[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Tcpdump data collection

Subject: Tcpdump data collection
From: hhoffman at ip-solutions.net (Harry Hoffman)
Date: Tue, 02 Dec 2008 21:32:04 -0500
In-reply-to: <[email protected]>
References: <[email protected]>

Check out argus http://www.qosient.com/argus/

It can do exactly what you what.

Cheers,
Harry


On Tue, 2008-12-02 at 17:19 -0800, Subba Rao wrote:
> Hello,
> 
> I want to collect data on a network and map the data flow and system/port traffic. There are 2 scenarios of data collection here.  The first is to collect IP traffic only.  In this method I do not want the data portion of the IP packet (need IP address, source/destination ports etc).
> 
> The second is to collect traffic that will show all the routing protocols (non-IP) used on this network.  Today while collecting the data, I saw several HSRP packets.  I don't know what portion of the packet is sufficient to capture for this purpose.
> 
> I used the "-s 0" option on tcpdump which captures the whole packet.  That is making the dump file large.  Any help with the filters is appreciated to capture the non-data portion of the packets.
> 
> Thank you in advance.
> 
> Subba Rao

References:
- Tcpdump data collection
  - From: castellan2004-nsm at yahoo.com (Subba Rao)

Prev by Date: Tcpdump data collection
Next by Date: Tcpdump data collection
Previous by thread: Tcpdump data collection
Next by thread: Tcpdump data collection
Index(es):
- Date
- Thread