wiki:TraceSummary

tracesummary is a libtrace tool that provides some general statistics about a trace.

Usage

tracesummary inputuri ...

Applications

Summarise the properties of a trace

tracesummary erf:trace.erf.gz

Output

The following filters are applied to the trace:

  • Not IPv4 or IPv6
  • IPv6
  • IPv4
  • TCP
  • UDP
  • ICMP
  • Not TCP, UDP or ICMP
  • HTTP and HTTPS
  • SMTP
  • POP3 and POP3S
  • IMAP and IMAPS
  • Port Domain
  • ICMP Echo-Reply

For each filter, a packet and byte count will be displayed along with the overall percentage of packets that matched the filter.

Notes

  • Because tracesummary is a wrapper around tracestats, it is subject to the same limitations. See the tracestats page for more details.
  • If your trace contains VLAN headers, many of these filters will not work as expected due to BPF requiring an explicit "vlan" filter string.
Last modified 10 years ago Last modified on 07/28/10 13:59:41