tcptrace-bugs parsing output

From: rmulyadi@email.arizona.edu
Date: 01/23/03

Next message: Jane Brooks: "tcptrace-bugs www.tcptrace.org"

Previous message: Sarah Williams: "tcptrace-bugs www.tcptrace.org"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Thu, 23 Jan 2003 16:25:56 -0700
Message-ID: <3E2FE42600001D7A@phobos.email.Arizona.EDU>
From: rmulyadi@email.arizona.edu
Subject: tcptrace-bugs parsing output

Hi,
I am working on a script to parse the tcptrace output into a comma delimited
format, so I can use it as an input for a data mining software.

Here is the tcptrace command that I use:
tcptrace -p -l -u --nocheck_hwdups -n - W tcpdumpfilename > tcptrace.out

So, I basically print out almost everything. The problem is I need to know
all possible output for each result field, e.g. what are the possible outputs
for the field complete conn? At first, I thought it's only yes or no, but
then I realized that there're also reset, and som further syn and ack total
information.

Is there any documentation that I can refer to complete my script? Or, is
there any other tools that I can use to do it?
Any inputs and comments are very welcome.

Thanks,

Rusma

Next message: Jane Brooks: "tcptrace-bugs www.tcptrace.org"
Previous message: Sarah Williams: "tcptrace-bugs www.tcptrace.org"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : 01/24/03 EST