TRACESPLIT(1)

NAME

tracesplit - split traces

SYNOPSIS

tracesplit  [  -f  bpf | --filter=bpf] [ -c count | --count=count] [ -b
bytes | --bytes=bytes] [ -i seconds | --seconds=seconds] [ -s  unixtime
|  --starttime=unixtime]  [ -e unixtime | --endtime=unixtime] [ -m max-
files | --maxfiles=maxfiles] [ -S snaplen | --snaplen=snaplen] inputuri
outputuri ...

DESCRIPTION

tracesplit splits one trace into multiple tracefiles

-f bpf filter
output only packets that match tcpdump style bpf filter
-c count
output count packets per output file. The output file will be named after the basename given in the outputuri with the packet number of the first packet in this file.
-b bytes
output bytes bytes per file
-i seconds
start a new tracefile after "seconds" seconds
-s unixtime
don't output any packets before unixtime
-e unixtime
don't output any packets after unixtime
-m maxfiles
do not create more than "maxfiles" trace files
-S snaplen
Truncate packets to "snaplen" bytes long. The default is collect the entire packet.

EXAMPLES

create a 1MB erf trace of port 80 traffic.
tracesplit erf:/traces/bigtrace.gz -f 'port 80' -b $[ 1024 * 1024 ]
erf:/traces/port80.gz

LINKS

More details about tracesplit (and libtrace) can be found at http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation

SEE ALSO

libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1), tracesplit_dir(1), tracereport(1), tracertstats(1), tracestats(1), tracedump(1), traceanon(1), tracesummary(1)

AUTHORS

Perry Lorier <perry@cs.waikato.ac.nz>

tracesplit (libtrace) October 2005 TRACESPLIT(1)

Copyright © 2010-2025 Platon Technologies, s.r.o.           Home | Man pages | tLDP | Documents | Utilities | About
Design by styleshout