TRACESTATS(1)
NAME
tracertstats - perform simple filter based analysis on a trace
SYNOPSIS
tracertstats [ -f | --filter bpf ] [ -i | --interval interval ] [ -c | --count count ] [ -o | --output-format csv,txt,png,html ] inputuri... tracertstats -H|--libtrace-help
DESCRPTION
tracertstats takes a list of bpf expressions and outputs the number of
packets and bytes that match that expression every interval seconds, or
count packets.
- -f bpf-filter
--filter bpf-filter - Add another "bpf filter"
- -i interval
--interval interval - Output results every interval seconds.
- -c count
--count count - Output results every count packets.
- -o format
--output-format format - Selects the output format
- txt Human readable text. This is the default output format
which provides output easily understood by a human. This format has the disadvantage that it takes up quite a bit of horizontal space.
- csv Comma Seperated Values. This is suitable for further
analysis in a spreadsheet, or other program.
- png PNG Graphic. Produces a fairly incomprehensible png
graph. This relies on gdc being available at compile time.
- html This produces output suitable for display to a human in a
webbrowser.
EXAMPLES
- tracertstats --filter 'host sundown' \
- --filter 'port http' \
--filter 'port ftp or ftp-data' \
--filter 'port smtp' \
--filter 'tcp[tcpflags] & tcp-syn!=0' \
--filter 'not ip' \
--filter 'ether[0] & 1 == 1' \
--filter 'icmp[icmptype] == icmp-unreach' \
--output-format html
erf:/traces/trace1.gz \
erf:/traces/trace2.gz
LINKS
More details about tracertstats (and libtrace) can be found at
http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation
SEE ALSO
libtrace(3), tracemerge(1), tracesplit(1), tracesplit_dir(1), tracefilter(1), traceconvert(1), tracereport(1), tracedump(1), traceanon(1),
tracesummary(1)
AUTHORS
- Perry Lorier <perry@cs.waikato.ac.nz>