1f%%\n\n" , ($perf = ($tmp = ($allResults / $allOps)*100) > 100 ? 100.0 : $tmp) ;
+} else {
+ print "Overall Performance: No Operations to evaluate\n\n";
}
-my $searchStat = sprintf "(%.2f/sec) (%.2f/min)\n",($srchCount / $totalTimeInSecs), $srchCount / ($totalTimeInSecs/60);
-my $modStat = sprintf "(%.2f/sec) (%.2f/min)\n",$modCount / $totalTimeInSecs, $modCount/($totalTimeInSecs/60);
-my $addStat = sprintf "(%.2f/sec) (%.2f/min)\n",$addCount/$totalTimeInSecs, $addCount/($totalTimeInSecs/60);
-my $deleteStat = sprintf "(%.2f/sec) (%.2f/min)\n",$delCount/$totalTimeInSecs, $delCount/($totalTimeInSecs/60);
-my $modrdnStat = sprintf "(%.2f/sec) (%.2f/min)\n",$modrdnCount/$totalTimeInSecs, $modrdnCount/($totalTimeInSecs/60);
-my $compareStat = sprintf "(%.2f/sec) (%.2f/min)\n",$cmpCount/$totalTimeInSecs, $cmpCount/($totalTimeInSecs/60);
-my $bindCountStat = sprintf "(%.2f/sec) (%.2f/min)\n",$bindCount/$totalTimeInSecs, $bindCount/($totalTimeInSecs/60);
+if ($totalTimeInSecs == 0){
+ $searchStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0";
+ $modStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0";
+ $addStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0";
+ $deleteStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0";
+ $modrdnStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0";
+ $compareStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0";
+ $bindCountStat = sprintf "(%.2f/sec) (%.2f/min)\n","0", "0";
+} else {
+ $searchStat = sprintf "(%.2f/sec) (%.2f/min)\n",($srchCount / $totalTimeInSecs), $srchCount / ($totalTimeInSecs/60);
+ $modStat = sprintf "(%.2f/sec) (%.2f/min)\n",$modCount / $totalTimeInSecs, $modCount/($totalTimeInSecs/60);
+ $addStat = sprintf "(%.2f/sec) (%.2f/min)\n",$addCount/$totalTimeInSecs, $addCount/($totalTimeInSecs/60);
+ $deleteStat = sprintf "(%.2f/sec) (%.2f/min)\n",$delCount/$totalTimeInSecs, $delCount/($totalTimeInSecs/60);
+ $modrdnStat = sprintf "(%.2f/sec) (%.2f/min)\n",$modrdnCount/$totalTimeInSecs, $modrdnCount/($totalTimeInSecs/60);
+ $compareStat = sprintf "(%.2f/sec) (%.2f/min)\n",$cmpCount/$totalTimeInSecs, $cmpCount/($totalTimeInSecs/60);
+ $bindCountStat = sprintf "(%.2f/sec) (%.2f/min)\n",$bindCount/$totalTimeInSecs, $bindCount/($totalTimeInSecs/60);
+}
format STDOUT =
Searches: @<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
@@ -844,7 +869,7 @@ print " - SASL Binds: $saslBindCount\n";
if ($saslBindCount > 0){
my $saslmech = $hashes->{saslmech};
foreach my $saslb ( sort {$saslmech->{$b} <=> $saslmech->{$a} } (keys %{$saslmech}) ){
- printf " %-4s %-12s\n",$saslmech->{$saslb}, $saslb;
+ printf " %-4s - %s\n",$saslb, $saslmech->{$saslb};
}
}
@@ -1776,6 +1801,18 @@ sub parseLineNormal
handleRestart();
}
if (m/ SSL connection from/){$sslCount++; if($reportStats){ inc_stats('sslconns',$s_stats,$m_stats); }}
+ # Gather TLS and SSL version info
+ if ($_ =~ /conn= *([0-9A-Z]+) TLS *(.*)/){
+ $cipher{"TLS" . $2}++;
+ }
+ if ($_ =~ /conn= *([0-9A-Z]+) SSL *(.*)/){
+ my $sslversion = $2;
+ if(/SSL /){
+ $cipher{"SSL " . $sslversion}++;
+ } else {
+ $cipher{"SSL" . $sslversion}++;
+ }
+ }
if (m/ connection from local to /){$ldapiCount++;}
if($_ =~ /AUTOBIND dn=\"(.*)\"/){
$autobindCount++;
--
1.9.3