Context Navigation

tracesplit.1 @ c7f1faf

cachetimestampsdeveloprc-4.0.4ringdecrementfixringperformance

Last change on this file since c7f1faf was 264f286c, checked in by Shane Alcock <salcock@…>, 3 years ago
Fix compression method option errors in other tool manpages
Property mode set to `100644`
File size: 2.7 KB

Rev	Line
[ae76c14]	1	.TH TRACESPLIT "1" "January 2011" "tracesplit (libtrace)" "User Commands"
[5d022cd]	2	.SH NAME
	3	tracesplit \- split traces
	4	.SH SYNOPSIS
[1369834]	5	.B tracesplit
[634089d]	6	[ \fB-f \fRbpf \| \fB--filter=\fRbpf]
[7affaae]	7	[ \fB-j \fRnumhdrs \| \fB--jump=\fRnumhdrs]
[634089d]	8	[ \fB-c \fRcount \| \fB--count=\fRcount]
	9	[ \fB-b \fRbytes \| \fB--bytes=\fRbytes]
	10	[ \fB-i \fRseconds \| \fB--seconds=\fRseconds]
	11	[ \fB-s \fRunixtime \| \fB--starttime=\fRunixtime]
	12	[ \fB-e \fRunixtime \| \fB--endtime=\fRunixtime]
	13	[ \fB-m \fRmaxfiles \| \fB--maxfiles=\fRmaxfiles]
[0a65ed8]	14	[ \fB-S \fRsnaplen \| \fB--snaplen=\fRsnaplen]
[ba91618]	15	[ \fB-z \fRlevel \| \fB--compress-level=\fRlevel]
[bfe8535]	16	[ \fB-Z \fRmethod \| \fB--compress-type=\fRmethod]
[ae76c14]	17	inputuri [inputuri ...] outputuri
[1369834]	18	.SH DESCRIPTION
[ae76c14]	19	tracesplit splits the given input traces into multiple tracefiles
[5d022cd]	20	.TP
	21	\fB\-f\fR bpf filter
	22	output only packets that match tcpdump style bpf filter
	23
	24	.TP
[7affaae]	25	\fB\-j\fR numhdrs
	26	Strip headers before the numhdrs layer 3 header. For example, \-j1 will strip
	27	off all the layer 2 headers, \-j2 will strip off all the l2 headers, the first
	28	l3 header, any transport headers, and return a trace that starts at the next
	29	l3 header.
	30
	31	.TP
[5d022cd]	32	\fB\-c\fR count
[e86124e]	33	output count packets per output file. The output file will be named after
	34	the basename given in the outputuri with the packet number of the first packet
	35	in this file.
[5d022cd]	36
	37	.TP
	38	\fB\-b\fR bytes
	39	output bytes bytes per file
	40
	41	.TP
	42	\fB\-i\fR seconds
	43	start a new tracefile after "seconds" seconds
	44
	45	.TP
	46	\fB\-s\fR unixtime
	47	don't output any packets before unixtime
	48
	49	.TP
	50	\fB\-e\fR unixtime
	51	don't output any packets after unixtime
	52
[634089d]	53	.TP
	54	\fB\-m\fR maxfiles
	55	do not create more than "maxfiles" trace files
	56
[0a65ed8]	57	.TP
	58	\fB\-S\fR snaplen
[0bfd4a0]	59	Truncate packets to "snaplen" bytes long. The default is collect the entire
	60	packet.
[0a65ed8]	61
[bfe8535]	62	.TP
	63	\fB\-z\fR level
	64	Compress the data using the specified compression level, ranging from 0 to 9.
	65	Higher compression levels tend to result in better compression but require
	66	more processing power to compress.
	67
	68	.TP
	69	\fB-Z\fR compression-method
	70	Compress the data using the specified compression algorithm. Accepted methods
[264f286c]	71	are "gz", "bz", "lzo", "xz" or "no". Default value is "no" unless a
[bfe8535]	72	compression level is specified, in which case gzip will be used.
	73
[5d022cd]	74	.SH EXAMPLES
	75	create a 1MB erf trace of port 80 traffic.
	76	.nf
[bfe8535]	77	tracesplit \-z 1 -Z gzip \-f 'port 80' \-b $[ 1024 * 1024 ]
	78	erf:/traces/bigtrace.gz erf:/traces/port80.gz
[5d022cd]	79	.fi
	80
[634089d]	81	.SH LINKS
	82	More details about tracesplit (and libtrace) can be found at
	83	http://www.wand.net.nz/trac/libtrace/wiki/UserDocumentation
	84
[5d022cd]	85	.SH SEE ALSO
[67825b2]	86	libtrace(3), tracemerge(1), tracefilter(1), traceconvert(1), tracesplit_dir(1),
[1481ba7]	87	tracereport(1), tracertstats(1), tracestats(1), tracepktdump(1), traceanon(1),
[d6dc0f6]	88	tracesummary(1), tracereplay(1), tracediff(1), traceends(1), tracetopends(1)
[67825b2]	89
[5d022cd]	90	.SH AUTHORS
	91	Perry Lorier <perry@cs.waikato.ac.nz>

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format