Wireshark mailing list archives
Re: Want to monitor a port, count bytes transferred, record who transferred, nothing else
From: Seth Hall <seth () icir org>
Date: Sun, 22 Apr 2012 10:59:25 -0400
On Apr 20, 2012, at 11:45 AM, Brian Excarnate wrote:
So my first question is: Is there some other tool that is a better choice, and if so which?
You could use something that generates netflow records and a netflow collector or Argus. You could also give Bro-IDS a try (I'm one of the developers). The output you're looking for can be found in our conn logs. You can download a binary package from our website too: http://www.bro-ids.org/download/#binarypackages If you're just interested in getting the conn logs, you should be to run (with the appropriate interface): sudo bro -i eth0 It will start creating logs in your current working directory. .Seth -- Seth Hall International Computer Science Institute (Bro) because everyone has a network http://www.bro-ids.org/ ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Want to monitor a port, count bytes transferred, record who transferred, nothing else Brian Excarnate (Apr 20)
- Re: Want to monitor a port, count bytes transferred, record who transferred, nothing else Seth Hall (Apr 22)