rahisto(1)
print histogram of metrics from argus(8) data.
Description
RAHISTO
NAME
rahisto - print histogram of metrics from argus(8) data.
SYNOPSIS
rahisto [-M histomode] -H bin[L]:range|size ... [raoptions] [-- filter-expression]
DESCRIPTION
Rahisto reads argus data from an argus-data source, sorts the records based on the criteria specified on the command line, and outputs a valid argus-stream.
OPTIONS
Rahisto, like
all ra based clients, supports a number of ra options
including filtering of input argus records through a
terminating filter expression. See ra(1) for a
complete description of ra options. rahisto(1)
specific options are:
-M nozero
Don’t print bins that have zero frequencies.
-M outlayer
Print accumulated stats for outlayer values, i.e. the values that are outside the histogram range.
-H metric bin[L]:range
| size
Supported metrics are:
|
dur |
record total duration. |
|||
|
avgdur |
record average duration. |
|||
|
proto |
transaction protocol. |
|||
|
sport |
source port number. |
|||
|
dport |
destination port number. |
|||
|
stos |
source TOS byte value. |
|||
|
dtos |
destination TOS byte value. |
|||
|
sttl |
src -> dst TTL value. |
|||
|
dttl |
dst -> src TTL value. |
|||
|
[s|d]bytes |
[src | dst] transaction bytes. |
|||
|
[s|d]appbytes |
[src | dst] application bytes. |
|||
|
[s|d]pkts |
[src | dst] packet count. |
|||
|
[s|d]meansz |
[src | dst] mean packet size. |
|||
|
[s|d]load |
packets per second. |
|||
|
[s|d]loss |
pkts retransmitted or dropped. |
|||
|
[s|d]ploss |
percent pkts retransmitted or dropped. |
|||
|
[s|d]rate |
bits per second. |
INVOCATION
A sample invocation of rahisto(1). This call reads argus(8) data from inputfile and generates a frequency distribution histogram for the transaction duration for HTTP traffic.
% rahisto -H dur
10 -r ˜/argus/data/argus*out.gz - port http
N = 194 mean = 15.928685 stddev = 23.728876 max = 81.354462
min = 0.008055
median = 0.079948 95% = 59.208977
Class Interval Freq Rel.Freq Cum.Freq
1 0.000000e+00 123 63.4021% 63.4021%
2 8.200000e+00 7 3.6082% 67.0103%
3 1.640000e+01 13 6.7010% 73.7113%
4 2.460000e+01 9 4.6392% 78.3505%
5 3.280000e+01 0 0.0000% 78.3505%
6 4.100000e+01 0 0.0000% 78.3505%
7 4.920000e+01 6 3.0928% 81.4433%
8 5.740000e+01 35 18.0412% 99.4845%
9 6.560000e+01 0 0.0000% 99.4845%
10 7.380000e+01 1 0.5155% 100.0000%
A sample invocation where the call reads argus(8) data from inputfile and generates a frequency distribution histogram for the round-trip time of arp volleys in argus(8) data.
% rahisto -H dur
10:0-75u -R /Vol*/Data/Archive/split/*68/2012/0[23] - arp
and dur gt 0
N = 360 mean = 0.000028 stddev = 0.000007 max = 0.000066 min
= 0.000014
median = 0.000031 95% = 0.000028
mode = 0.000026
Class Interval Freq Rel.Freq Cum.Freq
1 0.000000e+00 0 0.0000% 0.0000%
2 7.500000e-06 2 0.5556% 0.5556%
3 1.500000e-05 63 17.5000% 18.0556%
4 2.250000e-05 188 52.2222% 70.2778%
5 3.000000e-05 71 19.7222% 90.0000%
6 3.750000e-05 23 6.3889% 96.3889%
7 4.500000e-05 10 2.7778% 99.1667%
8 5.250000e-05 2 0.5556% 99.7222%
9 6.000000e-05 1 0.2778% 100.0000%
10 6.750000e-05 0 0.0000% 100.0000%
COPYRIGHT
Copyright (c) 2000-2016 QoSient. All rights reserved.
SEE ALSO
ra(1), rarc(5), argus(8),
AUTHORS
Carter Bullard (carter@qosient.com).