RE: [Ethereal-users] Is ethereal the right software for me?

["Niklas Abrahamsson (KI/EAB)" <niklas.abrahamsson@xxxxxxxxxxxx>]

Does anyone know of a good tethereal guide somewhere? I'm sitting with the manual for it now and it is somewhat confusing at times. Not really sure what kind of statistics I will be able to get out of the dumps with tethereal. Oh and another question not regarding the usage of ethereal but maybe anyone of you know anyway. I was looking to split some of the tcpdump-files I have so that I could open them in ethereal (the computer cant handle the large files as they are now). I tried using tcpslice but whatever timestamp range I use I only get a 24k file without any valid information. Its either that or getting a copy of the dumpfile if I specify a timestamp range outside the stamps of the file. Anyone know what the problem could be?


Niklas Abrahamsson (KI/EAB) wrote:

> What Im looking to do is to be able to get statistics on daily and
> weekly usage of the network, for up and downlink distrubution of
> protocols and port usage etc.
>
> From what I've been able to read from the first pages of the ethereal
> homepage this should be able to be done by the different filters availible. 
>
> What I haven't been able to understand is if it is possible to do
> some  kind of batch processing of the large tcpdumpfiles I will get
> (probably around 200mb files). Is this possible?

Not really with Ethereal - for batch processing, you probably want 
Tethereal.

Look at the "-z" flag (to run various statistics) and the "-q" flag (to 
suppress the printing of the per-packet information).

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users