X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=contrib%2Fossec-eps.sh;fp=contrib%2Fossec-eps.sh;h=b38c0241e4027989fae290d635fbdb898a2bdb0a;hp=0000000000000000000000000000000000000000;hb=789cbc8e52da68eba3517b920ef22e000cf3c9fd;hpb=ef70704f0b31b59bb719b884d6a99cb9e3e2044a

diff --git a/contrib/ossec-eps.sh b/contrib/ossec-eps.sh
new file mode 100755
index 0000000..b38c024
--- /dev/null
+++ b/contrib/ossec-eps.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+# Calculate OSSEC events per second
+# Author Michael Starks ossec [at] michaelstarks [dot] com
+# License: GPLv3
+
+if [ ! -e /etc/ossec-init.conf ]; then
+  echo OSSEC does not appear to be installed on this system. Goodbye.
+  exit 1
+else
+  grep -q agent /etc/ossec-init.conf && echo This script can only be run on the manager. Goodbye. && exit 1
+fi
+
+#Reset counters
+COUNT=0
+EPSSUM=0
+EPSAVG=0
+#Source OSSEC Dir
+. /etc/ossec-init.conf
+
+for i in $(grep 'Total events for day' ${DIRECTORY}/stats/totals/*/*/ossec-totals-*.log | cut -d: -f3); do
+  COUNT=$((COUNT+1))
+  DAILYEVENTS=$i
+  EPSSUM=$(($DAILYEVENTS+$EPSSUM))
+done
+
+EPSAVG=$(($EPSSUM/$COUNT/(86400)))
+
+echo Your total lifetime number of events colected is: $EPSSUM
+echo Your total daily number of events average is: $(($EPSSUM/$COUNT))
+echo Your daily events per second average is: $EPSAVG