So I was talking to GrahamA, the guy responsible for the SEP - Content Distribution Monitor, and I started asking some questions after looking at the tool. By the way, if you are using GUPs (Group Update Providers) in your SEP environment I would highly recommend looking into the tool found here. It fills in some holes that SEPM doesn't cover out of the box. After going through the IIS log files that get created, I realized that there is a goldmine of information available. I talked to GrahamA and expressed some wants out of the little app and even took some time to bang out a little vb script that I thought would be a nice to have.
One of the questions I had was, how much traffic exactly are my GUPs consuming? This is important for me to know because of my network structure. My GUPs sit at the far side of a slow WAN link. Having the GUPs saves me bandwidth, but how much bandwidth exactly is being consumed? If you look at the IIS logs that get generated you can clearly see that the GUPs download content from the SEPM and you may also notice, that the ip addresses managed by the GUPs never appear in the IIS logs. So after realizing this, I thought it would be useful to develop this little script that would give me a basic idea of what the Update Providers are doing.
The script attached prompts for a file location of the log you would like to parse. If you followed GrahamA's instructions to the T, your logs roll over at the beginning of each day. Therefore, if you point this script at one of the logs, you would be able to get an idea of what the GUPs have done over that day. The second thing the script prompts you for is an IP address. A couple cool (and unintended) things about this part. My original plan was to input the IP of the GUP and have it simply sum up the traffic for that device, which the script will do. One of the unintended things that the script can do, is sum traffic on a particular subnet. For example, I know that if I type in 192.168.1.2, I will sum all traffic generated by that GUP. However, I fat fingered this once and typed 192.168 and quickly realized that I can get a quick report for the entire 192.168.0.0 subnet.
Anyway, I expressed the want for this script to be somehow built into the CDM app. I even created a method for the script to pull specific ip's out of Globallist.xml, the reference file for all ip addresses of GUPs, and report on all individual GUP activity. I thought I'd share this with the community for now just for fun.
*This is provided as is. As usual be careful with all things downloaded and are not fully endorsed by Symantec. This is however, just a log parser and should do no harm as it just simply reads logfiles.