[Zeek] Using "dbl" instead of "num" in SumStats
Hui Lin (Hugo)
hlin33 at illinois.edu
Mon May 6 09:55:09 PDT 2019
Hi Jim,
I think 'num' field seemed like what I am looking for. However, when I
tried, it is different from the count that I manually made. Here is the
codes that I used to count. As you can see, what I try to is easy,
whenever, an observation is received, I increase the value of a global
value. However, when I print out through epoch call back function, the
value is different from one in 'num'.
if (...)
{
total_res = total_res + 1;
SumStats::observe("dnp3 rtt", SumStats::Key(),
SumStats::Observation($dbl=latency));
}
Best,
Hugo
On Mon, May 6, 2019 at 9:16 AM Jim Mellander <jmellander at lbl.gov> wrote:
> Hi Hugo:
>
> <snip>
> May I suggest a few things in SumStats? Maybe I missed something, I don't
> know how to directly obtain the number of data recorded in SumStats, so I
> need to declare another global variable to record that. It will be useful
> that we can directly know how many data are recorded by far. The reason
> that I need the number of records is to calculate the 95% or 99% confidence
> interval. It will be great that we can include them directly in SumStats as
> well.
> <snip>
>
> Each result record returned to epoch_result has a 'num' field, which is a
> count of the number of observations that made up that result - is that what
> you're looking for? If you're looking for a grand total of observations, I
> suppose they could be totalled up from the result records.
>
> Take care,
>
> JIm
>
>
--
Hui Lin
Ph.D. Candidate (http://hlin33.web.engr.illinois.edu/)
DEPEND (http://depend.csl.illinois.edu/)
ECE, Uni. of Illinois at Urbana-Champaign
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190506/4471647c/attachment.html
More information about the Zeek
mailing list