Date: Thu, 22 Feb 2001 22:25:04 -0600 From: schoensee <michael@tuxcom.net.mx> To: freebsd-questions@freebsd.org Cc: John Indra <john@office.naver.co.id> Subject: Re: Analyzing MRTG output Message-ID: <3A95E620.6133D29@tuxcom.net.mx> References: <20010223102237.A30474@office.naver.co.id>
next in thread | previous in thread | raw e-mail | index | archive | help
John Indra wrote: > > Dear all... > > I am monitoring traffic on my network with MRTG. I setup SNMP in my > SuperStack II 3300 3Com switch, then run MRTG on each port to gather a > statistics. > > Ever since I installed those beautiful graphs, my boss start asking > questions like: > "Why is outgoing traffic from 5 to 7 o'clock is very high?" > "What happens on 12 o'clock, there's a big spike in outgoing traffic?" First, if the mrtg gets the data from a "router" I don't know. Second, in my case, were BSD is the router, you can set up some ipfw rules like: count tcp from any to any 80 out xmit etha47 count tcp from any 80 to any in recv etha47 to see some http traffic or count ip from 10.0.0.107 to any in recv rl0 count ip from any to 10.0.0.107 out xmit rl0 to see traffic from specific ips then you can make a script to read the counters from mrtg like: Target[test]:`/usr/local/sbin/read_ipfw.sh` Other thing is: Play with tcpdump or ntop (from ports) and sripting. If your router (gateway) is the BSD box, I can give you a lot of sripts for ipfw and mrtg, see http://www.tuxcom.net.mx/stats/mrtg_bwm/ Saludos > > Can anyone share tips to answer those kind of questions? > > Thanks... > > /john > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A95E620.6133D29>