Quote:
Originally Posted by
eronad
Do you have any suggestion for me
I think you should first decide, what programming language you will use. tcpdump essentially produces data in tabular format, so awk is an obvious choice. However, tabular data can be analyzed equally well with other languages - Perl, Ruby, Python, just to name a few - and I personally tend to use one of those, because they provide more flexibility, which might be handy in case the problem increases in complexity. For example, I tend to use Ruby for those tasks, but this is just personal taste.
Since you said that you are
new to scripting, you need to learn a new language anyway, so you can start using one of them. I would recommend in your case to do it either in Perl or in Ruby:
- Perl has the advantage, that it is already installed on virtually every system.
- Ruby has the advantage, that it is very easy to learn, so it might be better suitable for beginners