[Oisf-devel] http log entry number is more than the number of ab

Delta Yeh delta.yeh at gmail.com
Tue Jul 10 05:08:01 UTC 2012 

 Hi,
 In my test, I see the number of request logged is more than the number of ab.
The topo is :
 ab ---- bridge(suricata,debian6) --- www
 I use ab -c 4 -n 200000 http://192.168.35.111:8079/ to generate http requests.

 It is expected to get 200000 http log entry but I get 200015.
I don't know wether ab send the additional 15 requests or  someting
wrong with suricata?

 The http log config is:
     - http-log:
      enabled: yes
      filename: /tmp/accesslog
      extended: yes
      append: yes
      filetype: unix_dgram

I write a simple python script to receive http log:

# cat uds.py
import socket,os

s = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM)
s.bind("/tmp/accesslog")
counter=0
while 1:
        data, addr = s.recvfrom(1024)
        counter = counter + 1
        print "NO.%d "%( counter)
s.close()


The output of uds.py is:
.....
NO.200012
NO.200013
NO.200014
NO.200015



The ab output is:


ab -c 4 -n 200000 http://192.168.35.111:8079/
This is ApacheBench, Version 2.3 <$Revision: 655654 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking 192.168.35.111 (be patient)
Completed 20000 requests
Completed 40000 requests
Completed 60000 requests
Completed 80000 requests
Completed 100000 requests
Completed 120000 requests
Completed 140000 requests
Completed 160000 requests
Completed 180000 requests
Completed 200000 requests
Finished 200000 requests


Server Software:        Apache/2.2.11
Server Hostname:        192.168.35.111
Server Port:            8079

Document Path:          /
Document Length:        0 bytes

Concurrency Level:      4
Time taken for tests:   583.939 seconds
Complete requests:      200000
Failed requests:        0
Write errors:           0
Non-2xx responses:      200001
Total transferred:      53800269 bytes
HTML transferred:       0 bytes
Requests per second:    342.50 [#/sec] (mean)
Time per request:       11.679 [ms] (mean)
Time per request:       2.920 [ms] (mean, across all concurrent requests)
Transfer rate:          89.97 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    5  12.6      0    2980
Processing:     0    7   5.2     10      40
Waiting:        0    6   5.3     10      40
Total:          0   12  12.4     10    2990

Percentage of the requests served within a certain time (ms)
  50%     10
  66%     10
  75%     10
  80%     10
  90%     20
  95%     20
  98%     20
  99%     20
 100%   2990 (longest request)
colinux:~/tmp#

More information about the Oisf-devel mailing list