cOS Stream maintains a large number of counters in memory that keep track of system activity. This information is kept only in memory and is mostly made up of single numerical values. The purpose of this is to be able to give the administrator an overview of the tasks being performed by the system and the counters are collectively known as Statistics.

Note that all values are reset between system restarts so that statistics are not carried over.

A separate document called the Clavister NetShield Firewall Statistics Reference Guide provides a detailed listing of all available statistical values. This section is designed to give a short introduction to their structure and use.

Accessing Statistics

There are two methods for the administrator to view statistics:

This section deals with examining statistics through the CLI. SNMP access to cOS Stream is described in Section 2.1.8, SNMP Monitoring.

The Hierarchical Statistics Structure

All statistics are part of a hierarchical tree structure which divides them into related values. This structure can be clearly seen in the contents of the Statistics Reference Guide.

An individual statistic is identified by means of a "path" which includes everything above it in the hierarchy. The form of this path is described in the Statistics Reference Guide. For example, the path definition for an interface's bytes_recv statistic is:

		/interfaces/common/[..n]/bytes_recv

Where [..n] represents the name of the interface.

For example, the bytes_recv statistic associated with the if1 interface is identified with the path:

		/interfaces/common/if1/bytes_recv

These variable references in paths are indicated in the Statistics Reference Guide using the [..n] notation.

Using the statistics Command

The CLI command statistics is used to display the value of one or many statistics at a moment in time or at a regular interval. Entering this command without options will initially give the following response:

System:/> statistics
		
The list of polled values is empty

The command maintains a list of statistics that can be polled and it is necessary to first add to the list using the -add option. Suppose that there is a requirement to see the number of active system users every 10 seconds. The command to add this to the list is:

System:/> statistics -add /authentication/system/active_users

The new contents of the list can now be displayed and at the same time all statistics on the list are polled:

System:/> statistics
		
Name | 2025-11-22 18:05:01                  Value  Unit
------------------------------------------  -----  -----
/authentication/system/active_users         1      users

A list of all statistics that can be polled is output from the command:

System:/> statistics -listall

Starting and Stopping Interval Polling

To begin polling the values in the list at a regular interval, the -poll and -interval options are used:

System:/> statistics -poll -interval=<number>

This turns on interval polling with new console output appearing every <number> seconds. In the example output below, more users appear after 10 seconds:

System:/> statistics -poll -interval=10
		
Name 2025-11-22 18:12:15                    Value  Unit
------------------------------------------  -----  -----
/authentication/system/active_users         2      users

Name 2025-11-22 18:12:25                    Value  Unit
------------------------------------------  -----  -----
/authentication/system/active_users         5      users

To stop interval polling use the following command:

System:/> statistics -stop

Using Wildcards

When adding statistics to the polling list, the asterisk "*" character can be used to specify all statistics within a particular category. For example, the statistic bytes_recv for the Ethernet interface if1 can be polled with the command:

System:/> statistics -add /interfaces/common/if1/bytes_recv

To poll all interfaces, the command would be:

System:/> statistics -add /interfaces/common/*/bytes_recv

Note, however, that the actual interface name specified as part of the path can vary from platform to platform.

Removing Polled Statistics

The -remove option can remove individual statistics from the polled list:

System:/> statistics -remove /authentication/system/active_users

If everything on the polled list is to be removed, this can be done using the wildcard character:

System:/> statistics -remove *

To remove specific groups of statistics, the wildcard character can be used with the -remove option in the same way as it is used with the -add option. For example:

System:/> statistics -remove /interfaces/common/*/bytes_recv

Logging Statistics Output to a File

The potential demands on memory make it impractical to log statistics polling output to a file on the firewall. However, it is possible to save the console output to a file in many SSH clients and this is the recommended way to do it.

Statistics and High Availability

Statistics are HA node specific and are therefore not synchronized between HA cluster nodes. This topic is discussed further in Section 22.5, HA Issues.