From 2aa7289339d387f9a7158c41c1418dd95747467b Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Wed, 25 Sep 2013 08:29:11 +0100
Subject: [PATCH] Update log analysis script to ignore ICP queries

---
 bin/sumlogs | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/bin/sumlogs b/bin/sumlogs
index 0db3ac6..7a06287 100755
--- a/bin/sumlogs
+++ b/bin/sumlogs
@@ -8,7 +8,7 @@ use YAML;
 
 my $pt = new Net::Patricia;
 
-open(COUNTRIES, "< /etc/powerdns/countries.conf") || die "Can't open /etc/powerdns/countries.conf";
+open(COUNTRIES, "< countries.conf") || die "Can't open /etc/powerdns/countries.conf";
 
 while (my $line = <COUNTRIES>)
 {
@@ -28,7 +28,7 @@ my %country_bytes;
 
 while (my $record = <>)
 {
-    if ($record =~ /^\d+\.\d+\s+\d+\s+(\d+\.\d+\.\d+\.\d+)\s+TCP_[A-Z_]+\/\d+\s+(\d+) /)
+    if ($record =~ /^\d+\.\d+\s+\d+\s+(\d+\.\d+\.\d+\.\d+)\s+TCP_[A-Z_]+\/\d+\s+(\d+) (?:GET|HEAD|POST) /)
     {
         my $ip = $1;
         my $bytes = $2;
@@ -38,6 +38,10 @@ while (my $record = <>)
 
         $total_bytes += $bytes;
     }
+    elsif ($record =~ /^\d+\.\d+\s+\d+\s+(\d+\.\d+\.\d+\.\d+)\s+UDP_[A-Z_]+\/\d+\s+(\d+) ICP_QUERY /)
+    {
+	# do nothing
+    }
     else
     {
         warn $record;
-- 
2.43.2