Jump to content
The Unknown Ghosts
.TuG.Beaver

GR:AW2 IP/Name Logging - Step 3 - Processing the Logged Data

Recommended Posts

GR:AW2 IP/Name Logging Guide - Step 3 - Processing the Logged Data

Now that we are actually recording data to a log file, there is further processing required to convert the packet data to something human readable & useful.

 

To process the raw data to standard text, we will be using the ngrep tool from a command line prompt.

  • Processing the ngrep.log File

Before you can process the log file, you will need to temp. close the 'GRAW2 IP Logged' process as we will need to rename it.

 

If you do not stop the process and rename the ngrep.log file , then the next time you start the process, it will overwrite any existing data collected.

 

With the process stopped, navigate to the c:\graw2iplogs\ folder and open up a command prompt.

 

Rename the ngrep.log file to ngrep1.log (we will increment this to ngrep2.log, ngrep3.log when ever new data is to be processed).

 

Once renamed, you can then immediatly restart the 'GRAW2 IP Logged' process to continue gathering data while we process the already captured data.

 

At the prompt, type:

 

ngrep -t -I ngrep1.log > ngrep1.txt

 

You'll change the filenames to match the increments as required.

 

If you now open up the ngrep1.txt file, you should see plain text listing Date/Time IP's & hopefully player names.

 

Congratulations, you have now successfully logged the IP/Names from your GR:AW2 server!

Share this post


Link to post
Share on other sites

I made a script that stop the ngrep process.

Making the ngrep.log readable and save a timestamped ngrep.txt file.

And then start the ngrep process again.

You have to create the C:\graw2iplogs\logs\ directory first.

If you like you can schedule it to run once a day or so.

Hope you find it usefull.

 

Copy the text below and save it as an .cmd file

Works with Windows XP.

 

@ echo off

:: variables
set source=C:\graw2iplogs\
set destination=C:\graw2iplogs\logs
set hour=%time:~0,2%
if "%hour:~0,1%"==" " set hour=0%time:~1,1%
set timestamp=%date:~10,4%_%date:~4,2%_%date:~7,2%_%hour%_%time:~3,2%

:: stop ngrep.exe before processing the data.
taskkill /im ngrep.exe /f

:: making the logfile readable and saving a timestamped logfile
cd %source%
copy ngrep.log %destination%\ngrep.log
cd %destination%
%source%\ngrep.exe -t -I ngrep.log > %timestamp%_ngrep.txt

:: cleaning up and start logging again
del ngrep.log
cd %source%
del ngrep.log
ngrep.exe -q -t -p -d 2 -O ngrep.log 30292.2673 dst port 16250

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×