Re: [logs] analyzing tcpdump logs

• Previous message: zidanat_private: "Re: [logs] analyzing tcpdump logs"
• In reply to: zidanat_private: "Re: [logs] analyzing tcpdump logs"
• Next in thread: Mike Blomgren: "Re: [logs] analyzing tcpdump logs"
• Next in thread: Aaron Cheek: "Re: [logs] analyzing tcpdump logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 14/08/03 11:42 -0500, zidanat_private wrote:
> Thank you for your comments, but its not what I asked for.
> ntop is a real-time traffic analyzer.
> I want to take an existing tcpdump file, open it and analyze it (look for
> top-talkers, app' flows, etc.).
> 
> this is more of post-analysis.
>From man ntop:
       -f | --traffic-dump-file
        Specifies  the  file  containing tcpdump captured traffic
        that has to be used by ntop.  NOTE:  if  you  specify  -f
        ntop will not capture any traffic after the file has been
        read.  This option is mostly used for debug purposes.

Devdas Bhagat
_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Aaron Cheek: "Re: [logs] analyzing tcpdump logs"
• Previous message: zidanat_private: "Re: [logs] analyzing tcpdump logs"
• In reply to: zidanat_private: "Re: [logs] analyzing tcpdump logs"
• Next in thread: Mike Blomgren: "Re: [logs] analyzing tcpdump logs"
• Next in thread: Aaron Cheek: "Re: [logs] analyzing tcpdump logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 15 2003 - 09:20:05 PDT