Skip to main content
fropert_FTNT
Staff
fropert_FTNT
Staff
April 14, 2014

Technical Tip: Logons per second rate calculation with dcagentlog.txt

  • April 14, 2014
  • 0 replies
  • 1907 views

 

Description

This article decribes that the dcagentlog.txt records logins processed by dcagent.dll when DC Agent logging is enabled.

The script provided as-is will print the minimum, maximum, and average logons per second rate based on the dcagentlog.txt content.
 
Configure DC Agent logging on a domain controller monitored by DC Agent :
 
Set HKLM\SOFTWARE\Fortinet\FSAE\dcagent, REG_DWORD enable_log to 1.
Default Filename path: C:\Program Files\Fortinet\FSAE\dcagentlog.txt or C:\dcagentlog.txt.
 
Scripts execution:
 
python dcagent_logonspersecond.py dcagentlog.txt <-
Minimum logons per second rate:1
Maximum logons per second rate:8
Average logons per second rate:1.21502748931
 
Scripts result:
 
The output of the script can be used by the DC Agent bandwidth calculator from FD34897.
Scope FSSO DC Agent.
Solution

#!/usr/bin/env python

# -*- coding: utf-8 -*-

#

# Set HKLM\SOFTWARE\Fortinet\FSAE\dcagent, REG_DWORD enable_log to 1.

# Default Filename path: C:\Program Files\Fortinet\FSAE\dcagentlog.txt or C:\dcagentlog.txt

#

# Author: Francois Ropert (Copyright - Fortinet)

#

 

import sys

import os

from datetime import datetime

 

fdlog = open(sys.argv[1])

# Map the whole file into memory

dcagentlog = fdlog.readlines()

fdlog.close deltas = []

previous_ts = ""

logons_cnt = 0

for line in dcagentlog:

    if " Logon " in line:

        try:

            if line[19] == ".": # file version detection

                logon_ts = line.split('.')[0]

            else:

                logon_ts = line.split(': ')[0]

            if previous_ts == "":

                previous_ts = logon_ts

            tdelta = datetime.strptime(logon_ts, "%m/%d/%Y %H:%M:%S") - datetime.strptime(previous_ts, "%m/%d/%Y %H:%M:%S") except:

            continue

        try:

            if str(tdelta) == "0:00:00":

                logons_cnt += 1

            else:

                deltas.append(logons_cnt)

                logons_cnt = 1

            previous_ts = logon_ts

        except:

            continue

# handle dcagentlog.txt with logons in the same second.

if logons_cnt > 1:

    deltas.append(logons_cnt)

min_rate = deltas[0]

for rate in deltas[1:]:

    if rate < min_rate:

        min_rate = rate

max_rate = deltas[0]

for rate in deltas[1:]:

    if rate > max_rate:

        max_rate = rate

print "Minimum logons per second rate:" + str(min_rate)

print "Maximum logons per second rate:" + str(max_rate)

print "Average logons per second rate:" + str(sum(deltas) / float(len(deltas)))
Terms & ConditionsAccessibility statement