Graham,
I'm not a unix hacker either, but here are a few suggestions for your first
question:
A) It is probable that the HP will have tcpdump already installed. Use it to
collect your traces and copy the output to your laptop for analysis.
If your comfortable with running Ethereal from your laptop, you could also
consider:
B) Have your net admin span the HP's switch port to a port with your laptop
connected. This is non-intrusive and requires no knowledge of HPUX.
C) Connect the laptop and HP box to hub and sniff that way. This is
intrusive though.
D) Of course if your already on shared ethernet or token ring you should be
able to see all the traffic any way.
Q2 is left for the other gurus.
For question 3
A) Rolling file == Ring Buffer in the capture dialogue, check this box an
specify 2 or more files. Then specify how many bytes per file. I don't know
how to do this with tethereal though.
B) If disk space is an issue, ensure you are using the best filter possible,
disable name resolution too.
C) Also consider specifying a limit for the abmount of bytes/frame. This may
not be what you want though if you need the full payload of the error your
interested in.
HTH
Alistair
> ----------------------------------------------------------------------
> Alistair McGlinchy, alistair.mcglinchy@xxxxxxxxxxxxxxxxxxxxx
> Sizing and Performance, Central IT, ext. 5012, ph +44 20 7268-5012
> Marks and Spencer, 3 Longwalk Rd, Stockley Park, Uxbridge UB11 1AW, UK
>
> -----Original Message-----
> From: Graham Walsh [SMTP:graham_walsh50@xxxxxxxxxxx]
> Sent: Wednesday, April 17, 2002 9:27 AM
> To: ethereal-users@xxxxxxxxxxxx
> Subject: [Ethereal-users] snooping corba on hp (remotely?)
>
>
>
> Ok, it looks like this software is going to save a production system from
> disaster for me! I have it very nicely on my laptop and and snooping away
> (GIOP) messages. I have a couple of questions though.
>
> 1) Is there any simple way for me to tap this laptop onto the hp host. I
> have full privileges (scary) etc. however I ain't no unix guru. I would
> like to avoid the pain of installing on the HP 11 host if at all possible
> and monitor things from the laptop here. Is that possible? Consider me a
> moron in this space btw...I'm the middleware guy not the network guy! :)
>
> 2) I can monitor GIOP CosNaming and CosEvent messages at the moment and
> things are dandy however the production system uses different IDL. I
> presume I need to build a plugin so that it can interpret the data being
> sent over the wire. Am I correct in thinking that? If yes, does anyone
> have a guide to building the dll (or shlib if I have to do it on unix) so
> I can get crackin'. Sorry if I'm asking stuff before really investigating
> thoroughly but my backs up against the wall here and I need to have snoop
> ready to roll next time production system fails.
>
> 3) How can I set the dump to a rolling file..or is that possible? I forsee
> gigs of dump going out to disk so I'd like curb the filesize if at all
> possible.
>
>
> thanks much for any assistance. This s/w is awesome.
>
> GrahamO
>
>
-----------------------------------------------------------------------
Registered Office:
Marks & Spencer p.l.c
Michael House, Baker Street,
London, W1U 8EP
Registered No. 214436 in England and Wales.
Telephone (020) 7935 4422
Facsimile (020) 7487 2670
www.marksandspencer.com
Please note that electronic mail may be monitored.
This e-mail is confidential. If you received it by mistake, please let us know and then delete it from your system; you should not copy, disclose, or distribute its contents to anyone nor act in reliance on this e-mail, as this is prohibited and may be unlawful.
The registered office of Marks and Spencer Financial Services Limited, Marks and Spencer Unit Trust Management Limited, Marks and Spencer Life Assurance Limited and Marks and Spencer Savings and Investments Limited is Kings Meadow, Chester, CH99 9FB.