At 11:48 a +0100 01/15/2007, Klaus Johannes Rusch didst inscribe upon
an electronic papyrus:
Walter Ian Kaye wrote:
I have no clue where to start. Are these programs in the package
meant to be used in a particular order? I gather that somehow you
create a db and then reference it, but that's all I know. What
parameters do I pass to which programs and when, and is there a
particular location that's best for the db? Does Analog use that db
itself, and if so, how do I make the connection?
There's no overall documentation to answer such questions, so I
would appreciate the wisdom of anyone who understands the programs
in the package.
Each of the programs serves a particular purpose, what you probably
want is the first program in the list, dns-terror, which resolves
the addresses in a log file. You can, but do not have to, store the
results in a database also which you can convert to the Analog DNS
cache format so you can use this directly from analog.
Possible usage scenarios:
* Run logfiles through dns-terror without generating output and
store the lookup results in a database, then convert the database
to the Analog DNS cache format using convert-ip-db, then run
analog on the original log file using the DNS cache (this is the
approach I would recommend)
Thank you! So I did this:
dns-terror < counter.log
convert-ip-db > dns.cache
and set the DNSFILE parameter to point to the file. Analog happily used it. :D
Hopefully this info will help other people here too.
-Walter
+------------------------------------------------------------------------
| TO UNSUBSCRIBE from this list:
| http://lists.meer.net/mailman/listinfo/analog-help
|
| Analog Documentation: http://analog.cx/docs/Readme.html
| List archives: http://www.analog.cx/docs/mailing.html#listarchives
| Usenet version: news://news.gmane.org/gmane.comp.web.analog.general
+------------------------------------------------------------------------
