UUCP analysis

Wed Apr 20 11:52:32 AEST 1983

What with all the discussion about UUCP lately, I humbly
submit the following two awk scripts.  They will produce
some simple analyses of your UUCP traffic.

The first examines LOGFILE and produces a report by system
indicating the number of attempted calls that succeeded,
the number that failed, and the number that were "locked".
The locked calls were attempted when a conversation was
already in progress with the call-ed machine.  It also
reports on every attempt to call a system when the phone
line was not available (perhaps tied up by CU or another
incarnation of UUCP).

The second examines SYSLOG and produces a report of the
volume of UUCP traffic by both system and by user.  The
report consists of a number of sections.  The first gives
the total number of bytes received and sent.  Second gives
the number of bytes received by system.  Third gives the
number of bytes sent to each system.  Fourth gives what I
call the "balance of bytes" for each system.  This is
simply
		bytes received - bytes sent
and gives some indication of which way the bulk of the
messages are flowing.  Finally, a count of the number of
messages (not bytes) for each user is given.  This can be
somewhat misleading 'cuz uucico does funny things with the
user name column in SYSLOG.

Well, enough intro.  Here they are (each followed by an
example of its output):

============================================================
LOGFILE analyzer:

BEGIN		{
			no_dev = 0;
		}
$4 ~ /NO/	{
			if ( $6 == "DEVICE)" ) {
				temp = sprintf("%s\t%s", $2, $3);
				if ( nose[no_dev - 1] != temp )
					nose[no_dev++] = temp;
			}
		}

$5 ~ /\(call/	{
			if ( $4 == "SUCCEEDED" )
				++succeed[$7];
			else if ( $4 == "FAILED" )
				++fail[$7];
			else if ( $4 == "LOCKED" )
				++locked[$7];
			else
				print $0
		}

END		{
			printf("UUCP success/failure summary\n\n");
			for ( i in succeed ) {
				printf("%s\t%d successes\n\t%d failures\n", i, succeed[i], fail[i]);
				if ( locked[i] > 0 )
					printf("\t%d locked\n", locked[i]);
				printf("\n");
			}
			printf("\nNO AVAILABLE DEVICE\n");
			for(i=0; i<no_dev; i++)
				print nose[i];
		}

============================================================
sample output from the LOGFILE analyzer:

UUCP success/failure summary

uscvax	16 successes
	11 failures

trw-uni	89 successes
	84 failures
	5 locked

trwspf	21 successes
	27 failures
	2 locked

vortex	2 successes
	12 failures

ucla-va	24 successes
	15 failures
	1 locked

NO AVAILABLE DEVICE
trwspf	(4/11-8:13-18401)
trwspf	(4/11-11:12-19782)
trw-uni	(4/11-12:20-20615)
trw-uni	(4/11-13:40-21243)
trw-uni	(4/11-15:1-22182)
ucla-va	(4/11-16:10-23147)
trw-uni	(4/11-16:11-23197)
trw-uni	(4/11-17:12-23823)
trwspf	(4/11-17:12-23825)
ucla-va	(4/11-17:12-23829)
trwspf	(4/12-10:12-29590)
ucla-va	(4/12-10:12-29605)
trw-uni	(4/12-13:12-3211)
trwspf	(4/12-13:12-3213)
trw-uni	(4/12-14:12-3996)
trwspf	(4/12-14:12-3999)
ucla-va	(4/12-15:24-5345)
trw-uni	(4/12-15:33-5552)
trw-uni	(4/13-10:12-15151)
trw-uni	(4/14-9:12-24943)
trw-uni	(4/14-12:13-26864)
trw-uni	(4/14-14:12-27925)
trw-uni	(4/14-15:12-29126)
trwspf	(4/14-15:29-29399)
trw-uni	(4/14-16:12-29937)
trwspf	(4/14-17:26-1116)
trw-uni	(4/15-9:12-11085)
trwspf	(4/15-13:28-14076)
trw-uni	(4/15-14:12-14547)
trw-uni	(4/15-16:12-16029)
trw-uni	(4/15-17:12-16590)

============================================================
SYSLOG analyzer:

$4 ~ /received/	{
			from[$2] += $6;
			total_from += $6;
			see_saw[$2] += $6
			++users[$1];
		}

$4 ~ /sent/	{
			to[$2] += $6;
			total_to += $6;
			see_saw[$2] -= $6;
			++users[$1];
		}

END		{
			printf("Total received: %d\t\tTotal sent: %d\n\n", total_from, total_to);
			print "Bytes received (by system):"
			for ( i in from )
				printf("\t%s: %d\n", i, from[i]);
			print
			print "Bytes sent (by system):"
			for ( i in to )
				printf("\t%s: %d\n", i, to[i]);
			print
			print "Balance of bytes ( < 0 means more sent than received):"
			for ( i in see_saw )
				printf("\t%s: %d\n", i, see_saw[i]);
			print
			print "Messages (by user):"
			for ( i in users )
				printf("\t%s: %d\n", i, users[i]);
		}

============================================================
sample output from SYSLOG analyzer:

Total received: 3360398		Total sent: 1621546

Bytes received (by system):
	x1: 256			*
	x2: 12310		*
	x3: 1800942		*
	trw-uni: 1493527
	trwspf: 3868
	vortex: 748
	ucla-va: 48747

Bytes sent (by system):
	x1: 276			*
	x2: 7867		*
	x3: 1466218		*
	trw-uni: 129329
	trwspf: 10388
	ucla-va: 7468

Balance of bytes ( < 0 means more sent than received):
	x1: -20			*
	x2: 4443		*
	x3: 334724		*
	trw-uni: 1364198
	trwspf: -6520
	vortex: 748
	ucla-va: 41279

Messages (by user):
	irmler: 2
	haag: 20
	barnett: 10
	root: 86
	richter: 16
	zemon: 268
	painter: 8
	gf: 22
	utrwspp: 238
	waldhart: 10
	wizard: 8
	wartik: 96
	milton: 32
	stuckle: 14
	idm: 7
	rogson: 2
	usdcvax: 16
	gkang: 4
	bamberg: 18
	aoki: 82
	greg: 10
	heath: 10
	urandvax: 184
	rabin: 2
	hill: 10
	fms: 2
	oneal: 6
	daemon: 100
	pyster: 30
	pwb: 32
	belz: 44
	bitar: 2
	config: 10
	aoyama: 52
	brill: 12
	warech: 8
	dalven: 8
	gflood: 6
	penedo: 20
	urban: 32
	sasaki: 50
	wu: 15
	ingold: 10
	fisher: 2
	griffin: 14
	ryan: 4
	hawker: 11
	uprivate: 804		*
	enslen: 2
	news: 62
	uucp: 2596
	usdcrdcf: 128
	gorlick: 14
	lauren: 2
	colbert: 58
	butcher: 6

* Sorry, but three of the system names cannot be published.

============================================================

Well, no claims that they are anything terrifically tough
or original, but have fun with them!

	-- Art Zemon
	   TRW, Software Productivity Project