How do i calculate the combined bandwidth used from "Traffic Logs"

by mschr   Last Updated December 08, 2017 20:00 PM

Ive been stashing some logs from my firewall, containing the session-data, such as in-/out-bytes, duration, protocol and src/dst ip and port values.

Lets look at these samples:

src=192.168.109.3 dst=193.162.153.164 spt=12480 dpt=53 msg=Traffic Log duration=300 out=60 in=497 proto=17 app=domain
src=192.168.109.3 dst=193.162.153.164 spt=38036 dpt=53 msg=Traffic Log duration=300 out=60 in=181 proto=17 app=domain
src=192.168.101.3 dst=52.205.221.146 spt=43620 dpt=80 msg=Traffic Log duration=5 out=1271 in=355 proto=6 app=http
src=192.168.109.3 dst=195.249.167.155 spt=40147 dpt=80 msg=Traffic Log duration=15 out=5443 in=633112 proto=6 app=http
src=192.168.109.3 dst=193.162.153.164 spt=53943 dpt=53 msg=Traffic Log duration=300 out=65 in=140 proto=17 app=domain
src=192.168.109.3 dst=193.162.153.164 spt=12045 dpt=53 msg=Traffic Log duration=300 out=65 in=140 proto=17 app=domain
src=192.168.109.3 dst=193.162.153.164 spt=35120 dpt=53 msg=Traffic Log duration=300 out=64 in=394 proto=17 app=domain
src=192.168.109.3 dst=193.162.153.164 spt=17222 dpt=53 msg=Traffic Log duration=300 out=60 in=448 proto=17 app=domain
src=192.168.109.3 dst=193.162.153.164 spt=53459 dpt=53 msg=Traffic Log duration=300 out=60 in=180 proto=17 app=domain

My question is, what does each line actually entail - is it;

  1. one line pr window/frame/mtu
  2. or maybe one line pr construct / destruct of the network-session (CONNECT -> ESTABLISHED -> CLOSED)
  3. something else entirely?

And also, is it possible to sum up the in and out values (theyre in bytes) and determine, how much bandwidth a particular IP is using?

Thx in advance



Related Questions


What bandwidth values should I set?

Updated April 16, 2018 06:00 AM


How to measure bandwidth per cpu utilization

Updated October 10, 2017 20:00 PM

Bandwidth monitoring for a number of virtual machines

Updated September 10, 2018 19:00 PM

Searching for tool like time but for network IO

Updated May 15, 2017 23:00 PM