Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

tracertstats(1) [debian man page]

TRACERTSTATS(1) 						   User Commands						   TRACERTSTATS(1)

NAME

       tracertstats - perform simple filter based analysis on a trace

SYNOPSIS

       tracertstats  [	-f  |  --filter bpf ] [ -i | --interval interval ] [ -c | --count count ] [ -o | --output-format csv,txt,png,html ] [ -m |
       --merge-inputs ] inputuri...

       tracertstats -H|--libtrace-help

DESCRPTION

       tracertstats takes a list of bpf expressions and outputs the number of packets and bytes that match that expression every interval seconds,
       or count packets.

       -f bpf-filter
       --filter bpf-filter
	      Add another "bpf filter"

       -i interval
       --interval interval
	      Output results every interval seconds.

       -c count
       --count count
	      Output results every count packets.

       -m
       --merge-inputs
	      Treats  all inputs as a single input, resulting a single unified output rather than an output for each input. Works best with traces
	      that are consecutive to create a single CSV, for instance.

       -o format
       --output-format format
	      Selects the output format.

	      txt    Human readable text.  This is the default output format which provides output easily understood by a human.  This format  has
		     the disadvantage that it takes up quite a bit of horizontal space.

	      csv    Comma Seperated Values. This is suitable for further analysis in a spreadsheet, or other program.

	      png    PNG Graphic.  Produces a fairly incomprehensible png graph.  This relies on gdc being available at compile time.

	      html   This produces output suitable for display to a human in a webbrowser.

EXAMPLES

       tracertstats --filter 'host sundown' 
	    --filter 'port http' 
	    --filter 'port ftp or ftp-data' 
	    --filter 'port smtp' 
	    --filter 'tcp[tcpflags] & tcp-syn!=0' 
	    --filter 'not ip' 
	    --filter 'ether[0] & 1 == 1' 
	    --filter 'icmp[icmptype] == icmp-unreach' 
	    --output-format html
	    erf:/traces/trace1.gz 
	    erf:/traces/trace2.gz

LINKS

       More details about tracertstats (and libtrace) can be found at http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation

SEE ALSO

       libtrace(3),   tracemerge(1),   tracesplit(1),	tracesplit_dir(1),   tracefilter(1),   traceconvert(1),  tracereport(1),  tracepktdump(1),
       traceanon(1), tracesummary(1), traceconvert(1), tracereplay(1), tracediff(1), traceends(1), tracetopends(1)

AUTHORS

       Perry Lorier <perry@cs.waikato.ac.nz>

tracertstats (libtrace) 					   November 2006						   TRACERTSTATS(1)

Check Out this Related Man Page

TRACEREPORT(1)							   User Commands						    TRACEREPORT(1)

NAME

       tracereport - produce various reports on a trace (or traceset)

SYNOPSIS

       tracereport  [  -f  bpf	|  --filter=bpf ] [ -e |  --error ] [ -F |  --flow ] [ -m |  --misc ] [ -P |  --protocol ] [ -p |  --port ] [ -T |
       --tos ] [ -t |  --ttl ] [ -O |  --tcpoptions ] [ -o |  --synoptions ] [ -n |  --nlp ] [ -d |  --direction  ]  [	-C  |	--ecn  ]  [  -s  |
       --tcpsegment ] inputuri...

       tracereport -H | --help

DESCRIPTION

       tracereport  can  produce  a  variety  of reports on the properties of a trace.	The user specifies the reports required using command-line
       options.

       -f bpf-filter
       --filter bpf-filter
	      Only report on packets that match the provided bpf filter. See tcpdump(1) for the syntax of the bpf-filter expression.

       -e
       --error
	      Produce a report on packet errors (e.g checksum failures, rxerrors)

       -F
       --flow Produces a report on the number of flows observed in the trace

       -m
       --misc Provides a report listing the time of the first packet, and the time of the last packet in the trace, the duration, the total number
	      of packets in the trace, and the average number of packets per second.

       -P
       --protocol
	      Produces a report on which transport layer protocols are observed in the trace

       -p
       --port Produces a report on which port numbers are observed in the trace

       -T
       --tos  Produces a report on the contents of the IP header's ToS field

       -t
       --ttl  Produces a report on the TTL of packets in the trace

       -O
       --tcpoptions
	      Produces a report on which TCP options are observed on all packets in the trace

       -o
       --synoptions
	      Produces a report on which combinations of TCP options are observed on SYN packets in the trace

       -n
       --nlp  Produces a report on the network layer protocols observed in the trace

       -d
       --direction
	      Produces a report on how much traffic is travelling in each direction

       -C
       --ecn  Produces a report on the usage of the ECN field of the TCP header

       -s
       --tcpsegment
	      Produces a report on the sizes of TCP segments in the trace

       -H
       --help Provides usage instructions

LINKS

       More details about tracereport (and libtrace) can be found at http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation

SEE ALSO

       libtrace(3),  tracemerge(1),  tracesplit(1),  tracesplit_dir(1),  tracefilter(1), traceconvert(1), tracestats(1), tracertstats(1), tracere-
       port(1), tracepktdump(1), traceanon(1), tracesummary(1), tracereplay(1), tracediff(1), traceends(1), tracetopends(1)

AUTHORS

       Perry Lorier <perry@cs.waikato.ac.nz>

tracereport (libtrace)						   October 2006 						    TRACEREPORT(1)
Man Page