Wireshark · Ethereal-users: RE: [Ethereal-users] Taking output from tethereal to a SQL database

Ethereal-users: RE: [Ethereal-users] Taking output from tethereal to a SQL database

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Jason Cress" <jcress@xxxxxxxxxxxxxxxxxxxxx>

Date: Thu, 16 Jan 2003 18:38:53 -0600

Yeah, that's what I was thinking. Perhaps some tight perl code to parse
the output of tethereal, and an optimized MySQL database to store it. I
would think the LCD in regards to performance would be the actual
database inserts, so a method of determining where you are in regards to
inserted data vs. outstanding (unprocessed) packets might be a good idea
(buffering and assigning unique identifier flags so the perl code can
keep track comes to mind).

Not sure on the performance of MySQL, though. You may end up having to
restrict your capture filters to grab only relevant "interesting" data
to populate your DB. Another (probably better) option would be to
summarize the data on the fly and update the database intermittently.

-
Jason Cress
Solutions Architect
Digital Cognizance Inc.
jcress@xxxxxxxxxxxxxxxxxxxxx
"If trees could scream, would we be so cavalier about cutting them down?
We might, if they screamed all the time, for no good reason." - Jack
Handey

-----Original Message-----
From: ethereal-users-admin@xxxxxxxxxxxx
[mailto:ethereal-users-admin@xxxxxxxxxxxx] On Behalf Of Guy Harris
Sent: Thursday, January 16, 2003 5:44 PM
To: Christopher Lyon
Cc: jcress@xxxxxxxxxxxxxxxxxxxxx; ethereal-users@xxxxxxxxxxxx
Subject: Re: [Ethereal-users] Taking output from tethereal to a SQL
database

On Thu, Jan 16, 2003 at 03:38:04PM -0800, Christopher Lyon wrote:
> I was wondering if there was another way to do this. I don't want to
> write a script to start tcpdump, then stop it, read the file that was
> just created, output that to DBI and then restart the process all over
> again.

Could you have the program/script that reads the file instead read from
its standard input, and then pipe the output of Tethereal to that
program/script?
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.437 / Virus Database: 245 - Release Date: 1/6/2003

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.437 / Virus Database: 245 - Release Date: 1/6/2003

References:
- Re: [Ethereal-users] Taking output from tethereal to a SQL database
  - From: Guy Harris

Prev by Date: Re: [Ethereal-users] libpcap file format and two more questions
Next by Date: RE: [Ethereal-users] Taking output from tethereal to a SQL database
Previous by thread: Re: [Ethereal-users] Taking output from tethereal to a SQL database
Next by thread: RE: [Ethereal-users] Taking output from tethereal to a SQL database
Index(es):
- Date
- Thread