[Bro] Fwd: Flow Statistics in BRO
Gregor Maier
gregor at net.t-labs.tu-berlin.de
Wed Oct 10 15:39:26 PDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Danny Nechay wrote:
> When I was talking about flow statistics, I was looking more for
> statistics such as total number of packets, average packet size, total
> bytes, total header (transport plus network layer) bytes, number of
> caller to callee packets, total caller
> to callee bytes, total caller to callee payload bytes, total caller to
> callee header bytes, number of callee to
> caller packets, total callee to caller payload bytes, and total callee
> to caller header bytes.
You can use the one-line connection summaries from bro:
bro -r trace conn
This won't give you all the information you're interested in, but it's a
starting point.
hth
gregor
- --
Gregor Maier gregor at net.t-labs.tu-berlin.de
TU Berlin / Deutsche Telekom Labs gregor.maier at tu-berlin.de
Sekr. TEL 4, FG INET www.net.t-labs.tu-berlin.de
Ernst-Reuter-Platz 7
10587 Berlin, Germany
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHDVSedGiwgbikMYMRAisHAKCmnoIvUS9Sgvr3KTRFNJFe1vZQ8QCfQV5C
OmsAhXz9dDysH5MoGa6QNuE=
=LXYS
-----END PGP SIGNATURE-----
More information about the Bro
mailing list