I'm writing a log analyzer (a la Webalyzer) to analyze Solaris' nfslog files. They're in the same format as wu-ftpd xferlog files. I'd use an existing solution, but I can't find anything that keeps track of reads vs writes, which is critical for us. Anyway, I need to be able to sort by filesystem, client machine, user, time (with a one-hour base period) read, write, or total usage. Can anyone suggest a data structure (or pointers to same) that will allow me to pull data out in an arbitrary fashion (ie users on X day sorted by data written)? Once I have the structure, I can deal with doing the reports, but I want to make sure I don't shoot myself in the foot with the structure.
I was thinking of a hash of hashes, where the keys are filesystems pointing to hashes where the keys are client machines, etc, etc. But it seems that approach would be inefficent for lookups based on times or users (for example). Any help would be greatly appreciated. Paul _______________________________________________ Houston mailing list [email protected] http://mail.pm.org/mailman/listinfo/houston
