Hi, I have been happily using analog on and off for the past few years.
Yesterday I realised that there was a web server in our site that wasn't being processed, so I fished all the logs down, ran analog 5.22 on them and went home. 24 hours later they were still processing so I trussed the process and realised that the DNS lookings were slowing it down. That didn't bother me as there were many many IP addresses to process. After some testing I realised that all reverse lookups were failing. What appears to happen is that I start analog, and it processes reasonably fast: # make processprodimageslogs /ext/logs/analog +V +C"CONFIGFILE prodimages.cfg" /ext/logs/analog: analog version 5.22/Unix /ext/logs/analog: Warning F: Failed to open configuration file /ext/logs/cfg/analog.cfg: ignoring it (For help on all errors and warnings, see docs/errors.html) F: Opening /ext/logs/cfg/prodimages.cfg as configuration file F: Opening /ext/logs/cfg/generic.cfg as configuration file D: Looking up 194.176.214.121: D: resolved to modem-214-121.vip.uk.com D: Looking up 172.186.35.83: D: resolved to ACBA2353.ipt.aol.com D: Looking up 217.28.129.105: D: can't resolve D: Looking up 213.1.77.215: D: resolved to host213-1-77-215.in-addr.btopenworld.com D: Looking up 195.129.126.151: D: can't resolve D: Looking up 213.122.155.143: D: resolved to host213-122-155-143.in-addr.btopenworld.com D: Looking up 213.1.75.235: D: resolved to host213-1-75-235.in-addr.btopenworld.com D: Looking up 213.123.11.99: D: resolved to host213-123-11-99.in-addr.btopenworld.com But, after running for one or two minutes, no lookups work. D: Looking up 212.126.149.163: D: can't resolve D: Looking up 217.35.144.37: D: can't resolve D: Looking up 212.229.10.79: D: can't resolve D: Looking up 195.40.206.81: D: can't resolve D: Looking up 195.182.163.64: D: can't resolve D: Looking up 213.107.237.173: D: can't resolve D: Looking up 212.134.22.98: D: can't resolve However, if I take the last entries from the DNS cache and look them up, my resolver can resolve the reverses! # for i in `tail -5 dns/dnscache | cut -d" " -f 2`^Jdo^Jnslookup $i^Jdone | egrep -v "Server|10.120|^$" Name: soozan.demon.co.uk Address: 212.229.10.79 Name: tnt-1-81.easynet.co.uk Address: 195.40.206.81 Name: cvx163-64.dccl.net Address: 195.182.163.64 Name: m429-mp1-cvx1c.col.ntl.com Address: 213.107.237.173 Name: tnt-13-98.easynet.co.uk Address: 212.134.22.98 I had put a 1 second DNS timeout on just so the logs would get processed, but that doesn't explain why it works and then stops. I am running Solaris 8, Generic_108528-13. Any suggestions are gratefully recieved! Best, Julian. +------------------------------------------------------------------------ | This is the analog-help mailing list. To unsubscribe from this | mailing list, go to | http://lists.isite.net/listgate/analog-help/unsubscribe.html | | List archives are available at | http://www.mail-archive.com/[email protected]/ | http://lists.isite.net/listgate/analog-help/archives/ | http://www.tallylist.com/archives/index.cfm/mlist.7 +------------------------------------------------------------------------
