{{{tracertstats}}} is a libtrace program that performs simple filter-based analysis on a trace. For every filter specified, {{{tracertstats}}} will display packet and byte counts at regular intervals.

=== Usage ===
{{{tracertstats  [ -f | --filter bpf ] [ -i | --interval interval ] [ -c | --count count ] [ -o | --output-format csv,txt,png,html ] inputuri...}}}

=== Options ===
 {{{-f, --filter}}}::
   Adds another bpf filter
 {{{-i, --interval}}}::
   Output statistics every __interval__ seconds of trace time
 {{{-c, --count}}}::
   Output statistics every __count__ packets
 {{{-o, --output-format}}}::
   Selects the output format. These formats are described in more detail in a subsequent section

=== Output Formats ===
 txt::
   A regular ASCII text file. This is the default output format which is formatted nicely for human readability. This format can use up a lot of horizontal space, so may not work particularly well in 80 character wide terminals.
 csv::
   Comma separated values. Suitable for future analysis using a spreadsheet or other program.
 png::
   PNG graphic. Produces a png graph which may or may not be comprehensible. This format is dependent on having gdc available at compile time.
 html::
   Self explanatory. Produces output suitable for display as a webpage. 

'''Note:''' All output formats are written to stdout so they may require re-direction.

=== Applications ===
==== Output the number of packets and bytes seen every 5 minutes of trace time ====
{{{
tracertstats -i 300 erf:trace.erf.gz
}}}

==== Output the number of SMTP and HTTP packets and bytes seen every minute of trace time as an HTML file ====
{{{
tracertstats -i 60 -f "tcp port 25" -f "tcp port 80" -o html erf:trace.erf.gz > smtp_and_http.html
}}} 

=== Notes ===
 * If a simple summary of byte and packet counts for the entire trace is required, [TraceStats tracestats] is a better tool.