Update log analysis script to ignore ICP queries

diff --git a/bin/sumlogs b/bin/sumlogs
index 0db3ac6fb24f08471595f99e1f38238d3605af93..7a06287059e69c8eb855acbb5de3bce66c31aaf8 100755 (executable)
--- a/bin/sumlogs
+++ b/bin/sumlogs
@@ -8,7 +8,7 @@ use YAML;
 
 my $pt = new Net::Patricia;
 
-open(COUNTRIES, "< /etc/powerdns/countries.conf") || die "Can't open /etc/powerdns/countries.conf";
+open(COUNTRIES, "< countries.conf") || die "Can't open /etc/powerdns/countries.conf";
 
 while (my $line = <COUNTRIES>)
 {
@@ -28,7 +28,7 @@ my %country_bytes;
 
 while (my $record = <>)
 {
-    if ($record =~ /^\d+\.\d+\s+\d+\s+(\d+\.\d+\.\d+\.\d+)\s+TCP_[A-Z_]+\/\d+\s+(\d+) /)
+    if ($record =~ /^\d+\.\d+\s+\d+\s+(\d+\.\d+\.\d+\.\d+)\s+TCP_[A-Z_]+\/\d+\s+(\d+) (?:GET|HEAD|POST) /)
     {
         my $ip = $1;
         my $bytes = $2;
@@ -38,6 +38,10 @@ while (my $record = <>)
 
         $total_bytes += $bytes;
     }
+    elsif ($record =~ /^\d+\.\d+\s+\d+\s+(\d+\.\d+\.\d+\.\d+)\s+UDP_[A-Z_]+\/\d+\s+(\d+) ICP_QUERY /)
+    {
+       # do nothing
+    }
     else
     {
         warn $record;