Security Basics mailing list archives

Re: Ethereal Log Analyzers

From: Brad Arlt <arlt () cpsc ucalgary ca>
Date: Fri, 7 Mar 2003 15:57:35 -0700

On Thu, Mar 06, 2003 at 08:06:50PM -0000, Craig Brauckmiller wrote:

Hello all.  I'm looking for a log analyzer for Ethereal.  I downloaded the 
Win32 version of Ethereal and want to run some basic analysis on my 
network traffic.  I have Google'd for some utils and tried SawMill but it 
doesn't seem to recognize the tcpdump log format that Ethereal dumps.


Umm.. SawMill (http://www.sawmill.net) is a log analyzer.  In case this
isn't clear, syslog logs, Event logs and such.

Ethereal is a packet analyzer and network sniffer.  It doesn't produce
logs.  It makes network capture files.

NAI Sniffer does some nice analysis (you will have to save that data
in Sniffer's format, which is in Ethereal I believe).

NetMon (URL unknown) might do more than ethereal, but I remember them
being pretty much identical in basic functionality (IOW they are both
packet analyzers).

Snort (http://www.snort.org) might be useful, but it is an intrusion
detection software, not a network statistics software.

I know only of Linux/Unix apps really.
-----------------------------------------------------------------------
   __o          Bradley Arlt                    Security Team Lead
 _ \<_          arlt () cpsc ucalgary ca                University Of Calgary
(_)/(_)         I should be biking right now.   Computer Science

Current thread:

Ethereal Log Analyzers Craig Brauckmiller (Mar 07)
- Re: Ethereal Log Analyzers Brad Arlt (Mar 07)
- Re: Ethereal Log Analyzers gene yoo (Mar 07)
- Re: Ethereal Log Analyzers Ivan Hernandez (Mar 10)