Skip to content

tracesummary

Jump to bottom
salcock edited this page Dec 19, 2014 · 1 revision

tracesummary is a libtrace tool that provides some general statistics about a trace.

Usage

tracesummary inputuri ...

Applications

Summarise the properties of a trace:

    tracesummary erf:trace.erf.gz

Output

The following filters are applied to the trace:

  • Not IPv4 or IPv6
  • IPv6
  • IPv4
  • TCP
  • UDP
  • ICMP
  • Not TCP, UDP or ICMP
  • HTTP and HTTPS
  • SMTP
  • POP3 and POP3S
  • IMAP and IMAPS
  • Port Domain
  • ICMP Echo-Reply

For each filter, a packet and byte count will be displayed along with the overall percentage of packets that matched the filter.

Notes

  • Because tracesummary is a wrapper around tracestats, it is subject to the same limitations. See the tracestats page for more details.
  • If your trace contains VLAN headers, many of these filters will not work as expected due to BPF requiring an explicit "vlan" filter string.
Clone this wiki locally