# Log and analyze data with rrdtool


Introduction

We are going to log, every five seconds, the RTT values obtained from doing a ping to two different IP addresses.


Create the database

If we do not obtain a value in 10 seconds that value is lost.
The expected values are between 20.000 and 80.000 milliseconds.
We log data every 1 sample.
We store 120960 samples (one week).
Each sample is taken every 5 seconds.

12 samples x 5 seconds/sample = 60 seconds = 1 minute
12 samples x 60m x 24h x 7d = 120960 samples

# rrdtool create rtt.rrd \
> -s 5 \
> DS:google:GAUGE:10:20.000:80.000 \
> DS:yahoo:GAUGE:10:20.000:80.000 \
> RRA:AVERAGE:0.5:1:120960 \
> RRA:MIN:0.5:1:120960 \
> RRA:MAX:0.5:1:120960

Obtain the RTT values

# cat rtt.sh
#!/bin/bash

google_ip="$1"
 yahoo_ip="$2"

google_rtt=`ping -c 1 -W 1 $google_ip | grep rtt | tr '/' ' ' | awk '{print $7}'`
 yahoo_rtt=`ping -c 1 -W 1 $yahoo_ip  | grep rtt | tr '/' ' ' | awk '{print $7}'`

echo "N:$google_rtt:$yahoo_rtt"
rrdtool update rtt.rrd N:$google_rtt:$yahoo_rtt
# watch -n 5 ./rtt.sh 216.239.32.10 68.180.131.16

Check stored values

# rrdtool fetch rtt.rrd AVERAGE | grep -v nan

Analyze the graph

# cat make_graph.sh
#!/bin/bash

rtt_rrd="rtt.rrd"
rtt_png="rtt.png"
last=`rrdtool last rtt.rrd`
date=`date`
width="6000"
height="300"

rrdtool graph $rtt_png \
--start end-1hour --end $last \
--title "Round-Trip Time (RTT)" \
--vertical-label "Milliseconds" \
--width $width \
--height $height \
--x-grid SECOND:5:SECOND:30:SECOND:60:0:%T%n%D \
--color BACK#222222 \
--color FONT#aaaaaa \
--color CANVAS#222222 \
--color GRID#444444 \
--color MGRID#666666 \
--color AXIS#888888 \
--color ARROW#888888 \
--font-render-mode normal \
--pango-markup \
--graph-render-mode normal \
--slope-mode \
--imgformat PNG \
--watermark "$date - hacktracking.blogspot.com" \
DEF:vgoogle=$rtt_rrd:google:AVERAGE \
DEF:vyahoo=$rtt_rrd:yahoo:AVERAGE \
COMMENT:" \\n" \
COMMENT:" \\n" \
LINE:vgoogle\#ff0000:'<b>GOOGLE</b>' \
GPRINT:vgoogle:MIN:"<small>min = </small>%3.3lf <small>ms</small>" \
GPRINT:vgoogle:MAX:"<small>max = </small>%3.3lf <small>ms</small>" \
GPRINT:vgoogle:AVERAGE:"<small>avg = </small>%3.3lf <small>ms</small>" \
GPRINT:vgoogle:LAST:"<small>last = </small>%3.3lf <small>ms</small>" \
COMMENT:" \\n" \
COMMENT:" \\n" \
LINE:vyahoo\#00ff00:'<b>YAHOO</b> ' \
GPRINT:vyahoo:MIN:"<small>min = </small>%5.3lf <small>ms</small>" \
GPRINT:vyahoo:MAX:"<small>max = </small>%3.3lf <small>ms</small>" \
GPRINT:vyahoo:AVERAGE:"<small>avg = </small>%3.3lf <small>ms</small>" \
GPRINT:vyahoo:LAST:"<small>last = </small>%3.3lf <small>ms</small>" \
COMMENT:" \\n" \
COMMENT:" \\n"
# ./make_graph.sh && eog rtt.png

References

# man rrdtool rrdcreate rrdupdate rrdfetch rrdlast rrdgraph

No comments: