SMBTAv2 @ Hackweek 2010
The SMB traffic analyzer software suite (in short SMBTA) is a toolset aimed at visualizing the data flow on one or more Samba servers, providing statistics about the usage of Samba services. The long term goal of the SMB Traffic Analyzer project is to provide a universal remote debugging facility for Samba.
Well, there was Hackweek last week at SUSE again. And like a tradition, the SMBTA team is taking part in that very cool event. Our primary target currently is to release a first version of smbtad and smbtatools, so that we are able to have working tools released until Samba 3.6.0 Preview 1.
This time, I have had really important tasks, so I could not do the hacking fun for the whole week. However, just when you don’t think about it, others come up and hack on the project and bring it much further than I ever thought. So, as a result of the efforts of Benjamin Brunner from the SMBTA Team at hackweek 2010, we have two new functions in smbtaquery.
– ‘last_activitiy’: This is showing the user in the most detailed fashion the last actions of an object (an object is a user, share, or file). An example output can be seen below:
2010-06-11 19:54:13.949: User benni wrote 40000 bytes from file benni4. 2010-06-11 19:54:13.957: User benni wrote 40000 bytes from file benni4. 2010-06-11 19:54:13.966: User benni wrote 40000 bytes from file benni4. 2010-06-11 19:54:13.974: User benni wrote 40000 bytes from file benni4. 2010-06-11 19:54:13.983: User benni wrote 40000 bytes from file benni4. 2010-06-11 19:54:13.991: User benni wrote 40000 bytes from file benni4. 2010-06-11 19:54:13.999: User benni wrote 40000 bytes from file benni4. 2010-06-14 12:52:59.552: User benni changed directory /abuild/pool.
– ‘usage’: this function creates a virtual day over 24 hours by using the complete data set. With it, you can easily see at which time during the day – on average – the network is most used, and at which time capacities are seen. A sample output looks like this:
10:00 - 11:00 : 0.00 Bytes 0.00% 11:00 - 12:00 : 0.00 Bytes 0.00% 12:00 - 13:00 : 0.00 Bytes 0.00% 13:00 - 14:00 : 0.00 Bytes 0.00% 14:00 - 15:00 : 3.85 GB 17.73% ######## 15:00 - 16:00 : 209.44 MB 0.94% 16:00 - 17:00 : 3.55 GB 16.32% ######## 17:00 - 18:00 : 0.00 Bytes 0.00% 18:00 - 19:00 : 54.77 MB 0.25% 19:00 - 20:00 : 14.07 GB 64.75% ################################ 20:00 - 21:00 : 0.00 Bytes 0.00% 21:00 - 22:00 : 0.00 Bytes 0.00% 22:00 - 23:00 : 0.00 Bytes 0.00% 23:00 - 24:00 : 0.00 Bytes 0.00% total: 21.74 GB
These two functions alone are pretty cool. But Hackweek brought us even more. Michael Haefner of the SMBTA team did a great job in extending the documentation, and fixing numerous bugs in smbtaquery. Hackweek brought as much further than I’ve ever envisioned. Because of this, we now have a clear way to a first release, and this is what we are targetting for the upcoming time.