Finding source of *massive Traffic*

Futureweb Contributor

I got a little Problem here ... Scenario:
Server 1: HTTP Server where our CMS is
Server 2: MySQL Server of the CMS

Sometimes (a few Times a Week) we got MASSIVE Traffic Spikes between those 2 Servers. (200-300 MBit for 1-2 Minutes) and I'm unable to find the Source of those massive Traffic Spikes ... My guess is that there is a Bogus-Query which fetches a very Big Resultset ... but I was not able to find such a Query. (Not to wonder with Queries within the CMS ...)
Already tried it with the Slow-Query-Log, with Peak Memory Monitoring within PHP, ... but no luck yet.

Now I wanted to ask if there is some possibility to monitor/log if MySQL delivers such a big Resultset - and if - which Query triggered it ...

Hope someone here can help me with this?!

Thank you, bye from sunny Austria
Andreas Schnederle-Wagner


  Futureweb Contributor
    really noone?! :-/
  courtos Entrant
    According to me, if peak time is predictable ; it could be easy to tcpdump on port 3306 during the peak and after analyze data pt-query-digest.
    you can find an example here :
  Futureweb Contributor
    unfortunately those Times are completely random ... sometimes 1-2 weeks no spike - then 3-4 Spikes within one day ...
    As there is generally lot's of Traffic to/from this MySQL Server - TCPDUMP would be pretty big ... ;-)
