Wireshark-users: [Wireshark-users] tshark iostat calculation
|
I would like to sum the delta time between frames which match a
filter In this example, CIFS traffic from a client to a server. I can do this in the GUI: Statistics, IO Graphs, Filter tcp.dstport==445, SUM tcp.time_delta, Style FBar, Tick interval 10 min, Unit Advanced  But I'm wanting to use tshark instead. guru> tshark -nlr sample-cifs.pcap -R "(tcp.dstport==445)" -qz io,stat,600,"SUM (tcp.time_delta)tcp.time_delta" =================================================================== IO Statistics Interval: 600.000 secs Column #0: SUM(tcp.time_delta)tcp.time_delta | Column #0 Time | SUM 000.000-600.000 0 ===================================================================Clearly, I'm fumbling something. Suggestions? --sk Stuart Kendrick FHCRC |
- Follow-Ups:
- Re: [Wireshark-users] tshark iostat calculation
- From: j.snelders
- Re: [Wireshark-users] tshark iostat calculation
- Prev by Date: Re: [Wireshark-users] Capture filter question
- Next by Date: [Wireshark-users] Common Traffic
- Previous by thread: Re: [Wireshark-users] Capture filter question
- Next by thread: Re: [Wireshark-users] tshark iostat calculation
- Index(es):