Man Linux: Main Page and Category List

NAME

       tracestats - perform simple analysis on a trace

SYNOPSIS

       tracestats [ -f | --filter bpf ]... inputuri...

DESCRPTION

       tracestats  reads  one  or  more  traces and outputs summaries for each
       trace of how many packets/bytes match  each  bpf  filter,  as  well  as
       totals.   If  instead  of doing this for the entire trace, but to do it
       for portions then use tracertstats(1) instead.

       -f bpf-filter
       --filter bpf-filter
              Add another bpf filter

EXAMPLES

       tracestats --filter ’host sundown’ \
            --filter ’port http’ \
            --filter ’port ftp or ftp-data’ \
            --filter ’port smtp’ \
            --filter ’tcp[tcpflags] & tcp-syn!=0’ \
            --filter ’not ip’ \
            --filter ’ether[0] & 1 == 1’ \
            --filter ’icmp[icmptype] == icmp-unreach’ \
            erf:/traces/trace1.gz \
            erf:/traces/trace2.gz \

LINKS

       More  details  about  tracestats  (and  libtrace)  can  be   found   at
       http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation

SEE ALSO

       libtrace(3),     tracemerge(1),     tracefilter(1),    traceconvert(1),
       tracesplit(1),  tracesplit_dir(1),   tracereport(1),   tracertstats(1),
       tracedump(1), traceanon(1), tracesummary(1)

AUTHORS

       Perry Lorier <perry@cs.waikato.ac.nz>