SYNOPSIS
tracertstats [ -f | --filter bpf ] [ -i | --interval interval ] [ -c | --count count ] [ -o | --output-format csv,txt,png,html ] [ -m | --merge-inputs ] inputuri...tracertstats -H|--libtrace-help
DESCRPTION
tracertstats takes a list of bpf expressions and outputs the number of packets and bytes that match that expression every interval seconds, or count packets.- -f bpf-filter
-
--filter bpf-filter
Add another "bpf filter"
- -i interval
-
--interval interval
Output results every interval seconds.
- -c count
-
--count count
Output results every count packets.
- -m
-
--merge-inputs
Treats all inputs as a single input, resulting a single unified output rather
than an output for each input. Works best with traces that are consecutive to
create a single CSV, for instance.
- -o format
-
--output-format format
Selects the output format.
-
- txt
-
Human readable text. This is the default output format which provides output
easily understood by a human. This format has the disadvantage that it takes
up quite a bit of horizontal space.
- csv
-
Comma Seperated Values. This is suitable for further analysis in a spreadsheet,
or other program.
- png
-
PNG Graphic. Produces a fairly incomprehensible png graph. This relies on
gdc being available at compile time.
- html
-
This produces output suitable for display to a human in a webbrowser.
-
EXAMPLES
tracertstats --filter 'host sundown' \
--filter 'port http' \
--filter 'port ftp or ftp-data' \
--filter 'port smtp' \
--filter 'tcp[tcpflags] & tcp-syn!=0' \
--filter 'not ip' \
--filter 'ether[0] & 1 == 1' \
--filter 'icmp[icmptype] == icmp-unreach' \
--output-format html
erf:/traces/trace1.gz \
erf:/traces/trace2.gz
LINKS
More details about tracertstats (and libtrace) can be found at http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation