Re: [logs] analyzing tcpdump logs

• Previous message: Florian Laws: "RE: [logs] analyzing tcpdump logs"
• In reply to: zidanat_private: "Re: [logs] analyzing tcpdump logs"
• Next in thread: simonis: "Re: [logs] analyzing tcpdump logs"
• Next in thread: Aaron Cheek: "Re: [logs] analyzing tcpdump logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 14 Aug 2003 zidanat_private wrote:

> I want to take an existing tcpdump file, open it and analyze 
> it (look for top-talkers, app' flows, etc.).
> 

For this type of thing I use ipaudit. A great package which reads tcpdump 
data, and basically just prints it in ascii format. BUT - the output is 
formatted and easily summarized with a awk/cut/uniq/sort/perl/whatever.

http://ipaudit.sourceforge.net/

~Mike



_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: simonis: "Re: [logs] analyzing tcpdump logs"
• Previous message: Florian Laws: "RE: [logs] analyzing tcpdump logs"
• In reply to: zidanat_private: "Re: [logs] analyzing tcpdump logs"
• Next in thread: simonis: "Re: [logs] analyzing tcpdump logs"
• Next in thread: Aaron Cheek: "Re: [logs] analyzing tcpdump logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 15 2003 - 09:27:32 PDT