[150419] in North American Network Operators' Group
Re: Network Traffic Collection
daemon@ATHENA.MIT.EDU (Jeroen Massar)
Thu Feb 23 15:15:20 2012
Date: Thu, 23 Feb 2012 21:14:19 +0100
From: Jeroen Massar <jeroen@unfix.org>
To: Maverick <myeaddress@gmail.com>
In-Reply-To: <CA+vWMo6JBwnS+u5wjw4e5XM5mJO6Sut6o8HYsbtabAq8wbLdtg@mail.gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 2012-02-23 21:11 , Maverick wrote:
> Hello,
>
> I am trying to collect traffic traffic from pcap file and store it in
> a database but really confused how to organize it. Should I organize
> it on connection basis/ flow basis or IP basis.
>
> It might be an effort to write a customized traffic analysis tool like
> wireshark with only required functionality. I would really appreciate
> if someone can give me direction on write way of organizing the data
> because right now I only see individual packets and no way of putting
> them in some order.
Does this all not completely depend on what you actually want to do with
it? You might want to start there instead of the other way around.
Greets,
Jeroen
