|Main Archive Page > Month Archives > wireshark-users archives|
Apologies for top-posting.
do keep in mind the following: the protocols in play were designed to
effectively pass data, not necessarily optimize analysis.
Cace technologies created pilot specifically to facilitate such
analysis. Beyond obviously, not freeware.
Disclaimer: I'm a paying customer.
On 4/6/2010 10:16 PM, Andrej van der Zee wrote:
> Thanks for your email.
>> Maybe you want to share with us why you want to do this. What is your
>> goal? Checking network performance?
> My company does performance analysis of web applications for its
> clients. I am asked to analyze tcpdumps. For now, two immediate goals
> with respect two packet matching on both sides of the conversation,
> * Find time differences between servers, possibly per second to detect
> possible clock skews,
> * De-duplicate packages on both end of the connection. This can be
> done with tools such as "editcap" of course, but becomes very tedious
> and error-prone when working with multiple cap-files.
> I will have to process multiple cap-files from all servers. I know the
> IP numbers, but I can make no assumptions on how tcpdump is started
> by our clients. From the cap-files, we want to visualize communication
> of between all IPs: which IP is talking to who, packet count,
> protocols, number of bytes, etc. That, and more. If something like
> this already exists, I would love to hear from you!
> Best regards,
> Sent via: Wireshark-users mailing list<firstname.lastname@example.org>
> Archives: http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
Sent via: Wireshark-users mailing list <email@example.com>