Calculating the difference between the first words(timestamp) using perl dynamically

Question

I have a program that keeps on writing the icmp echo requests being received by a machine into a file.

I am using system ("tcpdump icmpecho[0] == 8 | tee abc.txt") to do that.

So this process keeps on going till I end the program manually.

Each line has the timestamp as its first word.

now i want to calculate the frequency of the echo requests I am receiving using a separate script so that if it reaches a certain threshold , I can print an alert.

I tried to use grep -Eo '^[^ ]+' file to get the timestamps into an array, but I dont know what to do after getting them into an array. grep goes on in a while loop since the file it is reading from keeps on getting populated infinitely.(I'll not have an option of monitoring the differences and printing an alert if grep goes on like that right?)

All I am trying to do is to keep track of the frequency of icmp echo requests that are coming in on my machine and print an alert message whenever that frequency crosses a threshold. is there any alternative way?

Answer 1

I am using

tcpstat -i eth1 -f icmp[0] == 8

to get the request count. it gives me 3 more parameters but got to research a bit bout them!

Answer 2

All timestamps are saved in @arr

perl -ne '$f{$_}++ or push @arr, $_ for /(\d+:\d+)/ }{ print "$_ [$f{$_} times]\n" for @arr' file

constantly reading from log file,

 perl -e 'open$T,pop;while(1){while(<$T>){ ++$f{$_}>10 and print "[$f{$_}]$_" for /(\d+:\d+)/ }sleep 1;seek $T,0,1}' file