.TuG.Beaver Posted August 7, 2007 Report Share Posted August 7, 2007 GR:AW2 IP/Name Logging Guide - Step 3 - Processing the Logged Data Now that we are actually recording data to a log file, there is further processing required to convert the packet data to something human readable & useful. To process the raw data to standard text, we will be using the ngrep tool from a command line prompt. Processing the ngrep.log File Before you can process the log file, you will need to temp. close the 'GRAW2 IP Logged' process as we will need to rename it. If you do not stop the process and rename the ngrep.log file , then the next time you start the process, it will overwrite any existing data collected. With the process stopped, navigate to the c:\graw2iplogs\ folder and open up a command prompt. Rename the ngrep.log file to ngrep1.log (we will increment this to ngrep2.log, ngrep3.log when ever new data is to be processed). Once renamed, you can then immediatly restart the 'GRAW2 IP Logged' process to continue gathering data while we process the already captured data. At the prompt, type: ngrep -t -I ngrep1.log > ngrep1.txt You'll change the filenames to match the increments as required. If you now open up the ngrep1.txt file, you should see plain text listing Date/Time IP's & hopefully player names. Congratulations, you have now successfully logged the IP/Names from your GR:AW2 server! Link to comment Share on other sites More sharing options...
LARSA.vU Posted August 9, 2007 Report Share Posted August 9, 2007 I made a script that stop the ngrep process. Making the ngrep.log readable and save a timestamped ngrep.txt file. And then start the ngrep process again. You have to create the C:\graw2iplogs\logs\ directory first. If you like you can schedule it to run once a day or so. Hope you find it usefull. Copy the text below and save it as an .cmd file Works with Windows XP. @ echo off :: variables set source=C:\graw2iplogs\ set destination=C:\graw2iplogs\logs set hour=%time:~0,2% if "%hour:~0,1%"==" " set hour=0%time:~1,1% set timestamp=%date:~10,4%_%date:~4,2%_%date:~7,2%_%hour%_%time:~3,2% :: stop ngrep.exe before processing the data. taskkill /im ngrep.exe /f :: making the logfile readable and saving a timestamped logfile cd %source% copy ngrep.log %destination%\ngrep.log cd %destination% %source%\ngrep.exe -t -I ngrep.log > %timestamp%_ngrep.txt :: cleaning up and start logging again del ngrep.log cd %source% del ngrep.log ngrep.exe -q -t -p -d 2 -O ngrep.log 30292.2673 dst port 16250 Link to comment Share on other sites More sharing options...
.TuG.Beaver Posted August 9, 2007 Author Report Share Posted August 9, 2007 Thanks Larsa, I'll try it out. And add it to the step 3 info (obviously crediting you!) Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now