source: tools/tracertstats/tracertstats.1 @ 54642da

develop
Last change on this file since 54642da was 54642da, checked in by Shane Alcock <salcock@…>, 2 years ago

Update manpage for tracertstats to describe -d option.

  • Property mode set to 100644
File size: 3.5 KB
Line 
1.TH TRACERTSTATS "1" "November 2006" "tracertstats (libtrace)" "User Commands"
2.SH NAME
3tracertstats \- perform simple filter based analysis on a trace
4.SH SYNOPSIS
5.B tracertstats
6[ -f | --filter bpf ]
7[ -i | --interval interval ]
8[ -t | --threads max ]
9[ -c | --count count ]
10[ -o | --output-format csv,txt,png,html ]
11[ -m | --merge-inputs ]
12[ -N | --nobuffer ]
13[ -d | --report-drops ]
14inputuri...
15.P
16.B tracertstats
17-H|--libtrace-help
18.SH DESCRPTION
19tracertstats takes a list of bpf expressions and outputs the number of packets
20and bytes that match that expression every interval seconds, or count packets.
21.TP
22.PD 0
23.BI \-f " bpf-filter"
24.TP
25.PD
26.BI \-\^\-filter " bpf-filter"
27Add another "bpf filter"
28
29.TP
30.PD 0
31.BI \-i " interval"
32.TP
33.PD
34.BI \-\^\-interval " interval"
35Output results every \fIinterval\fR seconds.
36
37.TP
38.PD 0
39.BI \-t " max"
40.TP
41.PD
42.BI \-\^\-threads " max"
43Use \fImax\fR packet processing threads. The default is 4 threads, but adding
44more or less threads may improve performance.
45
46.TP
47.PD 0
48.BI \-c " count"
49.TP
50.PD
51.BI \-\^\-count " count"
52Stop after processing this amount of packets. Note that this is only a
53lower bound as this is only evaluated once per thread per interval.
54
55.TP
56.PD 0
57.BI \-m
58.TP
59.PD
60.BI \-\^\-merge-inputs
61Treats all inputs as a single input, resulting a single unified output rather
62than an output for each input. Works best with traces that are consecutive to
63create a single CSV, for instance.
64
65.TP
66.PD 0
67.BI \-N
68.TP
69.PD
70.BI \-\^\-nobuffer
71Disable internal packet buffering in libtrace. If the packet rate is very low
72(i.e. < 10 packets per interval), set this to ensure that tracertstats is more
73likely to print results in time with the interval rather than producing bursts
74of output for multiple intervals at a time.
75
76.TP
77.PD 0
78.BI \-d
79.TP
80.PD
81.BI \-\^\-report-drops
82Include columns with the number of packets that were either dropped by the
83capture process or went missing between the capture process and this
84tracertstats instance. The numbers displayed are CUMULATIVE, as they are
85pulled directly from the libtrace statistics API.
86
87.TP
88.PD 0
89.BI \-o " format"
90.TP
91.PD
92.BI \-\^\-output\-format " format"
93Selects the output format.
94
95.RS
96.TP
97txt
98Human readable text.  This is the default output format which provides output
99easily understood by a human.  This format has the disadvantage that it takes
100up quite a bit of horizontal space.
101
102.TP
103csv
104Comma Seperated Values. This is suitable for further analysis in a spreadsheet,
105or other program.
106
107.TP
108png
109PNG Graphic.  Produces a fairly incomprehensible png graph.  This relies on
110gdc being available at compile time.
111
112.TP
113html
114This produces output suitable for display to a human in a webbrowser.
115
116.SH EXAMPLES
117.nf
118tracertstats \-\^\-filter 'host sundown' \\
119        \-\^\-filter 'port http' \\
120        \-\^\-filter 'port ftp or ftp-data' \\
121        \-\^\-filter 'port smtp' \\
122        \-\^\-filter 'tcp[tcpflags] & tcp-syn!=0' \\
123        \-\^\-filter 'not ip' \\
124        \-\^\-filter 'ether[0] & 1 == 1' \\
125        \-\^\-filter 'icmp[icmptype] == icmp-unreach' \\
126        \-\^\-output\-format html
127        erf:/traces/trace1.gz \\
128        erf:/traces/trace2.gz
129.fi
130
131.SH LINKS
132More details about tracertstats (and libtrace) can be found at
133http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation
134
135.SH SEE ALSO
136libtrace(3), tracemerge(1), tracesplit(1), tracesplit_dir(1), tracefilter(1),
137traceconvert(1), tracereport(1), tracepktdump(1), traceanon(1), tracesummary(1),
138traceconvert(1), tracereplay(1), tracediff(1), traceends(1), tracetopends(1)
139
140.SH AUTHORS
141Perry Lorier <perry@cs.waikato.ac.nz>
Note: See TracBrowser for help on using the repository browser.