.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
How to export historical Events per Second (EPS) statistics to a CSV file for an RSA Security Analytics Log Decoder
Issue
Sometimes it is difficult to know if a Log Decoder is over the supported Events per Second (EPS).Tasks
The scripts below will retrieve historical EPS data and create a CSV file so that the statistics can be examined.Non-SSL Connections:
curl -u
:
"http://127.0.0.1:50102/sys?msg=statHist&force-content-type=text/plain&expiry=600&time1=2015-Oct-01%2023:59:15:&time2=2015-Oct-13%2023:59:15&include=/sys/stats/current.time,/database/stats/session.rate&reduce=true" | grep " 1=" | sed 's/[0-1]=//g' | awk '{print $1","$2,$3}' | gzip -vc > eps.gz
Parameters to modify:
time1: FORMAT YYYY-MMM-DD%20HH:MM:SS (Example 2015-Jan-19%2005:59:13)
time2: Same as time1
SSL Connections:
curl -k -u
:
"https://127.0.0.1:50102/sys?msg=statHist&force-content-type=text/plain&expiry=600&time1=2015-Oct-01%2023:59:15:&time2=2015-Oct-13%2023:59:15&include=/sys/stats/current.time,/database/stats/session.rate&reduce=true" | grep " 1=" | sed 's/[0-1]=//g' | awk '{print $1","$2,$3}' | gzip -vc > eps.gz
Parameters to modify:
time1: FORMAT YYYY-MMM-DD%20HH:MM:SS (Example 2015-Jan-19%2005:59:13)
time2: Same as time1
Resolution
Run the above mentioned scripts to generate a .gz file containing the CSV. To decompress it, issue the following command:gzip -d eps.gz
Product Details
RSA Product Set: Security AnalyticsRSA Product/Service Type: Log Decoder
RSA Version/Condition: 10.4.x, 10.5.x
Platform: CentOS
O/S Version: EL6
Approval Reviewer Queue
ASOC Approval Group