Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

unix solaris snoop command

Posted on 2016-11-07
6
Medium Priority
?
203 Views
Last Modified: 2016-11-08
when i run snoop command, it generate a file too big. Is there any way to run the command to output to different files versions (i.e. snoopfile1,snoopfile2,snoopfile3,etc)
0
Comment
Question by:Shen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 16

Accepted Solution

by:
Joseph Gan earned 2000 total points
ID: 41878043
You can use snoop -c maxcount common, where "maxcount" is number of packets captured before quit.
0
 
LVL 16

Expert Comment

by:Joseph Gan
ID: 41878047
For example, if you want to capture 10k packets in each file, something like:

for i in 1 2 3 4 5
do
snoop -c 10000 > snoopfile$i
done
0
 

Author Comment

by:Shen
ID: 41878683
Gangos,

Just to make sure i understand your logic. I  was running the following command:
 snoop -c 10000  -v -tr -o /snoop1out.pcap -d e1000g3 &

when i use your loop with my command, will this run the snoop until it reaches 10k and then generate another file? After it write to the file it it goes back and increment the loop count and does it again until it reaches 5?

for i in 1 2 3 4 5
do
   snoop -c 10000 -v -tr -o /snoop1out.pcap -d e1000g3  & > snoopfile$i
done
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:Shen
ID: 41878718
gangos,

correction:
 snoop -c 10000 -v -tr  -d e1000g3  & > snoopfile$i
0
 

Author Comment

by:Shen
ID: 41878955
Gangos,

your soluction worked with a minor variation:
using the redirect ">" to a file does not let the file be red by wiereshark. Ineed to use -o  "file". So i changed to code below and it worked.
 
for i in {1..10}
 do
    snoop -c 10000 -v -tr -o /snoop1out.pcap -d e1000g3
 done

Thank you very much. Your suggestion was very helpful.
0
 

Author Closing Comment

by:Shen
ID: 41878963
thanks again. Now i am looking the  syntax to filter multiple ports with snoop.
0

Featured Post

Enroll in October's Free Course of the Month

Do you work with and analyze data? Enroll in October's Course of the Month for 7+ hours of SQL training, allowing you to quickly and efficiently store or retrieve data. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

648 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question