Solved

unix solaris snoop command

Posted on 2016-11-07
6
84 Views
Last Modified: 2016-11-08
when i run snoop command, it generate a file too big. Is there any way to run the command to output to different files versions (i.e. snoopfile1,snoopfile2,snoopfile3,etc)
0
Comment
Question by:Shen
  • 4
  • 2
6 Comments
 
LVL 16

Accepted Solution

by:
Joseph Gan earned 500 total points
ID: 41878043
You can use snoop -c maxcount common, where "maxcount" is number of packets captured before quit.
0
 
LVL 16

Expert Comment

by:Joseph Gan
ID: 41878047
For example, if you want to capture 10k packets in each file, something like:

for i in 1 2 3 4 5
do
snoop -c 10000 > snoopfile$i
done
0
 

Author Comment

by:Shen
ID: 41878683
Gangos,

Just to make sure i understand your logic. I  was running the following command:
 snoop -c 10000  -v -tr -o /snoop1out.pcap -d e1000g3 &

when i use your loop with my command, will this run the snoop until it reaches 10k and then generate another file? After it write to the file it it goes back and increment the loop count and does it again until it reaches 5?

for i in 1 2 3 4 5
do
   snoop -c 10000 -v -tr -o /snoop1out.pcap -d e1000g3  & > snoopfile$i
done
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:Shen
ID: 41878718
gangos,

correction:
 snoop -c 10000 -v -tr  -d e1000g3  & > snoopfile$i
0
 

Author Comment

by:Shen
ID: 41878955
Gangos,

your soluction worked with a minor variation:
using the redirect ">" to a file does not let the file be red by wiereshark. Ineed to use -o  "file". So i changed to code below and it worked.
 
for i in {1..10}
 do
    snoop -c 10000 -v -tr -o /snoop1out.pcap -d e1000g3
 done

Thank you very much. Your suggestion was very helpful.
0
 

Author Closing Comment

by:Shen
ID: 41878963
thanks again. Now i am looking the  syntax to filter multiple ports with snoop.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now