Ethereal-users: RE: [Ethereal-users] Taking output from tethereal to a SQL database

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Christopher Lyon" <cslyon@xxxxxxxxxxx>
Date: Thu, 16 Jan 2003 17:39:41 -0800
I will give that a whirl. Seems like tethereal will do what I want if I
can pipe it out to a script.


I will check out ntop. Thanks for the tip.



> -----Original Message-----
> From: Jason Cress [mailto:jcress@xxxxxxxxxxxxxxxxxxxxx]
> Sent: Thursday, January 16, 2003 5:09 PM
> To: Christopher Lyon
> Cc: ethereal-users@xxxxxxxxxxxx
> Subject: RE: [Ethereal-users] Taking output from tethereal to a SQL
> database
> 
> Have you played around with ntop at all? http://www.ntop.org/ntop.html
> 
> -
> Jason Cress
> Solutions Architect
> Digital Cognizance Inc.
> jcress@xxxxxxxxxxxxxxxxxxxxx
> "If trees could scream, would we be so cavalier about cutting them
down?
> We might, if they screamed all the time, for no good reason." - Jack
> Handey
> 
> 
> 
> -----Original Message-----
> From: ethereal-users-admin@xxxxxxxxxxxx
> [mailto:ethereal-users-admin@xxxxxxxxxxxx] On Behalf Of Christopher
Lyon
> Sent: Thursday, January 16, 2003 6:55 PM
> To: jcress@xxxxxxxxxxxxxxxxxxxxx; Guy Harris
> Cc: ethereal-users@xxxxxxxxxxxx
> Subject: RE: [Ethereal-users] Taking output from tethereal to a SQL
> database
> 
> So, what options would just give me the Layer 3 and 4 information
using
> tcpdump. That should just give me some information on what is going on
> in the network.
> 
> Here is my goal. I have a web interface with various stats and the one
> thing that I want to put in there is snapshot if you will of the
> traffic. How much is tcp, udp and icmp. That is the average usage, top
> talkers by bytes. General high level stats. The reason for going SQL
is
> for the front end but maybe there is something else out there that
will
> this?
> 
> Thoughts?
> 
> 
> > -----Original Message-----
> > From: Jason Cress [mailto:jcress@xxxxxxxxxxxxxxxxxxxxx]
> > Sent: Thursday, January 16, 2003 4:39 PM
> > To: 'Guy Harris'; Christopher Lyon
> > Cc: ethereal-users@xxxxxxxxxxxx
> > Subject: RE: [Ethereal-users] Taking output from tethereal to a SQL
> > database
> >
> >
> > Yeah, that's what I was thinking. Perhaps some tight perl code to
> parse
> > the output of tethereal, and an optimized MySQL database to store
it.
> I
> > would think the LCD in regards to performance would be the actual
> > database inserts, so a method of determining where you are in
regards
> to
> > inserted data vs. outstanding (unprocessed) packets might be a good
> idea
> > (buffering and assigning unique identifier flags so the perl code
can
> > keep track comes to mind).
> >
> > Not sure on the performance of MySQL, though. You may end up having
to
> > restrict your capture filters to grab only relevant "interesting"
data
> > to populate your DB. Another (probably better) option would be to
> > summarize the data on the fly and update the database
intermittently.
> >
> > -
> > Jason Cress
> > Solutions Architect
> > Digital Cognizance Inc.
> > jcress@xxxxxxxxxxxxxxxxxxxxx
> > "If trees could scream, would we be so cavalier about cutting them
> down?
> > We might, if they screamed all the time, for no good reason." - Jack
> > Handey
> >
> > -----Original Message-----
> > From: ethereal-users-admin@xxxxxxxxxxxx
> > [mailto:ethereal-users-admin@xxxxxxxxxxxx] On Behalf Of Guy Harris
> > Sent: Thursday, January 16, 2003 5:44 PM
> > To: Christopher Lyon
> > Cc: jcress@xxxxxxxxxxxxxxxxxxxxx; ethereal-users@xxxxxxxxxxxx
> > Subject: Re: [Ethereal-users] Taking output from tethereal to a SQL
> > database
> >
> > On Thu, Jan 16, 2003 at 03:38:04PM -0800, Christopher Lyon wrote:
> > > I was wondering if there was another way to do this. I don't want
to
> > > write a script to start tcpdump, then stop it, read the file that
> was
> > > just created, output that to DBI and then restart the process all
> over
> > > again.
> >
> > Could you have the program/script that reads the file instead read
> from
> > its standard input, and then pipe the output of Tethereal to that
> > program/script?
> > _______________________________________________
> > Ethereal-users mailing list
> > Ethereal-users@xxxxxxxxxxxx
> > http://www.ethereal.com/mailman/listinfo/ethereal-users
> >
> > ---
> > Incoming mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.437 / Virus Database: 245 - Release Date: 1/6/2003
> >
> >
> > ---
> > Outgoing mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.437 / Virus Database: 245 - Release Date: 1/6/2003
> >
> >
> 
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
> 
> ---
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.437 / Virus Database: 245 - Release Date: 1/6/2003
> 
> 
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.437 / Virus Database: 245 - Release Date: 1/6/2003
> 
>