Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

Re: analyzing data

by salva (Monsignor)
on Apr 23, 2014 at 08:44 UTC ( #1083299=note: print w/ replies, xml ) Need Help??


in reply to analyzing data

So, how would you do it by hand, using just pencil and paper?


Comment on Re: analyzing data
Re^2: analyzing data
by matt00perl (Novice) on Apr 23, 2014 at 08:51 UTC

    i will take start time minus end time which equal to the difference. Is that what you mean ?

      well, the details are important!

      How do you find the start and end times? How do you know you have covered all the entries?

      When writing some program, the first thing you need to do is to find a precise way to solve the problem. Then you can think about how to translate that into Perl (or any other language).

        my idea is to loop through the data, if an destination ip appears more than once...take the least time (ex. 01:01) continue, to the end of the data and get the last time (ex.01:05). take difference of those and return one line with new time (ex 00:04)

Re^2: analyzing data
by Theodore (Scribe) on Apr 23, 2014 at 09:36 UTC
    Second that. In your example, src_port varies, so does dest_ip. In the result row, you are using the src_port of the 6th row, although it looks that this row is not used in the result due to different dest_ip. Also, what about the times, are they truncated or rounded and how? Can we assume that all entries are sorted by time? The first step is to actually specify what you want to do.

      they are not sorted by time, all i want is to show how long one src_ip spent on particular dest_ip

        You can't know that. You can know how much time passed between the first and the last packet from a specific src_ip to a specific dst_ip for a specific arbitrary time span or a specific log file.

        Example: You may have one day's worth of data. There is a packet going from ip A to ip B at 00:01. There is a second packet between A and B at 23:59. Is this (23 hours 58 mins) "how long" ip A spent on ip B?

Re^2: analyzing data
by szabgab (Priest) on Apr 23, 2014 at 12:49 UTC
    How can I ++ this comment more than once?

    This is exactly what I recommend to people to do if I want to lead them to learn to program.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1083299]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others pondering the Monastery: (10)
As of 2014-08-21 19:17 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The best computer themed movie is:











    Results (143 votes), past polls