Your skill will accomplishwhat the force of many cannot PerlMonks

### Re: analyzing data

by salva (Canon)
 on Apr 23, 2014 at 08:44 UTC ( #1083299=note: print w/replies, xml ) Need Help??

So, how would you do it by hand, using just pencil and paper?

Replies are listed 'Best First'.
Re^2: analyzing data
by Theodore (Friar) on Apr 23, 2014 at 09:36 UTC
Second that. In your example, src_port varies, so does dest_ip. In the result row, you are using the src_port of the 6th row, although it looks that this row is not used in the result due to different dest_ip. Also, what about the times, are they truncated or rounded and how? Can we assume that all entries are sorted by time? The first step is to actually specify what you want to do.

they are not sorted by time, all i want is to show how long one src_ip spent on particular dest_ip

You can't know that. You can know how much time passed between the first and the last packet from a specific src_ip to a specific dst_ip for a specific arbitrary time span or a specific log file.

Example: You may have one day's worth of data. There is a packet going from ip A to ip B at 00:01. There is a second packet between A and B at 23:59. Is this (23 hours 58 mins) "how long" ip A spent on ip B?

Re^2: analyzing data
by szabgab (Priest) on Apr 23, 2014 at 12:49 UTC
How can I ++ this comment more than once?

This is exactly what I recommend to people to do if I want to lead them to learn to program.

Re^2: analyzing data
by matt00perl (Novice) on Apr 23, 2014 at 08:51 UTC

i will take start time minus end time which equal to the difference. Is that what you mean ?

well, the details are important!

How do you find the start and end times? How do you know you have covered all the entries?

When writing some program, the first thing you need to do is to find a precise way to solve the problem. Then you can think about how to translate that into Perl (or any other language).

my idea is to loop through the data, if an destination ip appears more than once...take the least time (ex. 01:01) continue, to the end of the data and get the last time (ex.01:05). take difference of those and return one line with new time (ex 00:04)

Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://1083299]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (1)
As of 2023-06-06 06:34 GMT
Sections?
Information?
Find Nodes?
Leftovers?
Voting Booth?
How often do you go to conferences?

Results (26 votes). Check out past polls.

Notices?